Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft
File: 0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft (raw, json)
Hash identifier: GNCHcHGhgK4PYnrbJ+lYra6JTwOLjTRJuvkPLbSjIQw=
Subject key identifier: 80:BF:AD:AC:FA:38:F5:F0:6F:85:1D:6B:BE:B2:7B:E7:B8:61:9A:8E
Authority key identifier: D2:71:E4:ED:84:25:38:3F:6C:81:C2:1A:48:94:A4:37:63:67:5E:FC
Certificate issuer: /CN=d271e4ed8425383f6c81c21a4894a43763675efc
Certificate serial: 019A7113411DB173CAAEDE6F6A706F20E5B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0nHk7YQlOD9sgcIaSJSkN2NnXvw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft
Manifest number: 0226
Signing time: Tue 11 Nov 2025 04:01:18 +0000
Manifest this update: Tue 11 Nov 2025 04:01:18 +0000
Manifest next update: Wed 12 Nov 2025 04:01:18 +0000
Files and hashes: 1: 0nHk7YQlOD9sgcIaSJSkN2NnXvw.crl (hash: lsMB1D+ywQB+VINzkAwpCQBIUA21hh9MxrdP+YV/MEw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft
rsync://rpki.ripe.net/repository/DEFAULT/0nHk7YQlOD9sgcIaSJSkN2NnXvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:13:41:1d:b1:73:ca:ae:de:6f:6a:70:6f:20:e5:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d271e4ed8425383f6c81c21a4894a43763675efc
Validity
Not Before: Nov 11 04:01:18 2025 GMT
Not After : Nov 12 04:01:18 2025 GMT
Subject: CN=80bfadacfa38f5f06f851d6bbeb27be7b8619a8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:7e:6e:99:1a:52:a9:64:8c:89:6f:7a:e9:e7:
fc:85:bc:c2:cd:38:f5:7a:82:17:08:f1:df:c9:c0:
28:15:b4:da:9d:c9:99:af:bc:b5:20:e6:3e:8b:d7:
0a:91:9f:86:ee:cf:ca:86:c8:28:a8:f1:e1:79:3d:
f8:e9:ce:62:cd:62:19:66:38:f2:e4:8d:1f:5c:48:
a0:b6:c0:d9:df:16:a0:55:d0:ef:59:e1:fb:f8:12:
73:92:fe:91:1b:d2:ff:e7:7e:29:1a:c0:c3:50:74:
dd:c2:8a:b4:e6:18:a5:dc:4d:76:8e:0c:42:f1:f8:
6a:b7:29:46:f0:c8:04:da:32:fd:f0:cd:03:c7:b1:
9a:4e:6a:36:77:77:5f:e4:a5:fd:49:20:31:4b:ad:
76:73:ce:96:c9:3c:4c:25:cc:3e:d4:25:a4:0c:74:
5a:1f:a0:1b:af:bd:dc:f0:11:d8:9d:8e:60:83:89:
09:86:48:1b:15:c4:40:f8:91:bf:ce:68:ad:86:95:
84:13:95:68:8b:66:e6:ce:77:10:f5:cf:82:5a:14:
b8:ea:a0:6a:d7:68:09:0f:c5:8d:00:bd:65:d7:25:
48:a7:bf:ba:1b:f0:0b:a6:d3:da:66:2b:d2:12:bf:
11:74:4d:f5:32:59:bd:e7:9f:1c:d2:e0:f1:20:e8:
d8:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:BF:AD:AC:FA:38:F5:F0:6F:85:1D:6B:BE:B2:7B:E7:B8:61:9A:8E
X509v3 Authority Key Identifier:
keyid:D2:71:E4:ED:84:25:38:3F:6C:81:C2:1A:48:94:A4:37:63:67:5E:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0nHk7YQlOD9sgcIaSJSkN2NnXvw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8d:f5:dc:ba:ea:56:c7:09:3f:4e:dd:ec:fe:9a:44:43:51:52:
ee:4e:c5:1f:3d:46:b3:a8:20:79:b8:c0:fa:74:8c:a9:5d:0f:
c2:a5:05:c7:6a:35:8d:d6:c1:50:1d:80:c6:cc:c7:87:b9:e4:
59:a2:15:37:c0:82:cc:bb:43:03:e0:11:5d:48:cb:cb:e4:68:
fe:8e:2a:81:cf:71:a6:e4:68:30:d9:91:24:18:b3:b4:1b:4d:
18:34:e2:2a:bf:f2:ae:b6:e2:e7:49:12:0e:a6:ce:a3:b2:0e:
42:8b:03:49:88:b0:73:0b:15:f5:c8:76:40:cf:7d:d3:ad:82:
43:6e:cd:ed:61:1b:8d:df:d0:c5:34:9d:86:48:f2:c5:ed:40:
8e:47:b7:cf:58:2b:be:a0:c0:71:4f:ff:6f:e0:f1:eb:c4:ae:
00:82:cc:7b:65:01:57:53:a8:ee:35:6e:5d:7c:e1:67:fb:46:
28:ec:35:56:a5:14:4c:94:cc:4c:c3:6c:cf:e4:5f:c6:c5:14:
02:a6:ca:1a:84:54:59:44:97:cb:fa:14:2b:ca:c8:64:46:b8:
c9:0d:ff:82:4f:eb:27:a6:dd:6f:a1:76:4f:60:b7:0a:91:a1:
dc:b0:56:28:cc:cc:d2:f4:91:2e:23:0b:98:ee:af:ad:64:94:
84:9d:b9:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxE0EdsXPKrt5vanBvIOW2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNzFlNGVkODQyNTM4M2Y2YzgxYzIxYTQ4OTRhNDM3NjM2
NzVlZmMwHhcNMjUxMTExMDQwMTE4WhcNMjUxMTEyMDQwMTE4WjAzMTEwLwYDVQQD
Eyg4MGJmYWRhY2ZhMzhmNWYwNmY4NTFkNmJiZWIyN2JlN2I4NjE5YThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwH5umRpSqWSMiW966ef8hbzCzTj1
eoIXCPHfycAoFbTancmZr7y1IOY+i9cKkZ+G7s/KhsgoqPHheT346c5izWIZZjjy
5I0fXEigtsDZ3xagVdDvWeH7+BJzkv6RG9L/534pGsDDUHTdwoq05hil3E12jgxC
8fhqtylG8MgE2jL98M0Dx7GaTmo2d3df5KX9SSAxS612c86WyTxMJcw+1CWkDHRa
H6Abr73c8BHYnY5gg4kJhkgbFcRA+JG/zmithpWEE5Voi2bmzncQ9c+CWhS46qBq
12gJD8WNAL1l1yVIp7+6G/ALptPaZivSEr8RdE31Mlm9558c0uDxIOjYWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIC/raz6OPXwb4Uda76ye+e4YZqOMB8GA1UdIwQY
MBaAFNJx5O2EJTg/bIHCGkiUpDdjZ178MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG5IazdZUWxPRDlzZ2NJYVNKU2tOMk5uWHZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84ZTE2Y2MtODIxZi00YmQ1LTlmZWQt
YWI4MTBkNTM0YmRkLzEvMG5IazdZUWxPRDlzZ2NJYVNKU2tOMk5uWHZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS84ZTE2Y2MtODIxZi00YmQ1LTlmZWQtYWI4MTBkNTM0YmRk
LzEvMG5IazdZUWxPRDlzZ2NJYVNKU2tOMk5uWHZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjfXcuupW
xwk/Tt3s/ppEQ1FS7k7FHz1Gs6ggebjA+nSMqV0PwqUFx2o1jdbBUB2AxszHh7nk
WaIVN8CCzLtDA+ARXUjLy+Ro/o4qgc9xpuRoMNmRJBiztBtNGDTiKr/yrrbi50kS
DqbOo7IOQosDSYiwcwsV9ch2QM99062CQ27N7WEbjd/QxTSdhkjyxe1Ajke3z1gr
vqDAcU//b+Dx68SuAILMe2UBV1Oo7jVuXXzhZ/tGKOw1VqUUTJTMTMNsz+RfxsUU
AqbKGoRUWUSXy/oUK8rIZEa4yQ3/gk/rJ6bdb6F2T2C3CpGh3LBWKMzM0vSRLiML
mO6vrWSUhJ25vw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:15:24 2025 by rpki-client