Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/bdd92e-3b11-416f-ae93-46ea656bf389/1/l7bLSIQc5Rmyg1nK8bzjQOM2ge8.mft
File: l7bLSIQc5Rmyg1nK8bzjQOM2ge8.mft (raw, json)
Hash identifier: sFoDQlDSdwoN2YqHRg1f5s1OEDaThtvTxK326bM+eFM=
Subject key identifier: A3:3D:D7:5F:22:1A:71:FD:CA:EA:3D:11:7B:08:D0:30:6B:0F:0B:D4
Authority key identifier: 97:B6:CB:48:84:1C:E5:19:B2:83:59:CA:F1:BC:E3:40:E3:36:81:EF
Certificate issuer: /CN=97b6cb48841ce519b28359caf1bce340e33681ef
Certificate serial: 019A7293DBC9683BD7229CB0347476DC9D3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l7bLSIQc5Rmyg1nK8bzjQOM2ge8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/bdd92e-3b11-416f-ae93-46ea656bf389/1/l7bLSIQc5Rmyg1nK8bzjQOM2ge8.mft
Manifest number: 08CA
Signing time: Tue 11 Nov 2025 11:01:23 +0000
Manifest this update: Tue 11 Nov 2025 11:01:23 +0000
Manifest next update: Wed 12 Nov 2025 11:01:23 +0000
Files and hashes: 1: l7bLSIQc5Rmyg1nK8bzjQOM2ge8.crl (hash: OABTaGOTDcpo4g8BWyu5x0DWQN9rea+KKsZfyRj8zxU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/bdd92e-3b11-416f-ae93-46ea656bf389/1/l7bLSIQc5Rmyg1nK8bzjQOM2ge8.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/bdd92e-3b11-416f-ae93-46ea656bf389/1/l7bLSIQc5Rmyg1nK8bzjQOM2ge8.mft
rsync://rpki.ripe.net/repository/DEFAULT/l7bLSIQc5Rmyg1nK8bzjQOM2ge8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:db:c9:68:3b:d7:22:9c:b0:34:74:76:dc:9d:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97b6cb48841ce519b28359caf1bce340e33681ef
Validity
Not Before: Nov 11 11:01:23 2025 GMT
Not After : Nov 12 11:01:23 2025 GMT
Subject: CN=a33dd75f221a71fdcaea3d117b08d0306b0f0bd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:d3:6c:27:b3:65:1e:40:fe:a0:84:dc:45:dd:
7f:81:23:75:9a:db:8c:7a:91:aa:b3:5a:ed:18:e5:
89:42:e8:c3:fe:25:ad:b7:1e:89:51:21:86:b9:1f:
28:57:f4:22:b7:2f:05:c2:a8:f9:6a:b3:4e:b2:8b:
4d:8d:2a:5b:68:35:16:51:2b:21:1a:4e:67:45:9c:
17:93:e8:ca:14:48:a5:30:10:33:8f:f1:37:38:50:
f2:30:f9:fd:c8:86:54:8e:bf:23:85:f3:fe:6f:74:
3d:9d:ae:2d:5e:43:c8:7f:78:93:87:75:17:98:70:
6a:b2:60:79:a9:91:5e:9e:fa:13:d3:99:5b:5c:c2:
f0:fd:cd:ef:d4:2e:1f:fd:0f:00:27:ff:0f:9a:5c:
f2:2e:aa:2a:0e:77:a7:3d:3c:7a:2a:03:3b:ee:c7:
96:97:79:bd:b6:f7:26:f5:18:ac:55:71:f6:0b:ba:
68:a5:6b:70:62:d3:50:26:40:b9:d8:62:dd:7a:5f:
04:f1:4d:ef:34:04:5b:5d:37:be:57:78:40:17:0a:
94:ac:00:4b:3f:1a:06:7e:f5:e9:7c:20:d9:15:3a:
bd:71:c2:b2:e5:8f:a9:67:a0:e1:53:bb:05:00:79:
79:91:70:0e:83:f0:db:de:85:b4:de:63:1e:3f:99:
2a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:3D:D7:5F:22:1A:71:FD:CA:EA:3D:11:7B:08:D0:30:6B:0F:0B:D4
X509v3 Authority Key Identifier:
keyid:97:B6:CB:48:84:1C:E5:19:B2:83:59:CA:F1:BC:E3:40:E3:36:81:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l7bLSIQc5Rmyg1nK8bzjQOM2ge8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bdd92e-3b11-416f-ae93-46ea656bf389/1/l7bLSIQc5Rmyg1nK8bzjQOM2ge8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bdd92e-3b11-416f-ae93-46ea656bf389/1/l7bLSIQc5Rmyg1nK8bzjQOM2ge8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3b:c7:01:f4:48:2b:eb:49:3e:7e:f6:ff:37:05:bc:57:9a:dc:
1b:be:80:39:89:81:ab:c2:54:42:e6:46:e4:10:21:a4:83:98:
19:30:96:53:f6:80:f6:8a:f4:6b:fc:c4:39:e5:71:f8:25:b2:
cd:34:dd:33:cb:e6:e2:ab:49:2a:4f:2f:84:b0:23:5c:28:70:
ad:07:33:70:3e:79:a0:69:56:0d:e0:6f:62:21:37:9a:8c:d7:
57:d2:c1:7f:9f:3d:7b:71:32:e7:8f:d1:be:da:b9:0f:0a:71:
62:78:5c:10:83:95:4c:73:60:ef:19:27:5b:7f:a4:82:40:68:
a0:f5:15:f5:fb:67:1d:fb:54:d4:8d:97:18:f1:3c:e2:33:d8:
c7:24:5c:55:04:c3:3f:36:85:f6:50:42:ef:ea:68:34:32:52:
9a:9c:7f:c9:4e:61:d5:08:a7:03:54:81:64:eb:92:ea:78:09:
54:85:0d:19:d3:ac:ea:c6:3e:c3:c0:d1:3e:66:20:45:c9:19:
bb:8e:4c:bc:48:15:2d:d1:78:b3:11:28:35:35:fc:72:0e:11:
78:c7:88:ff:45:4d:71:d7:dd:75:7b:34:ba:79:64:02:4d:8e:
bc:41:ae:c4:d3:32:c7:fa:8c:44:40:99:11:c6:ba:d0:df:60:
ee:66:15:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk9vJaDvXIpywNHR23J07MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3YjZjYjQ4ODQxY2U1MTliMjgzNTljYWYxYmNlMzQwZTMz
NjgxZWYwHhcNMjUxMTExMTEwMTIzWhcNMjUxMTEyMTEwMTIzWjAzMTEwLwYDVQQD
EyhhMzNkZDc1ZjIyMWE3MWZkY2FlYTNkMTE3YjA4ZDAzMDZiMGYwYmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0tNsJ7NlHkD+oITcRd1/gSN1mtuM
epGqs1rtGOWJQujD/iWttx6JUSGGuR8oV/Qity8Fwqj5arNOsotNjSpbaDUWUSsh
Gk5nRZwXk+jKFEilMBAzj/E3OFDyMPn9yIZUjr8jhfP+b3Q9na4tXkPIf3iTh3UX
mHBqsmB5qZFenvoT05lbXMLw/c3v1C4f/Q8AJ/8PmlzyLqoqDnenPTx6KgM77seW
l3m9tvcm9RisVXH2C7popWtwYtNQJkC52GLdel8E8U3vNARbXTe+V3hAFwqUrABL
PxoGfvXpfCDZFTq9ccKy5Y+pZ6DhU7sFAHl5kXAOg/Db3oW03mMeP5kqjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKM9118iGnH9yuo9EXsI0DBrDwvUMB8GA1UdIwQY
MBaAFJe2y0iEHOUZsoNZyvG840DjNoHvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDdiTFNJUWM1Um15ZzFuSzhiempRT00yZ2U4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iZGQ5MmUtM2IxMS00MTZmLWFlOTMt
NDZlYTY1NmJmMzg5LzEvbDdiTFNJUWM1Um15ZzFuSzhiempRT00yZ2U4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iZGQ5MmUtM2IxMS00MTZmLWFlOTMtNDZlYTY1NmJmMzg5
LzEvbDdiTFNJUWM1Um15ZzFuSzhiempRT00yZ2U4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO8cB9Egr
60k+fvb/NwW8V5rcG76AOYmBq8JUQuZG5BAhpIOYGTCWU/aA9or0a/zEOeVx+CWy
zTTdM8vm4qtJKk8vhLAjXChwrQczcD55oGlWDeBvYiE3mozXV9LBf589e3Ey54/R
vtq5DwpxYnhcEIOVTHNg7xknW3+kgkBooPUV9ftnHftU1I2XGPE84jPYxyRcVQTD
PzaF9lBC7+poNDJSmpx/yU5h1QinA1SBZOuS6ngJVIUNGdOs6sY+w8DRPmYgRckZ
u45MvEgVLdF4sxEoNTX8cg4ReMeI/0VNcdfddXs0unlkAk2OvEGuxNMyx/qMRECZ
Eca60N9g7mYVvw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:31:35 2025 by rpki-client