Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/3c4a64-4b35-41d2-82a5-f30303f3f2f5/1/mfSXPlJLCHF1gld2MNMxk-U7Z8k.mft
File: mfSXPlJLCHF1gld2MNMxk-U7Z8k.mft (raw, json)
Hash identifier: BvOT/76iZEneaX8IXbRSCCbj8VX9PIzAepirU4VKdzU=
Subject key identifier: 3C:D5:2E:3D:E8:5D:BE:FF:02:DA:DC:4C:4E:CE:F0:36:09:EE:9E:C4
Authority key identifier: 99:F4:97:3E:52:4B:08:71:75:82:57:76:30:D3:31:93:E5:3B:67:C9
Certificate issuer: /CN=99f4973e524b08717582577630d33193e53b67c9
Certificate serial: 019A72262CAF5DDEA1ADCF74955A14E57790
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mfSXPlJLCHF1gld2MNMxk-U7Z8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/3c4a64-4b35-41d2-82a5-f30303f3f2f5/1/mfSXPlJLCHF1gld2MNMxk-U7Z8k.mft
Manifest number: 05D1
Signing time: Tue 11 Nov 2025 09:01:35 +0000
Manifest this update: Tue 11 Nov 2025 09:01:35 +0000
Manifest next update: Wed 12 Nov 2025 09:01:35 +0000
Files and hashes: 1: mfSXPlJLCHF1gld2MNMxk-U7Z8k.crl (hash: A/swNL6UKkaaNSRejii2m7e5VBWB/e7JE3vHdJeFRTs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/3c4a64-4b35-41d2-82a5-f30303f3f2f5/1/mfSXPlJLCHF1gld2MNMxk-U7Z8k.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/3c4a64-4b35-41d2-82a5-f30303f3f2f5/1/mfSXPlJLCHF1gld2MNMxk-U7Z8k.mft
rsync://rpki.ripe.net/repository/DEFAULT/mfSXPlJLCHF1gld2MNMxk-U7Z8k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:2c:af:5d:de:a1:ad:cf:74:95:5a:14:e5:77:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99f4973e524b08717582577630d33193e53b67c9
Validity
Not Before: Nov 11 09:01:35 2025 GMT
Not After : Nov 12 09:01:35 2025 GMT
Subject: CN=3cd52e3de85dbeff02dadc4c4ecef03609ee9ec4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:cf:33:93:07:0a:dd:3b:e8:9d:78:e6:8f:01:
b7:6b:d3:71:68:61:ed:04:0d:0a:4a:76:ec:4b:90:
d2:74:81:0d:68:8e:07:30:b6:ce:f6:fd:5f:e7:1a:
0b:c3:19:b0:4e:fe:aa:ae:a4:e9:cb:67:b8:0f:07:
ac:32:48:3f:14:95:b8:a8:3b:32:5c:d6:f1:fd:27:
e4:fb:a1:c5:a0:a5:42:b2:28:6e:26:3b:b4:40:ff:
eb:a2:44:c8:e4:b4:b6:82:0e:20:7d:f3:12:b2:bc:
22:aa:af:4d:a2:b9:22:24:83:a5:05:cf:29:3c:64:
12:a5:df:e7:ec:b7:7f:0b:f0:1a:74:6b:13:3b:af:
39:28:ae:ef:b7:37:17:65:fb:78:3a:35:ca:51:1c:
7c:33:aa:de:d7:ae:92:10:f6:eb:54:9b:6d:40:b7:
cb:dd:58:9c:b7:08:71:34:5f:c3:ff:d6:58:a3:38:
af:5e:02:3e:86:5d:b1:08:74:51:06:e6:bc:18:d2:
7a:e7:f0:de:53:a9:a3:32:81:9f:76:d5:72:e0:8a:
0e:c8:2d:ec:2a:58:01:e3:d2:1c:73:ea:2c:0e:89:
ba:0d:ce:ba:29:ba:46:73:74:4e:0f:a3:ae:89:a4:
98:39:fc:f2:e2:35:70:75:9d:95:fb:90:c0:57:db:
e5:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:D5:2E:3D:E8:5D:BE:FF:02:DA:DC:4C:4E:CE:F0:36:09:EE:9E:C4
X509v3 Authority Key Identifier:
keyid:99:F4:97:3E:52:4B:08:71:75:82:57:76:30:D3:31:93:E5:3B:67:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mfSXPlJLCHF1gld2MNMxk-U7Z8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/3c4a64-4b35-41d2-82a5-f30303f3f2f5/1/mfSXPlJLCHF1gld2MNMxk-U7Z8k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/3c4a64-4b35-41d2-82a5-f30303f3f2f5/1/mfSXPlJLCHF1gld2MNMxk-U7Z8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a8:c6:63:15:5b:e2:12:6f:e9:ad:9e:76:d5:fd:f3:3c:98:be:
54:b7:7e:a8:10:33:55:ff:55:26:da:a9:bd:f1:fa:7c:50:9c:
73:45:96:7a:7f:1c:b4:d0:7b:52:28:b9:ad:36:da:4c:d4:ee:
0c:29:43:f1:55:72:30:06:e7:85:53:d1:94:fc:17:de:98:9f:
68:41:6a:b2:a5:17:d9:74:2a:47:8a:2d:2a:61:3b:6e:0e:81:
d9:8d:f0:12:6c:5c:5d:fa:0f:9f:7d:d3:e8:1e:d3:fe:a5:5f:
f1:12:ec:22:78:d8:be:4e:9d:a9:f6:65:0b:de:43:9c:8b:68:
3a:ec:92:d6:cc:04:63:a6:b9:64:82:5a:01:13:3b:bb:02:f8:
07:58:17:d7:b9:f4:d1:ec:35:9e:5e:6a:f4:fc:0f:ab:f4:35:
dc:62:92:a0:63:0d:5f:25:a9:33:28:99:46:11:46:0c:28:76:
68:69:19:1f:84:1f:af:b4:73:33:ce:6f:3a:3d:1a:7e:31:82:
1e:5b:f7:57:be:9e:f9:a0:35:17:3d:49:06:57:f0:39:fd:d0:
78:3d:b3:62:9d:a1:41:35:50:37:52:45:00:81:65:4f:b8:5a:
de:de:c9:90:03:fb:7a:15:a5:78:1e:34:06:7d:20:f4:ee:eb:
92:25:c8:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJiyvXd6hrc90lVoU5XeQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZjQ5NzNlNTI0YjA4NzE3NTgyNTc3NjMwZDMzMTkzZTUz
YjY3YzkwHhcNMjUxMTExMDkwMTM1WhcNMjUxMTEyMDkwMTM1WjAzMTEwLwYDVQQD
EygzY2Q1MmUzZGU4NWRiZWZmMDJkYWRjNGM0ZWNlZjAzNjA5ZWU5ZWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0s8zkwcK3TvonXjmjwG3a9NxaGHt
BA0KSnbsS5DSdIENaI4HMLbO9v1f5xoLwxmwTv6qrqTpy2e4DwesMkg/FJW4qDsy
XNbx/Sfk+6HFoKVCsihuJju0QP/rokTI5LS2gg4gffMSsrwiqq9NorkiJIOlBc8p
PGQSpd/n7Ld/C/AadGsTO685KK7vtzcXZft4OjXKURx8M6re166SEPbrVJttQLfL
3VictwhxNF/D/9ZYozivXgI+hl2xCHRRBua8GNJ65/DeU6mjMoGfdtVy4IoOyC3s
KlgB49Icc+osDom6Dc66KbpGc3ROD6OuiaSYOfzy4jVwdZ2V+5DAV9vl6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDzVLj3oXb7/AtrcTE7O8DYJ7p7EMB8GA1UdIwQY
MBaAFJn0lz5SSwhxdYJXdjDTMZPlO2fJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWZTWFBsSkxDSEYxZ2xkMk1OTXhrLVU3WjhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8zYzRhNjQtNGIzNS00MWQyLTgyYTUt
ZjMwMzAzZjNmMmY1LzEvbWZTWFBsSkxDSEYxZ2xkMk1OTXhrLVU3WjhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8zYzRhNjQtNGIzNS00MWQyLTgyYTUtZjMwMzAzZjNmMmY1
LzEvbWZTWFBsSkxDSEYxZ2xkMk1OTXhrLVU3WjhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqMZjFVvi
Em/prZ521f3zPJi+VLd+qBAzVf9VJtqpvfH6fFCcc0WWen8ctNB7Uii5rTbaTNTu
DClD8VVyMAbnhVPRlPwX3pifaEFqsqUX2XQqR4otKmE7bg6B2Y3wEmxcXfoPn33T
6B7T/qVf8RLsInjYvk6dqfZlC95DnItoOuyS1swEY6a5ZIJaARM7uwL4B1gX17n0
0ew1nl5q9PwPq/Q13GKSoGMNXyWpMyiZRhFGDCh2aGkZH4Qfr7RzM85vOj0afjGC
Hlv3V76e+aA1Fz1JBlfwOf3QeD2zYp2hQTVQN1JFAIFlT7ha3t7JkAP7ehWleB40
Bn0g9O7rkiXIAw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:35:44 2025 by rpki-client