Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.mft
File: 2GgtLMrU5BpVIJSX7g_ifzkBu1E.mft (raw, json)
Hash identifier: eJ8RxA7h8g22dChyFSHrPKOV9iNI7FKPI3kjXj+He7M=
Subject key identifier: 31:26:12:94:B8:D3:D8:9D:2B:CA:19:47:9B:0C:DD:35:AF:FC:E8:C6
Authority key identifier: D8:68:2D:2C:CA:D4:E4:1A:55:20:94:97:EE:0F:E2:7F:39:01:BB:51
Certificate issuer: /CN=d8682d2ccad4e41a55209497ee0fe27f3901bb51
Certificate serial: 019A72CAA792466605BB76D640A22F5BD232
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2GgtLMrU5BpVIJSX7g_ifzkBu1E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.mft
Manifest number: 01BC
Signing time: Tue 11 Nov 2025 12:01:15 +0000
Manifest this update: Tue 11 Nov 2025 12:01:15 +0000
Manifest next update: Wed 12 Nov 2025 12:01:15 +0000
Files and hashes: 1: 2GgtLMrU5BpVIJSX7g_ifzkBu1E.crl (hash: 4k3SFQwXZdvnQr11/LAff7Xx3bdkDJkCfd8i6EJquuQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.mft
rsync://rpki.ripe.net/repository/DEFAULT/2GgtLMrU5BpVIJSX7g_ifzkBu1E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:ca:a7:92:46:66:05:bb:76:d6:40:a2:2f:5b:d2:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8682d2ccad4e41a55209497ee0fe27f3901bb51
Validity
Not Before: Nov 11 12:01:15 2025 GMT
Not After : Nov 12 12:01:15 2025 GMT
Subject: CN=31261294b8d3d89d2bca19479b0cdd35affce8c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:cf:d8:8b:61:15:f4:cc:10:64:20:5c:ba:f2:
3d:1c:20:84:65:4b:d0:ad:70:fa:eb:a6:7d:a8:1c:
a4:c5:db:26:5f:52:e8:cb:e3:ca:d3:18:5d:2e:f6:
39:86:b1:e5:69:b7:3e:97:78:94:cb:41:1c:ff:39:
12:b6:e2:db:06:66:ae:d5:3a:56:a1:27:31:ca:b8:
47:fd:a9:66:c0:bf:3e:d9:48:e9:59:ad:77:a0:bd:
12:98:07:f9:a8:39:d5:36:90:51:bf:07:2a:1d:61:
c6:05:ae:a6:9f:a8:4e:38:32:a1:58:7d:ce:81:d9:
64:99:3f:39:8e:9e:79:b9:ca:e5:8b:f4:3c:9c:80:
c0:fb:3e:20:00:91:ca:3d:59:f1:cc:12:98:ea:34:
f8:70:2a:de:e7:5b:87:89:e7:83:99:14:da:14:c8:
51:bc:16:52:69:de:b6:3d:e7:6b:bd:57:0e:1f:06:
6b:07:67:9a:ad:b5:da:5b:12:6a:80:9d:bf:1d:98:
bf:77:15:ad:ba:1c:a2:ae:b2:44:5c:9b:79:c3:e5:
fe:17:8b:aa:d6:41:14:19:dd:97:2e:2c:e6:70:c0:
91:33:86:7f:6a:af:be:84:cb:a9:2c:bd:80:37:c1:
e6:e4:e6:a1:6e:3e:b1:d6:46:d0:96:99:e6:8d:35:
40:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:26:12:94:B8:D3:D8:9D:2B:CA:19:47:9B:0C:DD:35:AF:FC:E8:C6
X509v3 Authority Key Identifier:
keyid:D8:68:2D:2C:CA:D4:E4:1A:55:20:94:97:EE:0F:E2:7F:39:01:BB:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2GgtLMrU5BpVIJSX7g_ifzkBu1E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b5:6f:84:26:0a:95:01:fb:a7:e8:00:24:b1:ab:db:cd:4b:7c:
2a:18:9b:25:b6:97:73:77:2f:e0:d7:43:e8:18:41:ed:36:bc:
19:d1:13:5e:46:46:09:06:65:75:0d:b8:9c:1f:b0:53:c8:11:
b0:ad:4a:aa:1a:68:d0:b3:9c:21:ee:43:a7:e3:94:9a:df:bb:
cd:f4:90:f3:22:6e:1c:8e:ce:91:fa:40:24:90:f0:64:37:ac:
3c:89:35:73:a8:4a:6b:e1:dd:e0:9f:c8:7b:a3:43:f2:e2:d5:
78:dc:d5:89:f1:8d:81:ba:cc:14:a6:5f:ff:df:39:d4:ba:08:
64:0b:85:4c:b2:38:80:13:6a:d4:f5:19:51:d3:ca:cc:a2:d5:
21:77:d8:c1:01:e2:ef:82:41:98:72:08:1a:a1:44:64:52:c1:
39:8b:dd:a3:0b:78:45:bc:84:0c:cb:8c:4b:60:9e:3b:bf:df:
e9:dd:fc:15:c0:dd:26:16:f2:6c:73:0b:6a:d1:ff:2a:51:3c:
d2:0b:e1:bb:b3:dd:9a:d6:af:f9:d7:2a:72:b1:d8:7a:0f:12:
3d:37:31:d6:00:93:7d:5d:eb:b7:ee:53:a8:98:31:b7:40:23:
fd:f4:32:b3:45:82:0c:59:0f:68:aa:b1:e0:8a:97:55:14:d3:
a2:b5:d6:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyyqeSRmYFu3bWQKIvW9IyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NjgyZDJjY2FkNGU0MWE1NTIwOTQ5N2VlMGZlMjdmMzkw
MWJiNTEwHhcNMjUxMTExMTIwMTE1WhcNMjUxMTEyMTIwMTE1WjAzMTEwLwYDVQQD
EygzMTI2MTI5NGI4ZDNkODlkMmJjYTE5NDc5YjBjZGQzNWFmZmNlOGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsM/Yi2EV9MwQZCBcuvI9HCCEZUvQ
rXD666Z9qBykxdsmX1Loy+PK0xhdLvY5hrHlabc+l3iUy0Ec/zkStuLbBmau1TpW
oScxyrhH/almwL8+2UjpWa13oL0SmAf5qDnVNpBRvwcqHWHGBa6mn6hOODKhWH3O
gdlkmT85jp55ucrli/Q8nIDA+z4gAJHKPVnxzBKY6jT4cCre51uHieeDmRTaFMhR
vBZSad62PedrvVcOHwZrB2earbXaWxJqgJ2/HZi/dxWtuhyirrJEXJt5w+X+F4uq
1kEUGd2XLizmcMCRM4Z/aq++hMupLL2AN8Hm5Oahbj6x1kbQlpnmjTVAiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDEmEpS409idK8oZR5sM3TWv/OjGMB8GA1UdIwQY
MBaAFNhoLSzK1OQaVSCUl+4P4n85AbtRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkdndExNclU1QnBWSUpTWDdnX2lmemtCdTFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9jNjlhYTItNDk4ZC00NDFiLThiMTct
NWM3ZTlmZTZlMWE5LzEvMkdndExNclU1QnBWSUpTWDdnX2lmemtCdTFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9jNjlhYTItNDk4ZC00NDFiLThiMTctNWM3ZTlmZTZlMWE5
LzEvMkdndExNclU1QnBWSUpTWDdnX2lmemtCdTFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtW+EJgqV
Afun6AAksavbzUt8KhibJbaXc3cv4NdD6BhB7Ta8GdETXkZGCQZldQ24nB+wU8gR
sK1Kqhpo0LOcIe5Dp+OUmt+7zfSQ8yJuHI7OkfpAJJDwZDesPIk1c6hKa+Hd4J/I
e6ND8uLVeNzVifGNgbrMFKZf/9851LoIZAuFTLI4gBNq1PUZUdPKzKLVIXfYwQHi
74JBmHIIGqFEZFLBOYvdowt4RbyEDMuMS2CeO7/f6d38FcDdJhbybHMLatH/KlE8
0gvhu7Pdmtav+dcqcrHYeg8SPTcx1gCTfV3rt+5TqJgxt0Aj/fQys0WCDFkPaKqx
4IqXVRTTorXWkw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:20:30 2025 by rpki-client