Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/208c25-edce-4131-b31b-66a52c7c8c00/1/yGEQ5MdkHRgOjxkgrGX7788G18c.mft
File: yGEQ5MdkHRgOjxkgrGX7788G18c.mft (raw, json)
Hash identifier: tSZrO02I4jsOJVOsPeyAl1ok+cg1m89nwmpNAeVkFBQ=
Subject key identifier: CF:E9:2F:76:6D:F5:00:FB:D8:AD:E1:96:DD:D5:B8:DE:F2:B2:06:3B
Authority key identifier: C8:61:10:E4:C7:64:1D:18:0E:8F:19:20:AC:65:FB:EF:CF:06:D7:C7
Certificate issuer: /CN=c86110e4c7641d180e8f1920ac65fbefcf06d7c7
Certificate serial: 019A7149BBBC7B95B76EC76F21B838F9F9C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yGEQ5MdkHRgOjxkgrGX7788G18c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/208c25-edce-4131-b31b-66a52c7c8c00/1/yGEQ5MdkHRgOjxkgrGX7788G18c.mft
Manifest number: 01B2
Signing time: Tue 11 Nov 2025 05:00:48 +0000
Manifest this update: Tue 11 Nov 2025 05:00:48 +0000
Manifest next update: Wed 12 Nov 2025 05:00:48 +0000
Files and hashes: 1: yGEQ5MdkHRgOjxkgrGX7788G18c.crl (hash: gubuxKahCtpaKmnGXyVvEnYY4w/ZkMCR/iRulIzCwO0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/208c25-edce-4131-b31b-66a52c7c8c00/1/yGEQ5MdkHRgOjxkgrGX7788G18c.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/208c25-edce-4131-b31b-66a52c7c8c00/1/yGEQ5MdkHRgOjxkgrGX7788G18c.mft
rsync://rpki.ripe.net/repository/DEFAULT/yGEQ5MdkHRgOjxkgrGX7788G18c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:bb:bc:7b:95:b7:6e:c7:6f:21:b8:38:f9:f9:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c86110e4c7641d180e8f1920ac65fbefcf06d7c7
Validity
Not Before: Nov 11 05:00:48 2025 GMT
Not After : Nov 12 05:00:48 2025 GMT
Subject: CN=cfe92f766df500fbd8ade196ddd5b8def2b2063b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:4c:a7:06:31:e6:6c:a6:92:d8:30:11:7d:73:
2c:34:86:09:64:ed:50:38:4e:6f:d3:f6:6b:a6:f4:
31:2e:ec:df:89:20:d8:b1:92:41:bc:43:e9:af:a3:
13:2a:b2:fa:50:7c:9e:d5:6c:8f:3b:f3:29:4a:ac:
1b:d4:ca:fc:5d:01:33:1c:a5:0a:37:85:e3:b1:f6:
08:f0:64:c9:2e:cc:fd:a2:d2:8a:74:20:04:15:4d:
f8:98:49:d3:7b:d6:95:70:e1:0b:6e:ec:bc:ec:2d:
ac:3d:eb:74:17:e3:d3:a4:2c:ff:ee:ee:3b:50:6d:
ce:43:fe:29:12:d9:86:b1:58:b7:66:f2:3e:30:92:
b2:16:1b:38:9b:27:07:77:d2:c2:b8:b1:d4:40:32:
af:7d:95:6f:b9:59:98:df:b1:8b:18:fa:7a:80:40:
77:2b:d7:fd:cf:54:c8:a0:fe:37:03:a8:67:f9:e8:
77:5a:2c:7a:a1:32:36:e6:2a:0d:ed:39:f9:3d:d3:
8d:19:f5:88:b0:7b:83:85:9d:d3:33:f2:65:74:a0:
4d:b2:c5:df:21:fa:6c:0c:f6:47:b0:af:57:be:b3:
14:45:90:44:d9:d0:2b:25:1b:f5:20:38:0c:00:e2:
06:2f:d6:66:43:70:6d:19:5f:c3:e2:63:88:5d:d8:
be:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:E9:2F:76:6D:F5:00:FB:D8:AD:E1:96:DD:D5:B8:DE:F2:B2:06:3B
X509v3 Authority Key Identifier:
keyid:C8:61:10:E4:C7:64:1D:18:0E:8F:19:20:AC:65:FB:EF:CF:06:D7:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yGEQ5MdkHRgOjxkgrGX7788G18c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/208c25-edce-4131-b31b-66a52c7c8c00/1/yGEQ5MdkHRgOjxkgrGX7788G18c.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/208c25-edce-4131-b31b-66a52c7c8c00/1/yGEQ5MdkHRgOjxkgrGX7788G18c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
34:22:c5:7c:d8:df:5d:a0:d1:08:c7:a0:3b:eb:06:ec:75:3e:
4c:63:fc:7f:20:a0:97:21:5a:77:70:6a:61:1d:85:d1:1c:f1:
6c:75:c9:43:ca:22:63:03:18:fd:5a:74:f1:94:90:f6:97:63:
7f:93:81:97:1b:6d:80:8d:9d:70:da:76:13:3e:f5:74:85:4c:
2f:d2:7e:11:50:c2:11:21:2a:b8:d8:ca:ff:e5:65:5f:dd:0d:
e4:7d:36:1b:64:19:a6:83:5a:78:da:1e:4f:e6:a0:9b:9f:e7:
8b:51:57:08:95:99:52:a0:1d:ed:f7:e7:01:7e:46:b5:bf:ec:
6b:e7:71:88:62:5c:b9:4c:20:2e:a8:32:92:4e:16:19:c9:f7:
41:5b:1b:89:e3:d9:2a:5e:dd:b7:76:02:c2:9e:f5:50:de:dd:
28:ee:d7:a8:96:36:d4:c5:ad:fd:46:12:d3:77:06:c8:45:dd:
45:44:17:83:ca:e9:3a:77:d7:04:6d:9e:54:06:d5:88:84:04:
6e:8b:a2:59:b5:34:5c:80:e4:37:b1:71:05:81:da:64:28:ad:
de:48:7d:8e:01:c2:52:c2:b6:fb:73:aa:9e:99:2e:5e:ea:85:
e8:84:7b:ed:99:85:76:4b:13:51:b5:66:11:7b:a3:f9:c1:56:
b2:25:85:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSbu8e5W3bsdvIbg4+fnFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NjExMGU0Yzc2NDFkMTgwZThmMTkyMGFjNjVmYmVmY2Yw
NmQ3YzcwHhcNMjUxMTExMDUwMDQ4WhcNMjUxMTEyMDUwMDQ4WjAzMTEwLwYDVQQD
EyhjZmU5MmY3NjZkZjUwMGZiZDhhZGUxOTZkZGQ1YjhkZWYyYjIwNjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0ynBjHmbKaS2DARfXMsNIYJZO1Q
OE5v0/ZrpvQxLuzfiSDYsZJBvEPpr6MTKrL6UHye1WyPO/MpSqwb1Mr8XQEzHKUK
N4XjsfYI8GTJLsz9otKKdCAEFU34mEnTe9aVcOELbuy87C2sPet0F+PTpCz/7u47
UG3OQ/4pEtmGsVi3ZvI+MJKyFhs4mycHd9LCuLHUQDKvfZVvuVmY37GLGPp6gEB3
K9f9z1TIoP43A6hn+eh3Wix6oTI25ioN7Tn5PdONGfWIsHuDhZ3TM/JldKBNssXf
IfpsDPZHsK9XvrMURZBE2dArJRv1IDgMAOIGL9ZmQ3BtGV/D4mOIXdi+nwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM/pL3Zt9QD72K3hlt3VuN7ysgY7MB8GA1UdIwQY
MBaAFMhhEOTHZB0YDo8ZIKxl++/PBtfHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUdFUTVNZGtIUmdPanhrZ3JHWDc3ODhHMThjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8yMDhjMjUtZWRjZS00MTMxLWIzMWIt
NjZhNTJjN2M4YzAwLzEveUdFUTVNZGtIUmdPanhrZ3JHWDc3ODhHMThjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8yMDhjMjUtZWRjZS00MTMxLWIzMWItNjZhNTJjN2M4YzAw
LzEveUdFUTVNZGtIUmdPanhrZ3JHWDc3ODhHMThjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANCLFfNjf
XaDRCMegO+sG7HU+TGP8fyCglyFad3BqYR2F0RzxbHXJQ8oiYwMY/Vp08ZSQ9pdj
f5OBlxttgI2dcNp2Ez71dIVML9J+EVDCESEquNjK/+VlX90N5H02G2QZpoNaeNoe
T+agm5/ni1FXCJWZUqAd7ffnAX5Gtb/sa+dxiGJcuUwgLqgykk4WGcn3QVsbiePZ
Kl7dt3YCwp71UN7dKO7XqJY21MWt/UYS03cGyEXdRUQXg8rpOnfXBG2eVAbViIQE
bouiWbU0XIDkN7FxBYHaZCit3kh9jgHCUsK2+3OqnpkuXuqF6IR77ZmFdksTUbVm
EXuj+cFWsiWF+A==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:26:44 2025 by rpki-client