Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/ebb39e-be6b-428d-b50e-c7a366b91f43/1/veWU40bxTQmDwaa_S7XHFP-bhEI.mft
File: veWU40bxTQmDwaa_S7XHFP-bhEI.mft (raw, json)
Hash identifier: uEcjPFBpg0FJj1eiGOVfdUPp+jmOzjC7vaevRGdWBxY=
Subject key identifier: 2E:3D:29:90:3B:29:19:29:91:D0:B0:CE:05:7D:C9:D3:BB:DC:60:3D
Authority key identifier: BD:E5:94:E3:46:F1:4D:09:83:C1:A6:BF:4B:B5:C7:14:FF:9B:84:42
Certificate issuer: /CN=bde594e346f14d0983c1a6bf4bb5c714ff9b8442
Certificate serial: 019A7225A381D348D2FE576090FDF28FC714
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/veWU40bxTQmDwaa_S7XHFP-bhEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/ebb39e-be6b-428d-b50e-c7a366b91f43/1/veWU40bxTQmDwaa_S7XHFP-bhEI.mft
Manifest number: 171C
Signing time: Tue 11 Nov 2025 09:01:00 +0000
Manifest this update: Tue 11 Nov 2025 09:01:00 +0000
Manifest next update: Wed 12 Nov 2025 09:01:00 +0000
Files and hashes: 1: veWU40bxTQmDwaa_S7XHFP-bhEI.crl (hash: b0yMOqobCjgu59Frw3nhngDtQaUZ+qV8qo3ldzKFEH0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/ebb39e-be6b-428d-b50e-c7a366b91f43/1/veWU40bxTQmDwaa_S7XHFP-bhEI.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/ebb39e-be6b-428d-b50e-c7a366b91f43/1/veWU40bxTQmDwaa_S7XHFP-bhEI.mft
rsync://rpki.ripe.net/repository/DEFAULT/veWU40bxTQmDwaa_S7XHFP-bhEI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:a3:81:d3:48:d2:fe:57:60:90:fd:f2:8f:c7:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bde594e346f14d0983c1a6bf4bb5c714ff9b8442
Validity
Not Before: Nov 11 09:01:00 2025 GMT
Not After : Nov 12 09:01:00 2025 GMT
Subject: CN=2e3d29903b29192991d0b0ce057dc9d3bbdc603d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e8:06:28:72:77:0a:20:aa:52:75:70:75:6d:
db:c1:b4:5d:62:ea:3e:e4:f7:c1:24:85:70:60:bb:
42:3c:06:f4:86:99:37:7e:87:2c:19:88:14:0c:10:
36:83:b5:ea:6f:62:09:b2:d7:03:d8:98:af:d1:17:
94:df:cb:26:83:cb:38:2e:dc:7e:b8:2b:59:60:c6:
25:86:0d:25:1d:f0:85:8b:67:df:d3:17:18:8b:c9:
62:da:26:9a:75:b1:c9:1e:f4:d6:09:4e:c9:e1:2b:
08:40:44:f4:a6:52:24:55:95:f7:7d:26:60:27:bc:
52:30:c2:20:8b:9b:af:b2:19:35:30:39:80:61:bc:
00:44:3e:da:3e:9b:d6:b5:73:04:79:19:a1:e7:ff:
df:33:29:43:9a:eb:b8:da:76:f1:5d:7a:c4:eb:f8:
6a:50:0d:a9:b4:d1:66:cd:c0:23:e3:f6:e6:15:a0:
fb:25:28:74:7c:c3:31:6a:c4:be:11:44:18:a0:a7:
08:3f:6c:c3:b8:92:ab:5a:e2:c9:ee:87:46:24:06:
f1:13:c1:48:0d:9e:e4:62:88:9f:71:fb:1f:8d:9e:
0b:fb:c5:ce:7e:65:d1:0c:bd:90:80:a4:b8:2a:0b:
3a:ea:82:6b:e4:48:6d:a2:21:38:20:48:bb:90:45:
fb:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:3D:29:90:3B:29:19:29:91:D0:B0:CE:05:7D:C9:D3:BB:DC:60:3D
X509v3 Authority Key Identifier:
keyid:BD:E5:94:E3:46:F1:4D:09:83:C1:A6:BF:4B:B5:C7:14:FF:9B:84:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/veWU40bxTQmDwaa_S7XHFP-bhEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/ebb39e-be6b-428d-b50e-c7a366b91f43/1/veWU40bxTQmDwaa_S7XHFP-bhEI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/ebb39e-be6b-428d-b50e-c7a366b91f43/1/veWU40bxTQmDwaa_S7XHFP-bhEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
44:d4:31:ea:fc:7f:ab:8b:ca:78:a4:0e:d3:39:35:88:42:d6:
54:82:2f:51:18:d2:34:9a:80:32:b9:b2:57:f5:e9:93:ff:d4:
a2:52:72:c3:52:18:3c:5a:e3:1f:94:06:e1:8c:81:6a:2f:1a:
b6:70:57:c0:e0:35:55:aa:22:6e:59:ea:31:98:dd:2a:25:99:
9c:01:a3:5c:b8:74:68:07:9b:51:7b:69:60:14:50:1d:15:c2:
0c:e6:c8:85:23:ec:f7:40:64:5d:7d:d3:83:30:f4:0a:60:6e:
46:eb:ca:9e:25:09:20:61:0d:0a:e1:b0:0a:bc:92:71:4f:77:
9f:e4:06:16:36:35:a2:c3:55:27:6b:05:5d:52:0b:ce:55:f1:
64:b0:b6:be:0f:60:7c:93:d5:45:d0:71:04:cc:93:c4:d7:59:
1b:d9:c6:0b:9f:07:95:a9:dd:86:26:be:49:14:01:7e:40:ee:
4d:3b:cc:ec:e6:0a:a9:05:4b:ff:d5:af:08:51:f8:bf:b0:94:
3b:84:45:54:de:5e:a9:23:8d:40:4b:1e:97:57:48:51:ef:33:
47:eb:b5:0a:e8:d7:52:7d:08:fb:58:2f:1a:bb:93:35:c5:b7:
e7:0a:ff:e2:ef:11:9e:06:fc:e2:2f:91:df:bf:34:ff:64:da:
81:a2:7a:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJaOB00jS/ldgkP3yj8cUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZTU5NGUzNDZmMTRkMDk4M2MxYTZiZjRiYjVjNzE0ZmY5
Yjg0NDIwHhcNMjUxMTExMDkwMTAwWhcNMjUxMTEyMDkwMTAwWjAzMTEwLwYDVQQD
EygyZTNkMjk5MDNiMjkxOTI5OTFkMGIwY2UwNTdkYzlkM2JiZGM2MDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwegGKHJ3CiCqUnVwdW3bwbRdYuo+
5PfBJIVwYLtCPAb0hpk3focsGYgUDBA2g7Xqb2IJstcD2Jiv0ReU38smg8s4Ltx+
uCtZYMYlhg0lHfCFi2ff0xcYi8li2iaadbHJHvTWCU7J4SsIQET0plIkVZX3fSZg
J7xSMMIgi5uvshk1MDmAYbwARD7aPpvWtXMEeRmh5//fMylDmuu42nbxXXrE6/hq
UA2ptNFmzcAj4/bmFaD7JSh0fMMxasS+EUQYoKcIP2zDuJKrWuLJ7odGJAbxE8FI
DZ7kYoifcfsfjZ4L+8XOfmXRDL2QgKS4Kgs66oJr5EhtoiE4IEi7kEX7hwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC49KZA7KRkpkdCwzgV9ydO73GA9MB8GA1UdIwQY
MBaAFL3llONG8U0Jg8Gmv0u1xxT/m4RCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmVXVTQwYnhUUW1Ed2FhX1M3WEhGUC1iaEVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9lYmIzOWUtYmU2Yi00MjhkLWI1MGUt
YzdhMzY2YjkxZjQzLzEvdmVXVTQwYnhUUW1Ed2FhX1M3WEhGUC1iaEVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9lYmIzOWUtYmU2Yi00MjhkLWI1MGUtYzdhMzY2YjkxZjQz
LzEvdmVXVTQwYnhUUW1Ed2FhX1M3WEhGUC1iaEVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARNQx6vx/
q4vKeKQO0zk1iELWVIIvURjSNJqAMrmyV/Xpk//UolJyw1IYPFrjH5QG4YyBai8a
tnBXwOA1VaoiblnqMZjdKiWZnAGjXLh0aAebUXtpYBRQHRXCDObIhSPs90BkXX3T
gzD0CmBuRuvKniUJIGENCuGwCryScU93n+QGFjY1osNVJ2sFXVILzlXxZLC2vg9g
fJPVRdBxBMyTxNdZG9nGC58Hlandhia+SRQBfkDuTTvM7OYKqQVL/9WvCFH4v7CU
O4RFVN5eqSONQEsel1dIUe8zR+u1CujXUn0I+1gvGruTNcW35wr/4u8Rngb84i+R
3780/2TagaJ6tg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:32:44 2025 by rpki-client