Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
File: 2lTIIO5UFUMsaLATYZJ1_0xubqU.mft (raw, json)
Hash identifier: DHho3XbjU/7YVs8oDzhZR4i1F10MlkDdDnjTQCkHTVY=
Subject key identifier: 32:69:B4:11:EB:0C:83:8A:22:A8:74:77:48:97:50:B8:D3:31:D2:5A
Authority key identifier: DA:54:C8:20:EE:54:15:43:2C:68:B0:13:61:92:75:FF:4C:6E:6E:A5
Certificate issuer: /CN=da54c820ee5415432c68b013619275ff4c6e6ea5
Certificate serial: 019A71B8F289AE36950E44235B5CF4C3F0B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
Manifest number: 07A3
Signing time: Tue 11 Nov 2025 07:02:17 +0000
Manifest this update: Tue 11 Nov 2025 07:02:17 +0000
Manifest next update: Wed 12 Nov 2025 07:02:17 +0000
Files and hashes: 1: 2lTIIO5UFUMsaLATYZJ1_0xubqU.crl (hash: 6dVAlgbiREml2FHPDtuY9Cje1No6nlMsc5GOjI9lNW4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:f2:89:ae:36:95:0e:44:23:5b:5c:f4:c3:f0:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da54c820ee5415432c68b013619275ff4c6e6ea5
Validity
Not Before: Nov 11 07:02:17 2025 GMT
Not After : Nov 12 07:02:17 2025 GMT
Subject: CN=3269b411eb0c838a22a87477489750b8d331d25a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:7c:7e:f8:30:a8:7e:b7:8c:e6:07:c2:0c:c9:
2a:96:41:8e:c9:09:20:4d:d3:5c:8f:e2:10:85:29:
fd:42:de:1f:71:1e:81:bb:86:37:7b:29:3b:d4:63:
58:3b:ba:dd:be:26:f6:b1:a3:e1:67:07:fd:f7:66:
b2:06:86:5b:f7:cd:5a:fe:07:51:b7:6b:5f:13:4f:
a0:f5:f6:6a:2d:65:84:5c:a7:bd:b3:f6:5c:83:77:
1d:8f:5a:45:2f:d2:94:d8:b0:2d:44:c0:49:56:3d:
c2:2c:ad:41:42:92:56:27:a4:30:ab:8c:93:f7:e2:
ce:1a:6d:1a:ca:c1:7f:f9:c3:dc:be:1c:a4:67:8e:
19:98:b4:9e:0c:b6:da:25:c9:67:d2:3d:a3:f4:69:
b5:80:20:3d:ab:6c:5b:5d:6a:ed:7f:86:bf:5a:88:
4b:30:a9:03:6c:79:59:d2:53:04:ca:2a:f4:6f:de:
0d:d0:88:97:9d:69:8e:ca:88:49:5b:3c:d2:c6:69:
10:27:9c:4e:0b:8f:f6:c2:f6:05:b2:0d:6e:a2:b9:
09:e2:83:d9:2f:c1:50:04:c9:c6:df:f5:0b:0f:49:
d7:c5:23:19:e6:78:3f:41:9a:42:bb:c7:bc:e9:3c:
38:d7:8b:d9:64:e5:87:26:48:2e:c3:7c:dc:55:d6:
1e:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:69:B4:11:EB:0C:83:8A:22:A8:74:77:48:97:50:B8:D3:31:D2:5A
X509v3 Authority Key Identifier:
keyid:DA:54:C8:20:EE:54:15:43:2C:68:B0:13:61:92:75:FF:4C:6E:6E:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9e:16:78:1a:ea:68:52:e2:ea:77:12:80:ef:66:69:3c:ea:2e:
d8:b8:68:15:0e:56:90:8c:3a:4b:81:58:bb:f3:0a:f0:a4:f9:
c1:77:f9:78:39:81:48:d1:bb:a5:07:96:1a:63:3d:27:ab:55:
d6:4b:0b:f2:cf:50:7e:85:df:73:ab:36:0d:25:8e:75:7a:d1:
dd:84:ff:29:11:1d:d7:d3:05:3c:48:02:bd:3c:37:e6:c0:3f:
3d:7d:02:c6:6a:e9:3a:6f:17:c1:4b:88:6a:1b:e9:10:11:01:
bd:b5:d8:5b:0e:1d:9f:36:d3:11:4e:14:ac:50:51:22:12:4d:
37:23:0f:ed:fc:21:4d:74:25:5b:8c:c4:8e:56:0c:f3:f4:7f:
2f:89:45:b0:2c:18:21:68:d2:b6:50:6f:f9:45:7d:fc:cf:12:
75:4d:1e:4d:e9:df:bc:26:5d:ca:2a:cc:e9:b1:85:07:39:46:
39:79:55:32:15:29:7e:dc:35:57:6a:66:14:da:b6:66:22:3f:
a4:85:f2:3c:44:f7:e4:2b:38:ba:45:18:0c:41:cd:de:18:92:
d2:54:95:59:53:91:7f:5b:37:3b:56:d2:bc:64:19:45:ad:fb:
2b:da:ce:b1:dc:f3:d9:0d:74:c1:df:66:7e:b5:bd:12:ec:11:
2e:bf:4a:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuPKJrjaVDkQjW1z0w/C5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTRjODIwZWU1NDE1NDMyYzY4YjAxMzYxOTI3NWZmNGM2
ZTZlYTUwHhcNMjUxMTExMDcwMjE3WhcNMjUxMTEyMDcwMjE3WjAzMTEwLwYDVQQD
EygzMjY5YjQxMWViMGM4MzhhMjJhODc0Nzc0ODk3NTBiOGQzMzFkMjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Xx++DCofreM5gfCDMkqlkGOyQkg
TdNcj+IQhSn9Qt4fcR6Bu4Y3eyk71GNYO7rdvib2saPhZwf992ayBoZb981a/gdR
t2tfE0+g9fZqLWWEXKe9s/Zcg3cdj1pFL9KU2LAtRMBJVj3CLK1BQpJWJ6Qwq4yT
9+LOGm0aysF/+cPcvhykZ44ZmLSeDLbaJcln0j2j9Gm1gCA9q2xbXWrtf4a/WohL
MKkDbHlZ0lMEyir0b94N0IiXnWmOyohJWzzSxmkQJ5xOC4/2wvYFsg1uorkJ4oPZ
L8FQBMnG3/ULD0nXxSMZ5ng/QZpCu8e86Tw414vZZOWHJkguw3zcVdYe/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDJptBHrDIOKIqh0d0iXULjTMdJaMB8GA1UdIwQY
MBaAFNpUyCDuVBVDLGiwE2GSdf9Mbm6lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84N2E5ZDktNjY3Zi00MWYzLWFlYzkt
ODA5ODIwNWY4NzJlLzEvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84N2E5ZDktNjY3Zi00MWYzLWFlYzktODA5ODIwNWY4NzJl
LzEvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnhZ4Gupo
UuLqdxKA72ZpPOou2LhoFQ5WkIw6S4FYu/MK8KT5wXf5eDmBSNG7pQeWGmM9J6tV
1ksL8s9QfoXfc6s2DSWOdXrR3YT/KREd19MFPEgCvTw35sA/PX0CxmrpOm8XwUuI
ahvpEBEBvbXYWw4dnzbTEU4UrFBRIhJNNyMP7fwhTXQlW4zEjlYM8/R/L4lFsCwY
IWjStlBv+UV9/M8SdU0eTenfvCZdyirM6bGFBzlGOXlVMhUpftw1V2pmFNq2ZiI/
pIXyPET35Cs4ukUYDEHN3hiS0lSVWVORf1s3O1bSvGQZRa37K9rOsdzz2Q10wd9m
frW9EuwRLr9KVw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:17:17 2025 by rpki-client