Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/bbf773-67f9-4be5-95cb-70d7f8f4925a/1/stNBgAdlZtcr7mHzoybFbgq7gEo.mft
File: stNBgAdlZtcr7mHzoybFbgq7gEo.mft (raw, json)
Hash identifier: kotm3Oe0BokQkPRD3BnwdRe75rX4xul+R17g7oe5JJU=
Subject key identifier: 8C:A7:3F:A8:E8:AA:8D:4A:2C:91:AE:93:74:CB:CE:81:38:F9:35:04
Authority key identifier: B2:D3:41:80:07:65:66:D7:2B:EE:61:F3:A3:26:C5:6E:0A:BB:80:4A
Certificate issuer: /CN=b2d34180076566d72bee61f3a326c56e0abb804a
Certificate serial: 019A71B8123CA2E6E693354C20E6BCECEFFA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/stNBgAdlZtcr7mHzoybFbgq7gEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/bbf773-67f9-4be5-95cb-70d7f8f4925a/1/stNBgAdlZtcr7mHzoybFbgq7gEo.mft
Manifest number: 0FF8
Signing time: Tue 11 Nov 2025 07:01:19 +0000
Manifest this update: Tue 11 Nov 2025 07:01:19 +0000
Manifest next update: Wed 12 Nov 2025 07:01:19 +0000
Files and hashes: 1: stNBgAdlZtcr7mHzoybFbgq7gEo.crl (hash: Sqs4MnVExaqPiNEE2dfpXjHBxsZDkDRzBLQB/XR3r0M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/bbf773-67f9-4be5-95cb-70d7f8f4925a/1/stNBgAdlZtcr7mHzoybFbgq7gEo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/bbf773-67f9-4be5-95cb-70d7f8f4925a/1/stNBgAdlZtcr7mHzoybFbgq7gEo.mft
rsync://rpki.ripe.net/repository/DEFAULT/stNBgAdlZtcr7mHzoybFbgq7gEo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:12:3c:a2:e6:e6:93:35:4c:20:e6:bc:ec:ef:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2d34180076566d72bee61f3a326c56e0abb804a
Validity
Not Before: Nov 11 07:01:19 2025 GMT
Not After : Nov 12 07:01:19 2025 GMT
Subject: CN=8ca73fa8e8aa8d4a2c91ae9374cbce8138f93504
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e7:0f:37:84:ed:f5:50:f7:f2:9f:c2:7d:d1:
90:04:10:9f:a8:b4:03:bf:8b:9e:41:88:d3:a2:57:
dd:26:da:00:1b:bf:a9:a1:cf:2c:5d:f4:e2:5b:aa:
6a:0d:ba:67:83:7e:71:c2:f0:da:fd:04:6b:5e:bc:
cd:2b:93:8d:08:63:7f:ee:73:9b:61:6a:d8:d4:e7:
60:4c:c5:55:7f:2e:10:d1:72:b3:59:55:cd:88:8e:
f5:59:15:2b:b1:20:00:c8:99:69:90:95:9e:6a:c8:
ef:e8:f4:4c:35:46:20:8e:c0:32:80:ed:ec:fd:0a:
39:6a:a9:b3:dc:b3:af:da:92:b2:a8:f2:6a:3a:42:
ff:0c:09:6f:e6:51:b0:63:28:66:d9:46:18:64:0c:
2a:4b:68:63:40:20:a1:79:df:aa:21:d0:7c:bf:9b:
da:9c:1f:37:26:d6:f9:4a:79:43:05:ad:78:2a:db:
8d:8d:85:e3:3a:12:b6:f8:10:43:ce:53:fb:d2:b4:
4f:13:0a:19:41:94:2b:4c:84:6f:d7:82:e1:a5:79:
8a:fb:5c:27:72:3b:bd:84:04:ce:28:98:59:b0:50:
3f:3d:b3:4a:b4:8e:3c:f2:03:9e:1b:1d:13:7b:5e:
55:18:ab:4e:c6:15:c0:bf:ac:9c:0d:9a:08:5e:48:
bb:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:A7:3F:A8:E8:AA:8D:4A:2C:91:AE:93:74:CB:CE:81:38:F9:35:04
X509v3 Authority Key Identifier:
keyid:B2:D3:41:80:07:65:66:D7:2B:EE:61:F3:A3:26:C5:6E:0A:BB:80:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/stNBgAdlZtcr7mHzoybFbgq7gEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/bbf773-67f9-4be5-95cb-70d7f8f4925a/1/stNBgAdlZtcr7mHzoybFbgq7gEo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/bbf773-67f9-4be5-95cb-70d7f8f4925a/1/stNBgAdlZtcr7mHzoybFbgq7gEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7f:1a:ab:33:87:1e:65:c3:14:ef:c5:f3:b6:b9:da:34:10:74:
31:81:b5:ab:ae:d4:ad:38:cd:cc:7c:90:2f:f5:46:f5:ba:d0:
6a:43:ef:74:e5:49:ef:1b:69:87:fd:5c:5b:12:64:4c:7f:8d:
ab:0e:f8:3c:94:eb:d3:39:ec:fd:9f:90:b2:dd:fa:a6:5e:29:
54:99:30:3c:27:ea:8f:1f:49:3f:da:dc:e7:19:97:75:72:15:
e2:bd:79:a6:41:6f:2f:a5:ec:57:24:09:c6:94:c9:30:8d:95:
f7:d6:42:85:45:91:85:ce:cf:4f:78:55:5e:03:97:e7:de:78:
52:bf:69:bb:a3:a4:77:23:5e:b0:fe:63:ff:5d:59:fd:c7:aa:
97:31:42:eb:ff:12:dc:f6:89:12:51:73:df:a7:c8:d5:8f:26:
87:fd:a5:7a:f0:34:90:5a:59:8a:6e:1a:0f:29:b4:d8:a7:f3:
50:07:d1:dd:13:2c:9f:c5:3e:f5:7d:a9:45:61:3a:05:5d:4b:
42:48:10:b4:7d:c0:22:02:d2:f7:60:76:83:1b:cc:4f:63:2a:
c7:61:d1:8a:29:2f:34:05:16:3f:91:a8:c4:55:92:99:d6:a4:
ac:ba:e5:5b:06:ff:ae:8f:b3:b9:9a:18:d3:bb:b2:8a:2f:d1:
52:87:14:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuBI8oubmkzVMIOa87O/6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZDM0MTgwMDc2NTY2ZDcyYmVlNjFmM2EzMjZjNTZlMGFi
YjgwNGEwHhcNMjUxMTExMDcwMTE5WhcNMjUxMTEyMDcwMTE5WjAzMTEwLwYDVQQD
Eyg4Y2E3M2ZhOGU4YWE4ZDRhMmM5MWFlOTM3NGNiY2U4MTM4ZjkzNTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+cPN4Tt9VD38p/CfdGQBBCfqLQD
v4ueQYjTolfdJtoAG7+poc8sXfTiW6pqDbpng35xwvDa/QRrXrzNK5ONCGN/7nOb
YWrY1OdgTMVVfy4Q0XKzWVXNiI71WRUrsSAAyJlpkJWeasjv6PRMNUYgjsAygO3s
/Qo5aqmz3LOv2pKyqPJqOkL/DAlv5lGwYyhm2UYYZAwqS2hjQCChed+qIdB8v5va
nB83Jtb5SnlDBa14KtuNjYXjOhK2+BBDzlP70rRPEwoZQZQrTIRv14LhpXmK+1wn
cju9hATOKJhZsFA/PbNKtI488gOeGx0Te15VGKtOxhXAv6ycDZoIXki78QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIynP6joqo1KLJGuk3TLzoE4+TUEMB8GA1UdIwQY
MBaAFLLTQYAHZWbXK+5h86MmxW4Ku4BKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3ROQmdBZGxadGNyN21Iem95YkZiZ3E3Z0VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9iYmY3NzMtNjdmOS00YmU1LTk1Y2It
NzBkN2Y4ZjQ5MjVhLzEvc3ROQmdBZGxadGNyN21Iem95YkZiZ3E3Z0VvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9iYmY3NzMtNjdmOS00YmU1LTk1Y2ItNzBkN2Y4ZjQ5MjVh
LzEvc3ROQmdBZGxadGNyN21Iem95YkZiZ3E3Z0VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfxqrM4ce
ZcMU78XztrnaNBB0MYG1q67UrTjNzHyQL/VG9brQakPvdOVJ7xtph/1cWxJkTH+N
qw74PJTr0zns/Z+Qst36pl4pVJkwPCfqjx9JP9rc5xmXdXIV4r15pkFvL6XsVyQJ
xpTJMI2V99ZChUWRhc7PT3hVXgOX5954Ur9pu6OkdyNesP5j/11Z/ceqlzFC6/8S
3PaJElFz36fI1Y8mh/2levA0kFpZim4aDym02KfzUAfR3RMsn8U+9X2pRWE6BV1L
QkgQtH3AIgLS92B2gxvMT2Mqx2HRiikvNAUWP5GoxFWSmdakrLrlWwb/ro+zuZoY
07uyii/RUocUcA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:47:04 2025 by rpki-client