Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.mft
File: ghTcSLPpGeVc6BhNOpaQ0UklvL0.mft (raw, json)
Hash identifier: 0H3z+2jodqeeZ15UqQqzTYy5o5BxEcOCmH+gAlbP+z8=
Subject key identifier: 07:F2:7E:D8:18:61:32:4A:0C:4B:4F:AA:CD:49:87:1F:DB:07:67:D9
Authority key identifier: 82:14:DC:48:B3:E9:19:E5:5C:E8:18:4D:3A:96:90:D1:49:25:BC:BD
Certificate issuer: /CN=8214dc48b3e919e55ce8184d3a9690d14925bcbd
Certificate serial: 019A71B8FAFA5FB8155F3D543ADED0DC2D61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ghTcSLPpGeVc6BhNOpaQ0UklvL0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.mft
Manifest number: 0905
Signing time: Tue 11 Nov 2025 07:02:19 +0000
Manifest this update: Tue 11 Nov 2025 07:02:19 +0000
Manifest next update: Wed 12 Nov 2025 07:02:19 +0000
Files and hashes: 1: ghTcSLPpGeVc6BhNOpaQ0UklvL0.crl (hash: FIN46p3GUEA2c4LOzkH5vZDfKhWd+XIQCrcJqPoe3Xs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.mft
rsync://rpki.ripe.net/repository/DEFAULT/ghTcSLPpGeVc6BhNOpaQ0UklvL0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:fa:fa:5f:b8:15:5f:3d:54:3a:de:d0:dc:2d:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8214dc48b3e919e55ce8184d3a9690d14925bcbd
Validity
Not Before: Nov 11 07:02:19 2025 GMT
Not After : Nov 12 07:02:19 2025 GMT
Subject: CN=07f27ed81861324a0c4b4faacd49871fdb0767d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:6a:a5:9d:a7:eb:ab:cd:65:55:b4:80:35:dc:
47:70:26:28:fc:f0:49:42:3d:cf:49:d6:4e:d4:f2:
42:23:9d:da:11:ee:e5:d7:97:86:e1:ab:df:30:82:
a8:c1:3a:84:07:a7:93:ef:1c:83:94:94:43:0e:49:
a6:0a:8d:b7:d0:0b:d3:02:d6:23:68:fe:e9:85:e2:
c8:05:75:fb:e7:d3:35:d1:66:81:bd:21:94:38:f2:
2f:a4:b8:a0:c2:b5:4f:a7:dc:d2:21:c3:19:48:ea:
07:c4:41:40:e7:f4:57:3e:0b:f5:6f:f4:cd:e5:d0:
00:12:16:c5:38:74:10:93:2b:11:25:03:3f:d0:87:
c0:65:18:38:9a:7a:e2:51:65:c1:9f:77:a7:07:23:
00:10:ab:de:7d:be:7f:6a:7f:4d:71:a7:89:74:b9:
f2:11:86:42:cb:e5:2c:6d:c7:e6:e7:09:eb:c9:f3:
90:92:e5:65:ba:65:8e:73:23:e3:fb:c5:ac:f1:8a:
3d:51:c7:ac:89:e9:45:c1:ad:38:35:15:56:e4:0f:
92:3c:7f:85:4d:4f:0e:d1:70:aa:6e:09:13:cc:fd:
79:d6:68:bb:96:19:18:d2:ef:fc:31:76:9c:17:48:
b6:97:c4:13:8e:12:a9:d4:56:c1:23:14:25:c0:58:
35:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:F2:7E:D8:18:61:32:4A:0C:4B:4F:AA:CD:49:87:1F:DB:07:67:D9
X509v3 Authority Key Identifier:
keyid:82:14:DC:48:B3:E9:19:E5:5C:E8:18:4D:3A:96:90:D1:49:25:BC:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ghTcSLPpGeVc6BhNOpaQ0UklvL0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ae:3c:49:7a:62:6c:bb:73:f2:f1:39:bd:e1:1f:e8:17:06:61:
bd:80:c0:1f:e2:6f:6a:b5:22:7e:7a:c0:28:06:7c:42:00:80:
97:7c:07:26:c2:63:d0:26:6f:63:93:f8:67:d5:25:59:3b:c3:
f3:00:d7:47:64:89:90:24:83:c8:60:49:38:05:55:b3:48:c4:
cf:a0:b6:1d:81:b8:b7:2c:e6:20:64:b9:a7:fd:fa:28:4c:44:
e9:95:7b:2f:bd:34:af:6e:0d:25:ca:f3:34:c4:da:e8:48:19:
44:dc:7f:4f:36:41:04:02:0b:7b:3d:96:18:27:b0:53:69:58:
d8:0a:ea:7e:ed:47:b8:7d:60:9a:84:cd:93:db:6a:ca:cb:b9:
54:6d:20:db:bf:4a:76:ab:37:56:eb:ae:15:be:77:ad:ec:ee:
6c:13:10:26:3e:62:6b:04:e8:27:78:b0:0f:d5:0b:42:78:1f:
1e:fe:3c:b4:6b:c7:4d:fd:4b:b3:89:0c:3b:06:6b:a4:e2:9a:
a6:e9:16:a3:4d:bf:05:2c:9a:b4:23:4a:f0:18:ff:3e:0a:fc:
37:1a:5c:9e:af:a4:69:c5:c4:c1:d2:93:c7:f6:15:04:ec:56:
5f:47:22:4c:9b:93:8e:c4:4b:5b:b6:c3:a0:3d:33:67:fe:a7:
f5:ba:3c:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuPr6X7gVXz1UOt7Q3C1hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMTRkYzQ4YjNlOTE5ZTU1Y2U4MTg0ZDNhOTY5MGQxNDky
NWJjYmQwHhcNMjUxMTExMDcwMjE5WhcNMjUxMTEyMDcwMjE5WjAzMTEwLwYDVQQD
EygwN2YyN2VkODE4NjEzMjRhMGM0YjRmYWFjZDQ5ODcxZmRiMDc2N2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWqlnafrq81lVbSANdxHcCYo/PBJ
Qj3PSdZO1PJCI53aEe7l15eG4avfMIKowTqEB6eT7xyDlJRDDkmmCo230AvTAtYj
aP7pheLIBXX759M10WaBvSGUOPIvpLigwrVPp9zSIcMZSOoHxEFA5/RXPgv1b/TN
5dAAEhbFOHQQkysRJQM/0IfAZRg4mnriUWXBn3enByMAEKvefb5/an9NcaeJdLny
EYZCy+Usbcfm5wnryfOQkuVlumWOcyPj+8Ws8Yo9UcesielFwa04NRVW5A+SPH+F
TU8O0XCqbgkTzP151mi7lhkY0u/8MXacF0i2l8QTjhKp1FbBIxQlwFg1OQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAfyftgYYTJKDEtPqs1Jhx/bB2fZMB8GA1UdIwQY
MBaAFIIU3Eiz6RnlXOgYTTqWkNFJJby9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hUY1NMUHBHZVZjNkJoTk9wYVEwVWtsdkwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8yYTdhMTgtOGQ0YS00ZTgxLTkwYTAt
ZmJjMDI2OTE3ZjYyLzEvZ2hUY1NMUHBHZVZjNkJoTk9wYVEwVWtsdkwwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8yYTdhMTgtOGQ0YS00ZTgxLTkwYTAtZmJjMDI2OTE3ZjYy
LzEvZ2hUY1NMUHBHZVZjNkJoTk9wYVEwVWtsdkwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArjxJemJs
u3Py8Tm94R/oFwZhvYDAH+JvarUifnrAKAZ8QgCAl3wHJsJj0CZvY5P4Z9UlWTvD
8wDXR2SJkCSDyGBJOAVVs0jEz6C2HYG4tyzmIGS5p/36KExE6ZV7L700r24NJcrz
NMTa6EgZRNx/TzZBBAILez2WGCewU2lY2Arqfu1HuH1gmoTNk9tqysu5VG0g279K
dqs3VuuuFb53rezubBMQJj5iawToJ3iwD9ULQngfHv48tGvHTf1Ls4kMOwZrpOKa
pukWo02/BSyatCNK8Bj/Pgr8Nxpcnq+kacXEwdKTx/YVBOxWX0ciTJuTjsRLW7bD
oD0zZ/6n9bo8dQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:20:05 2025 by rpki-client