Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/4e5c10-71ed-4deb-b4e0-19d57ff1fbd9/1/20iBY9r1DbZG3k3yTTTLrJk_RX8.mft
File: 20iBY9r1DbZG3k3yTTTLrJk_RX8.mft (raw, json)
Hash identifier: TmvFf1uXGx127XxCr8g1zR5In64siEMS6IcLcnkhVvU=
Subject key identifier: 66:BF:57:E1:E1:C8:0B:7F:CF:08:8D:05:3E:56:A8:45:40:EB:84:C3
Authority key identifier: DB:48:81:63:DA:F5:0D:B6:46:DE:4D:F2:4D:34:CB:AC:99:3F:45:7F
Certificate issuer: /CN=db488163daf50db646de4df24d34cbac993f457f
Certificate serial: 019A711378EBFD8CB1BD9E579EC7DC3D0BB2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/20iBY9r1DbZG3k3yTTTLrJk_RX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/4e5c10-71ed-4deb-b4e0-19d57ff1fbd9/1/20iBY9r1DbZG3k3yTTTLrJk_RX8.mft
Manifest number: 171D
Signing time: Tue 11 Nov 2025 04:01:32 +0000
Manifest this update: Tue 11 Nov 2025 04:01:32 +0000
Manifest next update: Wed 12 Nov 2025 04:01:32 +0000
Files and hashes: 1: 20iBY9r1DbZG3k3yTTTLrJk_RX8.crl (hash: P7iXqAZOVnmQpahwOdY9tcg1I1g7I8t6Va5J2zW8vrg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/4e5c10-71ed-4deb-b4e0-19d57ff1fbd9/1/20iBY9r1DbZG3k3yTTTLrJk_RX8.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/4e5c10-71ed-4deb-b4e0-19d57ff1fbd9/1/20iBY9r1DbZG3k3yTTTLrJk_RX8.mft
rsync://rpki.ripe.net/repository/DEFAULT/20iBY9r1DbZG3k3yTTTLrJk_RX8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:13:78:eb:fd:8c:b1:bd:9e:57:9e:c7:dc:3d:0b:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db488163daf50db646de4df24d34cbac993f457f
Validity
Not Before: Nov 11 04:01:32 2025 GMT
Not After : Nov 12 04:01:32 2025 GMT
Subject: CN=66bf57e1e1c80b7fcf088d053e56a84540eb84c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:01:b4:8c:ce:4b:0f:40:15:9d:11:9d:66:d3:
65:3c:9c:58:d5:30:5b:be:2c:1c:e8:03:da:72:1d:
54:ed:f2:5e:72:53:07:0b:f9:d7:2a:15:ce:a4:7d:
dc:db:b1:b5:ff:c1:2e:aa:2d:a8:77:2f:0f:c2:bd:
9b:5f:c4:98:e1:5d:fa:61:25:83:fb:18:0b:fc:b7:
78:85:b3:44:b3:fc:41:80:01:5c:ec:f8:0a:22:ad:
84:36:45:3b:8c:28:60:ed:31:0e:09:2c:9b:49:2d:
97:a9:48:96:36:16:23:02:30:13:3d:2f:b5:3d:58:
1a:0a:50:d7:5e:a9:03:fa:9e:d2:e9:c4:8c:62:d6:
e8:a2:15:94:04:cc:c1:f0:64:b6:61:47:6a:15:f6:
83:e3:82:31:7a:03:31:68:9e:34:8f:36:c9:ec:23:
b4:2f:e6:66:78:bc:03:bd:fc:c1:1c:54:f6:41:ef:
0f:68:37:67:71:22:d1:b6:0e:b8:0d:ae:6b:89:c0:
c8:4d:b3:b1:74:6d:63:a7:0a:77:e6:e0:c5:bd:00:
4a:94:e4:ba:1d:f3:68:e8:ef:0e:11:e1:ff:52:93:
bf:f9:c9:3f:65:03:4b:92:df:5d:b7:fb:29:cc:1d:
6e:26:b3:27:9f:bd:a5:75:e1:55:75:79:43:c7:04:
c3:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:BF:57:E1:E1:C8:0B:7F:CF:08:8D:05:3E:56:A8:45:40:EB:84:C3
X509v3 Authority Key Identifier:
keyid:DB:48:81:63:DA:F5:0D:B6:46:DE:4D:F2:4D:34:CB:AC:99:3F:45:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20iBY9r1DbZG3k3yTTTLrJk_RX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/4e5c10-71ed-4deb-b4e0-19d57ff1fbd9/1/20iBY9r1DbZG3k3yTTTLrJk_RX8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/4e5c10-71ed-4deb-b4e0-19d57ff1fbd9/1/20iBY9r1DbZG3k3yTTTLrJk_RX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1f:6b:7f:23:50:4b:4c:87:f8:f4:66:01:c0:b4:0d:42:f2:f7:
57:fe:6a:b9:55:c7:48:88:41:5d:38:70:f4:96:7f:64:b4:26:
bd:b0:56:a7:10:d4:e7:14:b6:81:27:a9:c4:30:ae:7c:eb:c7:
cd:0c:6f:1c:b8:6a:98:a4:1d:7f:75:6d:11:d8:bd:ab:45:f5:
ed:c5:e2:2e:f7:f6:f4:9c:f8:1e:0e:b0:1d:83:41:bd:96:ff:
0d:9f:46:06:a0:8a:ae:b3:47:a0:64:09:ec:a8:f0:a0:8f:0b:
d3:70:de:c4:e6:53:6b:ce:d9:03:0e:d0:91:71:d1:34:d7:1e:
91:f9:40:00:2d:1e:e7:59:10:56:77:03:62:e5:ec:32:b7:f9:
94:41:13:60:d6:39:fa:bf:86:37:37:d4:80:07:61:f5:45:63:
65:a1:95:a5:39:da:1c:1c:2f:bc:94:db:b0:0a:a6:b7:9a:53:
6d:fe:ac:bd:af:ba:2a:01:cd:ca:6f:bd:a1:12:ba:04:0b:0e:
a1:0f:6f:40:8d:78:0c:c9:9d:29:20:95:2c:d5:d2:04:72:9b:
16:62:30:39:8b:a1:14:cf:b7:9d:1c:af:b5:01:f0:ad:35:75:
03:7f:24:f6:2f:6c:83:18:a7:8d:1a:01:e5:d3:fd:c6:51:f5:
78:3b:5d:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxE3jr/YyxvZ5XnsfcPQuyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNDg4MTYzZGFmNTBkYjY0NmRlNGRmMjRkMzRjYmFjOTkz
ZjQ1N2YwHhcNMjUxMTExMDQwMTMyWhcNMjUxMTEyMDQwMTMyWjAzMTEwLwYDVQQD
Eyg2NmJmNTdlMWUxYzgwYjdmY2YwODhkMDUzZTU2YTg0NTQwZWI4NGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwG0jM5LD0AVnRGdZtNlPJxY1TBb
viwc6APach1U7fJeclMHC/nXKhXOpH3c27G1/8Euqi2ody8Pwr2bX8SY4V36YSWD
+xgL/Ld4hbNEs/xBgAFc7PgKIq2ENkU7jChg7TEOCSybSS2XqUiWNhYjAjATPS+1
PVgaClDXXqkD+p7S6cSMYtboohWUBMzB8GS2YUdqFfaD44IxegMxaJ40jzbJ7CO0
L+ZmeLwDvfzBHFT2Qe8PaDdncSLRtg64Da5ricDITbOxdG1jpwp35uDFvQBKlOS6
HfNo6O8OEeH/UpO/+ck/ZQNLkt9dt/spzB1uJrMnn72ldeFVdXlDxwTDOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGa/V+HhyAt/zwiNBT5WqEVA64TDMB8GA1UdIwQY
MBaAFNtIgWPa9Q22Rt5N8k00y6yZP0V/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjBpQlk5cjFEYlpHM2szeVRUVExySmtfUlg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy80ZTVjMTAtNzFlZC00ZGViLWI0ZTAt
MTlkNTdmZjFmYmQ5LzEvMjBpQlk5cjFEYlpHM2szeVRUVExySmtfUlg4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy80ZTVjMTAtNzFlZC00ZGViLWI0ZTAtMTlkNTdmZjFmYmQ5
LzEvMjBpQlk5cjFEYlpHM2szeVRUVExySmtfUlg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH2t/I1BL
TIf49GYBwLQNQvL3V/5quVXHSIhBXThw9JZ/ZLQmvbBWpxDU5xS2gSepxDCufOvH
zQxvHLhqmKQdf3VtEdi9q0X17cXiLvf29Jz4Hg6wHYNBvZb/DZ9GBqCKrrNHoGQJ
7KjwoI8L03DexOZTa87ZAw7QkXHRNNcekflAAC0e51kQVncDYuXsMrf5lEETYNY5
+r+GNzfUgAdh9UVjZaGVpTnaHBwvvJTbsAqmt5pTbf6sva+6KgHNym+9oRK6BAsO
oQ9vQI14DMmdKSCVLNXSBHKbFmIwOYuhFM+3nRyvtQHwrTV1A38k9i9sgxinjRoB
5dP9xlH1eDtdlA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:41:44 2025 by rpki-client