Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/0de238-8d0b-40ff-b569-b2ff681da6bb/1/X3oSNUb-Uankvt-D7uA3Ur2WOdY.mft
File: X3oSNUb-Uankvt-D7uA3Ur2WOdY.mft (raw, json)
Hash identifier: kIvCtJFL6nwrxwTJlpwKCPkcJe/t6C2J7VU3wRJ9A0g=
Subject key identifier: 79:2C:25:A7:9C:7E:96:27:3E:36:2B:79:17:68:5C:46:23:07:A0:84
Authority key identifier: 5F:7A:12:35:46:FE:51:A9:E4:BE:DF:83:EE:E0:37:52:BD:96:39:D6
Certificate issuer: /CN=5f7a123546fe51a9e4bedf83eee03752bd9639d6
Certificate serial: 019A71EEEE3E4837E05F8BCB5862026FDC59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X3oSNUb-Uankvt-D7uA3Ur2WOdY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/0de238-8d0b-40ff-b569-b2ff681da6bb/1/X3oSNUb-Uankvt-D7uA3Ur2WOdY.mft
Manifest number: 04F6
Signing time: Tue 11 Nov 2025 08:01:15 +0000
Manifest this update: Tue 11 Nov 2025 08:01:15 +0000
Manifest next update: Wed 12 Nov 2025 08:01:15 +0000
Files and hashes: 1: X3oSNUb-Uankvt-D7uA3Ur2WOdY.crl (hash: qnC6fK40UsnbLBryT2o4j83B+9/BGuJCW1o68ANSwDA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/0de238-8d0b-40ff-b569-b2ff681da6bb/1/X3oSNUb-Uankvt-D7uA3Ur2WOdY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/0de238-8d0b-40ff-b569-b2ff681da6bb/1/X3oSNUb-Uankvt-D7uA3Ur2WOdY.mft
rsync://rpki.ripe.net/repository/DEFAULT/X3oSNUb-Uankvt-D7uA3Ur2WOdY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:ee:3e:48:37:e0:5f:8b:cb:58:62:02:6f:dc:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f7a123546fe51a9e4bedf83eee03752bd9639d6
Validity
Not Before: Nov 11 08:01:15 2025 GMT
Not After : Nov 12 08:01:15 2025 GMT
Subject: CN=792c25a79c7e96273e362b7917685c462307a084
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:0d:56:70:59:9f:c9:cf:6c:3e:5a:01:e8:3b:
f8:ea:71:8a:e6:a6:76:47:80:d8:d3:f9:3d:e1:f6:
74:64:7f:c1:65:96:b7:d1:8e:fb:ca:3e:56:b8:41:
58:67:27:42:44:87:f0:7e:3e:3d:31:16:c9:37:70:
38:08:f4:95:5c:24:97:ea:00:68:36:2f:e5:9e:c7:
8c:2d:7e:e9:db:4e:db:0b:96:3a:5d:86:da:7e:33:
a0:bc:8f:c9:d0:81:98:84:45:04:a2:1d:be:26:16:
8c:ef:df:62:f0:90:b3:68:23:7f:d0:2a:cd:91:14:
41:03:06:0a:b8:4c:a0:f4:36:48:b4:04:1b:48:94:
0a:b3:4c:b0:a5:61:0b:58:a2:df:01:06:fb:b9:a5:
fe:0b:c7:12:1e:85:94:6d:92:c0:f5:a3:25:3b:f2:
dd:58:89:18:b1:0c:31:04:a2:4f:ed:c8:18:76:07:
f7:77:d2:1b:9a:a7:c1:eb:dc:13:34:86:64:65:96:
a0:4c:bd:3e:4a:d7:c6:3b:b3:69:47:bd:29:4e:28:
cf:2e:33:47:95:82:8d:32:2b:ae:f8:e7:f2:95:88:
e0:de:a3:fb:fd:41:91:67:8b:ee:2d:99:aa:58:1d:
67:aa:f8:e8:d8:01:ed:dc:b7:08:aa:bd:7d:d9:09:
2a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:2C:25:A7:9C:7E:96:27:3E:36:2B:79:17:68:5C:46:23:07:A0:84
X509v3 Authority Key Identifier:
keyid:5F:7A:12:35:46:FE:51:A9:E4:BE:DF:83:EE:E0:37:52:BD:96:39:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X3oSNUb-Uankvt-D7uA3Ur2WOdY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/0de238-8d0b-40ff-b569-b2ff681da6bb/1/X3oSNUb-Uankvt-D7uA3Ur2WOdY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/0de238-8d0b-40ff-b569-b2ff681da6bb/1/X3oSNUb-Uankvt-D7uA3Ur2WOdY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
70:9c:97:ba:71:65:35:ff:e5:df:ed:cd:d2:7f:1c:2f:1c:6f:
fc:df:a5:80:ad:1e:0f:5d:28:76:1e:19:d3:68:94:64:b1:2d:
bc:b6:82:6e:95:37:06:1c:05:b5:b6:bc:70:55:c3:1c:27:c4:
9a:53:fd:50:35:89:8f:e3:41:d7:74:39:a1:c6:ba:17:c5:20:
30:38:a5:9d:5e:24:d2:61:b6:25:46:28:a8:8b:f5:0c:77:b1:
2c:2e:8a:2d:50:b3:79:0d:46:11:b0:04:b9:0f:ed:69:df:62:
b7:2a:88:f4:c3:22:21:9d:07:f1:d4:da:cc:58:70:60:24:32:
f9:92:b6:78:3d:16:6d:86:67:c8:cc:b3:eb:cb:c7:ed:da:47:
cb:b2:84:2a:33:68:2b:6b:7c:de:94:51:27:43:95:ca:85:e0:
5a:de:ac:00:a6:22:39:01:44:20:14:49:fb:76:e4:52:eb:99:
bc:1d:a8:f3:27:bd:14:2c:63:37:20:95:1f:f6:47:0d:a2:42:
e8:ee:85:39:e3:43:f6:d2:df:16:1f:b3:ed:67:2e:15:5d:80:
3d:d2:53:fd:03:0e:8d:f6:a1:f7:1f:51:77:c7:00:2e:3c:da:
33:49:4b:8a:9c:b6:26:da:7e:15:e4:7e:40:e4:2d:b6:d5:83:
51:5d:e1:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7u4+SDfgX4vLWGICb9xZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmN2ExMjM1NDZmZTUxYTllNGJlZGY4M2VlZTAzNzUyYmQ5
NjM5ZDYwHhcNMjUxMTExMDgwMTE1WhcNMjUxMTEyMDgwMTE1WjAzMTEwLwYDVQQD
Eyg3OTJjMjVhNzljN2U5NjI3M2UzNjJiNzkxNzY4NWM0NjIzMDdhMDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwg1WcFmfyc9sPloB6Dv46nGK5qZ2
R4DY0/k94fZ0ZH/BZZa30Y77yj5WuEFYZydCRIfwfj49MRbJN3A4CPSVXCSX6gBo
Ni/lnseMLX7p207bC5Y6XYbafjOgvI/J0IGYhEUEoh2+JhaM799i8JCzaCN/0CrN
kRRBAwYKuEyg9DZItAQbSJQKs0ywpWELWKLfAQb7uaX+C8cSHoWUbZLA9aMlO/Ld
WIkYsQwxBKJP7cgYdgf3d9IbmqfB69wTNIZkZZagTL0+StfGO7NpR70pTijPLjNH
lYKNMiuu+OfylYjg3qP7/UGRZ4vuLZmqWB1nqvjo2AHt3LcIqr192QkqvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHksJaecfpYnPjYreRdoXEYjB6CEMB8GA1UdIwQY
MBaAFF96EjVG/lGp5L7fg+7gN1K9ljnWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDNvU05VYi1VYW5rdnQtRDd1QTNVcjJXT2RZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8wZGUyMzgtOGQwYi00MGZmLWI1Njkt
YjJmZjY4MWRhNmJiLzEvWDNvU05VYi1VYW5rdnQtRDd1QTNVcjJXT2RZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8wZGUyMzgtOGQwYi00MGZmLWI1NjktYjJmZjY4MWRhNmJi
LzEvWDNvU05VYi1VYW5rdnQtRDd1QTNVcjJXT2RZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcJyXunFl
Nf/l3+3N0n8cLxxv/N+lgK0eD10odh4Z02iUZLEtvLaCbpU3BhwFtba8cFXDHCfE
mlP9UDWJj+NB13Q5oca6F8UgMDilnV4k0mG2JUYoqIv1DHexLC6KLVCzeQ1GEbAE
uQ/tad9ityqI9MMiIZ0H8dTazFhwYCQy+ZK2eD0WbYZnyMyz68vH7dpHy7KEKjNo
K2t83pRRJ0OVyoXgWt6sAKYiOQFEIBRJ+3bkUuuZvB2o8ye9FCxjNyCVH/ZHDaJC
6O6FOeND9tLfFh+z7WcuFV2APdJT/QMOjfah9x9Rd8cALjzaM0lLipy2Jtp+FeR+
QOQtttWDUV3hfw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:20:13 2025 by rpki-client