Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/9a4238-7d74-4edf-a4b1-25ed75046b01/1/POsgUJhzLLkIgjBF79XXQCUMayc.mft
File: POsgUJhzLLkIgjBF79XXQCUMayc.mft (raw, json)
Hash identifier: q4dI2VI+n9q0yrcIhvA/+fQHwpROhWR0n36UB4WIjFs=
Subject key identifier: 02:21:C8:33:6E:4B:D3:F9:67:BC:7E:1F:83:3A:C0:61:63:98:58:F7
Authority key identifier: 3C:EB:20:50:98:73:2C:B9:08:82:30:45:EF:D5:D7:40:25:0C:6B:27
Certificate issuer: /CN=3ceb205098732cb908823045efd5d740250c6b27
Certificate serial: 019A7225CEADA5AF98006B1B46EAB5A5EF06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/POsgUJhzLLkIgjBF79XXQCUMayc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/9a4238-7d74-4edf-a4b1-25ed75046b01/1/POsgUJhzLLkIgjBF79XXQCUMayc.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 09:01:11 +0000
Manifest this update: Tue 11 Nov 2025 09:01:11 +0000
Manifest next update: Wed 12 Nov 2025 09:01:11 +0000
Files and hashes: 1: POsgUJhzLLkIgjBF79XXQCUMayc.crl (hash: JUjFhzJq08fCfxrZzSuNF5sJT1q1Z06b9gSGgtg2Ar8=)
2: glhaGjYvz9mGirczYGxMS81rRfI.roa (hash: cPBvD492Ea2g7PNrZgsOnSXH4CPshMieJYjaq9P+dD8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/9a4238-7d74-4edf-a4b1-25ed75046b01/1/POsgUJhzLLkIgjBF79XXQCUMayc.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/9a4238-7d74-4edf-a4b1-25ed75046b01/1/POsgUJhzLLkIgjBF79XXQCUMayc.mft
rsync://rpki.ripe.net/repository/DEFAULT/POsgUJhzLLkIgjBF79XXQCUMayc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:ce:ad:a5:af:98:00:6b:1b:46:ea:b5:a5:ef:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ceb205098732cb908823045efd5d740250c6b27
Validity
Not Before: Nov 11 09:01:11 2025 GMT
Not After : Nov 12 09:01:11 2025 GMT
Subject: CN=0221c8336e4bd3f967bc7e1f833ac061639858f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:a1:7c:28:89:56:93:40:2c:5f:b3:64:b3:da:
d1:b4:88:17:c4:8e:a2:e9:b5:5f:90:b1:eb:5e:ea:
ae:88:d5:2e:cb:11:1f:b1:22:5e:a2:84:cb:ea:5f:
b2:c3:fd:d2:f3:ab:d0:29:03:9b:26:4f:82:58:50:
6b:20:0e:da:23:0f:3c:dc:8e:42:a0:5e:e7:c0:3e:
e4:16:83:ed:46:44:05:a0:7e:3b:94:97:e1:29:a7:
f6:6a:81:0f:b5:17:dc:ac:18:39:78:fc:b5:79:54:
84:e3:98:b8:5c:19:4d:a2:06:1c:fb:ea:24:07:98:
e1:85:9b:d4:37:ac:83:f0:7d:e8:a9:df:01:20:c7:
da:56:15:bb:19:66:6d:f3:f5:fc:40:db:cc:bc:1a:
24:83:8d:51:42:db:4a:57:14:af:41:ff:5b:1e:2f:
dc:8c:a9:ad:9d:73:04:44:e2:c5:54:c9:de:c9:e6:
a8:db:1b:6a:1b:56:26:8f:68:ff:d4:c1:7a:fa:51:
28:e0:3a:d5:37:99:3b:07:5e:88:77:03:6c:f9:f8:
3a:74:87:c1:52:a5:e3:f0:9d:f6:f9:f0:c7:a8:25:
f8:ca:c2:f1:51:29:24:90:73:c3:1d:0e:ee:49:9e:
09:fe:e9:6b:e7:2c:c0:5e:dd:f7:35:c5:c0:f6:68:
18:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:21:C8:33:6E:4B:D3:F9:67:BC:7E:1F:83:3A:C0:61:63:98:58:F7
X509v3 Authority Key Identifier:
keyid:3C:EB:20:50:98:73:2C:B9:08:82:30:45:EF:D5:D7:40:25:0C:6B:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/POsgUJhzLLkIgjBF79XXQCUMayc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/9a4238-7d74-4edf-a4b1-25ed75046b01/1/POsgUJhzLLkIgjBF79XXQCUMayc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/9a4238-7d74-4edf-a4b1-25ed75046b01/1/POsgUJhzLLkIgjBF79XXQCUMayc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1d:0f:53:37:38:9b:a2:c7:2e:1b:0f:d5:23:b2:d8:5f:2a:f1:
41:78:f7:01:d0:cb:b1:83:c7:bc:25:d8:19:93:60:e8:a7:25:
61:d6:39:86:76:d6:5b:8c:f6:62:94:85:38:c9:e9:13:20:41:
fa:08:aa:58:54:66:07:9c:c6:75:83:75:58:80:07:e9:75:e4:
ba:c1:ca:20:23:d0:46:49:1d:7d:7c:10:f8:bb:bb:02:53:ea:
e2:02:20:31:d0:bc:14:da:71:17:a7:70:0e:14:dd:c8:83:72:
9d:cf:93:f6:5f:88:cf:8c:df:88:34:60:62:64:e0:e9:95:3d:
01:32:ae:2b:19:d4:81:9b:54:e4:f4:c2:72:aa:4c:bd:a4:78:
08:6f:6c:83:f3:c1:16:e7:a0:68:49:81:fb:4c:7f:29:a1:80:
e2:44:2d:24:8f:b9:30:1a:e2:b4:61:c6:f0:bb:a4:e9:36:6c:
6c:29:a7:46:7f:7a:1c:df:f3:c7:3f:e0:ea:03:7d:8a:61:b1:
bf:89:11:7e:bd:63:26:61:ba:95:e8:c4:b3:b3:8c:46:0b:22:
ad:ff:2a:b3:10:31:dd:4f:68:28:f4:51:d9:70:a5:61:65:ad:
5c:5e:09:7d:19:d6:62:41:fd:9b:4b:a6:d1:8d:eb:62:81:bb:
3d:ad:2b:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJc6tpa+YAGsbRuq1pe8GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZWIyMDUwOTg3MzJjYjkwODgyMzA0NWVmZDVkNzQwMjUw
YzZiMjcwHhcNMjUxMTExMDkwMTExWhcNMjUxMTEyMDkwMTExWjAzMTEwLwYDVQQD
EygwMjIxYzgzMzZlNGJkM2Y5NjdiYzdlMWY4MzNhYzA2MTYzOTg1OGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5KF8KIlWk0AsX7Nks9rRtIgXxI6i
6bVfkLHrXuquiNUuyxEfsSJeooTL6l+yw/3S86vQKQObJk+CWFBrIA7aIw883I5C
oF7nwD7kFoPtRkQFoH47lJfhKaf2aoEPtRfcrBg5ePy1eVSE45i4XBlNogYc++ok
B5jhhZvUN6yD8H3oqd8BIMfaVhW7GWZt8/X8QNvMvBokg41RQttKVxSvQf9bHi/c
jKmtnXMEROLFVMneyeao2xtqG1Ymj2j/1MF6+lEo4DrVN5k7B16IdwNs+fg6dIfB
UqXj8J32+fDHqCX4ysLxUSkkkHPDHQ7uSZ4J/ulr5yzAXt33NcXA9mgYlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAIhyDNuS9P5Z7x+H4M6wGFjmFj3MB8GA1UdIwQY
MBaAFDzrIFCYcyy5CIIwRe/V10AlDGsnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE9zZ1VKaHpMTGtJZ2pCRjc5WFhRQ1VNYXljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC85YTQyMzgtN2Q3NC00ZWRmLWE0YjEt
MjVlZDc1MDQ2YjAxLzEvUE9zZ1VKaHpMTGtJZ2pCRjc5WFhRQ1VNYXljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC85YTQyMzgtN2Q3NC00ZWRmLWE0YjEtMjVlZDc1MDQ2YjAx
LzEvUE9zZ1VKaHpMTGtJZ2pCRjc5WFhRQ1VNYXljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHQ9TNzib
oscuGw/VI7LYXyrxQXj3AdDLsYPHvCXYGZNg6KclYdY5hnbWW4z2YpSFOMnpEyBB
+giqWFRmB5zGdYN1WIAH6XXkusHKICPQRkkdfXwQ+Lu7AlPq4gIgMdC8FNpxF6dw
DhTdyINync+T9l+Iz4zfiDRgYmTg6ZU9ATKuKxnUgZtU5PTCcqpMvaR4CG9sg/PB
FuegaEmB+0x/KaGA4kQtJI+5MBritGHG8Luk6TZsbCmnRn96HN/zxz/g6gN9imGx
v4kRfr1jJmG6lejEs7OMRgsirf8qsxAx3U9oKPRR2XClYWWtXF4JfRnWYkH9m0um
0Y3rYoG7Pa0rPw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 16:54:09 2025 by rpki-client