Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft
File: hD524S0l3izPRxnfAlToU5UO7rk.mft (raw, json)
Hash identifier: /Shey8UHjJdKamA27UKIP60Jo/2HW5ecaUTNY7SS4+w=
Subject key identifier: 4C:31:CD:59:31:4C:17:A7:23:D9:1C:01:9E:33:E6:9A:1B:A4:57:61
Authority key identifier: 84:3E:76:E1:2D:25:DE:2C:CF:47:19:DF:02:54:E8:53:95:0E:EE:B9
Certificate issuer: /CN=843e76e12d25de2ccf4719df0254e853950eeeb9
Certificate serial: 019A71B7CEE05E2ABB02A52950A77ED3848E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hD524S0l3izPRxnfAlToU5UO7rk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft
Manifest number: 0D74
Signing time: Tue 11 Nov 2025 07:01:02 +0000
Manifest this update: Tue 11 Nov 2025 07:01:02 +0000
Manifest next update: Wed 12 Nov 2025 07:01:02 +0000
Files and hashes: 1: hD524S0l3izPRxnfAlToU5UO7rk.crl (hash: naM/JwGQ3q/jSmb0EgiHIOFLjjQlUeDKMsbOjI+r4r0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft
rsync://rpki.ripe.net/repository/DEFAULT/hD524S0l3izPRxnfAlToU5UO7rk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:ce:e0:5e:2a:bb:02:a5:29:50:a7:7e:d3:84:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=843e76e12d25de2ccf4719df0254e853950eeeb9
Validity
Not Before: Nov 11 07:01:02 2025 GMT
Not After : Nov 12 07:01:02 2025 GMT
Subject: CN=4c31cd59314c17a723d91c019e33e69a1ba45761
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:47:60:c6:43:c7:56:cf:5b:4b:9f:bd:04:52:
7b:85:9c:67:6c:9d:e3:4d:76:58:58:b0:cb:e5:5d:
3f:40:a2:99:be:03:df:30:6c:0a:73:f7:ba:7a:e8:
0c:4a:3a:51:b2:5d:79:7b:39:39:f2:ff:07:d0:d2:
87:8b:c3:f8:6d:fc:b6:f2:11:4e:41:dc:5b:f4:b3:
fa:a6:23:96:2c:23:ba:43:c4:54:2a:ec:ff:ba:66:
6b:b5:b6:4a:16:75:40:6c:85:ae:4b:6b:ba:78:ed:
2d:ff:6d:80:09:d5:0b:3e:d2:4c:b9:f5:b5:45:08:
c2:4f:e1:cb:d3:8e:7a:77:a9:41:8a:00:c1:b2:81:
e0:bf:3e:17:a6:91:fc:4d:fa:6c:cb:17:03:e3:72:
6f:e2:6b:f0:77:5b:25:be:0a:bf:dc:99:6d:c4:3b:
1e:3b:20:07:1d:5b:7f:c8:6f:f8:b3:9d:e0:32:e4:
e1:82:66:52:4f:72:bf:45:81:9e:be:f8:67:8f:89:
f1:0b:13:ab:2a:c4:2e:f4:58:6f:55:f9:cb:c3:52:
58:05:fb:12:13:cc:45:fb:93:1a:92:97:9e:42:85:
03:54:49:e1:6b:58:97:26:a7:88:bb:35:06:6d:21:
d9:e4:9c:a8:e9:07:bf:15:aa:79:73:d1:97:16:91:
fb:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:31:CD:59:31:4C:17:A7:23:D9:1C:01:9E:33:E6:9A:1B:A4:57:61
X509v3 Authority Key Identifier:
keyid:84:3E:76:E1:2D:25:DE:2C:CF:47:19:DF:02:54:E8:53:95:0E:EE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hD524S0l3izPRxnfAlToU5UO7rk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
52:d8:eb:d2:37:76:eb:7b:d7:2d:d0:53:15:53:36:cb:2d:8f:
b0:ee:73:02:8c:22:08:c5:3a:25:f6:7d:5a:60:84:46:72:c5:
0e:ed:16:07:d3:55:f5:88:c7:22:ab:76:c3:df:8c:56:0d:e6:
bf:9d:34:88:4e:89:ff:e3:4a:11:de:86:e0:8f:aa:80:1b:3b:
c3:21:39:8b:2f:a8:ee:bb:a1:5c:1e:15:99:56:4e:52:d7:e1:
0b:a0:cc:fb:c1:e1:43:87:0a:fb:5c:22:ad:fb:21:f5:12:1b:
63:aa:98:d9:e5:8d:96:96:b5:91:89:2d:c3:9e:0b:3a:12:b2:
76:46:42:0a:90:f9:07:11:ba:f4:ea:eb:c0:ac:ab:df:79:15:
1b:ec:67:b4:7d:de:84:43:a8:c5:51:ae:a9:06:1c:ff:89:f8:
c5:1d:5b:bd:31:1e:01:e2:58:36:ad:af:0e:83:68:ce:51:c6:
ea:a2:de:d1:85:4c:db:d2:64:24:f0:00:03:c4:a3:41:86:1e:
17:a9:dc:b0:bb:13:6e:8b:cc:fb:68:fa:4f:51:78:be:fc:5b:
10:90:54:95:fe:57:e1:e0:06:bc:5d:4d:13:86:24:ef:ce:cb:
2c:7b:be:38:9d:62:58:9c:cb:d4:dc:fd:39:52:9c:a9:d7:76:
2a:48:e8:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt87gXiq7AqUpUKd+04SOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0M2U3NmUxMmQyNWRlMmNjZjQ3MTlkZjAyNTRlODUzOTUw
ZWVlYjkwHhcNMjUxMTExMDcwMTAyWhcNMjUxMTEyMDcwMTAyWjAzMTEwLwYDVQQD
Eyg0YzMxY2Q1OTMxNGMxN2E3MjNkOTFjMDE5ZTMzZTY5YTFiYTQ1NzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUdgxkPHVs9bS5+9BFJ7hZxnbJ3j
TXZYWLDL5V0/QKKZvgPfMGwKc/e6eugMSjpRsl15ezk58v8H0NKHi8P4bfy28hFO
Qdxb9LP6piOWLCO6Q8RUKuz/umZrtbZKFnVAbIWuS2u6eO0t/22ACdULPtJMufW1
RQjCT+HL0456d6lBigDBsoHgvz4XppH8TfpsyxcD43Jv4mvwd1slvgq/3JltxDse
OyAHHVt/yG/4s53gMuThgmZST3K/RYGevvhnj4nxCxOrKsQu9FhvVfnLw1JYBfsS
E8xF+5MakpeeQoUDVEnha1iXJqeIuzUGbSHZ5Jyo6Qe/Fap5c9GXFpH7kQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEwxzVkxTBenI9kcAZ4z5pobpFdhMB8GA1UdIwQY
MBaAFIQ+duEtJd4sz0cZ3wJU6FOVDu65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEQ1MjRTMGwzaXpQUnhuZkFsVG9VNVVPN3JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS85MzI1NmItYzkxMy00OTVhLWE3Zjkt
NjdmYzhkMjA2NWIxLzEvaEQ1MjRTMGwzaXpQUnhuZkFsVG9VNVVPN3JrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS85MzI1NmItYzkxMy00OTVhLWE3ZjktNjdmYzhkMjA2NWIx
LzEvaEQ1MjRTMGwzaXpQUnhuZkFsVG9VNVVPN3JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUtjr0jd2
63vXLdBTFVM2yy2PsO5zAowiCMU6JfZ9WmCERnLFDu0WB9NV9YjHIqt2w9+MVg3m
v500iE6J/+NKEd6G4I+qgBs7wyE5iy+o7ruhXB4VmVZOUtfhC6DM+8HhQ4cK+1wi
rfsh9RIbY6qY2eWNlpa1kYktw54LOhKydkZCCpD5BxG69OrrwKyr33kVG+xntH3e
hEOoxVGuqQYc/4n4xR1bvTEeAeJYNq2vDoNozlHG6qLe0YVM29JkJPAAA8SjQYYe
F6ncsLsTbovM+2j6T1F4vvxbEJBUlf5X4eAGvF1NE4Yk787LLHu+OJ1iWJzL1Nz9
OVKcqdd2KkjosQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:19:23 2025 by rpki-client