Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/b8a9e7-9450-436c-bf90-8e90466bad38/1/VKFL5hl1Xu7rkf4vYqHU7geGFJY.mft
File: VKFL5hl1Xu7rkf4vYqHU7geGFJY.mft (raw, json)
Hash identifier: 8HldyIGySZFFurYnKYn+pTQ/dUYHiwO8fvOsTV66cUY=
Subject key identifier: 60:75:E6:12:54:01:CF:E6:CE:94:55:95:CB:AA:77:C6:B9:88:21:25
Authority key identifier: 54:A1:4B:E6:19:75:5E:EE:EB:91:FE:2F:62:A1:D4:EE:07:86:14:96
Certificate issuer: /CN=54a14be619755eeeeb91fe2f62a1d4ee07861496
Certificate serial: 019A71EE5B0E91D0CB433BC261FD1887FFFB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VKFL5hl1Xu7rkf4vYqHU7geGFJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/b8a9e7-9450-436c-bf90-8e90466bad38/1/VKFL5hl1Xu7rkf4vYqHU7geGFJY.mft
Manifest number: 0E18
Signing time: Tue 11 Nov 2025 08:00:37 +0000
Manifest this update: Tue 11 Nov 2025 08:00:37 +0000
Manifest next update: Wed 12 Nov 2025 08:00:37 +0000
Files and hashes: 1: VKFL5hl1Xu7rkf4vYqHU7geGFJY.crl (hash: 1pp7ASMImxO1AKp7B79T+hMPQIPL8YlWw3yvom7sfgQ=)
2: VtoCPIJdz7eHPyB83a7Nn8Gfd4c.roa (hash: PUXsuDYu+cUr4eIS8shnPGPZDRmbjLqE+BBuYonEPq4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/b8a9e7-9450-436c-bf90-8e90466bad38/1/VKFL5hl1Xu7rkf4vYqHU7geGFJY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/b8a9e7-9450-436c-bf90-8e90466bad38/1/VKFL5hl1Xu7rkf4vYqHU7geGFJY.mft
rsync://rpki.ripe.net/repository/DEFAULT/VKFL5hl1Xu7rkf4vYqHU7geGFJY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:5b:0e:91:d0:cb:43:3b:c2:61:fd:18:87:ff:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54a14be619755eeeeb91fe2f62a1d4ee07861496
Validity
Not Before: Nov 11 08:00:37 2025 GMT
Not After : Nov 12 08:00:37 2025 GMT
Subject: CN=6075e6125401cfe6ce945595cbaa77c6b9882125
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:30:d4:77:ef:78:82:65:fa:7e:a5:ea:fb:aa:
ad:98:d2:a3:2f:65:8c:c5:41:79:7d:88:d0:81:02:
48:27:9d:79:7d:09:58:ea:76:87:9b:38:a6:ed:9d:
cc:25:ad:03:2d:d0:16:dd:b3:3f:97:76:54:80:4f:
21:53:80:10:7e:0b:e9:7c:db:a3:24:5f:5b:a0:44:
ff:f0:5e:e1:85:d8:41:6c:3d:c2:2f:6c:f0:5e:0c:
34:f9:a0:5e:cd:16:f2:62:2e:87:f5:ed:29:f5:b6:
82:aa:7a:86:ed:d7:b8:60:c6:b1:8b:66:78:30:ed:
88:62:47:fb:7a:23:62:10:0d:c7:4c:f2:45:e6:66:
c0:77:38:01:a2:0a:aa:ab:4b:8c:0b:8c:59:91:06:
9a:1c:05:e7:9a:13:bd:c8:3c:b5:50:bd:cf:75:c4:
ec:45:5f:04:5c:6e:21:5d:ee:04:2e:e8:30:22:6a:
84:1b:82:6f:7d:c6:46:d7:01:c9:19:01:d0:aa:2a:
0a:17:cb:8a:06:d0:de:2c:d5:81:00:97:46:00:9d:
9f:47:53:55:c1:ee:64:1d:f5:9a:d2:e6:d3:9b:8f:
c7:c0:5c:26:ac:e6:8c:13:43:63:8a:3e:ab:34:86:
17:65:ef:da:a0:09:0b:10:76:e4:9b:6a:74:81:05:
bf:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:75:E6:12:54:01:CF:E6:CE:94:55:95:CB:AA:77:C6:B9:88:21:25
X509v3 Authority Key Identifier:
keyid:54:A1:4B:E6:19:75:5E:EE:EB:91:FE:2F:62:A1:D4:EE:07:86:14:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VKFL5hl1Xu7rkf4vYqHU7geGFJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/b8a9e7-9450-436c-bf90-8e90466bad38/1/VKFL5hl1Xu7rkf4vYqHU7geGFJY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/b8a9e7-9450-436c-bf90-8e90466bad38/1/VKFL5hl1Xu7rkf4vYqHU7geGFJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6b:18:3a:ec:52:93:d2:3a:34:64:c4:0f:a7:2e:74:17:77:cf:
59:1a:f4:b4:cd:23:e8:96:d5:9e:c0:e9:d5:74:9d:42:d8:f8:
57:3c:58:23:1c:14:80:86:46:19:01:12:ad:34:3f:9f:24:0f:
77:ce:b5:54:79:0a:23:ee:94:cd:ba:3b:66:7a:a0:5b:b5:4a:
de:42:d2:05:70:d3:9a:0a:6c:ff:b8:9d:c7:6f:64:37:fa:3d:
19:ce:be:61:5f:81:25:92:31:ba:bd:90:d7:2e:d2:ab:50:22:
8c:8a:0a:60:b0:c8:9e:dc:dc:8d:ba:70:ee:68:c6:01:91:22:
76:3b:3e:f5:00:a0:6d:64:40:26:45:b6:20:73:e3:e0:01:60:
e6:b1:38:e9:c6:88:15:8c:cf:ee:23:dc:65:71:c4:74:3a:fb:
77:65:6a:08:7b:24:e6:de:ff:07:99:d2:19:f1:8b:ac:fe:b1:
f5:00:a7:05:80:b4:53:4a:e3:9f:e9:13:57:4e:8b:a2:20:0c:
4e:77:23:82:a6:04:0d:cf:13:7a:37:cf:f6:2f:c0:a5:78:9a:
b6:81:2e:2d:f2:18:85:c6:69:c5:48:83:68:e2:a6:77:c9:13:
2a:c3:8d:70:32:e3:23:f6:28:e6:25:76:ba:62:e2:30:7f:17:
87:3c:0a:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7lsOkdDLQzvCYf0Yh//7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0YTE0YmU2MTk3NTVlZWVlYjkxZmUyZjYyYTFkNGVlMDc4
NjE0OTYwHhcNMjUxMTExMDgwMDM3WhcNMjUxMTEyMDgwMDM3WjAzMTEwLwYDVQQD
Eyg2MDc1ZTYxMjU0MDFjZmU2Y2U5NDU1OTVjYmFhNzdjNmI5ODgyMTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjDUd+94gmX6fqXq+6qtmNKjL2WM
xUF5fYjQgQJIJ515fQlY6naHmzim7Z3MJa0DLdAW3bM/l3ZUgE8hU4AQfgvpfNuj
JF9boET/8F7hhdhBbD3CL2zwXgw0+aBezRbyYi6H9e0p9baCqnqG7de4YMaxi2Z4
MO2IYkf7eiNiEA3HTPJF5mbAdzgBogqqq0uMC4xZkQaaHAXnmhO9yDy1UL3PdcTs
RV8EXG4hXe4ELugwImqEG4JvfcZG1wHJGQHQqioKF8uKBtDeLNWBAJdGAJ2fR1NV
we5kHfWa0ubTm4/HwFwmrOaME0Njij6rNIYXZe/aoAkLEHbkm2p0gQW/DwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGB15hJUAc/mzpRVlcuqd8a5iCElMB8GA1UdIwQY
MBaAFFShS+YZdV7u65H+L2Kh1O4HhhSWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVktGTDVobDFYdTdya2Y0dllxSFU3Z2VHRkpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iOGE5ZTctOTQ1MC00MzZjLWJmOTAt
OGU5MDQ2NmJhZDM4LzEvVktGTDVobDFYdTdya2Y0dllxSFU3Z2VHRkpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iOGE5ZTctOTQ1MC00MzZjLWJmOTAtOGU5MDQ2NmJhZDM4
LzEvVktGTDVobDFYdTdya2Y0dllxSFU3Z2VHRkpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaxg67FKT
0jo0ZMQPpy50F3fPWRr0tM0j6JbVnsDp1XSdQtj4VzxYIxwUgIZGGQESrTQ/nyQP
d861VHkKI+6Uzbo7ZnqgW7VK3kLSBXDTmgps/7idx29kN/o9Gc6+YV+BJZIxur2Q
1y7Sq1AijIoKYLDIntzcjbpw7mjGAZEidjs+9QCgbWRAJkW2IHPj4AFg5rE46caI
FYzP7iPcZXHEdDr7d2VqCHsk5t7/B5nSGfGLrP6x9QCnBYC0U0rjn+kTV06LoiAM
TncjgqYEDc8TejfP9i/ApXiatoEuLfIYhcZpxUiDaOKmd8kTKsONcDLjI/Yo5iV2
umLiMH8XhzwK7g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:14:18 2025 by rpki-client