Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
File: AVgEEYI7SHN2g27WavP4qrsgEZw.mft (raw, json)
Hash identifier: PnWRPlx15zauO5cGpeLbV7H2A+6VuIpVuS8L/oS/HcA=
Subject key identifier: 3B:DC:08:94:E5:BB:3C:71:1F:A0:C1:B2:0B:CD:4D:63:AD:C4:16:FA
Authority key identifier: 01:58:04:11:82:3B:48:73:76:83:6E:D6:6A:F3:F8:AA:BB:20:11:9C
Certificate issuer: /CN=01580411823b487376836ed66af3f8aabb20119c
Certificate serial: 019A71B91E4F98143D871B918CE0A6C8FCBD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
Manifest number: 171C
Signing time: Tue 11 Nov 2025 07:02:28 +0000
Manifest this update: Tue 11 Nov 2025 07:02:28 +0000
Manifest next update: Wed 12 Nov 2025 07:02:28 +0000
Files and hashes: 1: AVgEEYI7SHN2g27WavP4qrsgEZw.crl (hash: VnsirsXFX4D304zpLi3/F1Pb7g5rQplL0UxTFAtsgcI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b9:1e:4f:98:14:3d:87:1b:91:8c:e0:a6:c8:fc:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01580411823b487376836ed66af3f8aabb20119c
Validity
Not Before: Nov 11 07:02:28 2025 GMT
Not After : Nov 12 07:02:28 2025 GMT
Subject: CN=3bdc0894e5bb3c711fa0c1b20bcd4d63adc416fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:80:7e:d7:06:c3:85:5b:c4:e5:74:60:15:fc:
65:ec:83:32:8b:e6:65:12:1b:81:ee:dd:df:42:dd:
23:53:f6:b3:f4:df:05:2a:e8:97:ed:35:e9:4e:c7:
c4:4c:cf:7e:2e:89:5d:23:d1:64:0a:92:09:0c:ec:
50:ce:f4:e2:a1:72:60:11:43:48:bb:4e:36:40:91:
be:9d:1d:2b:ef:d6:cc:98:ee:3b:49:d4:14:31:52:
71:94:63:c8:de:43:4c:5e:a6:de:d5:90:63:62:e1:
6b:f4:75:b7:b1:01:bb:3f:fa:4f:94:51:7c:ca:ed:
37:87:36:84:4d:d1:89:c1:5e:7e:5b:5c:59:ef:20:
60:75:ba:3b:04:3f:3a:0e:93:4c:3f:7c:48:42:49:
d2:33:4f:b6:2d:57:36:42:68:a4:e8:14:2d:5b:c5:
55:05:fd:c3:80:5c:23:6a:67:a6:49:70:79:20:96:
94:e3:31:fa:13:49:3b:bb:16:cd:8b:f0:bf:a2:85:
89:19:3b:38:92:37:83:8a:f0:90:f6:cf:4b:df:67:
e0:36:c8:7a:ab:60:49:70:97:94:c8:90:6d:84:b9:
f2:7f:0c:78:6a:70:4f:f8:d8:c6:4f:a8:3d:98:66:
12:9c:24:c9:e5:10:1e:20:c6:d7:cc:11:db:4d:b2:
17:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:DC:08:94:E5:BB:3C:71:1F:A0:C1:B2:0B:CD:4D:63:AD:C4:16:FA
X509v3 Authority Key Identifier:
keyid:01:58:04:11:82:3B:48:73:76:83:6E:D6:6A:F3:F8:AA:BB:20:11:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1d:83:9b:1e:ed:79:bf:0e:ca:fe:1e:72:20:da:e9:e7:53:d4:
5c:48:06:73:3b:d1:98:45:94:50:5a:4b:05:ed:44:89:6d:52:
e4:cb:7d:3c:a9:8a:72:3f:f2:d0:b2:cd:a8:dc:ed:73:7d:5a:
d3:15:19:15:d4:e6:07:7d:86:87:63:e4:76:10:25:3d:d4:5f:
b0:a8:ca:81:b9:a6:d4:0c:db:6f:8f:6a:6f:22:39:c0:37:43:
ed:4d:2f:66:17:13:77:1a:4e:f2:6e:e3:3f:a5:9b:51:e9:b0:
43:4c:8c:88:9f:17:23:e2:e0:20:cc:51:68:9b:fd:b5:0a:23:
79:87:0d:49:9d:7d:d2:2d:50:8b:0d:da:87:f4:19:bc:03:cf:
e8:45:3e:84:c4:54:b0:13:fa:cb:e1:b2:4e:4a:ca:9c:a7:3c:
4f:af:b4:2b:c6:11:89:93:9b:7e:99:62:43:f5:58:9f:24:98:
17:cc:37:cc:25:9f:a4:6e:39:02:b4:d4:47:71:50:2a:cd:74:
a5:df:b7:f9:ab:e2:56:0c:f9:70:ce:5d:d8:51:4e:7d:b4:2a:
e5:11:ad:83:e8:93:d4:4d:0e:a8:98:00:62:b9:0c:94:ea:bc:
1d:9b:8c:f5:1b:98:cc:32:59:85:78:e9:2b:5e:bc:74:92:28:
5c:ef:b2:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuR5PmBQ9hxuRjOCmyPy9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNTgwNDExODIzYjQ4NzM3NjgzNmVkNjZhZjNmOGFhYmIy
MDExOWMwHhcNMjUxMTExMDcwMjI4WhcNMjUxMTEyMDcwMjI4WjAzMTEwLwYDVQQD
EygzYmRjMDg5NGU1YmIzYzcxMWZhMGMxYjIwYmNkNGQ2M2FkYzQxNmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4B+1wbDhVvE5XRgFfxl7IMyi+Zl
EhuB7t3fQt0jU/az9N8FKuiX7TXpTsfETM9+LoldI9FkCpIJDOxQzvTioXJgEUNI
u042QJG+nR0r79bMmO47SdQUMVJxlGPI3kNMXqbe1ZBjYuFr9HW3sQG7P/pPlFF8
yu03hzaETdGJwV5+W1xZ7yBgdbo7BD86DpNMP3xIQknSM0+2LVc2Qmik6BQtW8VV
Bf3DgFwjamemSXB5IJaU4zH6E0k7uxbNi/C/ooWJGTs4kjeDivCQ9s9L32fgNsh6
q2BJcJeUyJBthLnyfwx4anBP+NjGT6g9mGYSnCTJ5RAeIMbXzBHbTbIXzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDvcCJTluzxxH6DBsgvNTWOtxBb6MB8GA1UdIwQY
MBaAFAFYBBGCO0hzdoNu1mrz+Kq7IBGcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8wOWQ2NjctYjFjNS00NTIxLThiNWYt
YzE4YWJlY2RkNTI0LzEvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8wOWQ2NjctYjFjNS00NTIxLThiNWYtYzE4YWJlY2RkNTI0
LzEvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHYObHu15
vw7K/h5yINrp51PUXEgGczvRmEWUUFpLBe1EiW1S5Mt9PKmKcj/y0LLNqNztc31a
0xUZFdTmB32Gh2PkdhAlPdRfsKjKgbmm1Azbb49qbyI5wDdD7U0vZhcTdxpO8m7j
P6WbUemwQ0yMiJ8XI+LgIMxRaJv9tQojeYcNSZ190i1Qiw3ah/QZvAPP6EU+hMRU
sBP6y+GyTkrKnKc8T6+0K8YRiZObfpliQ/VYnySYF8w3zCWfpG45ArTUR3FQKs10
pd+3+aviVgz5cM5d2FFOfbQq5RGtg+iT1E0OqJgAYrkMlOq8HZuM9RuYzDJZhXjp
K168dJIoXO+yuQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:33:50 2025 by rpki-client