Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft
File: MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft (raw, json)
Hash identifier: i1/TF+H/70BGD/CvIaG9Unc0SHqRRm8KbxyE8WJ4efI=
Subject key identifier: E6:41:54:E1:47:25:E0:23:67:AC:D7:B0:A6:59:68:C4:3E:C9:FC:71
Authority key identifier: 30:AA:B0:2B:65:4E:91:5C:AD:CA:33:92:92:E2:8C:15:C4:7D:F8:58
Certificate issuer: /CN=30aab02b654e915cadca339292e28c15c47df858
Certificate serial: 019A7226591A972934DE0C1F2379EEE1AA8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MKqwK2VOkVytyjOSkuKMFcR9-Fg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft
Manifest number: 0581
Signing time: Tue 11 Nov 2025 09:01:47 +0000
Manifest this update: Tue 11 Nov 2025 09:01:47 +0000
Manifest next update: Wed 12 Nov 2025 09:01:47 +0000
Files and hashes: 1: MKqwK2VOkVytyjOSkuKMFcR9-Fg.crl (hash: ZO2SftgXwnxqRxkGZmF5+xGVkqqcVvZoC9OsgBnMkvk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft
rsync://rpki.ripe.net/repository/DEFAULT/MKqwK2VOkVytyjOSkuKMFcR9-Fg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:59:1a:97:29:34:de:0c:1f:23:79:ee:e1:aa:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30aab02b654e915cadca339292e28c15c47df858
Validity
Not Before: Nov 11 09:01:47 2025 GMT
Not After : Nov 12 09:01:47 2025 GMT
Subject: CN=e64154e14725e02367acd7b0a65968c43ec9fc71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b6:93:58:3f:4e:f8:35:10:3b:f1:d5:73:8d:
c0:57:8c:43:41:11:17:3b:40:26:db:e7:20:27:3a:
f0:2c:ac:43:1f:6e:8d:cb:6d:26:bb:27:fa:a6:8c:
98:7c:e8:90:1d:63:b7:04:87:ad:11:70:5a:96:5d:
f1:df:2c:38:49:62:15:66:f6:86:65:e5:8d:dd:86:
f4:79:62:12:ef:0d:e6:14:8d:d7:c7:c5:61:97:f3:
bb:0a:ed:ac:7c:8f:99:69:fe:f3:5b:13:e4:c6:3e:
f8:8c:26:82:4d:99:c2:d7:07:f1:9d:d2:0d:7e:08:
2a:54:58:29:5c:1a:88:e6:fe:92:b1:02:3a:85:dc:
58:0d:13:f4:92:5a:73:3b:7f:96:4f:e5:4a:b6:20:
e4:b9:86:f0:c8:a5:92:fa:1a:f5:06:fe:5a:a7:6c:
49:bb:c3:83:c6:20:7b:b2:69:c8:9e:92:43:f7:ca:
e4:5e:cc:ad:e9:66:07:56:5a:b5:f4:5a:5e:06:01:
f1:49:7b:22:4b:e0:e9:af:fc:37:03:39:b6:f3:e0:
9d:e1:cd:b3:46:0a:ce:72:a1:6c:83:c3:59:ed:1e:
c4:d6:02:a5:5e:b5:b3:83:a0:e7:fd:7d:40:4d:85:
cb:33:88:f7:44:70:36:18:70:db:16:2a:22:d7:b3:
22:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:41:54:E1:47:25:E0:23:67:AC:D7:B0:A6:59:68:C4:3E:C9:FC:71
X509v3 Authority Key Identifier:
keyid:30:AA:B0:2B:65:4E:91:5C:AD:CA:33:92:92:E2:8C:15:C4:7D:F8:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MKqwK2VOkVytyjOSkuKMFcR9-Fg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
61:9c:f5:39:a1:35:01:16:97:bd:86:59:a8:8f:dc:21:6c:39:
4f:43:fb:06:3b:32:b5:56:e0:67:19:14:ba:61:3e:a3:cd:7b:
85:b8:4e:d2:5d:19:89:79:91:85:59:d4:e8:b4:22:39:ea:0f:
b8:92:57:05:8a:0e:c9:11:fd:2a:9c:a8:92:77:ee:ef:4a:36:
e8:ba:f4:26:13:1e:b0:35:47:5b:1b:6d:ee:05:16:25:8c:2d:
b4:27:57:f5:07:6a:79:04:52:2c:02:d9:76:f5:e3:44:7f:4e:
f5:bc:c3:63:23:19:fe:ab:1a:0b:2a:4d:21:6f:ad:7a:68:0f:
83:a2:26:9d:dd:0a:f7:09:22:b9:cd:81:71:1a:2c:f3:19:be:
8a:42:70:76:4a:27:4b:ef:27:58:1e:14:21:53:51:e2:84:97:
5d:5d:60:c9:b6:69:46:8f:03:e4:5d:0a:cd:3f:48:81:76:67:
d3:71:74:32:f9:cd:ae:57:bc:2c:27:b8:fb:04:52:91:cb:2d:
74:60:48:19:16:b1:d7:f3:30:3a:62:b3:ee:9d:58:d9:39:fc:
65:9e:94:82:e3:26:40:ea:99:0c:fc:ca:04:dc:28:44:4f:3c:
28:f3:19:fd:aa:be:99:8e:e3:bb:74:e7:e8:74:38:e5:f0:b4:
95:e7:98:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJlkalyk03gwfI3nu4aqOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYWFiMDJiNjU0ZTkxNWNhZGNhMzM5MjkyZTI4YzE1YzQ3
ZGY4NTgwHhcNMjUxMTExMDkwMTQ3WhcNMjUxMTEyMDkwMTQ3WjAzMTEwLwYDVQQD
EyhlNjQxNTRlMTQ3MjVlMDIzNjdhY2Q3YjBhNjU5NjhjNDNlYzlmYzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7aTWD9O+DUQO/HVc43AV4xDQREX
O0Am2+cgJzrwLKxDH26Ny20muyf6poyYfOiQHWO3BIetEXBall3x3yw4SWIVZvaG
ZeWN3Yb0eWIS7w3mFI3Xx8Vhl/O7Cu2sfI+Zaf7zWxPkxj74jCaCTZnC1wfxndIN
fggqVFgpXBqI5v6SsQI6hdxYDRP0klpzO3+WT+VKtiDkuYbwyKWS+hr1Bv5ap2xJ
u8ODxiB7smnInpJD98rkXsyt6WYHVlq19FpeBgHxSXsiS+Dpr/w3Azm28+Cd4c2z
RgrOcqFsg8NZ7R7E1gKlXrWzg6Dn/X1ATYXLM4j3RHA2GHDbFioi17MiGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOZBVOFHJeAjZ6zXsKZZaMQ+yfxxMB8GA1UdIwQY
MBaAFDCqsCtlTpFcrcozkpLijBXEffhYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUtxd0syVk9rVnl0eWpPU2t1S01GY1I5LUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS85YWZmNTQtNTk3MS00MDJmLWFiNjkt
YTQxOTY3MGQxN2UxLzEvTUtxd0syVk9rVnl0eWpPU2t1S01GY1I5LUZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS85YWZmNTQtNTk3MS00MDJmLWFiNjktYTQxOTY3MGQxN2Ux
LzEvTUtxd0syVk9rVnl0eWpPU2t1S01GY1I5LUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYZz1OaE1
ARaXvYZZqI/cIWw5T0P7BjsytVbgZxkUumE+o817hbhO0l0ZiXmRhVnU6LQiOeoP
uJJXBYoOyRH9Kpyoknfu70o26Lr0JhMesDVHWxtt7gUWJYwttCdX9QdqeQRSLALZ
dvXjRH9O9bzDYyMZ/qsaCypNIW+temgPg6Imnd0K9wkiuc2BcRos8xm+ikJwdkon
S+8nWB4UIVNR4oSXXV1gybZpRo8D5F0KzT9IgXZn03F0MvnNrle8LCe4+wRSkcst
dGBIGRax1/MwOmKz7p1Y2Tn8ZZ6UguMmQOqZDPzKBNwoRE88KPMZ/aq+mY7ju3Tn
6HQ45fC0leeY9Q==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:41:52 2025 by rpki-client