Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.mft
File: SQtgyL0tnQHwq1ocTApT4dczn2U.mft (raw, json)
Hash identifier: QuBQp/WVESqJ68MtxFhLKbCZJYxDJenLCUJIPygsPo8=
Subject key identifier: 18:F4:CB:0A:5D:2E:C3:59:F7:76:91:26:4E:6D:54:1C:3A:46:BA:4F
Authority key identifier: 49:0B:60:C8:BD:2D:9D:01:F0:AB:5A:1C:4C:0A:53:E1:D7:33:9F:65
Certificate issuer: /CN=490b60c8bd2d9d01f0ab5a1c4c0a53e1d7339f65
Certificate serial: 019A71B83B218BCB91FB31291E1BF5603BED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SQtgyL0tnQHwq1ocTApT4dczn2U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.mft
Manifest number: 1306
Signing time: Tue 11 Nov 2025 07:01:30 +0000
Manifest this update: Tue 11 Nov 2025 07:01:30 +0000
Manifest next update: Wed 12 Nov 2025 07:01:30 +0000
Files and hashes: 1: SQtgyL0tnQHwq1ocTApT4dczn2U.crl (hash: N0E8aah5qpqbV2NQZjjgsHjmZZ/g47Gn+hwboq9NaGI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.mft
rsync://rpki.ripe.net/repository/DEFAULT/SQtgyL0tnQHwq1ocTApT4dczn2U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:3b:21:8b:cb:91:fb:31:29:1e:1b:f5:60:3b:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=490b60c8bd2d9d01f0ab5a1c4c0a53e1d7339f65
Validity
Not Before: Nov 11 07:01:30 2025 GMT
Not After : Nov 12 07:01:30 2025 GMT
Subject: CN=18f4cb0a5d2ec359f77691264e6d541c3a46ba4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0a:a5:29:ef:99:35:ec:5c:c4:d0:49:6c:e8:
e2:54:51:55:2f:95:d0:f7:47:41:d2:17:da:dd:b6:
d9:33:35:88:0a:61:ba:9a:1e:3e:3c:fd:11:29:ae:
fa:f1:fd:28:9a:8d:af:d6:08:52:e4:c3:53:ef:8d:
76:de:e2:7e:1e:3b:1d:e7:a9:25:32:64:35:16:7a:
a2:04:9c:cd:37:da:f4:10:8d:eb:a0:5e:4c:fd:d2:
5a:95:01:72:f2:e7:28:2d:d2:8a:ad:b1:5f:3c:73:
14:30:48:17:e3:80:50:2c:c8:a9:f1:42:5d:34:de:
79:09:56:dd:ab:6b:ff:b0:35:b9:3f:84:04:e1:9c:
dc:84:41:56:ae:e8:a6:bf:b7:2b:9f:83:27:be:6e:
73:ec:d9:ad:1f:84:16:89:c9:88:80:fa:a1:d6:f6:
ac:b3:99:42:3c:15:c8:da:66:a3:ee:a5:53:c8:a9:
12:46:d5:f6:94:57:2c:a3:87:8f:92:4a:01:f8:fb:
57:f6:d6:37:47:43:3a:cb:0f:b1:81:82:74:01:ca:
fc:74:42:ed:56:29:e2:a9:30:9f:aa:04:4d:5f:98:
a4:02:14:69:6d:61:73:3a:5e:49:d5:76:26:2f:c1:
7f:14:83:c5:48:4f:7d:61:4f:00:0e:d0:32:10:99:
79:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:F4:CB:0A:5D:2E:C3:59:F7:76:91:26:4E:6D:54:1C:3A:46:BA:4F
X509v3 Authority Key Identifier:
keyid:49:0B:60:C8:BD:2D:9D:01:F0:AB:5A:1C:4C:0A:53:E1:D7:33:9F:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SQtgyL0tnQHwq1ocTApT4dczn2U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
84:63:02:92:02:81:81:4c:b3:2a:d0:d0:91:de:a3:d4:9a:ea:
b6:ee:37:74:c3:d5:4e:42:35:a0:05:1d:41:0a:2c:20:e5:b7:
08:24:ef:88:43:da:8a:15:27:f6:7d:54:85:9b:98:33:15:9b:
c9:bd:db:cf:69:45:32:69:d7:41:ca:72:86:43:56:19:a8:c3:
a5:8e:f8:53:cc:6b:45:a2:ef:36:47:31:f6:c4:60:a0:0c:ff:
f0:cb:55:71:ad:80:fb:61:fc:8f:29:7f:5b:18:06:63:10:89:
c6:3a:33:48:21:64:10:ac:54:a6:72:06:ac:3a:26:e7:1e:0a:
be:3b:83:eb:73:98:a0:14:c9:82:77:60:e2:25:ac:96:e2:2d:
e1:1f:b3:ee:82:65:cc:68:ff:3e:d2:eb:bb:cc:d5:8d:db:d3:
92:6e:0f:6e:21:ce:2c:4f:d0:11:67:e7:f8:61:7a:8e:bb:e4:
68:2e:69:8c:0e:05:fd:fb:16:2d:07:23:5c:40:f5:2b:df:5a:
28:3b:f2:25:7a:73:b2:30:83:46:7d:fd:d7:cf:26:ef:33:86:
9f:6d:b2:f2:4d:73:d5:64:de:f2:95:26:9f:9a:e3:25:ac:09:
45:9f:6c:f0:75:37:33:ae:c4:4a:b3:90:1a:ee:ea:bd:c3:4e:
e6:6d:5a:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuDshi8uR+zEpHhv1YDvtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MGI2MGM4YmQyZDlkMDFmMGFiNWExYzRjMGE1M2UxZDcz
MzlmNjUwHhcNMjUxMTExMDcwMTMwWhcNMjUxMTEyMDcwMTMwWjAzMTEwLwYDVQQD
EygxOGY0Y2IwYTVkMmVjMzU5Zjc3NjkxMjY0ZTZkNTQxYzNhNDZiYTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAqlKe+ZNexcxNBJbOjiVFFVL5XQ
90dB0hfa3bbZMzWICmG6mh4+PP0RKa768f0omo2v1ghS5MNT74123uJ+Hjsd56kl
MmQ1FnqiBJzNN9r0EI3roF5M/dJalQFy8ucoLdKKrbFfPHMUMEgX44BQLMip8UJd
NN55CVbdq2v/sDW5P4QE4ZzchEFWruimv7crn4Mnvm5z7NmtH4QWicmIgPqh1vas
s5lCPBXI2maj7qVTyKkSRtX2lFcso4ePkkoB+PtX9tY3R0M6yw+xgYJ0Acr8dELt
ViniqTCfqgRNX5ikAhRpbWFzOl5J1XYmL8F/FIPFSE99YU8ADtAyEJl5nQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBj0ywpdLsNZ93aRJk5tVBw6RrpPMB8GA1UdIwQY
MBaAFEkLYMi9LZ0B8KtaHEwKU+HXM59lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1F0Z3lMMHRuUUh3cTFvY1RBcFQ0ZGN6bjJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy85MjZiNTctY2MxMi00OGZjLWI5OTYt
OTJhNGJlODVjMTFkLzEvU1F0Z3lMMHRuUUh3cTFvY1RBcFQ0ZGN6bjJVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy85MjZiNTctY2MxMi00OGZjLWI5OTYtOTJhNGJlODVjMTFk
LzEvU1F0Z3lMMHRuUUh3cTFvY1RBcFQ0ZGN6bjJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhGMCkgKB
gUyzKtDQkd6j1Jrqtu43dMPVTkI1oAUdQQosIOW3CCTviEPaihUn9n1UhZuYMxWb
yb3bz2lFMmnXQcpyhkNWGajDpY74U8xrRaLvNkcx9sRgoAz/8MtVca2A+2H8jyl/
WxgGYxCJxjozSCFkEKxUpnIGrDom5x4KvjuD63OYoBTJgndg4iWsluIt4R+z7oJl
zGj/PtLru8zVjdvTkm4PbiHOLE/QEWfn+GF6jrvkaC5pjA4F/fsWLQcjXED1K99a
KDvyJXpzsjCDRn39188m7zOGn22y8k1z1WTe8pUmn5rjJawJRZ9s8HU3M67ESrOQ
Gu7qvcNO5m1ahA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:41:44 2025 by rpki-client