Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
File: 2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft (raw, json)
Hash identifier: W9XdInoBogYW0DrxFUn1V+ED67LBDz6L7WZjQAhKOdg=
Subject key identifier: 84:72:E2:B5:E6:69:6A:A0:0F:DD:F7:33:CE:69:70:04:E0:3A:DB:56
Authority key identifier: D8:11:DD:22:F7:EA:F2:72:BC:4B:F3:EB:B1:52:D3:64:BB:4D:97:53
Certificate issuer: /CN=d811dd22f7eaf272bc4bf3ebb152d364bb4d9753
Certificate serial: 019A70A586F1EE6DD29BEF6D492926C72116
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
Manifest number: 0528
Signing time: Tue 11 Nov 2025 02:01:27 +0000
Manifest this update: Tue 11 Nov 2025 02:01:27 +0000
Manifest next update: Wed 12 Nov 2025 02:01:27 +0000
Files and hashes: 1: 2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl (hash: jGdiO0M9lwCkahn0Cyhao/6bfRjcq31050cHSq7FYm4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 02:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:a5:86:f1:ee:6d:d2:9b:ef:6d:49:29:26:c7:21:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d811dd22f7eaf272bc4bf3ebb152d364bb4d9753
Validity
Not Before: Nov 11 02:01:27 2025 GMT
Not After : Nov 12 02:01:27 2025 GMT
Subject: CN=8472e2b5e6696aa00fddf733ce697004e03adb56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:03:98:14:11:6c:41:24:c6:ce:d2:67:97:d5:
9f:ec:24:ba:76:89:b5:44:7b:ca:f9:fe:17:54:73:
d9:ea:20:48:97:e8:bf:dc:5e:29:e1:a6:52:74:9a:
b4:d3:66:db:0a:f3:94:44:be:29:b1:2a:cb:41:23:
a9:1b:fe:ab:23:bc:5b:3b:2f:9a:97:5e:27:2b:13:
44:cc:b2:a4:f5:9e:39:cc:e7:21:2d:ed:25:20:59:
64:9e:d8:c1:47:84:21:c2:cd:84:10:a0:63:2a:94:
93:ab:c4:c6:06:96:df:a3:9a:3b:7d:8c:29:51:e3:
c9:b1:bf:8d:10:1d:57:1c:66:87:ec:bf:1d:7b:69:
50:82:fe:29:63:87:35:15:aa:77:da:0c:d3:6e:94:
79:c5:45:f9:65:79:75:80:ae:43:40:dd:18:1b:1f:
3f:1e:2e:bc:84:ed:d3:f1:d1:9e:45:bf:2a:79:3e:
57:a2:f0:57:89:d6:05:8f:c8:1b:87:c8:a6:bd:e6:
5b:93:3a:86:71:65:aa:26:ff:5d:76:34:af:52:de:
7e:7e:07:79:9c:66:b2:b0:12:25:9f:c1:75:41:ff:
85:7b:f5:33:3e:12:6b:bc:4a:aa:b2:36:74:48:9d:
1e:5d:d4:29:b3:23:56:ce:36:a5:df:8e:0b:d9:f5:
f0:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:72:E2:B5:E6:69:6A:A0:0F:DD:F7:33:CE:69:70:04:E0:3A:DB:56
X509v3 Authority Key Identifier:
keyid:D8:11:DD:22:F7:EA:F2:72:BC:4B:F3:EB:B1:52:D3:64:BB:4D:97:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
92:31:e5:db:08:bf:8d:86:b5:9d:71:78:f4:16:54:24:eb:da:
be:07:8b:0e:68:d4:17:d2:c8:d3:b4:92:56:24:8c:bb:f9:4e:
d8:48:9b:61:8f:03:3f:4a:2c:e3:87:9e:47:bd:69:cd:c4:24:
53:c9:04:37:39:cd:65:84:27:71:47:73:41:12:54:ab:74:6e:
6d:66:55:4c:78:d4:44:6c:87:29:52:9e:bc:10:44:48:f0:8c:
6b:9e:ff:31:c7:a9:fc:85:a6:0f:24:0a:7f:59:fa:a7:2e:cd:
8c:b4:8b:71:b1:69:ce:fa:17:60:9c:66:d5:e5:65:a4:43:08:
86:6f:c5:c1:53:ae:bd:06:66:11:53:4c:42:21:ed:ed:da:40:
4a:0d:7f:f0:5a:f7:96:bb:23:1a:49:40:85:95:91:16:2a:73:
38:9a:c3:e7:ad:d9:1e:a2:f4:d7:78:38:7c:8a:33:71:5d:b1:
dc:47:d2:d5:f2:71:ea:75:2d:0e:fd:25:82:2f:de:d0:63:d2:
45:6a:37:71:46:d1:76:92:ca:4c:fe:e8:8d:38:9e:8e:98:5a:
2c:32:cf:7a:3d:c8:a8:e8:5a:4f:14:a7:96:60:91:cb:bf:1d:
c5:db:8d:3e:cc:74:e3:97:64:7e:97:e2:cb:b2:20:2f:be:59:
b4:e6:f6:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpYbx7m3Sm+9tSSkmxyEWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MTFkZDIyZjdlYWYyNzJiYzRiZjNlYmIxNTJkMzY0YmI0
ZDk3NTMwHhcNMjUxMTExMDIwMTI3WhcNMjUxMTEyMDIwMTI3WjAzMTEwLwYDVQQD
Eyg4NDcyZTJiNWU2Njk2YWEwMGZkZGY3MzNjZTY5NzAwNGUwM2FkYjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAOYFBFsQSTGztJnl9Wf7CS6dom1
RHvK+f4XVHPZ6iBIl+i/3F4p4aZSdJq002bbCvOURL4psSrLQSOpG/6rI7xbOy+a
l14nKxNEzLKk9Z45zOchLe0lIFlkntjBR4Qhws2EEKBjKpSTq8TGBpbfo5o7fYwp
UePJsb+NEB1XHGaH7L8de2lQgv4pY4c1Fap32gzTbpR5xUX5ZXl1gK5DQN0YGx8/
Hi68hO3T8dGeRb8qeT5XovBXidYFj8gbh8imveZbkzqGcWWqJv9ddjSvUt5+fgd5
nGaysBIln8F1Qf+Fe/UzPhJrvEqqsjZ0SJ0eXdQpsyNWzjal344L2fXwAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIRy4rXmaWqgD933M85pcATgOttWMB8GA1UdIwQY
MBaAFNgR3SL36vJyvEvz67FS02S7TZdTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80NzYyYzYtNWVhZi00ZTdjLWE4MjQt
ZjcwYWRmMWRjMGZlLzEvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC80NzYyYzYtNWVhZi00ZTdjLWE4MjQtZjcwYWRmMWRjMGZl
LzEvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkjHl2wi/
jYa1nXF49BZUJOvavgeLDmjUF9LI07SSViSMu/lO2EibYY8DP0os44eeR71pzcQk
U8kENznNZYQncUdzQRJUq3RubWZVTHjURGyHKVKevBBESPCMa57/Mcep/IWmDyQK
f1n6py7NjLSLcbFpzvoXYJxm1eVlpEMIhm/FwVOuvQZmEVNMQiHt7dpASg1/8Fr3
lrsjGklAhZWRFipzOJrD563ZHqL013g4fIozcV2x3EfS1fJx6nUtDv0lgi/e0GPS
RWo3cUbRdpLKTP7ojTiejphaLDLPej3IqOhaTxSnlmCRy78dxduNPsx045dkfpfi
y7IgL75ZtOb2yQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:32:49 2025 by rpki-client