Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/0a710a-c800-4eae-a35b-769b3fc2664b/1/a-5EwhI0JTYYsNeza5Djy1xA3tE.mft
File: a-5EwhI0JTYYsNeza5Djy1xA3tE.mft (raw, json)
Hash identifier: gY5F8PrR/RtjShiZ5m62DUr8PzMqlC/+0JKji8SO3uw=
Subject key identifier: E7:5A:15:60:26:13:07:B9:12:58:1B:51:EB:65:AC:69:0C:FA:73:99
Authority key identifier: 6B:EE:44:C2:12:34:25:36:18:B0:D7:B3:6B:90:E3:CB:5C:40:DE:D1
Certificate issuer: /CN=6bee44c21234253618b0d7b36b90e3cb5c40ded1
Certificate serial: 019A71EE97846F50AB7134F6FBCEA674E9F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a-5EwhI0JTYYsNeza5Djy1xA3tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/0a710a-c800-4eae-a35b-769b3fc2664b/1/a-5EwhI0JTYYsNeza5Djy1xA3tE.mft
Manifest number: 171C
Signing time: Tue 11 Nov 2025 08:00:52 +0000
Manifest this update: Tue 11 Nov 2025 08:00:52 +0000
Manifest next update: Wed 12 Nov 2025 08:00:52 +0000
Files and hashes: 1: a-5EwhI0JTYYsNeza5Djy1xA3tE.crl (hash: 3+RC6BEnHJo9THiBuvBrllHzBifcUKgvuTcF6jioZnA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/0a710a-c800-4eae-a35b-769b3fc2664b/1/a-5EwhI0JTYYsNeza5Djy1xA3tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/0a710a-c800-4eae-a35b-769b3fc2664b/1/a-5EwhI0JTYYsNeza5Djy1xA3tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/a-5EwhI0JTYYsNeza5Djy1xA3tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:97:84:6f:50:ab:71:34:f6:fb:ce:a6:74:e9:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bee44c21234253618b0d7b36b90e3cb5c40ded1
Validity
Not Before: Nov 11 08:00:52 2025 GMT
Not After : Nov 12 08:00:52 2025 GMT
Subject: CN=e75a1560261307b912581b51eb65ac690cfa7399
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:fb:b0:07:82:96:30:6c:be:de:88:ce:d7:4c:
b0:ea:48:93:c9:04:91:58:aa:7f:1a:09:74:9e:fc:
2d:9a:60:1a:2e:df:03:04:77:2a:3d:b3:de:dd:0e:
ca:35:65:50:52:86:48:33:69:ed:72:87:a6:4d:ac:
67:8d:f1:c1:a5:61:7d:d6:f8:8f:b2:03:30:92:c2:
de:b3:07:fd:96:e8:d9:bf:e3:9a:57:d6:93:27:a6:
84:8b:4c:35:ea:45:16:bb:dc:31:16:eb:67:5a:79:
7b:12:12:d7:b0:ee:94:46:81:eb:81:fe:78:a3:4f:
23:9d:51:ce:c5:36:42:38:3a:83:62:75:d8:b4:75:
ad:a2:a1:7d:b5:0a:3d:3d:bf:ed:72:18:62:7a:fe:
9e:3b:b9:bc:8c:f9:f9:27:56:0c:ca:2e:0f:9e:a8:
5f:03:45:26:2b:6f:b9:8a:66:dc:3d:54:39:9d:2d:
16:2c:fb:31:eb:fa:33:96:f4:62:d3:cd:aa:5c:2d:
4f:69:e4:10:b0:42:b2:65:e8:66:d3:60:9c:be:f3:
c1:aa:fd:73:ee:4c:0a:e0:78:14:d3:e9:bf:3d:98:
13:48:52:7b:f5:6a:41:66:00:a6:ac:94:23:ee:2d:
35:ae:a8:24:48:b2:9e:13:50:f6:25:87:a0:46:b2:
f9:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:5A:15:60:26:13:07:B9:12:58:1B:51:EB:65:AC:69:0C:FA:73:99
X509v3 Authority Key Identifier:
keyid:6B:EE:44:C2:12:34:25:36:18:B0:D7:B3:6B:90:E3:CB:5C:40:DE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a-5EwhI0JTYYsNeza5Djy1xA3tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/0a710a-c800-4eae-a35b-769b3fc2664b/1/a-5EwhI0JTYYsNeza5Djy1xA3tE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/0a710a-c800-4eae-a35b-769b3fc2664b/1/a-5EwhI0JTYYsNeza5Djy1xA3tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
07:35:40:c3:31:e4:7d:1e:df:b8:c7:c2:d2:e9:77:e5:55:ec:
4f:dd:0c:90:c3:ae:d6:aa:60:97:99:11:20:a1:8c:99:0e:f6:
e4:fd:bc:af:bd:97:6b:49:d3:b2:53:58:16:fa:47:e0:4e:46:
2b:d5:64:35:cb:db:f5:16:7c:c1:16:38:27:84:ec:c0:fd:d2:
a9:6b:a8:36:e1:55:b9:16:91:82:96:ab:24:aa:ae:65:78:93:
45:72:68:67:25:fc:9e:a8:04:66:63:dd:51:e6:6b:6f:b7:46:
1b:83:b9:ac:4d:34:2a:fd:c3:81:76:ba:61:15:54:40:25:69:
64:1f:51:6d:fd:15:b2:52:3b:db:21:16:5a:2a:c5:80:e7:50:
34:56:75:c6:d1:0e:12:45:6b:52:13:5e:9b:d7:14:a1:85:22:
97:6f:0c:07:23:a5:f4:0f:a6:7b:e8:99:dd:bb:e9:bb:12:a5:
d7:a5:38:bd:e9:dc:88:0a:be:8d:77:0d:37:ad:0f:25:41:06:
34:18:d0:49:45:45:33:5f:04:25:92:e5:0a:17:7f:63:f1:bb:
45:e7:54:e8:9a:b1:bb:4f:29:4e:f6:f1:63:f3:b3:d4:2c:62:
6b:db:91:89:94:69:c7:03:29:bb:39:87:e1:9c:fa:84:2d:af:
3c:64:e3:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7peEb1CrcTT2+86mdOnzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiZWU0NGMyMTIzNDI1MzYxOGIwZDdiMzZiOTBlM2NiNWM0
MGRlZDEwHhcNMjUxMTExMDgwMDUyWhcNMjUxMTEyMDgwMDUyWjAzMTEwLwYDVQQD
EyhlNzVhMTU2MDI2MTMwN2I5MTI1ODFiNTFlYjY1YWM2OTBjZmE3Mzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/uwB4KWMGy+3ojO10yw6kiTyQSR
WKp/Ggl0nvwtmmAaLt8DBHcqPbPe3Q7KNWVQUoZIM2ntcoemTaxnjfHBpWF91viP
sgMwksLeswf9lujZv+OaV9aTJ6aEi0w16kUWu9wxFutnWnl7EhLXsO6URoHrgf54
o08jnVHOxTZCODqDYnXYtHWtoqF9tQo9Pb/tchhiev6eO7m8jPn5J1YMyi4Pnqhf
A0UmK2+5imbcPVQ5nS0WLPsx6/ozlvRi082qXC1PaeQQsEKyZehm02CcvvPBqv1z
7kwK4HgU0+m/PZgTSFJ79WpBZgCmrJQj7i01rqgkSLKeE1D2JYegRrL5+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOdaFWAmEwe5ElgbUetlrGkM+nOZMB8GA1UdIwQY
MBaAFGvuRMISNCU2GLDXs2uQ48tcQN7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYS01RXdoSTBKVFlZc05lemE1RGp5MXhBM3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8wYTcxMGEtYzgwMC00ZWFlLWEzNWIt
NzY5YjNmYzI2NjRiLzEvYS01RXdoSTBKVFlZc05lemE1RGp5MXhBM3RFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8wYTcxMGEtYzgwMC00ZWFlLWEzNWItNzY5YjNmYzI2NjRi
LzEvYS01RXdoSTBKVFlZc05lemE1RGp5MXhBM3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABzVAwzHk
fR7fuMfC0ul35VXsT90MkMOu1qpgl5kRIKGMmQ725P28r72Xa0nTslNYFvpH4E5G
K9VkNcvb9RZ8wRY4J4TswP3SqWuoNuFVuRaRgparJKquZXiTRXJoZyX8nqgEZmPd
UeZrb7dGG4O5rE00Kv3DgXa6YRVUQCVpZB9Rbf0VslI72yEWWirFgOdQNFZ1xtEO
EkVrUhNem9cUoYUil28MByOl9A+me+iZ3bvpuxKl16U4venciAq+jXcNN60PJUEG
NBjQSUVFM18EJZLlChd/Y/G7RedU6Jqxu08pTvbxY/Oz1Cxia9uRiZRpxwMpuzmH
4Zz6hC2vPGTjeA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:44:43 2025 by rpki-client