Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft
File: 2hvwCCS2KL9iY7t03ndK3fmZD8k.mft (raw, json)
Hash identifier: nBzEux0D8bosU+f7wX+xZNyy8nOg1WAuX6eZ6lnMdi0=
Subject key identifier: 36:5C:F9:11:C4:59:DD:EF:F3:83:FB:64:03:C1:71:84:78:B5:DC:E0
Authority key identifier: DA:1B:F0:08:24:B6:28:BF:62:63:BB:74:DE:77:4A:DD:F9:99:0F:C9
Certificate issuer: /CN=da1bf00824b628bf6263bb74de774addf9990fc9
Certificate serial: 019A73015068D533F6987D3FF9BA7F4899B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2hvwCCS2KL9iY7t03ndK3fmZD8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft
Manifest number: 14A3
Signing time: Tue 11 Nov 2025 13:00:57 +0000
Manifest this update: Tue 11 Nov 2025 13:00:57 +0000
Manifest next update: Wed 12 Nov 2025 13:00:57 +0000
Files and hashes: 1: 2hvwCCS2KL9iY7t03ndK3fmZD8k.crl (hash: U+kkfFCNqPI3fhW6XzN1LfTjr6R6TzDe0gMqB2j2Jzo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft
rsync://rpki.ripe.net/repository/DEFAULT/2hvwCCS2KL9iY7t03ndK3fmZD8k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:01:50:68:d5:33:f6:98:7d:3f:f9:ba:7f:48:99:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da1bf00824b628bf6263bb74de774addf9990fc9
Validity
Not Before: Nov 11 13:00:57 2025 GMT
Not After : Nov 12 13:00:57 2025 GMT
Subject: CN=365cf911c459ddeff383fb6403c1718478b5dce0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:02:22:07:31:0a:8a:01:50:e2:ac:9c:a0:e5:
3e:3f:3b:eb:e5:56:71:39:f0:d9:5c:2d:ee:ff:4e:
54:0f:9d:48:53:39:72:1a:39:61:75:7c:a7:e5:db:
e9:ba:38:8c:27:c8:c0:1d:0c:dd:be:b9:1e:87:e8:
a1:ea:5b:10:89:d3:04:e0:f7:b6:b8:7f:35:99:46:
d9:1a:cf:5d:04:9d:80:9a:b4:02:a2:8d:93:c2:2c:
f6:3f:e6:e0:72:68:65:42:21:87:d2:6e:0d:81:41:
94:7e:92:3e:33:8b:04:2d:ca:a9:2a:81:a8:23:86:
6b:79:32:bb:d8:5b:cc:f8:fa:29:16:d7:e6:54:22:
62:b2:98:21:f6:b8:70:51:c1:f3:a1:b9:e3:ba:88:
26:d8:10:41:9b:93:85:75:b6:dd:a1:cf:45:ad:30:
18:76:68:b5:b6:1c:c1:7b:c2:86:f1:94:cc:43:ae:
68:dd:5d:8e:5f:ad:9b:71:6a:a7:46:0a:11:10:f1:
7b:02:c8:47:af:61:b8:4b:cd:44:df:ac:bd:d8:4e:
39:7b:1b:e3:95:60:1b:08:9a:bf:00:33:35:38:7a:
22:dd:7c:a5:3b:cc:d1:5e:3f:f0:41:b4:b8:33:55:
f6:5b:7e:88:e5:b0:eb:69:ce:f1:44:48:66:eb:1e:
36:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:5C:F9:11:C4:59:DD:EF:F3:83:FB:64:03:C1:71:84:78:B5:DC:E0
X509v3 Authority Key Identifier:
keyid:DA:1B:F0:08:24:B6:28:BF:62:63:BB:74:DE:77:4A:DD:F9:99:0F:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2hvwCCS2KL9iY7t03ndK3fmZD8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
67:80:f5:b4:77:04:54:5b:0d:c7:52:66:38:75:82:a8:b4:31:
74:13:63:e5:c4:2d:55:b1:a6:63:4d:d6:0e:c3:c6:3f:76:81:
a6:07:e1:5f:71:86:7c:eb:ad:fb:fd:ab:28:8e:80:09:04:41:
c8:83:04:79:e3:22:c2:f3:1d:36:29:5d:4f:39:d9:67:d1:fe:
87:8d:55:f3:8b:39:c2:ea:9c:35:e7:6e:39:76:c5:55:13:6d:
e8:b4:58:94:ff:0f:e8:b5:6a:95:8e:e2:33:d6:0a:63:0e:43:
f4:a9:2d:16:c5:59:0b:3d:9f:ca:12:ef:62:ec:12:5e:73:9e:
c1:de:db:96:8c:d1:64:ba:46:3a:77:4e:b2:84:a9:37:4d:fc:
e2:89:58:64:cb:61:91:7d:6e:ad:1c:b4:dd:97:2a:48:3f:a2:
ca:14:5f:22:d5:50:50:30:e3:e7:2b:51:60:02:25:d9:f2:26:
2d:a6:49:f3:1a:52:18:09:29:a5:49:75:b2:48:e6:4c:4e:cf:
5f:a4:4b:18:19:66:d2:d5:c3:9f:42:6c:de:50:88:66:54:99:
05:82:2a:df:d8:8c:0f:f2:5a:df:87:65:d8:d5:ad:4a:10:45:
ce:2a:bd:9e:4c:f7:2b:32:c0:c7:2e:7f:94:64:61:ec:3b:19:
64:8a:6c:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAVBo1TP2mH0/+bp/SJm4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMWJmMDA4MjRiNjI4YmY2MjYzYmI3NGRlNzc0YWRkZjk5
OTBmYzkwHhcNMjUxMTExMTMwMDU3WhcNMjUxMTEyMTMwMDU3WjAzMTEwLwYDVQQD
EygzNjVjZjkxMWM0NTlkZGVmZjM4M2ZiNjQwM2MxNzE4NDc4YjVkY2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5AIiBzEKigFQ4qycoOU+Pzvr5VZx
OfDZXC3u/05UD51IUzlyGjlhdXyn5dvpujiMJ8jAHQzdvrkeh+ih6lsQidME4Pe2
uH81mUbZGs9dBJ2AmrQCoo2Twiz2P+bgcmhlQiGH0m4NgUGUfpI+M4sELcqpKoGo
I4ZreTK72FvM+PopFtfmVCJispgh9rhwUcHzobnjuogm2BBBm5OFdbbdoc9FrTAY
dmi1thzBe8KG8ZTMQ65o3V2OX62bcWqnRgoREPF7AshHr2G4S81E36y92E45exvj
lWAbCJq/ADM1OHoi3XylO8zRXj/wQbS4M1X2W36I5bDrac7xREhm6x42ZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDZc+RHEWd3v84P7ZAPBcYR4tdzgMB8GA1UdIwQY
MBaAFNob8Agktii/YmO7dN53St35mQ/JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmh2d0NDUzJLTDlpWTd0MDNuZEszZm1aRDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8wMjQ4Y2MtYzc2OC00NmMxLTgyM2Mt
ZDZjNjIxNDJmN2UzLzEvMmh2d0NDUzJLTDlpWTd0MDNuZEszZm1aRDhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8wMjQ4Y2MtYzc2OC00NmMxLTgyM2MtZDZjNjIxNDJmN2Uz
LzEvMmh2d0NDUzJLTDlpWTd0MDNuZEszZm1aRDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ4D1tHcE
VFsNx1JmOHWCqLQxdBNj5cQtVbGmY03WDsPGP3aBpgfhX3GGfOut+/2rKI6ACQRB
yIMEeeMiwvMdNildTznZZ9H+h41V84s5wuqcNeduOXbFVRNt6LRYlP8P6LVqlY7i
M9YKYw5D9KktFsVZCz2fyhLvYuwSXnOewd7blozRZLpGOndOsoSpN0384olYZMth
kX1urRy03ZcqSD+iyhRfItVQUDDj5ytRYAIl2fImLaZJ8xpSGAkppUl1skjmTE7P
X6RLGBlm0tXDn0Js3lCIZlSZBYIq39iMD/Ja34dl2NWtShBFziq9nkz3KzLAxy5/
lGRh7DsZZIpstQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 17:19:30 2025 by rpki-client