Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/4cbaf7-b83b-4798-ab36-f821a5a5cf6a/1/2dcrAz_2-ji_I2E5rNt3p6CgR6M.mft
File: 2dcrAz_2-ji_I2E5rNt3p6CgR6M.mft (raw, json)
Hash identifier: pR/vzM7nG40KOLtCG8NhXsdwaJfr3ihX16MnEQ8PrS8=
Subject key identifier: CE:8A:D3:77:4B:56:04:01:1B:CF:1C:3B:72:BF:ED:5A:8D:2B:F9:1E
Authority key identifier: D9:D7:2B:03:3F:F6:FA:38:BF:23:61:39:AC:DB:77:A7:A0:A0:47:A3
Certificate issuer: /CN=d9d72b033ff6fa38bf236139acdb77a7a0a047a3
Certificate serial: 019A71B9372A56BC89CE4C08DEFC8D6BC33F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2dcrAz_2-ji_I2E5rNt3p6CgR6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/4cbaf7-b83b-4798-ab36-f821a5a5cf6a/1/2dcrAz_2-ji_I2E5rNt3p6CgR6M.mft
Manifest number: 171C
Signing time: Tue 11 Nov 2025 07:02:34 +0000
Manifest this update: Tue 11 Nov 2025 07:02:34 +0000
Manifest next update: Wed 12 Nov 2025 07:02:34 +0000
Files and hashes: 1: 2dcrAz_2-ji_I2E5rNt3p6CgR6M.crl (hash: XfpfRueHrCNl3meHARtzzu5yPvgnmHn8TFKCyJTENpk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/4cbaf7-b83b-4798-ab36-f821a5a5cf6a/1/2dcrAz_2-ji_I2E5rNt3p6CgR6M.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/4cbaf7-b83b-4798-ab36-f821a5a5cf6a/1/2dcrAz_2-ji_I2E5rNt3p6CgR6M.mft
rsync://rpki.ripe.net/repository/DEFAULT/2dcrAz_2-ji_I2E5rNt3p6CgR6M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b9:37:2a:56:bc:89:ce:4c:08:de:fc:8d:6b:c3:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9d72b033ff6fa38bf236139acdb77a7a0a047a3
Validity
Not Before: Nov 11 07:02:34 2025 GMT
Not After : Nov 12 07:02:34 2025 GMT
Subject: CN=ce8ad3774b5604011bcf1c3b72bfed5a8d2bf91e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f5:67:fa:5d:e1:d4:19:a2:10:80:37:b9:df:
1e:dc:d9:01:4c:44:db:bc:45:41:ab:8a:9f:8b:02:
d5:9c:ee:fe:88:15:a2:3d:42:5c:76:7e:72:b1:f2:
fd:42:12:c1:75:7b:29:d8:63:46:85:4f:eb:1b:7b:
99:4e:72:05:9d:a8:9f:0a:87:2b:23:ce:3a:b9:34:
18:1c:10:bb:41:7d:12:a1:6d:4b:49:15:47:a4:fd:
19:56:8a:19:7a:f7:db:b6:4d:e3:60:4a:53:4f:fc:
61:ac:6a:ac:04:ff:0d:68:f4:0f:ad:05:ae:8b:d9:
8c:db:7a:f7:b9:a6:4c:52:7b:49:f8:ef:ef:8c:b7:
bb:0e:50:c5:da:bb:5e:80:0f:da:21:4a:d0:ba:d3:
fc:cb:d7:de:ba:7a:a3:11:92:7b:b9:bb:1d:02:c4:
88:59:cd:e8:d1:be:f2:78:11:7b:6a:1b:40:2e:d1:
87:c9:5e:e7:37:fc:61:8f:9a:32:d5:e6:a7:63:69:
1e:40:78:33:76:c0:67:3b:a9:29:12:0e:05:90:01:
14:d7:6a:89:0f:8e:49:ce:b0:77:91:dd:85:ae:09:
b6:75:67:0b:b1:2a:85:e2:a4:a0:0e:9c:30:15:7c:
26:cc:ee:26:a1:ba:63:ad:4e:23:39:0d:28:2d:35:
39:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:8A:D3:77:4B:56:04:01:1B:CF:1C:3B:72:BF:ED:5A:8D:2B:F9:1E
X509v3 Authority Key Identifier:
keyid:D9:D7:2B:03:3F:F6:FA:38:BF:23:61:39:AC:DB:77:A7:A0:A0:47:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2dcrAz_2-ji_I2E5rNt3p6CgR6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4cbaf7-b83b-4798-ab36-f821a5a5cf6a/1/2dcrAz_2-ji_I2E5rNt3p6CgR6M.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4cbaf7-b83b-4798-ab36-f821a5a5cf6a/1/2dcrAz_2-ji_I2E5rNt3p6CgR6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a0:d3:3a:57:41:63:81:32:85:01:36:7d:fc:8e:65:dd:b3:61:
19:4f:d2:11:59:d0:b2:45:75:29:c4:a4:7b:60:f0:79:f8:19:
bd:c9:39:f2:3c:77:f1:3a:22:04:18:e7:97:93:98:a1:55:56:
05:6e:45:01:40:e5:80:1b:0c:7d:0b:cd:8c:2f:ed:2e:84:cb:
4e:fd:8f:c6:56:4f:24:45:e1:d1:81:03:db:e8:a0:f0:32:f8:
f7:14:0f:9b:fa:ed:9b:cc:79:f8:54:78:9b:be:2b:17:9e:bc:
a7:e0:d7:b8:47:2f:9d:01:49:13:af:19:8d:bd:48:a2:50:50:
d6:1f:3a:78:a3:12:cb:ef:ff:f0:f5:26:56:3b:cf:53:4f:b9:
43:80:3a:53:e0:20:e0:07:5d:4c:25:1f:60:98:03:32:00:ec:
d0:23:9b:07:bc:b9:e6:d9:a6:1c:21:93:af:7b:1c:23:10:e0:
fd:2d:d6:12:86:9c:21:13:90:7d:c8:56:d3:4c:08:13:ed:55:
0e:b4:53:6c:fc:80:7a:6e:0c:4a:4a:a6:b0:68:a4:f9:dd:00:
48:b5:8d:1d:3e:d6:6c:37:e5:d9:22:3e:b8:36:38:a2:11:d4:
10:c1:6b:7b:4e:5d:8d:67:13:d3:b2:af:85:ee:a2:89:48:00:
16:b9:46:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuTcqVryJzkwI3vyNa8M/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZDcyYjAzM2ZmNmZhMzhiZjIzNjEzOWFjZGI3N2E3YTBh
MDQ3YTMwHhcNMjUxMTExMDcwMjM0WhcNMjUxMTEyMDcwMjM0WjAzMTEwLwYDVQQD
EyhjZThhZDM3NzRiNTYwNDAxMWJjZjFjM2I3MmJmZWQ1YThkMmJmOTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPVn+l3h1BmiEIA3ud8e3NkBTETb
vEVBq4qfiwLVnO7+iBWiPUJcdn5ysfL9QhLBdXsp2GNGhU/rG3uZTnIFnaifCocr
I846uTQYHBC7QX0SoW1LSRVHpP0ZVooZevfbtk3jYEpTT/xhrGqsBP8NaPQPrQWu
i9mM23r3uaZMUntJ+O/vjLe7DlDF2rtegA/aIUrQutP8y9feunqjEZJ7ubsdAsSI
Wc3o0b7yeBF7ahtALtGHyV7nN/xhj5oy1eanY2keQHgzdsBnO6kpEg4FkAEU12qJ
D45JzrB3kd2Frgm2dWcLsSqF4qSgDpwwFXwmzO4mobpjrU4jOQ0oLTU5vQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM6K03dLVgQBG88cO3K/7VqNK/keMB8GA1UdIwQY
MBaAFNnXKwM/9vo4vyNhOazbd6egoEejMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmRjckF6XzItamlfSTJFNXJOdDNwNkNnUjZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS80Y2JhZjctYjgzYi00Nzk4LWFiMzYt
ZjgyMWE1YTVjZjZhLzEvMmRjckF6XzItamlfSTJFNXJOdDNwNkNnUjZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS80Y2JhZjctYjgzYi00Nzk4LWFiMzYtZjgyMWE1YTVjZjZh
LzEvMmRjckF6XzItamlfSTJFNXJOdDNwNkNnUjZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoNM6V0Fj
gTKFATZ9/I5l3bNhGU/SEVnQskV1KcSke2DwefgZvck58jx38ToiBBjnl5OYoVVW
BW5FAUDlgBsMfQvNjC/tLoTLTv2PxlZPJEXh0YED2+ig8DL49xQPm/rtm8x5+FR4
m74rF568p+DXuEcvnQFJE68Zjb1IolBQ1h86eKMSy+//8PUmVjvPU0+5Q4A6U+Ag
4AddTCUfYJgDMgDs0CObB7y55tmmHCGTr3scIxDg/S3WEoacIROQfchW00wIE+1V
DrRTbPyAem4MSkqmsGik+d0ASLWNHT7WbDfl2SI+uDY4ohHUEMFre05djWcT07Kv
he6iiUgAFrlGjg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:17:28 2025 by rpki-client