Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/86ceb8-4188-4b6c-8bd8-c2b81ce98c6d/1/1KAH7S_gjUM-DwoC9DynrLJvWg4.mft
File: 1KAH7S_gjUM-DwoC9DynrLJvWg4.mft (raw, json)
Hash identifier: 3R1nWXPNbRsqbH+dGOgMRqvxQkGT6/4C3JivzY76uLY=
Subject key identifier: 8C:72:7C:C1:D1:67:99:62:F1:8F:80:E0:30:28:3D:A9:7A:30:D9:8A
Authority key identifier: D4:A0:07:ED:2F:E0:8D:43:3E:0F:0A:02:F4:3C:A7:AC:B2:6F:5A:0E
Certificate issuer: /CN=d4a007ed2fe08d433e0f0a02f43ca7acb26f5a0e
Certificate serial: 019A71EE937FEB71AAC1548A00A14351D824
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1KAH7S_gjUM-DwoC9DynrLJvWg4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/86ceb8-4188-4b6c-8bd8-c2b81ce98c6d/1/1KAH7S_gjUM-DwoC9DynrLJvWg4.mft
Manifest number: 0563
Signing time: Tue 11 Nov 2025 08:00:51 +0000
Manifest this update: Tue 11 Nov 2025 08:00:51 +0000
Manifest next update: Wed 12 Nov 2025 08:00:51 +0000
Files and hashes: 1: 1KAH7S_gjUM-DwoC9DynrLJvWg4.crl (hash: XBxVEPmULcYAT82SznMSH9FCRoVrfmzeMYnL+dXwfyQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/86ceb8-4188-4b6c-8bd8-c2b81ce98c6d/1/1KAH7S_gjUM-DwoC9DynrLJvWg4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/86ceb8-4188-4b6c-8bd8-c2b81ce98c6d/1/1KAH7S_gjUM-DwoC9DynrLJvWg4.mft
rsync://rpki.ripe.net/repository/DEFAULT/1KAH7S_gjUM-DwoC9DynrLJvWg4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:93:7f:eb:71:aa:c1:54:8a:00:a1:43:51:d8:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4a007ed2fe08d433e0f0a02f43ca7acb26f5a0e
Validity
Not Before: Nov 11 08:00:51 2025 GMT
Not After : Nov 12 08:00:51 2025 GMT
Subject: CN=8c727cc1d1679962f18f80e030283da97a30d98a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b3:16:bd:7e:d0:76:de:25:ee:b5:36:ff:8a:
9e:75:c7:b7:cb:86:e5:96:d8:f7:80:45:f7:77:f6:
11:e2:00:2a:98:1c:60:b5:d1:40:9e:6b:ce:b9:1c:
d1:8f:22:6c:ab:c7:7c:d2:65:23:1d:ad:c6:20:08:
ae:4d:75:06:af:92:67:b5:83:8e:23:04:45:34:13:
e3:71:04:39:6d:f4:34:67:81:a0:fe:a8:4a:30:f9:
a0:a1:35:fe:b9:ff:75:d9:20:0c:ef:da:75:ab:55:
e5:59:cd:36:73:77:d3:dc:dd:26:11:36:e2:32:0b:
53:37:1b:98:7a:93:b5:40:f2:3e:0e:b6:80:50:f1:
c1:a8:5f:f0:9b:e0:9b:69:cd:b8:86:a4:4e:21:d4:
10:50:d9:64:f6:6c:1a:f4:e3:7d:af:d7:29:45:93:
fa:20:24:a5:aa:53:b4:6e:57:7b:2d:4e:c5:50:58:
2f:ee:0d:95:e4:2a:6d:b0:e6:e5:58:a3:f1:ce:eb:
c3:bb:2c:95:c8:53:6a:37:30:3b:ce:9a:a3:b1:66:
39:6e:8b:da:cc:e3:b0:ee:f0:49:fb:60:f2:69:d5:
a0:08:1a:b7:8c:9c:9a:9b:78:3e:e7:db:f0:12:b7:
c4:ab:99:ed:1f:5d:32:a1:c2:27:a1:23:17:0b:8e:
d7:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:72:7C:C1:D1:67:99:62:F1:8F:80:E0:30:28:3D:A9:7A:30:D9:8A
X509v3 Authority Key Identifier:
keyid:D4:A0:07:ED:2F:E0:8D:43:3E:0F:0A:02:F4:3C:A7:AC:B2:6F:5A:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1KAH7S_gjUM-DwoC9DynrLJvWg4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/86ceb8-4188-4b6c-8bd8-c2b81ce98c6d/1/1KAH7S_gjUM-DwoC9DynrLJvWg4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/86ceb8-4188-4b6c-8bd8-c2b81ce98c6d/1/1KAH7S_gjUM-DwoC9DynrLJvWg4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
06:b7:b7:5f:81:71:85:38:1b:ef:cd:8e:0f:6a:06:6a:4a:fa:
93:6c:43:67:3a:60:c0:37:61:4b:58:2b:12:2a:3f:d5:a1:cf:
f1:0f:54:37:be:d5:15:5a:ee:4e:56:f3:8a:0e:83:d5:a4:fc:
eb:09:74:30:84:f8:bd:8f:3b:9c:62:a0:41:b3:3e:bb:3e:4c:
13:61:40:17:f4:a0:83:c0:00:eb:27:6b:f7:ca:59:f3:e2:be:
23:60:c2:93:5e:48:d2:32:28:b0:08:fd:d0:21:59:2f:29:c1:
b9:fa:3b:af:f6:e5:a4:d3:fd:f7:4c:c9:34:a2:26:95:ed:e4:
82:79:3d:b4:c5:a8:6b:1e:07:cd:bc:82:ad:fb:04:e8:7e:80:
c8:3c:74:fb:e4:0a:82:3c:cf:3d:ff:be:5e:70:86:9f:31:70:
c3:cd:d7:39:98:f2:63:03:d8:7e:29:77:df:38:d1:f4:dc:fc:
94:27:36:a8:03:20:4a:4b:6b:5e:14:38:e6:94:c0:f6:d3:70:
9a:70:7d:ce:d8:e2:10:52:28:86:57:99:74:ec:c6:58:57:83:
c1:c4:9d:ac:d4:2a:df:a6:12:74:41:27:74:70:16:e9:ec:c7:
9a:37:11:2b:7f:ac:e1:99:61:27:b5:f8:82:13:30:91:67:eb:
a1:4a:cf:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7pN/63GqwVSKAKFDUdgkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0YTAwN2VkMmZlMDhkNDMzZTBmMGEwMmY0M2NhN2FjYjI2
ZjVhMGUwHhcNMjUxMTExMDgwMDUxWhcNMjUxMTEyMDgwMDUxWjAzMTEwLwYDVQQD
Eyg4YzcyN2NjMWQxNjc5OTYyZjE4ZjgwZTAzMDI4M2RhOTdhMzBkOThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLMWvX7Qdt4l7rU2/4qedce3y4bl
ltj3gEX3d/YR4gAqmBxgtdFAnmvOuRzRjyJsq8d80mUjHa3GIAiuTXUGr5JntYOO
IwRFNBPjcQQ5bfQ0Z4Gg/qhKMPmgoTX+uf912SAM79p1q1XlWc02c3fT3N0mETbi
MgtTNxuYepO1QPI+DraAUPHBqF/wm+Cbac24hqROIdQQUNlk9mwa9ON9r9cpRZP6
ICSlqlO0bld7LU7FUFgv7g2V5CptsOblWKPxzuvDuyyVyFNqNzA7zpqjsWY5bova
zOOw7vBJ+2DyadWgCBq3jJyam3g+59vwErfEq5ntH10yocInoSMXC47XZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIxyfMHRZ5li8Y+A4DAoPal6MNmKMB8GA1UdIwQY
MBaAFNSgB+0v4I1DPg8KAvQ8p6yyb1oOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUtBSDdTX2dqVU0tRHdvQzlEeW5yTEp2V2c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi84NmNlYjgtNDE4OC00YjZjLThiZDgt
YzJiODFjZTk4YzZkLzEvMUtBSDdTX2dqVU0tRHdvQzlEeW5yTEp2V2c0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi84NmNlYjgtNDE4OC00YjZjLThiZDgtYzJiODFjZTk4YzZk
LzEvMUtBSDdTX2dqVU0tRHdvQzlEeW5yTEp2V2c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABre3X4Fx
hTgb782OD2oGakr6k2xDZzpgwDdhS1grEio/1aHP8Q9UN77VFVruTlbzig6D1aT8
6wl0MIT4vY87nGKgQbM+uz5ME2FAF/Sgg8AA6ydr98pZ8+K+I2DCk15I0jIosAj9
0CFZLynBufo7r/blpNP990zJNKImle3kgnk9tMWoax4HzbyCrfsE6H6AyDx0++QK
gjzPPf++XnCGnzFww83XOZjyYwPYfil33zjR9Nz8lCc2qAMgSktrXhQ45pTA9tNw
mnB9ztjiEFIohleZdOzGWFeDwcSdrNQq36YSdEEndHAW6ezHmjcRK3+s4ZlhJ7X4
ghMwkWfroUrPNw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:56:35 2025 by rpki-client