Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.mft
File: Brft72GFhyPErevj7lqJ9wBY1f4.mft (raw, json)
Hash identifier: VMvRtM9mKZVTSFSlePWJkvP2Z5Uw1t/95KdQTqsOkww=
Subject key identifier: DD:AF:37:CF:46:F0:38:83:90:34:D8:B9:3E:02:DF:FC:30:2D:68:25
Authority key identifier: 06:B7:ED:EF:61:85:87:23:C4:AD:EB:E3:EE:5A:89:F7:00:58:D5:FE
Certificate issuer: /CN=06b7edef61858723c4adebe3ee5a89f70058d5fe
Certificate serial: 019A72265E8F305DD3BF71B9F4B72D69E62D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Brft72GFhyPErevj7lqJ9wBY1f4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 09:01:48 +0000
Manifest this update: Tue 11 Nov 2025 09:01:48 +0000
Manifest next update: Wed 12 Nov 2025 09:01:48 +0000
Files and hashes: 1: Brft72GFhyPErevj7lqJ9wBY1f4.crl (hash: Qhf92Fb3tsUXTa+LBiXIIcCcXGf3Z99fIJqIME0pp+4=)
2: UkP4jKKKyGHBawn8RPGOoI0g86k.roa (hash: t1NCQU9kIDrxSOL+gI05c500j4/UZOaC1oFaRb7Gluw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Brft72GFhyPErevj7lqJ9wBY1f4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:5e:8f:30:5d:d3:bf:71:b9:f4:b7:2d:69:e6:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06b7edef61858723c4adebe3ee5a89f70058d5fe
Validity
Not Before: Nov 11 09:01:48 2025 GMT
Not After : Nov 12 09:01:48 2025 GMT
Subject: CN=ddaf37cf46f038839034d8b93e02dffc302d6825
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6b:e0:6c:2b:89:01:7b:d9:a9:16:49:8f:f9:
ce:e2:c1:9a:1b:b3:c8:1a:a9:2c:34:5e:20:1b:9a:
40:51:2b:05:ba:89:9e:25:9a:ce:c8:f3:5f:bf:70:
af:54:b5:36:22:17:9f:e4:11:21:c5:25:d2:82:d9:
30:d8:8b:17:68:5e:22:7c:81:26:7d:e7:78:78:af:
e4:9e:43:41:11:dc:0a:89:71:29:b0:5d:c7:71:b8:
34:35:5a:61:c0:3b:df:9c:d2:69:43:91:c0:c6:5a:
84:36:ab:6c:e8:c9:b6:f2:43:72:67:55:f3:5f:2b:
1a:90:a1:d5:00:9a:3e:e2:36:a3:81:1c:63:02:8f:
06:ed:ba:d0:52:ff:11:f9:d2:8e:fd:be:f6:5d:32:
12:79:69:75:f3:28:b3:18:70:55:f0:96:23:ef:d3:
a3:d9:68:e2:83:a0:79:d0:9c:87:01:38:43:56:60:
18:e0:bb:a4:73:46:bb:b3:aa:fb:af:be:7f:e5:8e:
9c:db:4a:63:9e:82:ea:5b:48:89:b2:79:e7:c7:f9:
e3:6f:d8:02:51:5c:44:59:c5:b4:c7:95:4f:88:1a:
86:09:be:62:5e:64:64:76:a1:42:64:c9:d6:d2:43:
e0:fe:09:13:04:7a:95:b4:7c:70:8d:7b:8d:cc:9e:
e9:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:AF:37:CF:46:F0:38:83:90:34:D8:B9:3E:02:DF:FC:30:2D:68:25
X509v3 Authority Key Identifier:
keyid:06:B7:ED:EF:61:85:87:23:C4:AD:EB:E3:EE:5A:89:F7:00:58:D5:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Brft72GFhyPErevj7lqJ9wBY1f4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:f5:14:de:17:f1:82:62:7d:3b:99:0c:db:9c:90:f9:40:fd:
ce:6e:01:7d:1f:7e:bb:1f:73:67:4d:5f:1d:6d:d0:60:8f:9d:
89:94:50:13:1c:c5:7a:1e:7b:20:d9:ec:23:60:8e:5b:e1:d9:
e3:24:34:3b:d3:9d:f8:28:39:a3:b3:ed:b3:b9:24:cf:95:03:
32:c7:0f:c5:ab:12:2a:39:70:41:b4:fe:47:83:c9:a3:a1:5d:
ee:78:6c:12:ed:e7:48:67:16:51:ea:b2:ac:1d:a8:44:a1:c1:
a2:a2:98:1d:35:69:32:2e:cb:c1:f6:a7:f8:b0:7f:9a:4e:90:
fc:95:ac:3f:21:41:54:05:3e:5a:12:86:47:b6:dc:db:65:90:
e6:73:af:29:0b:12:41:fd:46:0e:ac:b9:04:99:6f:84:d0:5d:
fe:48:0d:00:02:7f:ad:c3:14:8c:84:79:59:5e:fc:62:e7:31:
d0:62:6c:88:30:75:84:9e:6d:98:80:c1:95:e4:f1:d2:f9:72:
8c:53:19:b3:45:2a:99:fa:b1:c7:00:d9:d2:b9:43:4b:c0:fa:
ed:7a:f2:1d:3d:e4:79:b6:4e:9d:0a:ba:bf:ff:f1:01:ab:09:
1d:40:46:18:7a:a6:35:35:a1:22:4c:a3:c2:d8:6f:27:f4:d5:
b0:74:b0:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJl6PMF3Tv3G59LctaeYtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2YjdlZGVmNjE4NTg3MjNjNGFkZWJlM2VlNWE4OWY3MDA1
OGQ1ZmUwHhcNMjUxMTExMDkwMTQ4WhcNMjUxMTEyMDkwMTQ4WjAzMTEwLwYDVQQD
EyhkZGFmMzdjZjQ2ZjAzODgzOTAzNGQ4YjkzZTAyZGZmYzMwMmQ2ODI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWvgbCuJAXvZqRZJj/nO4sGaG7PI
GqksNF4gG5pAUSsFuomeJZrOyPNfv3CvVLU2Ihef5BEhxSXSgtkw2IsXaF4ifIEm
fed4eK/knkNBEdwKiXEpsF3Hcbg0NVphwDvfnNJpQ5HAxlqENqts6Mm28kNyZ1Xz
XysakKHVAJo+4jajgRxjAo8G7brQUv8R+dKO/b72XTISeWl18yizGHBV8JYj79Oj
2Wjig6B50JyHAThDVmAY4Lukc0a7s6r7r75/5Y6c20pjnoLqW0iJsnnnx/njb9gC
UVxEWcW0x5VPiBqGCb5iXmRkdqFCZMnW0kPg/gkTBHqVtHxwjXuNzJ7pAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN2vN89G8DiDkDTYuT4C3/wwLWglMB8GA1UdIwQY
MBaAFAa37e9hhYcjxK3r4+5aifcAWNX+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnJmdDcyR0ZoeVBFcmV2ajdscUo5d0JZMWY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8wMTBjYTEtNWIzMC00YmFmLTgzMWUt
ODk1NTFlOGNjZTEyLzEvQnJmdDcyR0ZoeVBFcmV2ajdscUo5d0JZMWY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8wMTBjYTEtNWIzMC00YmFmLTgzMWUtODk1NTFlOGNjZTEy
LzEvQnJmdDcyR0ZoeVBFcmV2ajdscUo5d0JZMWY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApPUU3hfx
gmJ9O5kM25yQ+UD9zm4BfR9+ux9zZ01fHW3QYI+diZRQExzFeh57INnsI2COW+HZ
4yQ0O9Od+Cg5o7Pts7kkz5UDMscPxasSKjlwQbT+R4PJo6Fd7nhsEu3nSGcWUeqy
rB2oRKHBoqKYHTVpMi7Lwfan+LB/mk6Q/JWsPyFBVAU+WhKGR7bc22WQ5nOvKQsS
Qf1GDqy5BJlvhNBd/kgNAAJ/rcMUjIR5WV78Yucx0GJsiDB1hJ5tmIDBleTx0vly
jFMZs0UqmfqxxwDZ0rlDS8D67XryHT3kebZOnQq6v//xAasJHUBGGHqmNTWhIkyj
wthvJ/TVsHSwJA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:50:30 2025 by rpki-client