Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/grLg0A3Xcank1gu_S-UhFOp32wM.mft
File: grLg0A3Xcank1gu_S-UhFOp32wM.mft (raw, json)
Hash identifier: RcUkUzJgdXP0NetvJIcVWfNjn8R9FtQNB5hjedX5wBA=
Subject key identifier: 74:B8:F6:A0:54:E7:E7:76:2B:87:1B:58:6D:CF:17:59:67:90:D3:3E
Authority key identifier: 82:B2:E0:D0:0D:D7:71:A9:E4:D6:0B:BF:4B:E5:21:14:EA:77:DB:03
Certificate issuer: /CN=82b2e0d00dd771a9e4d60bbf4be52114ea77db03
Certificate serial: 019A71EEB60D7AB851EF8A309E60EA73DD84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/grLg0A3Xcank1gu_S-UhFOp32wM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/grLg0A3Xcank1gu_S-UhFOp32wM.mft
Manifest number: 0C9B
Signing time: Tue 11 Nov 2025 08:01:00 +0000
Manifest this update: Tue 11 Nov 2025 08:01:00 +0000
Manifest next update: Wed 12 Nov 2025 08:01:00 +0000
Files and hashes: 1: 5GAvl6a2LhO40IHXb3FEQRL43dI.roa (hash: /6XSNGfrUMapG8xHohOBC097pXOO/8yE7oieep3PnkA=)
2: UEpNb3wmOOdCK7UvN3lXTC2DcUk.roa (hash: pmS4hRe0q9ReL0MLHSlxbOJsASxbtpyjkGhM1kcVhvc=)
3: grLg0A3Xcank1gu_S-UhFOp32wM.crl (hash: ttdDNwpDFX+BoeOf6SrWLtQP3i2c3A7LOcjOIJp9H9g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/grLg0A3Xcank1gu_S-UhFOp32wM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/grLg0A3Xcank1gu_S-UhFOp32wM.mft
rsync://rpki.ripe.net/repository/DEFAULT/grLg0A3Xcank1gu_S-UhFOp32wM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:b6:0d:7a:b8:51:ef:8a:30:9e:60:ea:73:dd:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82b2e0d00dd771a9e4d60bbf4be52114ea77db03
Validity
Not Before: Nov 11 08:01:00 2025 GMT
Not After : Nov 12 08:01:00 2025 GMT
Subject: CN=74b8f6a054e7e7762b871b586dcf17596790d33e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:43:89:90:01:c0:79:59:e9:10:3b:7d:8c:ab:
06:56:59:ff:b4:f1:9e:58:ff:c2:be:7d:cb:d7:81:
1f:5a:e8:35:b2:11:bb:12:31:3d:05:5d:9d:27:48:
38:49:22:8e:20:d1:19:70:a1:40:21:7d:38:43:da:
4a:e7:f5:21:a3:48:3b:a9:f9:9c:ff:c3:1d:cc:e3:
f6:27:f9:61:90:9a:cb:d0:b7:ad:7f:23:22:28:ef:
3b:46:bc:bb:06:35:32:3c:45:e7:0f:ed:4a:90:a6:
25:a9:64:28:86:d0:5a:df:32:a8:4e:df:6f:71:7e:
5a:2d:2a:28:26:30:d8:03:5f:ca:0a:43:4c:b8:84:
bb:3e:33:ab:e7:33:cf:97:21:59:6f:94:af:1a:12:
0a:ab:1b:dd:0f:29:44:f9:61:e4:1d:86:2b:2d:96:
2c:a2:5d:ee:be:bf:84:3e:2f:08:31:99:fc:e3:a2:
f0:5a:df:3a:fa:9a:8c:98:dd:8c:03:14:54:7a:f6:
7f:08:d4:62:40:b9:4e:21:36:7b:61:55:fb:7e:96:
d9:d7:32:33:69:d2:23:a1:5d:5d:93:a9:ec:de:dd:
d0:25:b0:90:01:3d:92:1b:68:8b:1f:88:75:33:23:
80:54:1f:c8:d3:09:05:0e:81:f8:4d:93:40:77:2a:
e9:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:B8:F6:A0:54:E7:E7:76:2B:87:1B:58:6D:CF:17:59:67:90:D3:3E
X509v3 Authority Key Identifier:
keyid:82:B2:E0:D0:0D:D7:71:A9:E4:D6:0B:BF:4B:E5:21:14:EA:77:DB:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/grLg0A3Xcank1gu_S-UhFOp32wM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/grLg0A3Xcank1gu_S-UhFOp32wM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/grLg0A3Xcank1gu_S-UhFOp32wM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4d:ef:80:a6:77:47:4b:e9:cd:b2:56:17:5c:d2:50:98:e7:47:
a1:b6:86:89:92:f1:97:95:65:f9:12:f1:42:35:53:d0:db:b4:
10:6d:d9:28:23:34:80:7f:cc:e1:18:b7:0c:04:40:c0:93:51:
02:e7:ab:bc:ef:46:89:23:0a:8c:e5:96:f5:6a:67:f9:6b:ad:
14:d2:aa:fb:be:ea:57:f8:f9:8e:78:54:7f:22:4d:a4:f0:10:
96:44:49:83:be:8e:c9:6c:00:f7:b3:b8:3f:0d:83:c1:5b:78:
07:c7:a7:9f:af:3d:af:35:73:f8:97:68:41:c2:27:e5:02:fd:
6f:05:63:52:f5:47:64:30:0c:f8:9b:7d:c2:17:1f:67:1b:ed:
a3:2c:bc:a7:08:71:f3:ea:69:9a:4d:f8:f5:5c:cf:19:fe:7d:
72:97:05:75:34:0c:98:84:07:52:0b:5b:ea:89:61:4f:59:8f:
24:6e:9c:f2:59:2f:d9:b8:9d:9f:6a:34:02:09:bb:bb:a4:ac:
cd:c8:e1:ed:9f:c6:9f:0f:52:44:a2:c4:c8:43:2c:84:2a:f8:
98:3b:18:fc:3f:fe:1f:d4:b3:37:e4:05:57:1a:6c:f9:19:6c:
aa:9d:22:a5:ee:e6:75:3e:64:8c:0e:b3:cf:c0:8d:df:73:11:
d7:17:7c:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7rYNerhR74ownmDqc92EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyYjJlMGQwMGRkNzcxYTllNGQ2MGJiZjRiZTUyMTE0ZWE3
N2RiMDMwHhcNMjUxMTExMDgwMTAwWhcNMjUxMTEyMDgwMTAwWjAzMTEwLwYDVQQD
Eyg3NGI4ZjZhMDU0ZTdlNzc2MmI4NzFiNTg2ZGNmMTc1OTY3OTBkMzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhEOJkAHAeVnpEDt9jKsGVln/tPGe
WP/Cvn3L14EfWug1shG7EjE9BV2dJ0g4SSKOINEZcKFAIX04Q9pK5/Uho0g7qfmc
/8MdzOP2J/lhkJrL0LetfyMiKO87Rry7BjUyPEXnD+1KkKYlqWQohtBa3zKoTt9v
cX5aLSooJjDYA1/KCkNMuIS7PjOr5zPPlyFZb5SvGhIKqxvdDylE+WHkHYYrLZYs
ol3uvr+EPi8IMZn846LwWt86+pqMmN2MAxRUevZ/CNRiQLlOITZ7YVX7fpbZ1zIz
adIjoV1dk6ns3t3QJbCQAT2SG2iLH4h1MyOAVB/I0wkFDoH4TZNAdyrp1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHS49qBU5+d2K4cbWG3PF1lnkNM+MB8GA1UdIwQY
MBaAFIKy4NAN13Gp5NYLv0vlIRTqd9sDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3JMZzBBM1hjYW5rMWd1X1MtVWhGT3AzMndNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8zNzk0YjEtY2E3Zi00YTU3LThiN2It
MDZkM2M0ZTYzYzIwLzEvZ3JMZzBBM1hjYW5rMWd1X1MtVWhGT3AzMndNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8zNzk0YjEtY2E3Zi00YTU3LThiN2ItMDZkM2M0ZTYzYzIw
LzEvZ3JMZzBBM1hjYW5rMWd1X1MtVWhGT3AzMndNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATe+ApndH
S+nNslYXXNJQmOdHobaGiZLxl5Vl+RLxQjVT0Nu0EG3ZKCM0gH/M4Ri3DARAwJNR
AuervO9GiSMKjOWW9Wpn+WutFNKq+77qV/j5jnhUfyJNpPAQlkRJg76OyWwA97O4
Pw2DwVt4B8enn689rzVz+JdoQcIn5QL9bwVjUvVHZDAM+Jt9whcfZxvtoyy8pwhx
8+ppmk349VzPGf59cpcFdTQMmIQHUgtb6olhT1mPJG6c8lkv2bidn2o0Agm7u6Ss
zcjh7Z/Gnw9SRKLEyEMshCr4mDsY/D/+H9SzN+QFVxps+Rlsqp0ipe7mdT5kjA6z
z8CN33MR1xd8BQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:32:22 2025 by rpki-client