Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
File: D8lnTtVfCnZcpdocb6-k3SXioXg.mft (raw, json)
Hash identifier: 1nLqWlkDB4yQNLsYf+oRrfJBscMCGCQdUuS+EDwqJmU=
Subject key identifier: 6E:CA:BC:B7:6F:2D:8B:0C:3B:9F:8C:BC:96:10:3E:EE:74:81:7A:CB
Authority key identifier: 0F:C9:67:4E:D5:5F:0A:76:5C:A5:DA:1C:6F:AF:A4:DD:25:E2:A1:78
Certificate issuer: /CN=0fc9674ed55f0a765ca5da1c6fafa4dd25e2a178
Certificate serial: 019A706E848CEE1E088E4DA22338D95B2B48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
Manifest number: 0803
Signing time: Tue 11 Nov 2025 01:01:22 +0000
Manifest this update: Tue 11 Nov 2025 01:01:22 +0000
Manifest next update: Wed 12 Nov 2025 01:01:22 +0000
Files and hashes: 1: D8lnTtVfCnZcpdocb6-k3SXioXg.crl (hash: 3SFxTTkXZ3RIIuxUWpsQ6yHtnhIRhyvWpE/Sq2LF5Ts=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 01:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:6e:84:8c:ee:1e:08:8e:4d:a2:23:38:d9:5b:2b:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0fc9674ed55f0a765ca5da1c6fafa4dd25e2a178
Validity
Not Before: Nov 11 01:01:22 2025 GMT
Not After : Nov 12 01:01:22 2025 GMT
Subject: CN=6ecabcb76f2d8b0c3b9f8cbc96103eee74817acb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:1b:ea:65:68:c3:60:83:0c:67:26:a9:2c:fe:
0d:52:40:6d:f4:23:45:58:e1:8c:92:14:ad:1f:fe:
3d:84:d9:fe:95:a8:61:3e:f6:07:81:4f:52:fd:01:
6a:28:be:b7:1d:bb:fe:83:a6:25:b7:fb:06:36:99:
fd:f0:75:a1:dc:a0:19:93:9d:6d:28:f5:ab:2b:78:
9e:82:00:eb:b3:d5:f1:e6:18:29:c6:64:92:a3:b2:
47:67:71:2a:91:28:7b:f9:e6:b1:47:1f:4d:e3:44:
a3:f3:58:c5:1f:57:82:d4:96:b7:a9:68:6f:5f:bd:
f7:ac:9f:c4:25:e0:74:41:90:c8:4d:59:40:f6:fd:
cc:dc:a2:b6:95:2d:c5:07:86:47:3f:c3:9a:87:67:
4a:79:c1:13:01:cd:f1:42:a4:57:94:26:01:6e:3b:
25:fc:5b:d1:fd:68:cc:79:24:a7:32:20:6d:10:52:
e2:2c:01:e8:ce:78:dc:4d:05:f6:f1:d8:3a:2c:f9:
3b:c3:26:3e:ae:d6:63:36:32:49:6e:6a:25:a2:f2:
ca:8b:45:9f:6e:f3:2e:fe:df:f3:40:6a:dd:71:47:
b4:b7:1d:e1:38:b7:e5:64:26:0c:ea:36:2f:80:bb:
d7:d8:14:55:62:83:2d:a6:82:c4:fb:a7:20:d7:2c:
63:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:CA:BC:B7:6F:2D:8B:0C:3B:9F:8C:BC:96:10:3E:EE:74:81:7A:CB
X509v3 Authority Key Identifier:
keyid:0F:C9:67:4E:D5:5F:0A:76:5C:A5:DA:1C:6F:AF:A4:DD:25:E2:A1:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
58:c9:d9:02:c7:00:25:a8:53:5e:a2:7e:31:bc:b7:76:01:b9:
29:a3:99:80:d8:63:97:1b:bb:aa:51:f1:5b:87:c4:f3:57:ee:
22:b1:4c:37:6d:65:38:37:79:ac:d1:04:74:ed:73:6e:ef:00:
95:ba:90:74:b3:18:f7:64:a8:3e:19:6c:8c:d2:e5:a9:8d:59:
04:26:52:e0:99:e8:15:5a:67:a5:f4:bb:1a:26:32:4c:ca:0c:
49:ef:ae:a6:ea:ca:e8:17:d2:e5:12:27:b0:7c:52:5d:e5:b3:
e9:4a:b0:68:ef:ab:c8:4b:d7:21:f6:05:fc:9f:39:f6:44:00:
f9:e1:38:b5:f0:07:b0:90:ac:6e:03:02:de:ca:59:55:4a:73:
d8:3e:81:b0:14:92:ab:6e:14:ad:09:64:95:ca:f4:5f:01:a5:
a3:7e:12:f9:d5:0b:1e:71:ba:bd:d8:bb:41:1b:80:d6:cf:91:
8e:cb:c2:5e:ff:fc:90:b8:c7:a1:fe:f0:79:19:da:75:b0:89:
0b:22:b0:7e:11:45:2c:16:8a:34:4c:1e:2d:11:90:7e:78:fc:
77:03:6f:74:02:14:cf:27:ed:0d:a5:09:b4:6c:56:1f:ae:3a:
cd:7c:9e:51:84:aa:ab:b3:56:e8:48:9a:b5:4e:5b:4c:c3:68:
1d:c6:4f:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwboSM7h4Ijk2iIzjZWytIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmYzk2NzRlZDU1ZjBhNzY1Y2E1ZGExYzZmYWZhNGRkMjVl
MmExNzgwHhcNMjUxMTExMDEwMTIyWhcNMjUxMTEyMDEwMTIyWjAzMTEwLwYDVQQD
Eyg2ZWNhYmNiNzZmMmQ4YjBjM2I5ZjhjYmM5NjEwM2VlZTc0ODE3YWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3hvqZWjDYIMMZyapLP4NUkBt9CNF
WOGMkhStH/49hNn+lahhPvYHgU9S/QFqKL63Hbv+g6Ylt/sGNpn98HWh3KAZk51t
KPWrK3ieggDrs9Xx5hgpxmSSo7JHZ3EqkSh7+eaxRx9N40Sj81jFH1eC1Ja3qWhv
X733rJ/EJeB0QZDITVlA9v3M3KK2lS3FB4ZHP8Oah2dKecETAc3xQqRXlCYBbjsl
/FvR/WjMeSSnMiBtEFLiLAHoznjcTQX28dg6LPk7wyY+rtZjNjJJbmolovLKi0Wf
bvMu/t/zQGrdcUe0tx3hOLflZCYM6jYvgLvX2BRVYoMtpoLE+6cg1yxjEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG7KvLdvLYsMO5+MvJYQPu50gXrLMB8GA1UdIwQY
MBaAFA/JZ07VXwp2XKXaHG+vpN0l4qF4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC84YWIyYTMtMDg4ZS00ZTBjLWJlOWEt
NGE5NDZjNTJmYmMyLzEvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC84YWIyYTMtMDg4ZS00ZTBjLWJlOWEtNGE5NDZjNTJmYmMy
LzEvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWMnZAscA
JahTXqJ+Mby3dgG5KaOZgNhjlxu7qlHxW4fE81fuIrFMN21lODd5rNEEdO1zbu8A
lbqQdLMY92SoPhlsjNLlqY1ZBCZS4JnoFVpnpfS7GiYyTMoMSe+upurK6BfS5RIn
sHxSXeWz6UqwaO+ryEvXIfYF/J859kQA+eE4tfAHsJCsbgMC3spZVUpz2D6BsBSS
q24UrQlklcr0XwGlo34S+dULHnG6vdi7QRuA1s+RjsvCXv/8kLjHof7weRnadbCJ
CyKwfhFFLBaKNEweLRGQfnj8dwNvdAIUzyftDaUJtGxWH646zXyeUYSqq7NW6Eia
tU5bTMNoHcZPYQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:32:15 2025 by rpki-client