Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/c97b17-671b-4102-9241-1c1eb158b02d/1/spuNaKggdWqqP4l5UdWv1n_bPbs.mft
File: spuNaKggdWqqP4l5UdWv1n_bPbs.mft (raw, json)
Hash identifier: T7ML71hMnyyEJWeMU7BgGGkr9nGWVadUPDMis6jRrS4=
Subject key identifier: AA:C9:04:9B:8D:3C:74:5C:8E:C3:FD:13:01:83:49:9B:C9:9E:85:1B
Authority key identifier: B2:9B:8D:68:A8:20:75:6A:AA:3F:89:79:51:D5:AF:D6:7F:DB:3D:BB
Certificate issuer: /CN=b29b8d68a820756aaa3f897951d5afd67fdb3dbb
Certificate serial: 019A71B9048F351A9F6F874AA18E8D1E883D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/spuNaKggdWqqP4l5UdWv1n_bPbs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/c97b17-671b-4102-9241-1c1eb158b02d/1/spuNaKggdWqqP4l5UdWv1n_bPbs.mft
Manifest number: 171D
Signing time: Tue 11 Nov 2025 07:02:21 +0000
Manifest this update: Tue 11 Nov 2025 07:02:21 +0000
Manifest next update: Wed 12 Nov 2025 07:02:21 +0000
Files and hashes: 1: spuNaKggdWqqP4l5UdWv1n_bPbs.crl (hash: cb8e08oHojK9Tuhxnx4fbgLY4gpJoOp2sAvbYj28dkU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/c97b17-671b-4102-9241-1c1eb158b02d/1/spuNaKggdWqqP4l5UdWv1n_bPbs.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/c97b17-671b-4102-9241-1c1eb158b02d/1/spuNaKggdWqqP4l5UdWv1n_bPbs.mft
rsync://rpki.ripe.net/repository/DEFAULT/spuNaKggdWqqP4l5UdWv1n_bPbs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b9:04:8f:35:1a:9f:6f:87:4a:a1:8e:8d:1e:88:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b29b8d68a820756aaa3f897951d5afd67fdb3dbb
Validity
Not Before: Nov 11 07:02:21 2025 GMT
Not After : Nov 12 07:02:21 2025 GMT
Subject: CN=aac9049b8d3c745c8ec3fd130183499bc99e851b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b5:f8:04:33:89:b6:e2:6c:41:67:43:72:e6:
3d:9b:72:29:8a:96:63:ca:13:bf:65:8f:5b:3e:f0:
29:f8:1d:2b:37:6d:4f:c4:61:16:ad:c5:06:30:3c:
fd:77:0b:70:64:e2:ed:46:03:de:4a:fd:3e:73:b7:
c2:f9:22:64:59:b8:cb:df:32:31:53:96:41:17:9f:
73:07:57:13:df:60:46:02:f3:ab:18:7c:fa:9a:6d:
f8:fc:10:6d:a9:85:0e:bf:90:6d:31:46:66:95:fa:
d5:98:cf:96:fa:48:9e:32:cb:b8:ce:aa:f3:46:48:
5a:db:8c:6c:e8:66:b5:3b:54:d7:0f:3f:22:f4:8c:
52:c6:c6:b0:ba:87:32:fb:54:66:0b:5d:aa:7a:10:
43:06:eb:fa:e4:ee:3a:3f:86:3b:c9:b3:83:21:b6:
34:bd:1f:cc:52:42:c1:3b:64:f0:c7:b8:cd:22:be:
97:77:c1:08:13:1c:66:e2:15:24:45:71:aa:dc:ed:
8f:67:41:1f:b5:f9:49:e1:79:22:09:2e:c0:a1:18:
4a:0f:cd:55:d3:82:33:eb:db:c9:9d:97:2b:4e:7a:
7a:08:74:a1:82:04:bd:a2:72:12:6a:d8:a1:bc:ee:
c5:ce:f1:b2:b7:61:49:1f:02:86:f6:e3:68:2b:a5:
b0:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:C9:04:9B:8D:3C:74:5C:8E:C3:FD:13:01:83:49:9B:C9:9E:85:1B
X509v3 Authority Key Identifier:
keyid:B2:9B:8D:68:A8:20:75:6A:AA:3F:89:79:51:D5:AF:D6:7F:DB:3D:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/spuNaKggdWqqP4l5UdWv1n_bPbs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/c97b17-671b-4102-9241-1c1eb158b02d/1/spuNaKggdWqqP4l5UdWv1n_bPbs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/c97b17-671b-4102-9241-1c1eb158b02d/1/spuNaKggdWqqP4l5UdWv1n_bPbs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a2:2f:90:6b:8a:83:87:c3:aa:a2:09:ba:56:46:c1:15:1e:82:
6e:3d:78:7d:f5:95:7c:e2:4a:3c:b1:bf:2c:03:41:3e:60:b6:
3b:05:f5:2f:af:47:85:74:1b:3c:8c:4a:69:a1:68:24:e2:8c:
49:04:18:ec:f7:4e:03:e2:3c:2d:17:38:09:94:00:c7:fa:be:
ac:50:00:9a:b4:21:21:5d:1b:9b:ba:30:c1:dc:eb:39:32:2b:
42:de:9a:2d:8d:1b:be:98:69:35:fe:5b:6b:27:5f:cb:7e:09:
8d:3f:93:e7:8d:61:ab:91:23:f3:fa:89:df:90:52:58:38:79:
ad:8f:18:1a:70:23:0b:6e:a8:72:3b:d8:3a:58:d4:ba:56:b1:
ad:e1:42:99:ce:0b:7d:97:ba:5e:7f:ff:8c:8c:73:bc:ef:bb:
ef:b9:91:fb:72:30:ee:06:73:52:2d:47:ba:95:5d:b2:30:6d:
7d:b5:34:f7:4b:ea:a9:09:7c:a8:b5:8b:2c:7c:3a:a6:0d:d4:
6c:c5:c8:76:34:04:e1:ce:c5:a5:f9:b2:75:3a:55:35:a3:e2:
bf:aa:8a:fb:90:5e:92:7b:82:ac:cd:2f:90:af:04:76:c9:d9:
2f:db:27:f1:4a:26:28:52:b2:b2:d6:ac:3a:4f:3b:79:24:85:
6e:ad:21:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuQSPNRqfb4dKoY6NHog9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyOWI4ZDY4YTgyMDc1NmFhYTNmODk3OTUxZDVhZmQ2N2Zk
YjNkYmIwHhcNMjUxMTExMDcwMjIxWhcNMjUxMTEyMDcwMjIxWjAzMTEwLwYDVQQD
EyhhYWM5MDQ5YjhkM2M3NDVjOGVjM2ZkMTMwMTgzNDk5YmM5OWU4NTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLX4BDOJtuJsQWdDcuY9m3IpipZj
yhO/ZY9bPvAp+B0rN21PxGEWrcUGMDz9dwtwZOLtRgPeSv0+c7fC+SJkWbjL3zIx
U5ZBF59zB1cT32BGAvOrGHz6mm34/BBtqYUOv5BtMUZmlfrVmM+W+kieMsu4zqrz
Rkha24xs6Ga1O1TXDz8i9IxSxsawuocy+1RmC12qehBDBuv65O46P4Y7ybODIbY0
vR/MUkLBO2Twx7jNIr6Xd8EIExxm4hUkRXGq3O2PZ0EftflJ4XkiCS7AoRhKD81V
04Iz69vJnZcrTnp6CHShggS9onISatihvO7FzvGyt2FJHwKG9uNoK6WwKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKrJBJuNPHRcjsP9EwGDSZvJnoUbMB8GA1UdIwQY
MBaAFLKbjWioIHVqqj+JeVHVr9Z/2z27MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3B1TmFLZ2dkV3FxUDRsNVVkV3Yxbl9iUGJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9jOTdiMTctNjcxYi00MTAyLTkyNDEt
MWMxZWIxNThiMDJkLzEvc3B1TmFLZ2dkV3FxUDRsNVVkV3Yxbl9iUGJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9jOTdiMTctNjcxYi00MTAyLTkyNDEtMWMxZWIxNThiMDJk
LzEvc3B1TmFLZ2dkV3FxUDRsNVVkV3Yxbl9iUGJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoi+Qa4qD
h8Oqogm6VkbBFR6Cbj14ffWVfOJKPLG/LANBPmC2OwX1L69HhXQbPIxKaaFoJOKM
SQQY7PdOA+I8LRc4CZQAx/q+rFAAmrQhIV0bm7owwdzrOTIrQt6aLY0bvphpNf5b
aydfy34JjT+T541hq5Ej8/qJ35BSWDh5rY8YGnAjC26ocjvYOljUulaxreFCmc4L
fZe6Xn//jIxzvO+777mR+3Iw7gZzUi1HupVdsjBtfbU090vqqQl8qLWLLHw6pg3U
bMXIdjQE4c7FpfmydTpVNaPiv6qK+5BeknuCrM0vkK8EdsnZL9sn8UomKFKystas
Ok87eSSFbq0hqw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:41:56 2025 by rpki-client