Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/831181-b0b3-4b2e-88dc-49a96a82214e/1/EsShfSBma32NKx_-GKRoevkmIY8.mft
File: EsShfSBma32NKx_-GKRoevkmIY8.mft (raw, json)
Hash identifier: /FN4ua3eb7LBsqW33tDujka7Lhf5BJFxnOyorDo91XI=
Subject key identifier: F4:AB:BD:83:A3:48:1D:F9:40:E2:4C:8A:14:13:C5:B2:67:21:AB:CC
Authority key identifier: 12:C4:A1:7D:20:66:6B:7D:8D:2B:1F:FE:18:A4:68:7A:F9:26:21:8F
Certificate issuer: /CN=12c4a17d20666b7d8d2b1ffe18a4687af926218f
Certificate serial: 019A73385A094881CEA604F40F0EC786A5F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsShfSBma32NKx_-GKRoevkmIY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/831181-b0b3-4b2e-88dc-49a96a82214e/1/EsShfSBma32NKx_-GKRoevkmIY8.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 14:01:04 +0000
Manifest this update: Tue 11 Nov 2025 14:01:04 +0000
Manifest next update: Wed 12 Nov 2025 14:01:04 +0000
Files and hashes: 1: EsShfSBma32NKx_-GKRoevkmIY8.crl (hash: tGVYbAYEyIMz05MElKfA38jdGyr+GC6DF52CM6a8Xjk=)
2: nfi8L76Q0CcXdXMuyopjIwMNN1s.roa (hash: yyBzF5vSH0UZ1Eb70mzyyMArzuUjMy9cXtif0oEgNm8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/831181-b0b3-4b2e-88dc-49a96a82214e/1/EsShfSBma32NKx_-GKRoevkmIY8.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/831181-b0b3-4b2e-88dc-49a96a82214e/1/EsShfSBma32NKx_-GKRoevkmIY8.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsShfSBma32NKx_-GKRoevkmIY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:38:5a:09:48:81:ce:a6:04:f4:0f:0e:c7:86:a5:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c4a17d20666b7d8d2b1ffe18a4687af926218f
Validity
Not Before: Nov 11 14:01:04 2025 GMT
Not After : Nov 12 14:01:04 2025 GMT
Subject: CN=f4abbd83a3481df940e24c8a1413c5b26721abcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d3:b9:a2:6b:cc:40:f2:74:7a:be:18:91:2b:
6d:cf:e0:55:bd:0f:63:12:e8:3e:7c:1c:53:83:c4:
1d:35:a5:f4:cd:ee:06:d3:07:7b:93:b5:b7:fa:dc:
20:31:12:1b:4a:35:04:56:c9:f9:04:64:28:5e:5a:
f7:d2:e0:cc:19:a6:c9:c9:2e:dd:fd:67:b9:6e:10:
85:d6:eb:42:d9:d7:58:6e:2b:b4:11:91:7a:52:82:
c6:13:90:a2:76:86:16:44:0e:cf:3e:d8:ff:04:7a:
db:7b:05:5d:e4:a9:f4:59:a6:e9:93:8a:24:b2:11:
d5:af:73:83:37:6d:dd:1b:fe:53:23:33:fe:4b:a0:
5a:94:8e:ce:bb:a1:b4:4d:12:eb:0a:fb:bb:2d:85:
d7:2b:1a:61:25:b0:6c:e5:06:fd:74:a7:12:07:d0:
08:0a:77:9d:fa:76:fd:c4:38:66:ab:4f:ae:a8:b4:
cc:11:f2:6c:46:86:fb:39:b4:c0:7f:92:34:ed:56:
37:b6:7b:76:99:7c:90:9c:85:8c:0a:2f:7f:61:22:
8e:7a:e3:96:32:f6:58:35:2e:d4:96:f0:7b:e2:99:
1f:ad:65:58:3c:d4:51:1e:93:c4:56:17:d7:ea:c5:
19:bd:a8:57:e7:e5:4c:41:25:80:c4:18:ea:53:d3:
d9:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:AB:BD:83:A3:48:1D:F9:40:E2:4C:8A:14:13:C5:B2:67:21:AB:CC
X509v3 Authority Key Identifier:
keyid:12:C4:A1:7D:20:66:6B:7D:8D:2B:1F:FE:18:A4:68:7A:F9:26:21:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsShfSBma32NKx_-GKRoevkmIY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/831181-b0b3-4b2e-88dc-49a96a82214e/1/EsShfSBma32NKx_-GKRoevkmIY8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/831181-b0b3-4b2e-88dc-49a96a82214e/1/EsShfSBma32NKx_-GKRoevkmIY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
36:b9:fc:eb:21:4b:84:a4:2e:51:c3:25:66:dc:32:44:2f:34:
3c:8b:45:a4:e1:dd:79:7c:30:70:4a:87:5b:2b:e7:5e:6e:3e:
e4:7d:81:60:f7:b5:19:d9:c3:56:ec:5f:af:a9:f6:81:71:15:
f2:89:98:18:ca:6e:71:f4:b9:d0:53:cd:44:7b:c0:f1:24:19:
10:10:2e:6b:97:cb:9d:95:e8:b4:2a:7c:fe:19:72:ad:fe:49:
88:c3:d3:80:87:6f:4b:40:f2:ae:23:3f:cf:a5:a4:69:46:77:
6f:b6:13:05:ee:ea:a8:a8:59:74:be:df:75:ca:29:fb:11:20:
4f:a8:91:cf:a6:8a:9e:17:d9:b5:30:4a:1f:54:d5:19:c0:55:
84:49:da:8c:97:1b:88:d9:2c:32:06:cc:ad:56:92:d2:59:5e:
8a:c8:3f:5a:df:bc:aa:71:07:5b:bc:b3:12:d7:b2:44:78:08:
77:20:ce:b4:c4:e8:fa:b8:e0:cf:0c:b2:e9:fa:e8:b1:a7:4f:
c3:ee:40:a4:a8:95:99:34:e3:92:ac:87:ce:bb:ce:e8:71:99:
6f:ae:41:3e:3b:a6:87:1f:5d:31:04:88:a7:1e:83:df:c0:13:
b0:5d:c4:d7:d9:60:02:e7:c5:fc:da:24:88:93:fe:bf:56:71:
f4:07:f4:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzOFoJSIHOpgT0Dw7HhqXxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYzRhMTdkMjA2NjZiN2Q4ZDJiMWZmZTE4YTQ2ODdhZjky
NjIxOGYwHhcNMjUxMTExMTQwMTA0WhcNMjUxMTEyMTQwMTA0WjAzMTEwLwYDVQQD
EyhmNGFiYmQ4M2EzNDgxZGY5NDBlMjRjOGExNDEzYzViMjY3MjFhYmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNO5omvMQPJ0er4YkSttz+BVvQ9j
Eug+fBxTg8QdNaX0ze4G0wd7k7W3+twgMRIbSjUEVsn5BGQoXlr30uDMGabJyS7d
/We5bhCF1utC2ddYbiu0EZF6UoLGE5CidoYWRA7PPtj/BHrbewVd5Kn0Wabpk4ok
shHVr3ODN23dG/5TIzP+S6BalI7Ou6G0TRLrCvu7LYXXKxphJbBs5Qb9dKcSB9AI
Cned+nb9xDhmq0+uqLTMEfJsRob7ObTAf5I07VY3tnt2mXyQnIWMCi9/YSKOeuOW
MvZYNS7UlvB74pkfrWVYPNRRHpPEVhfX6sUZvahX5+VMQSWAxBjqU9PZ5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPSrvYOjSB35QOJMihQTxbJnIavMMB8GA1UdIwQY
MBaAFBLEoX0gZmt9jSsf/hikaHr5JiGPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXNTaGZTQm1hMzJOS3hfLUdLUm9ldmttSVk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS84MzExODEtYjBiMy00YjJlLTg4ZGMt
NDlhOTZhODIyMTRlLzEvRXNTaGZTQm1hMzJOS3hfLUdLUm9ldmttSVk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS84MzExODEtYjBiMy00YjJlLTg4ZGMtNDlhOTZhODIyMTRl
LzEvRXNTaGZTQm1hMzJOS3hfLUdLUm9ldmttSVk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANrn86yFL
hKQuUcMlZtwyRC80PItFpOHdeXwwcEqHWyvnXm4+5H2BYPe1GdnDVuxfr6n2gXEV
8omYGMpucfS50FPNRHvA8SQZEBAua5fLnZXotCp8/hlyrf5JiMPTgIdvS0DyriM/
z6WkaUZ3b7YTBe7qqKhZdL7fdcop+xEgT6iRz6aKnhfZtTBKH1TVGcBVhEnajJcb
iNksMgbMrVaS0lleisg/Wt+8qnEHW7yzEteyRHgIdyDOtMTo+rjgzwyy6frosadP
w+5ApKiVmTTjkqyHzrvO6HGZb65BPjumhx9dMQSIpx6D38ATsF3E19lgAufF/Nok
iJP+v1Zx9Af0Xw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 17:19:26 2025 by rpki-client