Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/0c5ed7-0e72-4ead-906c-291a3164a0b8/1/mvnR5V9D5P3W0k-0sO2m6dEoqlE.mft
File: mvnR5V9D5P3W0k-0sO2m6dEoqlE.mft (raw, json)
Hash identifier: G87C21yCNUU7DIEPmdpx2Jq98isvj2YWMyK5VrQ1ae0=
Subject key identifier: 44:D8:68:80:43:AE:89:B7:EB:71:B6:29:A5:8E:30:F0:D1:40:14:7C
Authority key identifier: 9A:F9:D1:E5:5F:43:E4:FD:D6:D2:4F:B4:B0:ED:A6:E9:D1:28:AA:51
Certificate issuer: /CN=9af9d1e55f43e4fdd6d24fb4b0eda6e9d128aa51
Certificate serial: 019A71B8675199325B29040030A9F43452B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mvnR5V9D5P3W0k-0sO2m6dEoqlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/0c5ed7-0e72-4ead-906c-291a3164a0b8/1/mvnR5V9D5P3W0k-0sO2m6dEoqlE.mft
Manifest number: 11C1
Signing time: Tue 11 Nov 2025 07:01:41 +0000
Manifest this update: Tue 11 Nov 2025 07:01:41 +0000
Manifest next update: Wed 12 Nov 2025 07:01:41 +0000
Files and hashes: 1: mvnR5V9D5P3W0k-0sO2m6dEoqlE.crl (hash: LqTCpYVFNJD+pcoZ45aQSu7kVNgxtIMWPbSUbgTtRg4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/0c5ed7-0e72-4ead-906c-291a3164a0b8/1/mvnR5V9D5P3W0k-0sO2m6dEoqlE.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/0c5ed7-0e72-4ead-906c-291a3164a0b8/1/mvnR5V9D5P3W0k-0sO2m6dEoqlE.mft
rsync://rpki.ripe.net/repository/DEFAULT/mvnR5V9D5P3W0k-0sO2m6dEoqlE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:67:51:99:32:5b:29:04:00:30:a9:f4:34:52:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9af9d1e55f43e4fdd6d24fb4b0eda6e9d128aa51
Validity
Not Before: Nov 11 07:01:41 2025 GMT
Not After : Nov 12 07:01:41 2025 GMT
Subject: CN=44d8688043ae89b7eb71b629a58e30f0d140147c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:f0:f0:6e:bb:5c:f3:eb:5c:0e:f3:9c:ab:3f:
d2:6f:c5:07:62:6a:57:77:bb:96:79:ad:a3:bb:fd:
be:ae:7f:11:95:5f:ef:8c:4c:14:ee:3f:b8:98:11:
2a:f8:94:34:d8:e6:7e:36:61:db:9f:b0:a6:c8:08:
63:82:ac:ea:3f:a5:38:c6:1e:f9:de:8e:24:90:60:
ac:fa:b3:85:aa:a9:57:35:5d:ad:d3:8c:6e:47:be:
2f:99:a1:25:29:17:87:76:54:e5:e3:b3:b4:74:2f:
3c:18:02:d8:ac:d6:a8:44:38:68:93:e2:45:cd:aa:
50:25:15:2e:a7:d0:26:a7:0c:0a:61:93:0f:d4:a6:
5a:80:95:24:b8:06:82:68:ad:29:c6:80:a0:a9:aa:
36:cc:fd:73:f4:fc:91:24:b2:2c:2f:d0:4b:20:e7:
ca:de:f2:83:04:94:df:a3:3a:7b:ff:d3:d0:67:70:
48:1b:21:72:f0:ef:a4:2f:26:44:10:a3:9a:23:c7:
7a:90:12:68:43:41:5a:5b:7b:23:6d:06:3f:8f:70:
a2:65:4d:2b:b8:38:28:0b:e5:95:70:7c:6d:71:0a:
4f:50:fc:73:15:95:e0:8f:51:a0:13:cf:49:bf:64:
aa:33:84:07:d3:f6:c0:20:e6:35:e6:85:3f:fe:f9:
da:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:D8:68:80:43:AE:89:B7:EB:71:B6:29:A5:8E:30:F0:D1:40:14:7C
X509v3 Authority Key Identifier:
keyid:9A:F9:D1:E5:5F:43:E4:FD:D6:D2:4F:B4:B0:ED:A6:E9:D1:28:AA:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mvnR5V9D5P3W0k-0sO2m6dEoqlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/0c5ed7-0e72-4ead-906c-291a3164a0b8/1/mvnR5V9D5P3W0k-0sO2m6dEoqlE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/0c5ed7-0e72-4ead-906c-291a3164a0b8/1/mvnR5V9D5P3W0k-0sO2m6dEoqlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
08:ff:08:db:68:e9:8f:87:f8:f2:9c:a7:be:c1:8f:21:00:53:
a4:51:ab:c5:93:23:13:c7:fb:74:dd:3c:a5:ae:07:00:6b:49:
5a:73:55:b5:58:bf:36:1b:3a:b9:e2:f1:9e:9a:51:a3:20:02:
24:31:7f:d6:c2:bc:bd:d0:63:49:ad:d6:dd:7a:97:d5:b1:f8:
2c:1b:5b:14:dc:98:7e:e3:40:88:cd:6d:0e:62:cc:d1:e2:90:
9e:c0:b0:5c:39:f4:bc:50:94:9e:a5:75:3a:f8:66:18:4d:e8:
ba:62:ef:bb:ce:18:47:b8:24:af:20:f5:06:f0:37:d1:e9:5f:
da:b0:33:62:79:d1:73:48:e2:22:43:cc:79:0c:68:71:5e:b2:
00:66:46:88:7a:e8:02:4f:a8:b5:8a:12:52:20:e5:73:fb:23:
0e:21:36:15:b0:35:80:7b:e5:cf:75:96:40:4f:81:e0:25:71:
5d:79:9a:e2:e2:3c:ec:d5:84:14:3f:e4:cd:59:bf:5e:a7:dd:
6b:96:b0:ae:e8:e4:ce:8a:d1:0f:8c:ef:8a:ee:4f:9f:e3:eb:
fc:4f:87:be:11:c7:23:f7:6e:bf:6e:47:16:08:1a:b3:4f:c8:
82:81:67:b8:6c:54:2e:23:4a:11:a2:7c:d6:5d:fe:40:c7:4c:
f0:7f:65:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuGdRmTJbKQQAMKn0NFKyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZjlkMWU1NWY0M2U0ZmRkNmQyNGZiNGIwZWRhNmU5ZDEy
OGFhNTEwHhcNMjUxMTExMDcwMTQxWhcNMjUxMTEyMDcwMTQxWjAzMTEwLwYDVQQD
Eyg0NGQ4Njg4MDQzYWU4OWI3ZWI3MWI2MjlhNThlMzBmMGQxNDAxNDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyfDwbrtc8+tcDvOcqz/Sb8UHYmpX
d7uWea2ju/2+rn8RlV/vjEwU7j+4mBEq+JQ02OZ+NmHbn7CmyAhjgqzqP6U4xh75
3o4kkGCs+rOFqqlXNV2t04xuR74vmaElKReHdlTl47O0dC88GALYrNaoRDhok+JF
zapQJRUup9AmpwwKYZMP1KZagJUkuAaCaK0pxoCgqao2zP1z9PyRJLIsL9BLIOfK
3vKDBJTfozp7/9PQZ3BIGyFy8O+kLyZEEKOaI8d6kBJoQ0FaW3sjbQY/j3CiZU0r
uDgoC+WVcHxtcQpPUPxzFZXgj1GgE89Jv2SqM4QH0/bAIOY15oU//vna3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFETYaIBDrom363G2KaWOMPDRQBR8MB8GA1UdIwQY
MBaAFJr50eVfQ+T91tJPtLDtpunRKKpRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXZuUjVWOUQ1UDNXMGstMHNPMm02ZEVvcWxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS8wYzVlZDctMGU3Mi00ZWFkLTkwNmMt
MjkxYTMxNjRhMGI4LzEvbXZuUjVWOUQ1UDNXMGstMHNPMm02ZEVvcWxFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS8wYzVlZDctMGU3Mi00ZWFkLTkwNmMtMjkxYTMxNjRhMGI4
LzEvbXZuUjVWOUQ1UDNXMGstMHNPMm02ZEVvcWxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACP8I22jp
j4f48pynvsGPIQBTpFGrxZMjE8f7dN08pa4HAGtJWnNVtVi/Nhs6ueLxnppRoyAC
JDF/1sK8vdBjSa3W3XqX1bH4LBtbFNyYfuNAiM1tDmLM0eKQnsCwXDn0vFCUnqV1
OvhmGE3oumLvu84YR7gkryD1BvA30elf2rAzYnnRc0jiIkPMeQxocV6yAGZGiHro
Ak+otYoSUiDlc/sjDiE2FbA1gHvlz3WWQE+B4CVxXXma4uI87NWEFD/kzVm/Xqfd
a5awrujkzorRD4zviu5Pn+Pr/E+HvhHHI/duv25HFggas0/IgoFnuGxULiNKEaJ8
1l3+QMdM8H9lkw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:47:34 2025 by rpki-client