Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/3c604e-e6a8-4e4e-b769-5a07e26fb822/1/cnOYybFuqY0iKkwpyvey68mE8oI.mft
File: cnOYybFuqY0iKkwpyvey68mE8oI.mft (raw, json)
Hash identifier: rbt6a6BVmY3nPqmFl8Tgp6NbVA4m989R+OARv5/iAV0=
Subject key identifier: DE:D4:A1:49:EB:43:1A:01:28:A5:04:C9:97:11:5E:89:2F:9F:09:B1
Authority key identifier: 72:73:98:C9:B1:6E:A9:8D:22:2A:4C:29:CA:F7:B2:EB:C9:84:F2:82
Certificate issuer: /CN=727398c9b16ea98d222a4c29caf7b2ebc984f282
Certificate serial: 019A71B8384DCF8FD62A07FE0E2944B764E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cnOYybFuqY0iKkwpyvey68mE8oI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/3c604e-e6a8-4e4e-b769-5a07e26fb822/1/cnOYybFuqY0iKkwpyvey68mE8oI.mft
Manifest number: 02B7
Signing time: Tue 11 Nov 2025 07:01:29 +0000
Manifest this update: Tue 11 Nov 2025 07:01:29 +0000
Manifest next update: Wed 12 Nov 2025 07:01:29 +0000
Files and hashes: 1: cnOYybFuqY0iKkwpyvey68mE8oI.crl (hash: 4/tv0rh5EyH3mevf5Pgo+BXFVFmSm0SNWKuBoh5Jvv8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/3c604e-e6a8-4e4e-b769-5a07e26fb822/1/cnOYybFuqY0iKkwpyvey68mE8oI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/3c604e-e6a8-4e4e-b769-5a07e26fb822/1/cnOYybFuqY0iKkwpyvey68mE8oI.mft
rsync://rpki.ripe.net/repository/DEFAULT/cnOYybFuqY0iKkwpyvey68mE8oI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:38:4d:cf:8f:d6:2a:07:fe:0e:29:44:b7:64:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=727398c9b16ea98d222a4c29caf7b2ebc984f282
Validity
Not Before: Nov 11 07:01:29 2025 GMT
Not After : Nov 12 07:01:29 2025 GMT
Subject: CN=ded4a149eb431a0128a504c997115e892f9f09b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:f3:eb:61:6d:b4:10:8c:68:72:f8:e2:ef:4b:
18:1a:4e:55:e1:0b:5d:ac:c0:6d:7a:2c:84:61:bf:
3a:5f:fc:0e:5a:8a:52:d3:09:55:e6:2f:a3:e3:18:
37:06:df:c4:57:c0:e3:d1:2e:f4:12:43:62:1a:56:
64:71:06:ee:9e:34:09:69:96:b1:7f:3e:dc:bd:60:
a4:84:1e:bc:29:3c:66:2d:54:13:6e:e8:f3:eb:ea:
a6:82:31:f4:bc:3a:b4:b4:03:90:e5:31:09:8a:2f:
4f:26:0e:18:1d:79:a1:f2:ef:4c:95:cf:e9:14:4c:
2c:4e:1c:1a:de:3a:82:ec:53:a5:eb:22:63:e3:67:
80:b6:78:d3:00:84:9b:b7:7f:fc:b6:f7:d1:d3:97:
fc:58:de:c4:0f:db:51:37:c4:7a:42:16:9f:cf:67:
3b:77:55:45:cd:43:0d:c1:83:7d:9a:02:1d:06:37:
f5:26:82:22:f7:af:98:00:07:f8:b9:85:20:01:0a:
a1:0e:76:b6:29:d7:fd:c1:60:81:2f:d5:4c:8f:12:
53:2f:d2:40:e1:46:fc:4f:9a:06:1e:06:bf:fe:4c:
58:bc:ea:a0:13:3f:0f:70:4e:b2:56:04:eb:96:bd:
c1:03:8c:c3:b8:e8:c0:89:0a:25:51:c1:34:b7:5f:
b3:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:D4:A1:49:EB:43:1A:01:28:A5:04:C9:97:11:5E:89:2F:9F:09:B1
X509v3 Authority Key Identifier:
keyid:72:73:98:C9:B1:6E:A9:8D:22:2A:4C:29:CA:F7:B2:EB:C9:84:F2:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cnOYybFuqY0iKkwpyvey68mE8oI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/3c604e-e6a8-4e4e-b769-5a07e26fb822/1/cnOYybFuqY0iKkwpyvey68mE8oI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/3c604e-e6a8-4e4e-b769-5a07e26fb822/1/cnOYybFuqY0iKkwpyvey68mE8oI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6d:ed:32:e6:34:34:11:ca:d3:90:b7:03:32:ee:ba:ca:1f:74:
ca:fc:45:04:36:ca:b7:12:a3:2f:5d:49:56:51:f8:60:49:2a:
38:95:ea:12:28:84:9f:80:c0:13:98:47:c0:4e:35:86:1d:2e:
b0:71:bb:34:94:9c:a7:f8:2c:74:f5:86:7f:d1:3b:74:cd:cd:
a3:50:e4:17:30:81:6d:0d:dc:92:81:ee:d1:f4:e5:70:bc:59:
6f:15:af:96:34:df:04:e0:df:b7:46:11:d8:b3:c0:46:03:f8:
40:f6:ad:68:7b:b2:77:46:1c:c4:f3:96:84:53:a8:8d:19:71:
fd:4f:7b:76:4a:76:6b:4a:e7:ae:8d:59:02:27:a4:7d:6f:b6:
ee:f9:3c:3a:46:90:f3:ec:35:52:55:a1:72:e8:44:41:cb:b9:
f4:eb:b7:cf:b4:49:2e:db:af:76:b5:5d:68:7c:6b:e8:ef:c9:
0a:25:96:ad:e4:11:1e:4e:80:a4:96:e8:d0:a8:1a:00:2c:9b:
24:14:53:2e:7b:ff:67:11:7d:73:9f:53:9c:1a:a2:c3:50:36:
5d:57:24:fd:7f:5f:ea:61:3e:ad:22:2b:6e:0f:b2:3e:f8:65:
da:7b:ee:3f:95:5b:b7:c3:f2:14:39:f5:90:7a:8e:06:69:03:
ea:23:b4:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuDhNz4/WKgf+DilEt2TkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNzM5OGM5YjE2ZWE5OGQyMjJhNGMyOWNhZjdiMmViYzk4
NGYyODIwHhcNMjUxMTExMDcwMTI5WhcNMjUxMTEyMDcwMTI5WjAzMTEwLwYDVQQD
EyhkZWQ0YTE0OWViNDMxYTAxMjhhNTA0Yzk5NzExNWU4OTJmOWYwOWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3vPrYW20EIxocvji70sYGk5V4Qtd
rMBteiyEYb86X/wOWopS0wlV5i+j4xg3Bt/EV8Dj0S70EkNiGlZkcQbunjQJaZax
fz7cvWCkhB68KTxmLVQTbujz6+qmgjH0vDq0tAOQ5TEJii9PJg4YHXmh8u9Mlc/p
FEwsThwa3jqC7FOl6yJj42eAtnjTAISbt3/8tvfR05f8WN7ED9tRN8R6Qhafz2c7
d1VFzUMNwYN9mgIdBjf1JoIi96+YAAf4uYUgAQqhDna2Kdf9wWCBL9VMjxJTL9JA
4Ub8T5oGHga//kxYvOqgEz8PcE6yVgTrlr3BA4zDuOjAiQolUcE0t1+ztwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN7UoUnrQxoBKKUEyZcRXokvnwmxMB8GA1UdIwQY
MBaAFHJzmMmxbqmNIipMKcr3suvJhPKCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY25PWXliRnVxWTBpS2t3cHl2ZXk2OG1FOG9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC8zYzYwNGUtZTZhOC00ZTRlLWI3Njkt
NWEwN2UyNmZiODIyLzEvY25PWXliRnVxWTBpS2t3cHl2ZXk2OG1FOG9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC8zYzYwNGUtZTZhOC00ZTRlLWI3NjktNWEwN2UyNmZiODIy
LzEvY25PWXliRnVxWTBpS2t3cHl2ZXk2OG1FOG9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbe0y5jQ0
EcrTkLcDMu66yh90yvxFBDbKtxKjL11JVlH4YEkqOJXqEiiEn4DAE5hHwE41hh0u
sHG7NJScp/gsdPWGf9E7dM3No1DkFzCBbQ3ckoHu0fTlcLxZbxWvljTfBODft0YR
2LPARgP4QPataHuyd0YcxPOWhFOojRlx/U97dkp2a0rnro1ZAiekfW+27vk8OkaQ
8+w1UlWhcuhEQcu59Ou3z7RJLtuvdrVdaHxr6O/JCiWWreQRHk6ApJbo0KgaACyb
JBRTLnv/ZxF9c59TnBqiw1A2XVck/X9f6mE+rSIrbg+yPvhl2nvuP5Vbt8PyFDn1
kHqOBmkD6iO0Gw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:32:10 2025 by rpki-client