Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft
File: AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft (raw, json)
Hash identifier: I0/tSm+xCPCQZ+kLWVP10s6qVZmqkfUpm6b3bLZ/2qQ=
Subject key identifier: 53:EE:38:15:F5:D9:F6:24:26:5E:5D:B4:2C:E9:A2:C9:43:35:A3:97
Authority key identifier: 02:51:F6:AB:E0:BB:26:BF:E4:85:9E:54:DE:E0:FD:C9:A5:B7:8A:05
Certificate issuer: /CN=0251f6abe0bb26bfe4859e54dee0fdc9a5b78a05
Certificate serial: 019A4EF45159DF6255C2D8AE2E64C25F6ADA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AlH2q-C7Jr_khZ5U3uD9yaW3igU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft
Manifest number: 1709
Signing time: Tue 04 Nov 2025 13:00:25 +0000
Manifest this update: Tue 04 Nov 2025 13:00:25 +0000
Manifest next update: Wed 05 Nov 2025 13:00:25 +0000
Files and hashes: 1: AlH2q-C7Jr_khZ5U3uD9yaW3igU.crl (hash: Db1Fl43kK8OBYgNTDl03iUxLwjrGOIgighmDQqm5k5o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft
rsync://rpki.ripe.net/repository/DEFAULT/AlH2q-C7Jr_khZ5U3uD9yaW3igU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f4:51:59:df:62:55:c2:d8:ae:2e:64:c2:5f:6a:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0251f6abe0bb26bfe4859e54dee0fdc9a5b78a05
Validity
Not Before: Nov 4 13:00:25 2025 GMT
Not After : Nov 5 13:00:25 2025 GMT
Subject: CN=53ee3815f5d9f624265e5db42ce9a2c94335a397
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:84:95:eb:e9:72:a7:4f:e8:82:a1:9b:10:6d:
1a:ec:70:e9:41:cb:ef:45:02:a3:ad:de:ab:1b:ad:
3d:c5:7c:93:bd:93:0f:3f:3a:45:1f:45:fc:cf:ee:
48:4a:4a:80:42:34:39:06:97:42:83:77:da:f9:7b:
1d:93:b0:49:66:49:84:e5:b8:24:19:7f:d7:4c:7a:
f1:02:8c:94:fe:a5:aa:1d:62:b4:cc:d4:2d:b0:f0:
b5:77:6e:4f:69:90:9a:c7:67:f5:44:6f:a4:b9:e3:
d4:11:f5:ed:c1:ef:d9:c6:ea:1c:15:11:40:2e:ad:
30:27:1f:47:9c:0b:57:f3:c2:75:37:5f:51:d4:14:
8b:02:4c:4a:ee:58:9f:85:87:1b:d2:05:59:87:dc:
54:b8:c9:cb:27:a1:98:b0:b4:0b:96:d2:3f:e4:06:
24:8c:a8:ab:f4:5d:25:63:77:11:2f:b7:51:cf:4a:
f0:28:bd:6a:8b:54:5b:fd:c0:1d:27:ed:7a:86:7c:
f5:93:15:56:48:15:2d:d4:fa:00:ee:50:2b:4e:18:
95:80:29:b5:39:f0:52:29:6d:04:6f:22:c6:49:73:
1f:5a:dc:b8:21:bd:d2:06:3e:50:fd:74:7d:98:f8:
ac:6c:b9:85:42:46:d4:89:c7:3c:bc:2e:db:d3:bb:
73:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:EE:38:15:F5:D9:F6:24:26:5E:5D:B4:2C:E9:A2:C9:43:35:A3:97
X509v3 Authority Key Identifier:
keyid:02:51:F6:AB:E0:BB:26:BF:E4:85:9E:54:DE:E0:FD:C9:A5:B7:8A:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AlH2q-C7Jr_khZ5U3uD9yaW3igU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
82:2a:9a:45:a5:bd:99:6a:0d:fb:dc:4c:27:94:90:f1:dc:5b:
0f:5b:30:a6:b5:83:bb:59:d5:49:4f:1a:65:ba:5d:b7:ae:69:
7b:b3:13:05:42:d6:71:85:b1:f5:a0:1c:a1:33:3e:e5:09:e4:
4d:05:40:2a:a9:41:68:70:29:a7:4a:00:be:6b:5d:29:56:28:
00:0c:d8:97:f1:a3:75:44:0c:e8:e0:18:2f:64:e3:13:d8:7a:
ee:e3:cb:d2:70:cb:42:15:89:86:42:b7:e8:19:c4:49:a7:f7:
76:f4:cd:bc:f9:3f:70:02:3c:64:62:85:b3:93:cb:a6:b8:98:
3f:3b:23:1c:43:4e:8b:da:fb:86:f4:04:4b:1d:e5:bb:ab:3f:
d5:37:30:6d:dc:85:34:18:76:27:a0:8f:3a:36:8a:31:8b:a2:
39:97:56:dc:93:17:99:4e:ec:7b:13:1e:f5:02:26:56:7f:63:
26:5e:d3:f4:e3:48:41:a2:b1:84:3f:83:7a:de:dc:bc:2c:1e:
20:f7:95:58:30:8a:bc:7d:89:08:70:37:6c:58:7f:3a:6e:ce:
26:f9:c5:e4:ca:48:b5:cc:cf:ff:56:09:c8:c9:c9:8a:8f:ed:
1d:9e:ca:ca:00:43:91:5a:ee:41:d7:db:05:79:0a:cf:ea:b0:
d6:81:ab:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9FFZ32JVwtiuLmTCX2raMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNTFmNmFiZTBiYjI2YmZlNDg1OWU1NGRlZTBmZGM5YTVi
NzhhMDUwHhcNMjUxMTA0MTMwMDI1WhcNMjUxMTA1MTMwMDI1WjAzMTEwLwYDVQQD
Eyg1M2VlMzgxNWY1ZDlmNjI0MjY1ZTVkYjQyY2U5YTJjOTQzMzVhMzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYSV6+lyp0/ogqGbEG0a7HDpQcvv
RQKjrd6rG609xXyTvZMPPzpFH0X8z+5ISkqAQjQ5BpdCg3fa+Xsdk7BJZkmE5bgk
GX/XTHrxAoyU/qWqHWK0zNQtsPC1d25PaZCax2f1RG+kuePUEfXtwe/ZxuocFRFA
Lq0wJx9HnAtX88J1N19R1BSLAkxK7lifhYcb0gVZh9xUuMnLJ6GYsLQLltI/5AYk
jKir9F0lY3cRL7dRz0rwKL1qi1Rb/cAdJ+16hnz1kxVWSBUt1PoA7lArThiVgCm1
OfBSKW0EbyLGSXMfWty4Ib3SBj5Q/XR9mPisbLmFQkbUicc8vC7b07tznQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFPuOBX12fYkJl5dtCzposlDNaOXMB8GA1UdIwQY
MBaAFAJR9qvguya/5IWeVN7g/cmlt4oFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWxIMnEtQzdKcl9raFo1VTN1RDl5YVczaWdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8yZmFiZjUtZTNlZC00ZDlhLTljZDgt
MmY0ZWI5YzA2MDM1LzEvQWxIMnEtQzdKcl9raFo1VTN1RDl5YVczaWdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8yZmFiZjUtZTNlZC00ZDlhLTljZDgtMmY0ZWI5YzA2MDM1
LzEvQWxIMnEtQzdKcl9raFo1VTN1RDl5YVczaWdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgiqaRaW9
mWoN+9xMJ5SQ8dxbD1swprWDu1nVSU8aZbpdt65pe7MTBULWcYWx9aAcoTM+5Qnk
TQVAKqlBaHApp0oAvmtdKVYoAAzYl/GjdUQM6OAYL2TjE9h67uPL0nDLQhWJhkK3
6BnESaf3dvTNvPk/cAI8ZGKFs5PLpriYPzsjHENOi9r7hvQESx3lu6s/1TcwbdyF
NBh2J6CPOjaKMYuiOZdW3JMXmU7sexMe9QImVn9jJl7T9ONIQaKxhD+Det7cvCwe
IPeVWDCKvH2JCHA3bFh/Om7OJvnF5MpItczP/1YJyMnJio/tHZ7KygBDkVruQdfb
BXkKz+qw1oGrQg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:15:21 2025 by rpki-client