Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft
File: 20YNIBeVpqmS7UrBi7fFLBCLeFI.mft (raw, json)
Hash identifier: gzyB/ZHoHKSl0vH8sfEYtA1K0QQgf+69CKs1dMaspFY=
Subject key identifier: 0B:0E:4C:8E:B3:8D:AD:B7:E3:AA:EC:4D:5A:79:7B:4A:76:90:96:99
Authority key identifier: DB:46:0D:20:17:95:A6:A9:92:ED:4A:C1:8B:B7:C5:2C:10:8B:78:52
Certificate issuer: /CN=db460d201795a6a992ed4ac18bb7c52c108b7852
Certificate serial: 019A4F9904D4FDD3FBD866C93571A9FBF085
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft
Manifest number: 1709
Signing time: Tue 04 Nov 2025 16:00:19 +0000
Manifest this update: Tue 04 Nov 2025 16:00:19 +0000
Manifest next update: Wed 05 Nov 2025 16:00:19 +0000
Files and hashes: 1: 20YNIBeVpqmS7UrBi7fFLBCLeFI.crl (hash: T3YXmm1jRJRWq57F8M5Mrzg2kxsAdLqIMRzZxS0n5uw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft
rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:99:04:d4:fd:d3:fb:d8:66:c9:35:71:a9:fb:f0:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db460d201795a6a992ed4ac18bb7c52c108b7852
Validity
Not Before: Nov 4 16:00:19 2025 GMT
Not After : Nov 5 16:00:19 2025 GMT
Subject: CN=0b0e4c8eb38dadb7e3aaec4d5a797b4a76909699
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ed:a4:67:7d:44:3c:62:2e:0a:37:c7:e1:b3:
0c:4f:8c:c1:c3:0c:bd:30:fa:8b:23:ed:e0:a1:3b:
9e:3a:cf:d7:7f:50:04:9e:ac:49:64:d2:d0:6f:5f:
cd:bb:14:a3:60:87:8a:38:81:12:f4:b9:ff:eb:0d:
a5:1a:a0:00:6d:1e:fb:6f:c1:0c:6a:28:d0:d4:5f:
35:10:bf:cd:82:35:04:a1:d0:f4:9b:54:a9:04:3f:
34:b4:e3:7f:f2:ba:4f:e9:03:e5:ae:90:c1:0b:9a:
94:54:b3:b7:13:72:1b:36:99:d2:0f:3a:f0:ee:da:
73:ed:ea:7f:85:78:04:74:57:fb:fd:da:13:40:48:
61:f2:95:79:65:28:92:36:2f:2e:82:d1:07:1e:d7:
9f:f8:af:16:55:64:d5:90:04:c6:6e:c0:71:c5:bc:
fc:20:99:5a:d1:cd:5e:5f:b9:e5:78:eb:6f:01:0b:
4d:2a:d3:6c:ba:34:7f:b9:08:7e:0c:d4:c4:21:e9:
7c:33:c2:b8:71:7c:2f:83:74:a9:ef:63:31:2b:73:
c5:38:4d:51:aa:56:f1:59:d6:94:eb:3b:f2:d9:f6:
ea:44:1d:29:bd:15:72:c0:7e:82:00:2e:59:5d:02:
ff:ef:0c:4c:69:a4:11:eb:fd:e6:f0:b9:af:62:85:
43:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:0E:4C:8E:B3:8D:AD:B7:E3:AA:EC:4D:5A:79:7B:4A:76:90:96:99
X509v3 Authority Key Identifier:
keyid:DB:46:0D:20:17:95:A6:A9:92:ED:4A:C1:8B:B7:C5:2C:10:8B:78:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
90:11:1c:ea:ad:67:e5:11:38:cf:f0:e9:5e:3f:b6:65:16:d6:
a9:e5:92:fa:f6:aa:ec:d2:33:d1:3a:fe:db:ea:ea:25:9f:1a:
d3:f5:fc:e1:7a:48:2c:82:02:26:b4:3b:8a:e1:e5:b8:21:24:
48:84:c1:e6:3d:a1:66:f5:a9:75:03:c9:ea:95:cf:0b:a6:90:
6c:f2:2a:de:9c:12:bf:a2:3d:9e:31:6d:65:e9:b6:3b:49:24:
55:90:af:40:4d:96:8f:83:a2:82:9e:b5:59:24:8c:86:d8:7a:
b6:bb:ec:5a:54:ae:d2:30:2a:6f:34:9f:48:f5:a9:7e:e6:c5:
ea:73:a6:5f:a6:9c:47:2b:b6:9b:79:83:fe:15:4f:c9:99:5c:
d6:9a:18:80:11:dd:7f:0d:dc:eb:8f:8e:9b:9b:60:2e:a0:71:
ea:9f:b6:eb:0c:73:85:5f:50:fa:1a:97:62:e6:27:44:fd:a0:
a9:ad:ec:86:6a:aa:ab:18:76:a6:89:14:98:74:ed:cb:7d:52:
0a:4e:1c:40:88:21:dc:c5:f0:3d:6e:4a:ef:74:24:00:18:e4:
47:27:03:8a:a7:7f:51:17:05:07:de:f5:83:4c:8c:ab:eb:db:
38:8f:b4:61:88:33:f4:ad:e3:c1:2c:60:4b:44:99:da:ed:37:
38:54:d8:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPmQTU/dP72GbJNXGp+/CFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNDYwZDIwMTc5NWE2YTk5MmVkNGFjMThiYjdjNTJjMTA4
Yjc4NTIwHhcNMjUxMTA0MTYwMDE5WhcNMjUxMTA1MTYwMDE5WjAzMTEwLwYDVQQD
EygwYjBlNGM4ZWIzOGRhZGI3ZTNhYWVjNGQ1YTc5N2I0YTc2OTA5Njk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0e2kZ31EPGIuCjfH4bMMT4zBwwy9
MPqLI+3goTueOs/Xf1AEnqxJZNLQb1/NuxSjYIeKOIES9Ln/6w2lGqAAbR77b8EM
aijQ1F81EL/NgjUEodD0m1SpBD80tON/8rpP6QPlrpDBC5qUVLO3E3IbNpnSDzrw
7tpz7ep/hXgEdFf7/doTQEhh8pV5ZSiSNi8ugtEHHtef+K8WVWTVkATGbsBxxbz8
IJla0c1eX7nleOtvAQtNKtNsujR/uQh+DNTEIel8M8K4cXwvg3Sp72MxK3PFOE1R
qlbxWdaU6zvy2fbqRB0pvRVywH6CAC5ZXQL/7wxMaaQR6/3m8LmvYoVDpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAsOTI6zja2346rsTVp5e0p2kJaZMB8GA1UdIwQY
MBaAFNtGDSAXlaapku1KwYu3xSwQi3hSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xZjM0NmEtYTg3ZC00OTU3LWE0Y2Ut
ZTgyZWQzZDc2YTg3LzEvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8xZjM0NmEtYTg3ZC00OTU3LWE0Y2UtZTgyZWQzZDc2YTg3
LzEvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkBEc6q1n
5RE4z/DpXj+2ZRbWqeWS+vaq7NIz0Tr+2+rqJZ8a0/X84XpILIICJrQ7iuHluCEk
SITB5j2hZvWpdQPJ6pXPC6aQbPIq3pwSv6I9njFtZem2O0kkVZCvQE2Wj4Oigp61
WSSMhth6trvsWlSu0jAqbzSfSPWpfubF6nOmX6acRyu2m3mD/hVPyZlc1poYgBHd
fw3c64+Om5tgLqBx6p+26wxzhV9Q+hqXYuYnRP2gqa3shmqqqxh2pokUmHTty31S
Ck4cQIgh3MXwPW5K73QkABjkRycDiqd/URcFB971g0yMq+vbOI+0YYgz9K3jwSxg
S0SZ2u03OFTYBw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:35:51 2025 by rpki-client