Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.mft
File: aBHhJcs1cHby-jE4yT6aJoGxeJM.mft (raw, json)
Hash identifier: eJKohdt87Peiq+dL8VLwJg90gb6kACGsA1SP8FZKwCo=
Subject key identifier: BF:36:5E:46:89:A6:66:6E:BD:E3:8F:61:61:30:66:68:08:0E:48:73
Authority key identifier: 68:11:E1:25:CB:35:70:76:F2:FA:31:38:C9:3E:9A:26:81:B1:78:93
Certificate issuer: /CN=6811e125cb357076f2fa3138c93e9a2681b17893
Certificate serial: 019A4EF47021C8F719D209F1C772F38F69E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aBHhJcs1cHby-jE4yT6aJoGxeJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.mft
Manifest number: 170D
Signing time: Tue 04 Nov 2025 13:00:33 +0000
Manifest this update: Tue 04 Nov 2025 13:00:33 +0000
Manifest next update: Wed 05 Nov 2025 13:00:33 +0000
Files and hashes: 1: aBHhJcs1cHby-jE4yT6aJoGxeJM.crl (hash: CKYuNshL2N4miSZAgbcRLDpTgxjTDJy2ATHEKi7vcN0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.mft
rsync://rpki.ripe.net/repository/DEFAULT/aBHhJcs1cHby-jE4yT6aJoGxeJM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f4:70:21:c8:f7:19:d2:09:f1:c7:72:f3:8f:69:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6811e125cb357076f2fa3138c93e9a2681b17893
Validity
Not Before: Nov 4 13:00:33 2025 GMT
Not After : Nov 5 13:00:33 2025 GMT
Subject: CN=bf365e4689a6666ebde38f6161306668080e4873
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:3a:ff:5e:90:a2:b1:d3:24:d2:fb:81:f3:40:
93:0e:28:3b:a0:a9:3b:6e:cc:1d:1c:34:82:16:ad:
db:1b:4f:f3:27:46:5b:b2:57:d6:41:a6:e0:3c:b5:
8c:ab:5f:06:af:23:9f:ac:c7:c6:e2:ec:cf:ad:b3:
c5:23:e0:43:06:43:59:f9:8c:a1:7b:6c:50:79:08:
93:7f:11:de:0a:5d:5b:ab:83:02:dc:13:49:db:48:
93:41:a8:9e:99:a4:ff:91:3e:c8:f8:c3:77:30:ee:
6e:4c:7e:93:33:0a:96:2d:28:4f:95:da:4d:a1:6c:
dd:a9:c4:51:b8:f5:e7:4f:a7:10:fa:04:83:ea:ae:
7b:ab:73:c2:66:9e:e1:eb:6c:67:b7:ab:19:58:55:
78:d7:96:ee:93:d8:d5:c6:93:25:e0:28:45:19:d0:
b8:c7:b0:ff:a9:d7:36:15:9a:21:9c:48:6e:c0:52:
cd:1e:46:96:67:ca:60:de:66:41:dc:ac:ff:1e:47:
04:f7:f6:9a:e5:cb:a6:75:f0:d5:fa:f8:85:19:b0:
4e:23:5c:22:19:80:f9:55:8e:7e:77:59:85:6e:53:
15:2e:17:bd:4f:7b:5b:e8:0f:f3:83:07:41:26:21:
76:01:07:13:db:c2:3c:9e:2f:f4:69:c9:32:51:d1:
1f:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:36:5E:46:89:A6:66:6E:BD:E3:8F:61:61:30:66:68:08:0E:48:73
X509v3 Authority Key Identifier:
keyid:68:11:E1:25:CB:35:70:76:F2:FA:31:38:C9:3E:9A:26:81:B1:78:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aBHhJcs1cHby-jE4yT6aJoGxeJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
27:55:f9:65:b2:7a:6b:4f:d2:3c:6d:56:a2:1c:3d:f3:ed:4e:
1a:6c:03:88:3e:da:b1:b3:f0:ef:cc:e8:1d:c6:54:a1:7e:55:
9f:60:e4:70:cf:6f:88:13:db:2f:ff:f6:79:10:53:f8:9e:d9:
89:a2:82:8d:43:fc:c9:0a:69:c2:ea:c4:d1:0a:2b:fa:b7:97:
c7:fb:56:1e:28:12:c8:67:65:01:40:c8:ab:50:95:4f:7d:b0:
05:c4:0e:91:cc:a5:5b:2d:65:39:78:7a:b7:cf:1e:e1:86:a8:
76:b2:44:41:50:32:52:0a:8e:1c:fc:28:a2:b7:5c:b4:c8:8a:
5f:e6:ad:a5:7f:fa:ed:e3:6b:e6:dc:1c:d3:5f:41:00:8b:64:
e2:e2:f2:9e:f1:7e:58:46:26:42:44:f5:02:54:2e:61:1a:86:
6f:f0:10:15:2c:c2:dd:e6:e8:3c:0d:da:81:ad:8e:02:1b:fb:
cd:0b:73:c3:a3:e9:80:86:21:7f:68:41:ac:1a:43:d9:f4:29:
9f:47:73:26:db:ba:5f:b4:9e:a8:7b:20:32:19:ec:22:24:bf:
9b:f2:7d:4c:d9:59:34:4c:65:46:7c:20:bc:d3:15:9b:fc:a0:
26:f3:7f:22:c0:32:eb:b6:e1:fd:7d:b2:d2:04:4c:a9:32:3b:
ab:3b:f8:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9HAhyPcZ0gnxx3Lzj2noMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MTFlMTI1Y2IzNTcwNzZmMmZhMzEzOGM5M2U5YTI2ODFi
MTc4OTMwHhcNMjUxMTA0MTMwMDMzWhcNMjUxMTA1MTMwMDMzWjAzMTEwLwYDVQQD
EyhiZjM2NWU0Njg5YTY2NjZlYmRlMzhmNjE2MTMwNjY2ODA4MGU0ODczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDr/XpCisdMk0vuB80CTDig7oKk7
bswdHDSCFq3bG0/zJ0ZbslfWQabgPLWMq18GryOfrMfG4uzPrbPFI+BDBkNZ+Yyh
e2xQeQiTfxHeCl1bq4MC3BNJ20iTQaiemaT/kT7I+MN3MO5uTH6TMwqWLShPldpN
oWzdqcRRuPXnT6cQ+gSD6q57q3PCZp7h62xnt6sZWFV415buk9jVxpMl4ChFGdC4
x7D/qdc2FZohnEhuwFLNHkaWZ8pg3mZB3Kz/HkcE9/aa5cumdfDV+viFGbBOI1wi
GYD5VY5+d1mFblMVLhe9T3tb6A/zgwdBJiF2AQcT28I8ni/0ackyUdEfXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL82XkaJpmZuveOPYWEwZmgIDkhzMB8GA1UdIwQY
MBaAFGgR4SXLNXB28voxOMk+miaBsXiTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUJIaEpjczFjSGJ5LWpFNHlUNmFKb0d4ZUpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lYmFjYmQtODE5MC00ZTVhLWEwM2Et
Y2Q0Mzk0OTJiN2FlLzEvYUJIaEpjczFjSGJ5LWpFNHlUNmFKb0d4ZUpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lYmFjYmQtODE5MC00ZTVhLWEwM2EtY2Q0Mzk0OTJiN2Fl
LzEvYUJIaEpjczFjSGJ5LWpFNHlUNmFKb0d4ZUpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ1X5ZbJ6
a0/SPG1Wohw98+1OGmwDiD7asbPw78zoHcZUoX5Vn2DkcM9viBPbL//2eRBT+J7Z
iaKCjUP8yQppwurE0Qor+reXx/tWHigSyGdlAUDIq1CVT32wBcQOkcylWy1lOXh6
t88e4YaodrJEQVAyUgqOHPwoordctMiKX+atpX/67eNr5twc019BAItk4uLynvF+
WEYmQkT1AlQuYRqGb/AQFSzC3eboPA3aga2OAhv7zQtzw6PpgIYhf2hBrBpD2fQp
n0dzJtu6X7SeqHsgMhnsIiS/m/J9TNlZNExlRnwgvNMVm/ygJvN/IsAy67bh/X2y
0gRMqTI7qzv4oA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:41:13 2025 by rpki-client