Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
File: sd_KrmUzbQycpCWFpG2Yyawk9eU.mft (raw, json)
Hash identifier: bpw9VaNDUJEqcN4pnE+ESA0ltelFNpplCA9oW2+lEXY=
Subject key identifier: 7B:0E:6F:97:35:54:3B:24:F1:3E:5E:16:EC:E6:27:DC:AC:BC:86:05
Authority key identifier: B1:DF:CA:AE:65:33:6D:0C:9C:A4:25:85:A4:6D:98:C9:AC:24:F5:E5
Certificate issuer: /CN=b1dfcaae65336d0c9ca42585a46d98c9ac24f5e5
Certificate serial: 019A4E18CFA3E20AF8F69421E790086FE87B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
Manifest number: 0353
Signing time: Tue 04 Nov 2025 09:00:40 +0000
Manifest this update: Tue 04 Nov 2025 09:00:40 +0000
Manifest next update: Wed 05 Nov 2025 09:00:40 +0000
Files and hashes: 1: sd_KrmUzbQycpCWFpG2Yyawk9eU.crl (hash: tx87MvaR8VgNlmC0oJFDJIuG86p9vwnvmcZ30CVvb8U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:18:cf:a3:e2:0a:f8:f6:94:21:e7:90:08:6f:e8:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1dfcaae65336d0c9ca42585a46d98c9ac24f5e5
Validity
Not Before: Nov 4 09:00:40 2025 GMT
Not After : Nov 5 09:00:40 2025 GMT
Subject: CN=7b0e6f9735543b24f13e5e16ece627dcacbc8605
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:21:88:a0:6a:cd:0e:35:e6:6c:03:1a:9d:a9:
0a:99:db:df:46:d5:ae:fc:16:06:2d:3a:7a:d1:36:
47:24:6e:0a:9d:3e:c9:7d:d6:ba:bb:3c:d2:ff:98:
85:28:7e:9b:cd:37:5b:4a:76:56:c9:83:83:f4:b0:
32:3e:4c:69:5a:61:8b:c1:7c:54:cf:63:4c:d1:7e:
1e:26:4b:c2:4d:73:d8:57:90:27:46:4c:81:fe:c5:
92:6f:72:80:b7:95:a1:9b:fa:0a:c9:78:ba:d6:9a:
f0:2c:d1:c9:50:da:79:2b:68:89:8c:8d:73:2d:39:
f5:ee:5e:14:98:fe:d2:38:9b:01:a6:35:c0:cc:c2:
45:74:27:12:b8:19:3b:c8:ab:54:24:b6:41:dd:8a:
d4:04:1a:9b:84:c1:38:e5:07:c5:b4:6c:60:8d:b2:
6f:d5:45:10:4f:16:ad:fa:00:99:d7:7a:01:33:7e:
4a:85:ad:14:bf:76:0a:39:8b:9b:2e:f0:75:79:aa:
39:47:d4:6c:42:30:cb:1a:81:4e:92:03:0a:e0:f1:
67:86:71:55:37:cc:01:6d:5f:10:c8:83:36:4a:9f:
5e:d4:da:b7:6d:3b:ac:68:e9:17:a5:f2:14:7d:e0:
6a:95:62:13:32:ea:8c:57:43:ff:2b:ae:ec:90:ea:
fe:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:0E:6F:97:35:54:3B:24:F1:3E:5E:16:EC:E6:27:DC:AC:BC:86:05
X509v3 Authority Key Identifier:
keyid:B1:DF:CA:AE:65:33:6D:0C:9C:A4:25:85:A4:6D:98:C9:AC:24:F5:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3c:69:c9:e7:e6:2c:3c:e7:fc:c5:12:44:06:05:44:fc:74:cc:
a7:1a:49:58:82:88:36:e9:ba:a3:21:fe:c8:2d:d6:a4:28:05:
fe:0f:68:d2:41:b7:26:7c:a6:69:78:06:7d:30:1f:5c:a8:89:
7d:5f:08:55:e3:91:14:ac:69:e1:fd:8c:03:c6:0d:56:a8:e4:
e6:ef:1e:ba:2d:90:22:74:fc:c6:a2:04:ba:19:65:20:f7:d7:
3f:72:fd:d3:a0:1e:e8:b6:60:12:ac:b3:ee:bb:d2:df:33:17:
0f:75:ce:c0:c4:26:d9:20:87:b0:a7:5d:84:96:c3:d0:d8:3d:
ed:3e:88:10:71:db:88:26:84:d2:c6:73:32:d4:e5:12:88:1f:
21:e7:af:6b:fc:70:b9:7a:40:24:c3:56:0a:72:19:d7:6e:e8:
2a:99:05:51:48:41:a1:16:94:8a:1c:22:1e:6f:bf:a0:f5:ee:
c6:9e:1c:d1:4b:59:eb:f2:f3:42:f6:ac:ee:94:a1:da:a6:88:
e2:bd:e1:41:38:e7:de:8b:d0:e8:17:81:e4:6c:9a:89:6c:39:
cd:55:73:75:3d:e6:26:a2:b6:bb:41:8d:63:9b:de:70:28:d4:
44:a7:41:08:e7:2a:bf:ff:18:a6:06:44:34:8d:36:c2:7e:df:
76:93:7d:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGM+j4gr49pQh55AIb+h7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZGZjYWFlNjUzMzZkMGM5Y2E0MjU4NWE0NmQ5OGM5YWMy
NGY1ZTUwHhcNMjUxMTA0MDkwMDQwWhcNMjUxMTA1MDkwMDQwWjAzMTEwLwYDVQQD
Eyg3YjBlNmY5NzM1NTQzYjI0ZjEzZTVlMTZlY2U2MjdkY2FjYmM4NjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5SGIoGrNDjXmbAManakKmdvfRtWu
/BYGLTp60TZHJG4KnT7Jfda6uzzS/5iFKH6bzTdbSnZWyYOD9LAyPkxpWmGLwXxU
z2NM0X4eJkvCTXPYV5AnRkyB/sWSb3KAt5Whm/oKyXi61prwLNHJUNp5K2iJjI1z
LTn17l4UmP7SOJsBpjXAzMJFdCcSuBk7yKtUJLZB3YrUBBqbhME45QfFtGxgjbJv
1UUQTxat+gCZ13oBM35Kha0Uv3YKOYubLvB1eao5R9RsQjDLGoFOkgMK4PFnhnFV
N8wBbV8QyIM2Sp9e1Nq3bTusaOkXpfIUfeBqlWITMuqMV0P/K67skOr+cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHsOb5c1VDsk8T5eFuzmJ9ysvIYFMB8GA1UdIwQY
MBaAFLHfyq5lM20MnKQlhaRtmMmsJPXlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8xOTg3N2QtMzkzMi00NzJlLTllNjQt
YzQ1ZTg5MjRjNTRhLzEvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8xOTg3N2QtMzkzMi00NzJlLTllNjQtYzQ1ZTg5MjRjNTRh
LzEvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPGnJ5+Ys
POf8xRJEBgVE/HTMpxpJWIKINum6oyH+yC3WpCgF/g9o0kG3JnymaXgGfTAfXKiJ
fV8IVeORFKxp4f2MA8YNVqjk5u8eui2QInT8xqIEuhllIPfXP3L906Ae6LZgEqyz
7rvS3zMXD3XOwMQm2SCHsKddhJbD0Ng97T6IEHHbiCaE0sZzMtTlEogfIeeva/xw
uXpAJMNWCnIZ127oKpkFUUhBoRaUihwiHm+/oPXuxp4c0UtZ6/LzQvas7pSh2qaI
4r3hQTjn3ovQ6BeB5GyaiWw5zVVzdT3mJqK2u0GNY5vecCjURKdBCOcqv/8YpgZE
NI02wn7fdpN9qg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:53:56 2025 by rpki-client