Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/8f30ea-eb2e-44ce-a93c-d0cadfe84b19/1/21LN5wkMV9jpwx1Rh0jfkiueBM4.mft
File: 21LN5wkMV9jpwx1Rh0jfkiueBM4.mft (raw, json)
Hash identifier: Q1xwMDPvzT1MbF+g5PBcsJjXwNEhceHcJxtNtryfLys=
Subject key identifier: B8:DE:7F:82:C1:11:34:CF:B1:28:1F:1F:0D:50:5F:83:4B:8E:51:A7
Authority key identifier: DB:52:CD:E7:09:0C:57:D8:E9:C3:1D:51:87:48:DF:92:2B:9E:04:CE
Certificate issuer: /CN=db52cde7090c57d8e9c31d518748df922b9e04ce
Certificate serial: 019A4E4FAB9E27EE1D527936C528A2FAF8DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/21LN5wkMV9jpwx1Rh0jfkiueBM4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/8f30ea-eb2e-44ce-a93c-d0cadfe84b19/1/21LN5wkMV9jpwx1Rh0jfkiueBM4.mft
Manifest number: 1580
Signing time: Tue 04 Nov 2025 10:00:35 +0000
Manifest this update: Tue 04 Nov 2025 10:00:35 +0000
Manifest next update: Wed 05 Nov 2025 10:00:35 +0000
Files and hashes: 1: 21LN5wkMV9jpwx1Rh0jfkiueBM4.crl (hash: EpjvmMv/5z4h1itIDGvi199vdm8eI+WdodPfUPgZoqw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/8f30ea-eb2e-44ce-a93c-d0cadfe84b19/1/21LN5wkMV9jpwx1Rh0jfkiueBM4.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/8f30ea-eb2e-44ce-a93c-d0cadfe84b19/1/21LN5wkMV9jpwx1Rh0jfkiueBM4.mft
rsync://rpki.ripe.net/repository/DEFAULT/21LN5wkMV9jpwx1Rh0jfkiueBM4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:4f:ab:9e:27:ee:1d:52:79:36:c5:28:a2:fa:f8:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db52cde7090c57d8e9c31d518748df922b9e04ce
Validity
Not Before: Nov 4 10:00:35 2025 GMT
Not After : Nov 5 10:00:35 2025 GMT
Subject: CN=b8de7f82c11134cfb1281f1f0d505f834b8e51a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:3d:1f:5c:4d:a4:8b:b4:6f:f1:27:68:66:f1:
75:e7:7a:b9:e9:57:c5:ae:74:11:a9:5c:f0:44:e9:
ff:59:6f:00:ca:f5:32:1d:40:a9:d6:23:dc:8d:97:
57:ee:bb:46:27:9e:f9:7d:4e:8d:f4:6a:a8:38:b5:
9a:7d:67:40:1f:9a:82:f3:bf:37:95:93:44:64:49:
6a:0d:da:ea:b2:ac:3b:82:4f:8e:ff:bf:94:14:2e:
19:bc:6c:77:15:da:79:da:6b:5e:aa:a2:f6:15:cf:
75:c3:c4:fa:ea:ae:41:bf:90:0f:90:69:51:f4:01:
ec:41:1e:0f:34:8e:c9:76:1e:4f:e1:53:09:ef:29:
ff:8e:1d:96:3c:8d:30:81:cd:1c:92:39:c9:8d:c8:
c3:86:63:67:5a:93:11:00:f3:26:07:17:00:6d:16:
af:1b:ac:07:42:a2:5c:c5:ea:47:2f:cd:40:27:a7:
7d:f8:31:6e:1b:cb:4f:dc:23:2c:0b:06:24:3c:a9:
2a:93:e1:35:aa:cb:6e:88:6c:dc:2c:65:eb:44:a7:
ce:90:97:c8:a6:23:79:a5:1e:3b:9e:46:9a:25:ce:
1e:47:22:46:08:77:10:1f:f7:ea:df:fa:ef:f2:47:
20:3c:a6:8a:1f:52:e5:b5:38:eb:c9:85:ac:02:12:
1a:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:DE:7F:82:C1:11:34:CF:B1:28:1F:1F:0D:50:5F:83:4B:8E:51:A7
X509v3 Authority Key Identifier:
keyid:DB:52:CD:E7:09:0C:57:D8:E9:C3:1D:51:87:48:DF:92:2B:9E:04:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/21LN5wkMV9jpwx1Rh0jfkiueBM4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/8f30ea-eb2e-44ce-a93c-d0cadfe84b19/1/21LN5wkMV9jpwx1Rh0jfkiueBM4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/8f30ea-eb2e-44ce-a93c-d0cadfe84b19/1/21LN5wkMV9jpwx1Rh0jfkiueBM4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4f:1b:e1:51:90:03:ab:49:c9:26:e6:77:be:c2:ae:89:76:62:
ae:e0:a3:ac:14:d6:17:1f:a7:c4:03:7a:72:8a:4d:19:eb:95:
69:fa:57:d7:17:18:7a:9d:4b:31:89:25:5f:d7:66:e8:b1:a0:
30:38:c3:64:d4:5c:95:ee:9f:4b:63:4e:21:07:90:58:9a:81:
61:d8:78:b0:f4:1c:a9:da:c5:99:d4:66:57:d7:9b:5c:76:b0:
84:16:a0:b6:da:87:ec:db:4d:9d:41:c3:e7:80:b5:a7:ec:f2:
5b:27:87:6f:24:89:0b:8b:93:54:c8:bf:26:04:83:28:59:d3:
fd:c9:35:ad:38:b7:a3:06:0f:55:5b:fd:27:d9:0b:b2:e0:80:
81:2b:a6:82:52:53:76:f2:d7:bf:d8:e1:c6:e4:ca:dd:3a:bd:
d6:99:74:20:e7:c5:ea:c5:16:b8:6f:13:39:69:6e:66:77:5f:
51:ea:c9:62:75:09:b3:52:72:2a:8a:ef:be:87:1b:0a:96:33:
7a:2f:21:60:46:59:8c:78:fc:d2:ab:e9:01:cc:f2:1f:ec:e1:
8d:f1:db:a9:05:d3:80:22:30:fc:81:6f:db:5b:a3:46:be:c6:
91:c8:a2:e8:dc:a7:16:3a:96:78:3d:62:ff:9f:30:67:f3:c6:
ef:6f:a4:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOT6ueJ+4dUnk2xSii+vjbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNTJjZGU3MDkwYzU3ZDhlOWMzMWQ1MTg3NDhkZjkyMmI5
ZTA0Y2UwHhcNMjUxMTA0MTAwMDM1WhcNMjUxMTA1MTAwMDM1WjAzMTEwLwYDVQQD
EyhiOGRlN2Y4MmMxMTEzNGNmYjEyODFmMWYwZDUwNWY4MzRiOGU1MWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtD0fXE2ki7Rv8SdoZvF153q56VfF
rnQRqVzwROn/WW8AyvUyHUCp1iPcjZdX7rtGJ575fU6N9GqoOLWafWdAH5qC8783
lZNEZElqDdrqsqw7gk+O/7+UFC4ZvGx3Fdp52mteqqL2Fc91w8T66q5Bv5APkGlR
9AHsQR4PNI7Jdh5P4VMJ7yn/jh2WPI0wgc0ckjnJjcjDhmNnWpMRAPMmBxcAbRav
G6wHQqJcxepHL81AJ6d9+DFuG8tP3CMsCwYkPKkqk+E1qstuiGzcLGXrRKfOkJfI
piN5pR47nkaaJc4eRyJGCHcQH/fq3/rv8kcgPKaKH1LltTjryYWsAhIapQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLjef4LBETTPsSgfHw1QX4NLjlGnMB8GA1UdIwQY
MBaAFNtSzecJDFfY6cMdUYdI35IrngTOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjFMTjV3a01WOWpwd3gxUmgwamZraXVlQk00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC84ZjMwZWEtZWIyZS00NGNlLWE5M2Mt
ZDBjYWRmZTg0YjE5LzEvMjFMTjV3a01WOWpwd3gxUmgwamZraXVlQk00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC84ZjMwZWEtZWIyZS00NGNlLWE5M2MtZDBjYWRmZTg0YjE5
LzEvMjFMTjV3a01WOWpwd3gxUmgwamZraXVlQk00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATxvhUZAD
q0nJJuZ3vsKuiXZiruCjrBTWFx+nxAN6copNGeuVafpX1xcYep1LMYklX9dm6LGg
MDjDZNRcle6fS2NOIQeQWJqBYdh4sPQcqdrFmdRmV9ebXHawhBagttqH7NtNnUHD
54C1p+zyWyeHbySJC4uTVMi/JgSDKFnT/ck1rTi3owYPVVv9J9kLsuCAgSumglJT
dvLXv9jhxuTK3Tq91pl0IOfF6sUWuG8TOWluZndfUerJYnUJs1JyKorvvocbCpYz
ei8hYEZZjHj80qvpAczyH+zhjfHbqQXTgCIw/IFv21ujRr7Gkcii6NynFjqWeD1i
/58wZ/PG72+kUQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:36:06 2025 by rpki-client