Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft
File: IEBQzFlTby2UB2koI4kMzdqFRQg.mft (raw, json)
Hash identifier: x0Kgq9l91b21VhGkyfaAH+KpN/Mr4gtR2rH8LI+hsrM=
Subject key identifier: BA:C6:67:84:29:32:6C:4F:32:0A:CE:AF:C4:0E:22:4C:D9:F5:AB:CE
Authority key identifier: 20:40:50:CC:59:53:6F:2D:94:07:69:28:23:89:0C:CD:DA:85:45:08
Certificate issuer: /CN=204050cc59536f2d9407692823890ccdda854508
Certificate serial: 019A4EF50AAB023F114388E9BFC2ABC1C2A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IEBQzFlTby2UB2koI4kMzdqFRQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft
Manifest number: 051C
Signing time: Tue 04 Nov 2025 13:01:13 +0000
Manifest this update: Tue 04 Nov 2025 13:01:13 +0000
Manifest next update: Wed 05 Nov 2025 13:01:13 +0000
Files and hashes: 1: IEBQzFlTby2UB2koI4kMzdqFRQg.crl (hash: w2rx0wZ/fz/GPtIaA3PXfwqVTWq8buSImG9M9O/5RNs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft
rsync://rpki.ripe.net/repository/DEFAULT/IEBQzFlTby2UB2koI4kMzdqFRQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f5:0a:ab:02:3f:11:43:88:e9:bf:c2:ab:c1:c2:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=204050cc59536f2d9407692823890ccdda854508
Validity
Not Before: Nov 4 13:01:13 2025 GMT
Not After : Nov 5 13:01:13 2025 GMT
Subject: CN=bac6678429326c4f320aceafc40e224cd9f5abce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d9:9a:38:e8:ad:e8:3c:e9:10:e0:c0:cc:b0:
3d:ac:2b:a6:76:f2:18:bd:62:7e:3d:41:53:d5:00:
c7:0e:2e:bd:5a:fd:d7:9a:42:41:89:f7:4f:ce:5f:
50:3c:76:00:7b:5e:d7:62:cb:99:90:2e:3b:8a:92:
c1:0a:01:a7:30:e9:11:fd:e2:30:15:e6:e8:2f:21:
85:c6:11:21:23:d1:cd:fb:93:63:64:81:50:11:44:
89:2e:16:b1:bb:73:d9:fa:06:e2:28:07:fb:10:e7:
57:1b:92:1b:46:b8:72:61:ef:89:51:ee:27:03:61:
ac:e1:30:3b:b4:92:00:3b:ab:79:19:6c:2a:6b:9e:
d1:85:9b:49:ba:17:d7:f6:9f:ab:4b:f1:bd:91:d0:
9f:ec:60:fd:d5:3d:99:5b:ba:99:0e:ed:bb:a3:5c:
3e:4c:2a:ca:0e:4f:50:b2:35:d2:8a:8c:cb:05:27:
0e:51:7d:dd:7b:1d:9e:6b:2e:c5:10:3b:84:b8:c1:
22:dd:08:f9:6c:8c:5d:ab:24:c3:bb:9a:51:70:c4:
80:07:0b:a3:46:fa:ef:a3:36:d4:fa:14:e6:ec:28:
3e:a7:aa:7e:98:38:59:9e:a8:66:6a:86:7a:15:40:
39:0c:06:85:e3:d9:ac:76:0e:ed:ff:61:91:95:33:
fa:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:C6:67:84:29:32:6C:4F:32:0A:CE:AF:C4:0E:22:4C:D9:F5:AB:CE
X509v3 Authority Key Identifier:
keyid:20:40:50:CC:59:53:6F:2D:94:07:69:28:23:89:0C:CD:DA:85:45:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IEBQzFlTby2UB2koI4kMzdqFRQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
78:92:be:15:d0:6c:aa:11:a0:65:bb:24:b7:73:bb:cb:ca:d8:
62:51:7f:39:f6:2e:de:11:de:f4:4a:8e:c0:1b:0f:30:38:ac:
a3:7d:9b:1f:44:c4:57:e6:6c:1d:e8:5f:94:74:05:e1:0e:7d:
4e:40:1f:33:cc:ee:96:8e:69:39:44:f2:e3:47:66:0a:21:fc:
95:73:2e:04:8a:49:8b:42:11:83:e1:fe:6b:1c:3d:0a:4a:64:
3a:1d:f8:d9:f8:be:0f:02:51:82:97:ba:46:6b:12:a4:9f:3e:
d7:3a:cf:99:f3:a9:3b:b6:2a:5e:5d:41:48:90:d6:c2:01:7a:
24:7c:bb:52:bf:af:1e:fa:74:84:0b:e1:11:40:bf:d1:1c:0b:
39:fa:5a:8c:e0:61:7c:7f:5f:a1:d7:3e:cd:d5:1c:4b:5c:8a:
aa:77:88:b4:58:e4:40:26:00:b3:1b:6c:b0:44:40:ca:69:c0:
91:44:79:74:e8:b9:c1:dd:99:0d:a9:07:11:72:40:02:5c:63:
bf:d8:2d:af:9e:58:eb:f3:ce:db:51:28:94:8f:da:4b:e4:7a:
cc:c6:93:ca:63:9a:86:d5:e2:03:fc:76:80:ef:ff:7b:13:64:
1f:c9:7d:ab:8e:7c:9a:e3:56:91:eb:c9:f3:7c:ec:99:39:fe:
27:52:06:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9QqrAj8RQ4jpv8KrwcKoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNDA1MGNjNTk1MzZmMmQ5NDA3NjkyODIzODkwY2NkZGE4
NTQ1MDgwHhcNMjUxMTA0MTMwMTEzWhcNMjUxMTA1MTMwMTEzWjAzMTEwLwYDVQQD
EyhiYWM2Njc4NDI5MzI2YzRmMzIwYWNlYWZjNDBlMjI0Y2Q5ZjVhYmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttmaOOit6DzpEODAzLA9rCumdvIY
vWJ+PUFT1QDHDi69Wv3XmkJBifdPzl9QPHYAe17XYsuZkC47ipLBCgGnMOkR/eIw
FeboLyGFxhEhI9HN+5NjZIFQEUSJLhaxu3PZ+gbiKAf7EOdXG5IbRrhyYe+JUe4n
A2Gs4TA7tJIAO6t5GWwqa57RhZtJuhfX9p+rS/G9kdCf7GD91T2ZW7qZDu27o1w+
TCrKDk9QsjXSiozLBScOUX3dex2eay7FEDuEuMEi3Qj5bIxdqyTDu5pRcMSABwuj
RvrvozbU+hTm7Cg+p6p+mDhZnqhmaoZ6FUA5DAaF49msdg7t/2GRlTP6yQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLrGZ4QpMmxPMgrOr8QOIkzZ9avOMB8GA1UdIwQY
MBaAFCBAUMxZU28tlAdpKCOJDM3ahUUIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUVCUXpGbFRieTJVQjJrb0k0a016ZHFGUlFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8wNDU1ZDUtYWU1Ni00ODIwLWExZTkt
OWI0MzdkYmZkMzUzLzEvSUVCUXpGbFRieTJVQjJrb0k0a016ZHFGUlFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8wNDU1ZDUtYWU1Ni00ODIwLWExZTktOWI0MzdkYmZkMzUz
LzEvSUVCUXpGbFRieTJVQjJrb0k0a016ZHFGUlFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeJK+FdBs
qhGgZbskt3O7y8rYYlF/OfYu3hHe9EqOwBsPMDiso32bH0TEV+ZsHehflHQF4Q59
TkAfM8zulo5pOUTy40dmCiH8lXMuBIpJi0IRg+H+axw9CkpkOh342fi+DwJRgpe6
RmsSpJ8+1zrPmfOpO7YqXl1BSJDWwgF6JHy7Ur+vHvp0hAvhEUC/0RwLOfpajOBh
fH9fodc+zdUcS1yKqneItFjkQCYAsxtssERAymnAkUR5dOi5wd2ZDakHEXJAAlxj
v9gtr55Y6/PO21EolI/aS+R6zMaTymOahtXiA/x2gO//exNkH8l9q458muNWkevJ
83zsmTn+J1IGSQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:21:23 2025 by rpki-client