Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft
File: ALlD7lfDXyx_T-wGhel9YDsHytI.mft (raw, json)
Hash identifier: Yqo6ZhYWVQvSR/3e5WSg5pmim8IGBuQnbXBgSb5zALE=
Subject key identifier: 6F:8B:50:EB:80:CD:89:3D:20:0B:5E:D2:A0:6C:3C:2F:F3:A2:89:91
Authority key identifier: 00:B9:43:EE:57:C3:5F:2C:7F:4F:EC:06:85:E9:7D:60:3B:07:CA:D2
Certificate issuer: /CN=00b943ee57c35f2c7f4fec0685e97d603b07cad2
Certificate serial: 019A4E500CDC4C4FEC07AC1FF7BA2E5ACA28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ALlD7lfDXyx_T-wGhel9YDsHytI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft
Manifest number: 0ACF
Signing time: Tue 04 Nov 2025 10:01:00 +0000
Manifest this update: Tue 04 Nov 2025 10:01:00 +0000
Manifest next update: Wed 05 Nov 2025 10:01:00 +0000
Files and hashes: 1: ALlD7lfDXyx_T-wGhel9YDsHytI.crl (hash: pcqNYo1dMiwN0cxPHv3wfhIA4Yiw39c7rCwguvyh290=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ALlD7lfDXyx_T-wGhel9YDsHytI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:50:0c:dc:4c:4f:ec:07:ac:1f:f7:ba:2e:5a:ca:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00b943ee57c35f2c7f4fec0685e97d603b07cad2
Validity
Not Before: Nov 4 10:01:00 2025 GMT
Not After : Nov 5 10:01:00 2025 GMT
Subject: CN=6f8b50eb80cd893d200b5ed2a06c3c2ff3a28991
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:d1:0a:35:15:b3:9e:d3:6d:69:0a:35:05:ce:
6f:68:10:65:54:0c:27:d1:60:03:7f:90:ee:40:38:
5c:35:ed:78:f5:d8:47:0a:1c:e3:30:3c:95:ba:12:
03:7d:90:8b:e7:01:41:0b:54:9f:26:61:a7:0c:bd:
f3:7a:0e:87:43:0b:bb:1e:11:69:d7:1f:a0:9f:5c:
bb:4d:49:fd:af:1a:15:e8:83:8b:25:9a:bf:a4:98:
f0:95:d1:a5:00:81:e6:50:e4:ff:b0:dd:14:7b:31:
81:a1:3b:1d:91:a9:b3:ee:d8:12:53:76:5c:84:a5:
ed:e7:ab:65:4f:d3:30:d6:04:05:e3:b8:5b:c1:22:
10:cf:0b:67:c8:bb:f1:33:c2:19:2c:32:dd:4a:74:
27:9e:49:9e:4e:87:38:ae:3e:4e:92:58:36:40:22:
99:27:90:6b:58:7b:1b:34:94:b6:2a:e1:c1:ea:d0:
e5:8e:81:a8:0e:46:19:51:77:d2:f4:ef:44:6c:40:
13:92:81:6f:9b:a6:81:08:a6:50:8d:6a:ab:91:6d:
56:8e:94:66:0b:5a:24:2e:67:d8:9f:99:28:f4:5e:
84:ef:ef:93:e1:45:4d:4a:a7:b5:a1:a0:d5:b2:9d:
0e:dd:95:40:c1:63:05:94:86:e4:3c:a7:5f:02:04:
0e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:8B:50:EB:80:CD:89:3D:20:0B:5E:D2:A0:6C:3C:2F:F3:A2:89:91
X509v3 Authority Key Identifier:
keyid:00:B9:43:EE:57:C3:5F:2C:7F:4F:EC:06:85:E9:7D:60:3B:07:CA:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ALlD7lfDXyx_T-wGhel9YDsHytI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
72:89:78:80:00:08:2d:64:ca:c3:29:4d:ff:e0:3c:86:18:7a:
fe:da:73:07:ce:ce:40:c6:ca:2f:0b:d6:ef:54:91:53:20:51:
69:06:70:55:07:bc:8e:5e:9f:87:25:bb:96:87:d5:c9:7e:a0:
96:77:dc:f1:fd:e1:a7:34:5e:35:1a:58:9d:06:86:4c:6e:da:
25:73:12:ac:bf:86:31:95:68:c1:f4:1c:9c:a5:14:35:31:03:
cc:7a:9a:06:c1:ad:9f:ed:99:8d:20:37:53:99:e3:80:4d:10:
ea:5a:22:60:00:fa:9a:84:8c:98:77:9c:eb:cb:47:4a:d3:f8:
d8:d5:24:e1:df:a5:f0:c3:05:20:3c:d3:ac:11:b0:9b:4f:92:
ff:d7:e3:64:3e:4f:77:23:f6:fd:73:c9:f5:c5:96:22:1f:32:
31:d4:b5:40:ff:c3:96:ef:cc:3f:1b:a5:e7:8b:3e:06:a6:ac:
72:97:1c:a6:e8:c2:39:a2:4f:5e:2a:d2:26:0e:9a:7b:cd:df:
09:56:04:27:af:79:00:6e:75:e4:3c:60:d7:b7:48:e2:66:a9:
bc:05:26:a8:b8:01:31:68:fa:c4:de:03:8d:05:60:b2:5e:3e:
4b:01:80:40:2f:f3:c9:13:fb:30:9e:0a:0f:9c:3f:f2:4b:9d:
c9:08:b5:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOUAzcTE/sB6wf97ouWsooMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYjk0M2VlNTdjMzVmMmM3ZjRmZWMwNjg1ZTk3ZDYwM2Iw
N2NhZDIwHhcNMjUxMTA0MTAwMTAwWhcNMjUxMTA1MTAwMTAwWjAzMTEwLwYDVQQD
Eyg2ZjhiNTBlYjgwY2Q4OTNkMjAwYjVlZDJhMDZjM2MyZmYzYTI4OTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1tEKNRWzntNtaQo1Bc5vaBBlVAwn
0WADf5DuQDhcNe149dhHChzjMDyVuhIDfZCL5wFBC1SfJmGnDL3zeg6HQwu7HhFp
1x+gn1y7TUn9rxoV6IOLJZq/pJjwldGlAIHmUOT/sN0UezGBoTsdkamz7tgSU3Zc
hKXt56tlT9Mw1gQF47hbwSIQzwtnyLvxM8IZLDLdSnQnnkmeToc4rj5Oklg2QCKZ
J5BrWHsbNJS2KuHB6tDljoGoDkYZUXfS9O9EbEATkoFvm6aBCKZQjWqrkW1WjpRm
C1okLmfYn5ko9F6E7++T4UVNSqe1oaDVsp0O3ZVAwWMFlIbkPKdfAgQOFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG+LUOuAzYk9IAte0qBsPC/zoomRMB8GA1UdIwQY
MBaAFAC5Q+5Xw18sf0/sBoXpfWA7B8rSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUxsRDdsZkRYeXhfVC13R2hlbDlZRHNIeXRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS80OGYwOWUtNzM4Ni00MTM5LTkxYzgt
M2M4OGU0MGU3MTFjLzEvQUxsRDdsZkRYeXhfVC13R2hlbDlZRHNIeXRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS80OGYwOWUtNzM4Ni00MTM5LTkxYzgtM2M4OGU0MGU3MTFj
LzEvQUxsRDdsZkRYeXhfVC13R2hlbDlZRHNIeXRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcol4gAAI
LWTKwylN/+A8hhh6/tpzB87OQMbKLwvW71SRUyBRaQZwVQe8jl6fhyW7lofVyX6g
lnfc8f3hpzReNRpYnQaGTG7aJXMSrL+GMZVowfQcnKUUNTEDzHqaBsGtn+2ZjSA3
U5njgE0Q6loiYAD6moSMmHec68tHStP42NUk4d+l8MMFIDzTrBGwm0+S/9fjZD5P
dyP2/XPJ9cWWIh8yMdS1QP/Dlu/MPxul54s+BqascpccpujCOaJPXirSJg6ae83f
CVYEJ695AG515Dxg17dI4mapvAUmqLgBMWj6xN4DjQVgsl4+SwGAQC/zyRP7MJ4K
D5w/8kudyQi10g==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:21:20 2025 by rpki-client