Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2a7573-9161-45ba-b93b-5f8b63b11f0b/1/Rii90MjhtQTSlPijkEyNV65jg_Q.mft
File: Rii90MjhtQTSlPijkEyNV65jg_Q.mft (raw, json)
Hash identifier: +YRFJf0NPRMnmF8wESevWHaP9CtQ29aCQfvQdjUDv1M=
Subject key identifier: 5D:C2:64:05:13:C9:81:67:DF:06:59:9F:EA:87:E5:60:A5:43:4C:10
Authority key identifier: 46:28:BD:D0:C8:E1:B5:04:D2:94:F8:A3:90:4C:8D:57:AE:63:83:F4
Certificate issuer: /CN=4628bdd0c8e1b504d294f8a3904c8d57ae6383f4
Certificate serial: 019A4EF5A89E0FCBB3A78BFA7B11FE043CC0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rii90MjhtQTSlPijkEyNV65jg_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2a7573-9161-45ba-b93b-5f8b63b11f0b/1/Rii90MjhtQTSlPijkEyNV65jg_Q.mft
Manifest number: 1709
Signing time: Tue 04 Nov 2025 13:01:53 +0000
Manifest this update: Tue 04 Nov 2025 13:01:53 +0000
Manifest next update: Wed 05 Nov 2025 13:01:53 +0000
Files and hashes: 1: Rii90MjhtQTSlPijkEyNV65jg_Q.crl (hash: /e5KIALrPATFKh83lpWAowA7DB5Ne2Fl2hPv7s2l170=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/2a7573-9161-45ba-b93b-5f8b63b11f0b/1/Rii90MjhtQTSlPijkEyNV65jg_Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/2a7573-9161-45ba-b93b-5f8b63b11f0b/1/Rii90MjhtQTSlPijkEyNV65jg_Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/Rii90MjhtQTSlPijkEyNV65jg_Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f5:a8:9e:0f:cb:b3:a7:8b:fa:7b:11:fe:04:3c:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4628bdd0c8e1b504d294f8a3904c8d57ae6383f4
Validity
Not Before: Nov 4 13:01:53 2025 GMT
Not After : Nov 5 13:01:53 2025 GMT
Subject: CN=5dc2640513c98167df06599fea87e560a5434c10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d3:7d:fd:cb:e8:b9:ee:9f:a9:98:65:c9:1b:
95:50:85:b0:87:d7:2a:23:0c:d5:c4:34:ae:15:fc:
54:2c:8f:2c:aa:31:ee:2a:c5:f2:33:6d:05:1f:f4:
b3:34:c9:36:2f:86:60:b3:81:57:57:8b:95:70:be:
8b:d2:9d:0a:a4:74:e1:64:c2:a6:67:df:5b:1a:9f:
42:cc:23:f4:4b:0f:da:4f:66:8e:26:e8:ec:5c:21:
6d:2b:eb:c1:81:49:ae:8b:a5:2e:43:77:fe:00:f1:
b8:34:2c:d1:09:24:57:20:b7:87:b0:a7:8f:14:97:
c3:fd:6f:84:a7:f1:8f:70:9f:d4:31:83:ef:df:96:
05:4c:b8:a9:29:35:b8:05:54:5c:1a:95:25:ca:1a:
e7:03:f4:37:82:32:e0:5e:a9:22:6a:98:43:80:63:
ed:67:44:6f:48:03:a6:53:20:fd:9d:f1:b2:3c:a2:
28:bb:ca:a0:d6:08:0f:a1:9a:3e:ec:03:6f:32:04:
ba:19:99:a7:da:42:5d:4c:09:b7:17:99:80:c6:85:
b6:b8:2f:66:6e:68:e4:fa:e8:eb:0c:ab:62:52:88:
c6:ef:e3:e2:00:dc:f5:60:18:28:8f:3c:b7:ee:a7:
de:18:cb:37:4e:87:6e:2b:e7:52:40:9b:45:28:37:
59:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:C2:64:05:13:C9:81:67:DF:06:59:9F:EA:87:E5:60:A5:43:4C:10
X509v3 Authority Key Identifier:
keyid:46:28:BD:D0:C8:E1:B5:04:D2:94:F8:A3:90:4C:8D:57:AE:63:83:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rii90MjhtQTSlPijkEyNV65jg_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2a7573-9161-45ba-b93b-5f8b63b11f0b/1/Rii90MjhtQTSlPijkEyNV65jg_Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2a7573-9161-45ba-b93b-5f8b63b11f0b/1/Rii90MjhtQTSlPijkEyNV65jg_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
28:1b:a7:10:ac:fe:de:47:84:e8:39:b1:c2:7c:92:f9:66:db:
d1:fc:7f:97:b9:60:73:2f:40:09:db:3a:5c:8d:03:f0:91:51:
3e:de:a5:86:fb:5e:94:42:16:f4:e6:60:df:9b:8b:0d:bd:e1:
a2:1d:d6:d6:50:18:8a:05:34:12:ec:74:b6:47:64:df:e1:fb:
f5:80:57:d1:b7:ef:be:22:d9:50:86:08:bf:9f:c6:88:c6:b8:
98:cc:05:f9:e1:71:23:01:94:e1:4d:0a:d8:8b:b8:d6:ae:64:
2e:c4:2c:5b:d4:29:0c:8d:f1:e0:b0:f7:bc:dc:5b:80:28:43:
a5:78:57:52:6d:6e:39:c9:42:70:88:aa:53:36:1b:dc:8c:e1:
79:9c:94:c7:a8:23:e7:2a:a2:cf:d6:ff:24:aa:7b:7c:22:ea:
d5:e6:cd:f5:d7:71:4f:cb:ae:94:95:95:45:ea:86:24:6e:c4:
45:81:31:98:a5:d0:4e:34:88:9d:21:4d:48:f3:79:a4:cf:fb:
d3:13:02:d0:96:2a:ba:b6:c9:d8:92:d9:61:d7:a9:00:4b:c9:
bf:4d:6c:8d:71:b1:7b:d0:59:ad:3c:a5:f2:44:43:24:0d:c2:
7e:49:93:2e:37:c7:13:93:45:12:6f:1b:d4:dd:54:5f:d2:a2:
83:7e:b4:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9aieD8uzp4v6exH+BDzAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2MjhiZGQwYzhlMWI1MDRkMjk0ZjhhMzkwNGM4ZDU3YWU2
MzgzZjQwHhcNMjUxMTA0MTMwMTUzWhcNMjUxMTA1MTMwMTUzWjAzMTEwLwYDVQQD
Eyg1ZGMyNjQwNTEzYzk4MTY3ZGYwNjU5OWZlYTg3ZTU2MGE1NDM0YzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNN9/cvoue6fqZhlyRuVUIWwh9cq
IwzVxDSuFfxULI8sqjHuKsXyM20FH/SzNMk2L4Zgs4FXV4uVcL6L0p0KpHThZMKm
Z99bGp9CzCP0Sw/aT2aOJujsXCFtK+vBgUmui6UuQ3f+APG4NCzRCSRXILeHsKeP
FJfD/W+Ep/GPcJ/UMYPv35YFTLipKTW4BVRcGpUlyhrnA/Q3gjLgXqkiaphDgGPt
Z0RvSAOmUyD9nfGyPKIou8qg1ggPoZo+7ANvMgS6GZmn2kJdTAm3F5mAxoW2uC9m
bmjk+ujrDKtiUojG7+PiANz1YBgojzy37qfeGMs3ToduK+dSQJtFKDdZewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF3CZAUTyYFn3wZZn+qH5WClQ0wQMB8GA1UdIwQY
MBaAFEYovdDI4bUE0pT4o5BMjVeuY4P0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmlpOTBNamh0UVRTbFBpamtFeU5WNjVqZ19RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYTc1NzMtOTE2MS00NWJhLWI5M2It
NWY4YjYzYjExZjBiLzEvUmlpOTBNamh0UVRTbFBpamtFeU5WNjVqZ19RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYTc1NzMtOTE2MS00NWJhLWI5M2ItNWY4YjYzYjExZjBi
LzEvUmlpOTBNamh0UVRTbFBpamtFeU5WNjVqZ19RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKBunEKz+
3keE6DmxwnyS+Wbb0fx/l7lgcy9ACds6XI0D8JFRPt6lhvtelEIW9OZg35uLDb3h
oh3W1lAYigU0Eux0tkdk3+H79YBX0bfvviLZUIYIv5/GiMa4mMwF+eFxIwGU4U0K
2Iu41q5kLsQsW9QpDI3x4LD3vNxbgChDpXhXUm1uOclCcIiqUzYb3IzheZyUx6gj
5yqiz9b/JKp7fCLq1ebN9ddxT8uulJWVReqGJG7ERYExmKXQTjSInSFNSPN5pM/7
0xMC0JYqurbJ2JLZYdepAEvJv01sjXGxe9BZrTyl8kRDJA3CfkmTLjfHE5NFEm8b
1N1UX9Kig3601w==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:42:56 2025 by rpki-client