Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
File: 0kvL9emk_kMp8iPBFFBykFOPnMI.mft (raw, json)
Hash identifier: CpNyJLNYkPYxYHlu1qNv+Gq/Ae/urPhwnbg3R9JKUuI=
Subject key identifier: AF:2D:78:22:2B:C9:D9:0A:2C:8D:F9:75:61:C3:F1:AF:50:FC:55:00
Authority key identifier: D2:4B:CB:F5:E9:A4:FE:43:29:F2:23:C1:14:50:72:90:53:8F:9C:C2
Certificate issuer: /CN=d24bcbf5e9a4fe4329f223c114507290538f9cc2
Certificate serial: 019A52D24B3405B0166AE3D33DB630C109F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
Manifest number: 125A
Signing time: Wed 05 Nov 2025 07:01:44 +0000
Manifest this update: Wed 05 Nov 2025 07:01:44 +0000
Manifest next update: Thu 06 Nov 2025 07:01:44 +0000
Files and hashes: 1: 0kvL9emk_kMp8iPBFFBykFOPnMI.crl (hash: WJEwrchw7bQZn94KP2HaXttT2wdpmmHXV0OGnOqQYz8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:d2:4b:34:05:b0:16:6a:e3:d3:3d:b6:30:c1:09:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d24bcbf5e9a4fe4329f223c114507290538f9cc2
Validity
Not Before: Nov 5 07:01:44 2025 GMT
Not After : Nov 6 07:01:44 2025 GMT
Subject: CN=af2d78222bc9d90a2c8df97561c3f1af50fc5500
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c8:c1:2b:8d:6c:bc:31:d0:5d:89:7a:2d:2d:
9b:66:4d:3a:ea:8b:ee:79:4b:00:32:f1:f0:06:94:
3a:f1:84:e3:6f:dc:92:75:9e:56:93:b2:e0:a7:02:
a6:45:55:a2:b0:69:9f:51:2f:cc:b5:f8:52:2d:d4:
dc:d4:f4:f7:09:9e:9e:65:e8:39:10:1f:4a:39:47:
fc:e4:cc:c8:e4:7b:7f:e4:bc:55:81:d0:c4:67:3c:
0a:e4:e5:da:c3:2e:43:30:20:b6:4a:8c:6b:ba:68:
c7:3f:66:cf:80:11:d4:b9:53:5d:29:35:fc:8c:23:
c2:f0:91:7d:68:d6:51:3a:44:a2:21:ef:0c:32:22:
3f:3d:39:af:a6:40:a8:68:ea:66:57:0e:ca:ed:8b:
f8:db:f4:42:bc:4b:04:32:a9:f5:75:7b:b2:45:21:
63:d2:af:d6:5f:45:a5:ac:6a:d0:f7:14:ea:46:46:
8d:7e:6b:cd:11:cb:db:76:07:ea:8d:03:9c:f3:94:
06:ca:82:e3:e0:ae:1f:7c:8a:5e:c0:b3:0d:c5:05:
23:67:fe:59:41:40:a5:34:fe:90:53:7d:dc:d0:0a:
e6:f5:5d:e8:c1:56:b9:39:79:b1:f3:55:6e:3f:61:
99:53:aa:df:52:ac:50:f3:a9:f1:ca:31:cc:06:10:
0e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:2D:78:22:2B:C9:D9:0A:2C:8D:F9:75:61:C3:F1:AF:50:FC:55:00
X509v3 Authority Key Identifier:
keyid:D2:4B:CB:F5:E9:A4:FE:43:29:F2:23:C1:14:50:72:90:53:8F:9C:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b0:5f:04:d0:48:c7:d6:12:02:f1:c4:a0:70:18:28:64:3b:64:
52:69:8b:98:af:b2:bb:ed:44:4a:3c:02:c2:c8:e7:bf:ee:03:
95:4a:6f:66:75:87:ea:5f:eb:57:a3:45:b4:38:ff:19:6c:36:
97:55:5a:40:b6:89:6e:57:f1:aa:c5:2c:08:b0:ce:4c:d9:ba:
b2:a9:b9:f9:df:12:75:52:cf:8a:df:3d:0b:ac:ec:81:d0:0e:
df:90:c1:3f:13:a3:64:98:cf:8e:73:5e:c6:e3:3d:1c:4f:d0:
b0:5e:b4:f0:86:2b:76:bc:53:bb:00:e1:10:a0:94:9a:69:71:
0e:8a:95:80:18:c0:2b:78:67:f9:1a:83:c1:25:cc:67:40:61:
0f:39:46:f6:cc:f6:54:27:a2:99:f0:ad:19:48:b3:b9:bc:41:
0b:f0:43:de:2e:06:28:ca:5c:4b:75:97:7c:5c:1e:7d:5d:c6:
20:94:bb:58:7d:53:44:7c:c5:b3:94:13:93:8f:0f:85:7b:2b:
85:43:27:e5:5d:d9:fd:d0:36:cc:69:bb:49:cd:38:4c:39:49:
a5:9c:2c:2d:be:14:3c:f8:7e:18:f7:98:ec:46:f0:79:ce:0a:
59:19:98:b6:d0:bb:11:82:a1:bb:ef:74:26:78:68:05:be:18:
90:b3:44:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0ks0BbAWauPTPbYwwQnxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNGJjYmY1ZTlhNGZlNDMyOWYyMjNjMTE0NTA3MjkwNTM4
ZjljYzIwHhcNMjUxMTA1MDcwMTQ0WhcNMjUxMTA2MDcwMTQ0WjAzMTEwLwYDVQQD
EyhhZjJkNzgyMjJiYzlkOTBhMmM4ZGY5NzU2MWMzZjFhZjUwZmM1NTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8jBK41svDHQXYl6LS2bZk066ovu
eUsAMvHwBpQ68YTjb9ySdZ5Wk7LgpwKmRVWisGmfUS/MtfhSLdTc1PT3CZ6eZeg5
EB9KOUf85MzI5Ht/5LxVgdDEZzwK5OXawy5DMCC2SoxrumjHP2bPgBHUuVNdKTX8
jCPC8JF9aNZROkSiIe8MMiI/PTmvpkCoaOpmVw7K7Yv42/RCvEsEMqn1dXuyRSFj
0q/WX0WlrGrQ9xTqRkaNfmvNEcvbdgfqjQOc85QGyoLj4K4ffIpewLMNxQUjZ/5Z
QUClNP6QU33c0Arm9V3owVa5OXmx81VuP2GZU6rfUqxQ86nxyjHMBhAO7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK8teCIrydkKLI35dWHD8a9Q/FUAMB8GA1UdIwQY
MBaAFNJLy/XppP5DKfIjwRRQcpBTj5zCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iYzQxYTQtZmM5MS00OTZmLWEyMjUt
MmU2ZTVlNWY1ZDliLzEvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iYzQxYTQtZmM5MS00OTZmLWEyMjUtMmU2ZTVlNWY1ZDli
LzEvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsF8E0EjH
1hIC8cSgcBgoZDtkUmmLmK+yu+1ESjwCwsjnv+4DlUpvZnWH6l/rV6NFtDj/GWw2
l1VaQLaJblfxqsUsCLDOTNm6sqm5+d8SdVLPit89C6zsgdAO35DBPxOjZJjPjnNe
xuM9HE/QsF608IYrdrxTuwDhEKCUmmlxDoqVgBjAK3hn+RqDwSXMZ0BhDzlG9sz2
VCeimfCtGUizubxBC/BD3i4GKMpcS3WXfFwefV3GIJS7WH1TRHzFs5QTk48PhXsr
hUMn5V3Z/dA2zGm7Sc04TDlJpZwsLb4UPPh+GPeY7Ebwec4KWRmYttC7EYKhu+90
JnhoBb4YkLNEYQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 09:09:18 2025 by rpki-client