Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/879c02-dbf4-4e40-a4ed-313754e64e13/1/bZYBl_5YkhTCJZ9q6olsThAH6YY.mft
File: bZYBl_5YkhTCJZ9q6olsThAH6YY.mft (raw, json)
Hash identifier: zC1ZOqlA3sV8Whqjg8Hx1D7dQdOfNXO8xs5/Ym4OLmE=
Subject key identifier: 56:B8:39:86:D3:A6:8A:BF:C1:00:A0:6E:32:04:1A:BB:6F:7A:12:79
Authority key identifier: 6D:96:01:97:FE:58:92:14:C2:25:9F:6A:EA:89:6C:4E:10:07:E9:86
Certificate issuer: /CN=6d960197fe589214c2259f6aea896c4e1007e986
Certificate serial: 019A4EF5AA59E300CC53EF42F2F4A7023E41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bZYBl_5YkhTCJZ9q6olsThAH6YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/879c02-dbf4-4e40-a4ed-313754e64e13/1/bZYBl_5YkhTCJZ9q6olsThAH6YY.mft
Manifest number: 09AA
Signing time: Tue 04 Nov 2025 13:01:53 +0000
Manifest this update: Tue 04 Nov 2025 13:01:53 +0000
Manifest next update: Wed 05 Nov 2025 13:01:53 +0000
Files and hashes: 1: bZYBl_5YkhTCJZ9q6olsThAH6YY.crl (hash: YQ/6KjRm00YKZ/g6AbjSTDxM8YepqtK3YrhQ4vUAmjM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/879c02-dbf4-4e40-a4ed-313754e64e13/1/bZYBl_5YkhTCJZ9q6olsThAH6YY.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/879c02-dbf4-4e40-a4ed-313754e64e13/1/bZYBl_5YkhTCJZ9q6olsThAH6YY.mft
rsync://rpki.ripe.net/repository/DEFAULT/bZYBl_5YkhTCJZ9q6olsThAH6YY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f5:aa:59:e3:00:cc:53:ef:42:f2:f4:a7:02:3e:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d960197fe589214c2259f6aea896c4e1007e986
Validity
Not Before: Nov 4 13:01:53 2025 GMT
Not After : Nov 5 13:01:53 2025 GMT
Subject: CN=56b83986d3a68abfc100a06e32041abb6f7a1279
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:6a:86:c0:1e:e1:5b:a5:3a:fe:9d:b0:b9:6e:
dd:73:ce:be:53:df:c4:e8:0e:f8:6a:33:f5:6f:41:
70:bd:b0:6d:6f:05:09:5e:b9:f1:24:e4:4d:01:df:
c5:0d:b5:78:17:f9:93:4c:3c:af:11:bb:d4:9a:a2:
2b:1f:e4:d1:a5:11:87:c4:fb:38:50:24:b0:da:66:
6c:eb:ec:54:da:24:18:16:d6:ae:eb:ba:90:e2:38:
bf:9b:bc:a8:14:1d:ff:f7:e4:ae:70:87:03:d6:1e:
d0:a9:f3:04:f1:5d:cb:7d:b4:79:40:e1:eb:5a:2c:
39:43:2d:f9:88:dc:b4:c3:e4:e6:6b:82:88:87:c9:
d5:13:68:63:21:58:d4:dc:c1:de:69:2d:7a:41:25:
86:67:09:dd:e9:4e:fa:52:89:a4:ad:85:2b:13:16:
31:3e:c3:7f:cb:da:34:fd:b5:a6:bc:6b:9e:d1:41:
f8:78:3a:a9:27:c9:75:7f:08:c8:dd:57:e6:55:cc:
50:6b:be:1d:5f:7b:9f:71:f0:b7:da:ec:32:37:f9:
3c:5c:56:1a:db:cd:7c:1a:55:c8:c4:cd:4f:84:ee:
3e:02:65:f6:ab:93:67:7a:b6:45:75:5e:79:1d:ac:
69:66:c5:a2:da:c5:35:bd:d6:82:2e:2c:67:fe:f1:
d8:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:B8:39:86:D3:A6:8A:BF:C1:00:A0:6E:32:04:1A:BB:6F:7A:12:79
X509v3 Authority Key Identifier:
keyid:6D:96:01:97:FE:58:92:14:C2:25:9F:6A:EA:89:6C:4E:10:07:E9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bZYBl_5YkhTCJZ9q6olsThAH6YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/879c02-dbf4-4e40-a4ed-313754e64e13/1/bZYBl_5YkhTCJZ9q6olsThAH6YY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/879c02-dbf4-4e40-a4ed-313754e64e13/1/bZYBl_5YkhTCJZ9q6olsThAH6YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
25:8c:bb:0f:d0:23:9b:75:67:10:15:97:58:dd:7f:b0:e3:3b:
a5:3d:44:b0:fd:fe:70:8a:58:16:6b:6a:14:41:49:27:7f:b1:
1d:61:03:2a:6c:4d:d5:be:1c:0b:57:1a:d4:63:bd:25:1c:89:
b6:95:db:eb:db:98:63:3b:0c:ee:d2:9c:cf:8f:a1:07:63:06:
c0:d9:1a:b1:7f:1b:5e:e0:67:41:d5:87:04:e9:44:42:53:96:
35:56:aa:45:ac:63:dc:20:2d:4b:b8:4f:c7:43:81:ba:dc:28:
12:3a:ce:4a:a3:de:00:c4:c1:2b:16:43:ef:29:60:e2:b4:47:
52:12:14:7c:7b:60:24:39:5f:b1:ef:b3:00:6c:4d:61:8a:70:
ac:21:52:4a:23:da:93:59:61:6a:f1:e3:47:3f:1e:d5:a7:c3:
d6:2e:5f:86:6c:68:0d:cd:41:e6:73:eb:16:ca:d1:21:40:24:
c5:9b:b7:29:68:b4:2d:57:1b:04:bd:db:2e:c9:41:82:23:2d:
9e:49:de:c8:15:b0:43:22:1c:c6:e4:cc:b9:d3:66:26:2e:fe:
eb:90:ad:57:54:56:6c:dd:32:80:ea:f7:5e:67:6e:f0:2e:5b:
b7:98:1e:03:91:e3:fd:6c:05:2a:d4:cb:3c:bc:0b:fc:73:ab:
15:36:a2:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9apZ4wDMU+9C8vSnAj5BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkOTYwMTk3ZmU1ODkyMTRjMjI1OWY2YWVhODk2YzRlMTAw
N2U5ODYwHhcNMjUxMTA0MTMwMTUzWhcNMjUxMTA1MTMwMTUzWjAzMTEwLwYDVQQD
Eyg1NmI4Mzk4NmQzYTY4YWJmYzEwMGEwNmUzMjA0MWFiYjZmN2ExMjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmqGwB7hW6U6/p2wuW7dc86+U9/E
6A74ajP1b0FwvbBtbwUJXrnxJORNAd/FDbV4F/mTTDyvEbvUmqIrH+TRpRGHxPs4
UCSw2mZs6+xU2iQYFtau67qQ4ji/m7yoFB3/9+SucIcD1h7QqfME8V3LfbR5QOHr
Wiw5Qy35iNy0w+Tma4KIh8nVE2hjIVjU3MHeaS16QSWGZwnd6U76UomkrYUrExYx
PsN/y9o0/bWmvGue0UH4eDqpJ8l1fwjI3VfmVcxQa74dX3ufcfC32uwyN/k8XFYa
2818GlXIxM1PhO4+AmX2q5NnerZFdV55HaxpZsWi2sU1vdaCLixn/vHYzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFa4OYbTpoq/wQCgbjIEGrtvehJ5MB8GA1UdIwQY
MBaAFG2WAZf+WJIUwiWfauqJbE4QB+mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlpZQmxfNVlraFRDSlo5cTZvbHNUaEFINllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi84NzljMDItZGJmNC00ZTQwLWE0ZWQt
MzEzNzU0ZTY0ZTEzLzEvYlpZQmxfNVlraFRDSlo5cTZvbHNUaEFINllZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi84NzljMDItZGJmNC00ZTQwLWE0ZWQtMzEzNzU0ZTY0ZTEz
LzEvYlpZQmxfNVlraFRDSlo5cTZvbHNUaEFINllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJYy7D9Aj
m3VnEBWXWN1/sOM7pT1EsP3+cIpYFmtqFEFJJ3+xHWEDKmxN1b4cC1ca1GO9JRyJ
tpXb69uYYzsM7tKcz4+hB2MGwNkasX8bXuBnQdWHBOlEQlOWNVaqRaxj3CAtS7hP
x0OButwoEjrOSqPeAMTBKxZD7ylg4rRHUhIUfHtgJDlfse+zAGxNYYpwrCFSSiPa
k1lhavHjRz8e1afD1i5fhmxoDc1B5nPrFsrRIUAkxZu3KWi0LVcbBL3bLslBgiMt
nkneyBWwQyIcxuTMudNmJi7+65CtV1RWbN0ygOr3Xmdu8C5bt5geA5Hj/WwFKtTL
PLwL/HOrFTaiMA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:52:20 2025 by rpki-client