Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft
File: y3yVUPThoer5UHL7G5q7JpVNJj0.mft (raw, json)
Hash identifier: H+DvaW5FkelOl6Sv+4i+nrYk9qhaoOw9wowVMfz02eo=
Subject key identifier: D4:11:21:09:C1:0F:DC:97:A3:0C:71:CD:BE:EA:83:0F:BA:27:90:8A
Authority key identifier: CB:7C:95:50:F4:E1:A1:EA:F9:50:72:FB:1B:9A:BB:26:95:4D:26:3D
Certificate issuer: /CN=cb7c9550f4e1a1eaf95072fb1b9abb26954d263d
Certificate serial: 019A4DE1B71A609D768B37FA04100D86609D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y3yVUPThoer5UHL7G5q7JpVNJj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft
Manifest number: 0DB4
Signing time: Tue 04 Nov 2025 08:00:29 +0000
Manifest this update: Tue 04 Nov 2025 08:00:29 +0000
Manifest next update: Wed 05 Nov 2025 08:00:29 +0000
Files and hashes: 1: y3yVUPThoer5UHL7G5q7JpVNJj0.crl (hash: EtOiultQ+4EH1f3wFDpM1sAh0xd8oksrDf8WpeYag6o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft
rsync://rpki.ripe.net/repository/DEFAULT/y3yVUPThoer5UHL7G5q7JpVNJj0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:e1:b7:1a:60:9d:76:8b:37:fa:04:10:0d:86:60:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb7c9550f4e1a1eaf95072fb1b9abb26954d263d
Validity
Not Before: Nov 4 08:00:29 2025 GMT
Not After : Nov 5 08:00:29 2025 GMT
Subject: CN=d4112109c10fdc97a30c71cdbeea830fba27908a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:34:fa:cf:82:ec:46:44:a2:a6:34:37:c5:b9:
7e:8b:22:13:a8:27:0d:1d:0d:3d:33:b0:75:dd:d4:
a7:f1:10:69:ec:bb:c9:0b:02:be:5d:7b:ff:a4:ab:
52:dd:dd:be:ab:f2:62:29:cd:f0:3a:40:1f:55:ab:
db:99:e9:7d:46:69:a4:cf:15:fe:06:bb:1c:39:45:
85:b2:78:1e:91:ce:e4:c1:fe:9b:c6:35:46:55:9e:
1b:6a:1e:6c:85:4d:dc:0d:72:76:36:c8:1b:18:02:
d7:2e:bd:c2:24:c0:f1:4f:13:ea:6e:31:54:59:c6:
72:a8:38:53:c8:5c:63:69:b3:93:85:a2:3a:d9:c8:
94:c0:2a:d0:fb:55:42:97:02:0a:c0:8a:b2:06:a3:
50:6e:a4:0a:af:27:99:f2:21:89:8f:51:81:b9:e0:
5f:dc:1a:ba:9b:5f:f7:5b:e3:21:13:48:9d:85:a1:
ca:a8:aa:4e:e6:ae:d3:0a:cd:4a:3e:c4:9f:ed:6b:
dd:50:23:10:9f:63:3f:fe:8c:da:89:11:63:f0:98:
50:cf:f9:c7:d1:54:2a:9b:5e:72:33:ac:88:94:d6:
ad:8f:8f:df:32:e8:d1:4a:df:cf:a0:da:c6:5b:8f:
d0:9c:81:91:80:e1:b6:95:20:67:a9:41:a6:f0:67:
03:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:11:21:09:C1:0F:DC:97:A3:0C:71:CD:BE:EA:83:0F:BA:27:90:8A
X509v3 Authority Key Identifier:
keyid:CB:7C:95:50:F4:E1:A1:EA:F9:50:72:FB:1B:9A:BB:26:95:4D:26:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y3yVUPThoer5UHL7G5q7JpVNJj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
59:ce:20:07:cd:3a:01:67:5e:49:23:94:4c:eb:12:83:89:a2:
59:bb:f8:91:f8:32:8c:74:59:db:9f:d0:74:5a:ca:02:5b:99:
c7:c4:86:7c:ce:61:cd:c2:52:d4:6f:de:67:99:a8:8a:3f:aa:
7f:4a:97:59:bb:4c:0a:29:dd:9f:5a:17:0e:06:11:d2:48:e0:
21:de:6c:49:41:c5:70:a8:10:35:d1:43:dc:85:80:9a:b9:58:
ac:e1:0f:42:3a:dd:dc:28:b0:b3:d4:2b:9f:11:bf:26:4d:74:
66:65:13:27:50:28:73:f9:be:d4:cb:4c:00:a8:49:45:35:1b:
16:c3:51:41:94:f7:02:67:ec:a5:e6:66:33:b4:a8:f0:8f:83:
9c:09:b8:46:85:90:bc:00:2c:60:bd:f9:12:74:bd:60:b0:82:
3d:1a:d3:76:86:ed:3f:8b:07:58:32:f3:fd:c6:74:c7:bc:7d:
45:5d:83:f5:be:1f:f1:8f:5f:39:4a:ab:78:0e:14:f1:8f:0e:
c8:59:03:5c:6a:16:0f:54:7e:b4:f5:25:eb:48:d3:a2:ca:8a:
00:57:70:9b:80:e7:e3:5a:ff:14:29:22:51:cc:bb:a6:08:f7:
29:a7:09:01:0c:e0:3b:4a:8d:e3:42:7c:50:54:92:15:30:11:
7a:0a:fc:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4bcaYJ12izf6BBANhmCdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiN2M5NTUwZjRlMWExZWFmOTUwNzJmYjFiOWFiYjI2OTU0
ZDI2M2QwHhcNMjUxMTA0MDgwMDI5WhcNMjUxMTA1MDgwMDI5WjAzMTEwLwYDVQQD
EyhkNDExMjEwOWMxMGZkYzk3YTMwYzcxY2RiZWVhODMwZmJhMjc5MDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzjT6z4LsRkSipjQ3xbl+iyITqCcN
HQ09M7B13dSn8RBp7LvJCwK+XXv/pKtS3d2+q/JiKc3wOkAfVavbmel9RmmkzxX+
BrscOUWFsngekc7kwf6bxjVGVZ4bah5shU3cDXJ2NsgbGALXLr3CJMDxTxPqbjFU
WcZyqDhTyFxjabOThaI62ciUwCrQ+1VClwIKwIqyBqNQbqQKryeZ8iGJj1GBueBf
3Bq6m1/3W+MhE0idhaHKqKpO5q7TCs1KPsSf7WvdUCMQn2M//ozaiRFj8JhQz/nH
0VQqm15yM6yIlNatj4/fMujRSt/PoNrGW4/QnIGRgOG2lSBnqUGm8GcDxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNQRIQnBD9yXowxxzb7qgw+6J5CKMB8GA1UdIwQY
MBaAFMt8lVD04aHq+VBy+xuauyaVTSY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTN5VlVQVGhvZXI1VUhMN0c1cTdKcFZOSmowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS82ODliMTktNDk1OC00NDIzLTg1YTkt
OTYyNmY5ZjZjZGEyLzEveTN5VlVQVGhvZXI1VUhMN0c1cTdKcFZOSmowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS82ODliMTktNDk1OC00NDIzLTg1YTktOTYyNmY5ZjZjZGEy
LzEveTN5VlVQVGhvZXI1VUhMN0c1cTdKcFZOSmowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWc4gB806
AWdeSSOUTOsSg4miWbv4kfgyjHRZ25/QdFrKAluZx8SGfM5hzcJS1G/eZ5moij+q
f0qXWbtMCindn1oXDgYR0kjgId5sSUHFcKgQNdFD3IWAmrlYrOEPQjrd3Ciws9Qr
nxG/Jk10ZmUTJ1Aoc/m+1MtMAKhJRTUbFsNRQZT3AmfspeZmM7So8I+DnAm4RoWQ
vAAsYL35EnS9YLCCPRrTdobtP4sHWDLz/cZ0x7x9RV2D9b4f8Y9fOUqreA4U8Y8O
yFkDXGoWD1R+tPUl60jTosqKAFdwm4Dn41r/FCkiUcy7pgj3KacJAQzgO0qN40J8
UFSSFTARegr8Hw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 11:00:48 2025 by rpki-client