Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
File: 2LlxoaILZPFCUYAfj0NKQHX36pE.mft (raw, json)
Hash identifier: X6aQ99V+Ooz9mXMtPka0d3KIHLKp5yn+C/sWV6aC/xQ=
Subject key identifier: 86:BB:59:16:FA:65:BB:07:16:DC:3B:5B:96:9A:51:67:5C:F6:B5:FC
Authority key identifier: D8:B9:71:A1:A2:0B:64:F1:42:51:80:1F:8F:43:4A:40:75:F7:EA:91
Certificate issuer: /CN=d8b971a1a20b64f14251801f8f434a4075f7ea91
Certificate serial: 019A4F2B274C0359BC7D055C4EE977F696BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
Manifest number: 03BC
Signing time: Tue 04 Nov 2025 14:00:19 +0000
Manifest this update: Tue 04 Nov 2025 14:00:19 +0000
Manifest next update: Wed 05 Nov 2025 14:00:19 +0000
Files and hashes: 1: 2LlxoaILZPFCUYAfj0NKQHX36pE.crl (hash: JyaBE+2bUTDSlIk29/3D10eQfHoOCPN0Xf0JBlXkOXw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:2b:27:4c:03:59:bc:7d:05:5c:4e:e9:77:f6:96:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8b971a1a20b64f14251801f8f434a4075f7ea91
Validity
Not Before: Nov 4 14:00:19 2025 GMT
Not After : Nov 5 14:00:19 2025 GMT
Subject: CN=86bb5916fa65bb0716dc3b5b969a51675cf6b5fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:4c:7a:bc:84:95:57:39:5e:03:93:3c:fa:8b:
5f:9d:aa:1f:5d:94:6e:e8:88:47:87:ab:82:08:20:
08:41:d6:63:ca:e3:3a:a9:88:ff:4e:36:53:2c:36:
5f:c1:a1:ee:e0:23:63:5c:cf:82:61:f0:5e:19:c5:
93:a1:6d:99:a7:aa:42:7d:bd:68:26:15:36:dc:bb:
79:5c:17:4c:6b:0f:7b:2e:df:af:0c:cd:5b:44:43:
da:67:2e:ae:20:32:47:e2:a0:1a:12:41:e3:8a:a9:
19:4b:17:ea:8e:6f:aa:85:c7:e9:f5:36:fb:50:ed:
57:50:e3:f4:21:8c:6c:51:f6:42:a0:a9:6a:40:14:
8a:b1:57:e8:fa:c2:95:50:cb:63:e9:d0:18:01:77:
47:38:b6:b9:f5:bd:ac:27:cc:63:13:fc:48:17:c7:
a7:a5:6b:6c:d8:47:e7:ae:a7:a6:f9:3d:17:ff:63:
31:42:93:95:f0:0b:14:11:39:ff:d8:4f:97:92:90:
11:0d:0f:14:27:9f:6b:ec:32:85:47:6a:c0:ff:13:
99:13:a0:a2:61:63:19:5a:77:31:62:24:bc:a0:1e:
81:c6:61:ea:01:32:c8:cd:77:58:2e:65:c8:23:95:
dd:0b:bc:e7:d0:7c:75:45:90:46:ee:50:b8:3b:60:
50:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:BB:59:16:FA:65:BB:07:16:DC:3B:5B:96:9A:51:67:5C:F6:B5:FC
X509v3 Authority Key Identifier:
keyid:D8:B9:71:A1:A2:0B:64:F1:42:51:80:1F:8F:43:4A:40:75:F7:EA:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1c:1d:bf:52:7c:32:e6:df:c5:c6:70:f2:66:b3:8f:b7:03:9a:
0c:18:0e:40:2e:a2:2f:b9:15:8a:ff:f5:45:7f:a6:f3:a2:7e:
09:49:77:cb:87:07:e3:ef:e1:8c:63:27:b1:d7:74:5f:ca:14:
80:60:28:2b:9e:33:83:f4:c3:a5:be:fb:7e:98:98:92:67:b8:
02:3e:d4:47:bc:9b:a7:93:e9:0a:06:c3:78:f0:b6:f5:b1:8b:
9d:7d:13:29:04:d4:5a:79:00:67:ad:1d:08:6f:8e:b5:95:eb:
06:a0:e7:ee:76:77:8c:75:ac:7d:04:12:3c:fb:ef:aa:b2:16:
41:f6:be:4f:e9:4c:ba:70:d6:13:98:ec:3c:a9:b4:57:81:e9:
3a:79:73:c8:1e:6c:48:25:33:74:1c:f9:92:3a:82:2d:f5:25:
ca:89:3c:53:50:6e:48:25:11:ad:5e:6e:25:f0:87:08:3e:47:
39:c3:60:a5:ef:8b:e7:64:9c:3f:5d:15:4a:e4:80:80:7d:7e:
69:f4:ab:48:4b:9c:97:18:af:1b:d4:06:f4:1b:79:8a:7c:64:
9e:d1:1b:48:8f:1a:25:8f:84:d9:44:24:b2:b8:a2:14:d1:1c:
70:c3:65:69:88:92:15:62:f1:fb:71:b3:36:ed:74:dd:7f:de:
d5:6b:a6:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPKydMA1m8fQVcTul39pa/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4Yjk3MWExYTIwYjY0ZjE0MjUxODAxZjhmNDM0YTQwNzVm
N2VhOTEwHhcNMjUxMTA0MTQwMDE5WhcNMjUxMTA1MTQwMDE5WjAzMTEwLwYDVQQD
Eyg4NmJiNTkxNmZhNjViYjA3MTZkYzNiNWI5NjlhNTE2NzVjZjZiNWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUx6vISVVzleA5M8+otfnaofXZRu
6IhHh6uCCCAIQdZjyuM6qYj/TjZTLDZfwaHu4CNjXM+CYfBeGcWToW2Zp6pCfb1o
JhU23Lt5XBdMaw97Lt+vDM1bREPaZy6uIDJH4qAaEkHjiqkZSxfqjm+qhcfp9Tb7
UO1XUOP0IYxsUfZCoKlqQBSKsVfo+sKVUMtj6dAYAXdHOLa59b2sJ8xjE/xIF8en
pWts2Efnrqem+T0X/2MxQpOV8AsUETn/2E+XkpARDQ8UJ59r7DKFR2rA/xOZE6Ci
YWMZWncxYiS8oB6BxmHqATLIzXdYLmXII5XdC7zn0Hx1RZBG7lC4O2BQ7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIa7WRb6ZbsHFtw7W5aaUWdc9rX8MB8GA1UdIwQY
MBaAFNi5caGiC2TxQlGAH49DSkB19+qRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85YmQ2NjktMmFiYi00OTliLWE5MWYt
NDQ0NWE0ZDc4NmQ0LzEvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85YmQ2NjktMmFiYi00OTliLWE5MWYtNDQ0NWE0ZDc4NmQ0
LzEvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHB2/Unwy
5t/FxnDyZrOPtwOaDBgOQC6iL7kViv/1RX+m86J+CUl3y4cH4+/hjGMnsdd0X8oU
gGAoK54zg/TDpb77fpiYkme4Aj7UR7ybp5PpCgbDePC29bGLnX0TKQTUWnkAZ60d
CG+OtZXrBqDn7nZ3jHWsfQQSPPvvqrIWQfa+T+lMunDWE5jsPKm0V4HpOnlzyB5s
SCUzdBz5kjqCLfUlyok8U1BuSCURrV5uJfCHCD5HOcNgpe+L52ScP10VSuSAgH1+
afSrSEuclxivG9QG9Bt5inxkntEbSI8aJY+E2UQksriiFNEccMNlaYiSFWLx+3Gz
Nu103X/e1WumuA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:51:02 2025 by rpki-client