Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
File: yQDj7qi7474R-IxoK9E4wmUH99w.mft (raw, json)
Hash identifier: mGvikVq0dC7Uu1/Y0rDJoSgh7sRqqyew694k4Yu0g2E=
Subject key identifier: EA:83:3C:44:08:DD:F4:AE:F6:C4:9D:74:6D:3E:B9:25:BD:7A:88:A7
Authority key identifier: C9:00:E3:EE:A8:BB:E3:BE:11:F8:8C:68:2B:D1:38:C2:65:07:F7:DC
Certificate issuer: /CN=c900e3eea8bbe3be11f88c682bd138c26507f7dc
Certificate serial: 019A4D07C34FE2B9C9723E1CDFB631F70434
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
Manifest number: 0DF1
Signing time: Tue 04 Nov 2025 04:02:25 +0000
Manifest this update: Tue 04 Nov 2025 04:02:25 +0000
Manifest next update: Wed 05 Nov 2025 04:02:25 +0000
Files and hashes: 1: yQDj7qi7474R-IxoK9E4wmUH99w.crl (hash: NBdpQBgFi0qzR/7b0h/aquZYsoLVEgQCzJGCWcHKg38=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 04:02:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:07:c3:4f:e2:b9:c9:72:3e:1c:df:b6:31:f7:04:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c900e3eea8bbe3be11f88c682bd138c26507f7dc
Validity
Not Before: Nov 4 04:02:25 2025 GMT
Not After : Nov 5 04:02:25 2025 GMT
Subject: CN=ea833c4408ddf4aef6c49d746d3eb925bd7a88a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:cb:55:fc:99:df:53:05:78:eb:90:44:1a:30:
ba:e6:8b:bb:67:96:1d:02:39:ca:69:54:25:39:96:
39:e4:e4:8e:15:3a:59:55:6e:62:68:ba:fb:77:f4:
04:96:a2:ad:74:65:ba:94:f3:7e:d7:29:c2:bb:c7:
5a:17:bf:d6:f7:56:cc:d1:0c:ef:53:0d:32:c8:a1:
2d:67:89:d6:e9:e1:15:e9:0d:91:c6:e0:8a:c9:34:
6d:38:b9:22:f0:8c:66:6b:ac:a2:6a:53:f6:e3:fd:
97:5c:ed:d5:a0:19:19:d2:24:53:1d:ea:e0:fa:01:
cb:d9:99:33:8f:07:d5:60:52:b5:69:17:6c:14:8c:
38:0f:be:38:76:30:94:88:78:ee:2d:92:85:9b:98:
12:aa:dd:90:2e:90:6c:fe:fd:4f:e4:30:82:28:b8:
c8:91:6e:50:20:5f:e6:29:d1:20:b2:b0:b8:d9:f3:
c0:8c:df:aa:1e:55:93:3a:6a:ce:6e:f4:aa:a8:e9:
e5:4e:74:ea:f8:1e:12:11:3a:02:e7:4a:46:14:fb:
a7:be:10:9c:62:f4:5b:97:ba:cc:a7:42:f4:42:de:
f2:66:07:ab:a0:28:77:02:9d:86:54:e6:f9:d9:e3:
19:06:43:bb:1c:7e:dd:09:81:fc:83:09:65:89:63:
0c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:83:3C:44:08:DD:F4:AE:F6:C4:9D:74:6D:3E:B9:25:BD:7A:88:A7
X509v3 Authority Key Identifier:
keyid:C9:00:E3:EE:A8:BB:E3:BE:11:F8:8C:68:2B:D1:38:C2:65:07:F7:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
75:a6:43:f9:b3:a6:d5:9f:26:97:fc:06:75:52:5a:32:0c:7b:
39:84:df:5b:60:8c:a0:63:39:3b:40:bf:d7:71:84:9a:21:fa:
90:19:0d:72:86:db:af:da:aa:e1:6c:e2:ea:a9:72:da:63:14:
e5:75:0f:97:a8:b2:47:ea:08:67:43:0f:bc:64:af:dd:da:00:
1e:d7:72:ae:da:37:8c:cb:cc:89:e4:00:22:7f:c0:6f:d9:08:
65:2f:8b:05:f6:19:e5:73:3a:a9:19:d9:8a:fb:ce:4d:e9:7d:
09:c9:e5:26:11:cd:e8:03:8b:df:28:fd:2b:d3:05:25:3c:ce:
fb:31:6c:da:90:d3:79:97:b9:52:77:ed:b4:c2:c7:d5:3e:29:
47:18:6d:97:52:33:3a:86:63:f7:9f:54:e3:fb:c4:80:1c:2c:
1c:16:d3:94:16:d4:44:8e:f6:3e:09:44:4f:f5:1e:54:b9:7b:
e2:9e:79:b1:49:d1:1a:f9:a0:b4:6a:3f:69:b5:e5:49:e1:eb:
0f:f8:32:50:8f:15:ae:de:ba:3c:a0:77:1c:db:54:44:7d:42:
f6:dc:45:d9:c4:64:10:c9:96:69:09:7b:cb:67:e5:e2:49:5d:
11:90:9d:59:d5:86:90:16:1e:7e:d7:fd:42:d7:eb:6e:19:c4:
09:9b:7a:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNB8NP4rnJcj4c37Yx9wQ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5MDBlM2VlYThiYmUzYmUxMWY4OGM2ODJiZDEzOGMyNjUw
N2Y3ZGMwHhcNMjUxMTA0MDQwMjI1WhcNMjUxMTA1MDQwMjI1WjAzMTEwLwYDVQQD
EyhlYTgzM2M0NDA4ZGRmNGFlZjZjNDlkNzQ2ZDNlYjkyNWJkN2E4OGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8tV/JnfUwV465BEGjC65ou7Z5Yd
AjnKaVQlOZY55OSOFTpZVW5iaLr7d/QElqKtdGW6lPN+1ynCu8daF7/W91bM0Qzv
Uw0yyKEtZ4nW6eEV6Q2RxuCKyTRtOLki8Ixma6yialP24/2XXO3VoBkZ0iRTHerg
+gHL2ZkzjwfVYFK1aRdsFIw4D744djCUiHjuLZKFm5gSqt2QLpBs/v1P5DCCKLjI
kW5QIF/mKdEgsrC42fPAjN+qHlWTOmrObvSqqOnlTnTq+B4SEToC50pGFPunvhCc
YvRbl7rMp0L0Qt7yZgeroCh3Ap2GVOb52eMZBkO7HH7dCYH8gwlliWMMwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOqDPEQI3fSu9sSddG0+uSW9eoinMB8GA1UdIwQY
MBaAFMkA4+6ou+O+EfiMaCvROMJlB/fcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8xZjQzMWUtMzdjOC00MDgwLTliYjMt
NDE2MjA0YTAyNzM3LzEveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8xZjQzMWUtMzdjOC00MDgwLTliYjMtNDE2MjA0YTAyNzM3
LzEveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdaZD+bOm
1Z8ml/wGdVJaMgx7OYTfW2CMoGM5O0C/13GEmiH6kBkNcobbr9qq4Wzi6qly2mMU
5XUPl6iyR+oIZ0MPvGSv3doAHtdyrto3jMvMieQAIn/Ab9kIZS+LBfYZ5XM6qRnZ
ivvOTel9CcnlJhHN6AOL3yj9K9MFJTzO+zFs2pDTeZe5UnfttMLH1T4pRxhtl1Iz
OoZj959U4/vEgBwsHBbTlBbURI72PglET/UeVLl74p55sUnRGvmgtGo/abXlSeHr
D/gyUI8Vrt66PKB3HNtURH1C9txF2cRkEMmWaQl7y2fl4kldEZCdWdWGkBYeftf9
QtfrbhnECZt6JQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 11:03:01 2025 by rpki-client