Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
File: ba7zApYp3gKduYq3tOm9IhwomRw.mft (raw, json)
Hash identifier: fUw/u79tYUSpHBUSMrscDvMv+E7TlFyUmWfagFKmot4=
Subject key identifier: 07:CE:CC:FF:4C:A1:AD:57:33:6C:14:66:92:C3:58:07:1B:2A:79:71
Authority key identifier: 6D:AE:F3:02:96:29:DE:02:9D:B9:8A:B7:B4:E9:BD:22:1C:28:99:1C
Certificate issuer: /CN=6daef3029629de029db98ab7b4e9bd221c28991c
Certificate serial: 019A52D0E930102AE0ABE3842AFAAB12CE9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
Manifest number: 0CF8
Signing time: Wed 05 Nov 2025 07:00:14 +0000
Manifest this update: Wed 05 Nov 2025 07:00:14 +0000
Manifest next update: Thu 06 Nov 2025 07:00:14 +0000
Files and hashes: 1: ba7zApYp3gKduYq3tOm9IhwomRw.crl (hash: oX5ORmHp+AP7XYptq+8M0YZqa+Euff5o0HVu9yPFkHw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:d0:e9:30:10:2a:e0:ab:e3:84:2a:fa:ab:12:ce:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6daef3029629de029db98ab7b4e9bd221c28991c
Validity
Not Before: Nov 5 07:00:14 2025 GMT
Not After : Nov 6 07:00:14 2025 GMT
Subject: CN=07ceccff4ca1ad57336c146692c358071b2a7971
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:28:e5:0c:8e:8d:93:87:f9:1f:54:bb:a5:50:
01:42:fd:64:14:b9:60:70:55:bc:cb:3c:2e:28:9b:
f4:50:8f:0b:0d:83:e3:1c:9b:1f:4d:ca:6d:52:a2:
46:61:7a:be:f7:36:57:79:2d:44:0a:4f:96:39:56:
ad:f1:4c:fb:64:d9:fe:f8:80:ce:86:a9:89:18:16:
1f:db:c0:f5:9c:52:9b:d9:0d:4a:e1:f0:d3:39:d1:
83:62:2f:c7:c6:33:ec:71:83:90:61:28:bf:a1:0a:
0a:13:a0:6d:d6:d6:8d:ad:3b:6e:bf:87:a8:27:f7:
11:b2:8c:3a:3d:b7:e2:39:70:76:d2:de:e1:b8:1a:
d0:43:5d:b5:bb:da:2b:30:06:68:05:38:cf:c2:84:
03:2b:ac:21:1d:8e:55:f2:e0:81:71:3f:67:82:55:
1c:f6:af:29:53:96:a3:de:8c:90:63:c7:a6:b8:cc:
18:32:fd:26:6c:20:24:48:8b:81:45:97:24:44:cf:
f8:e4:07:3e:d8:cf:34:59:f0:73:3e:e8:c5:02:60:
9a:65:20:c9:2e:8c:f9:bf:92:b7:f9:1f:3b:5b:67:
78:a3:35:a7:08:ec:60:7e:9c:e7:35:08:6a:02:dc:
b6:65:e3:1b:54:17:cb:2d:a2:db:fa:42:3d:8e:07:
fc:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:CE:CC:FF:4C:A1:AD:57:33:6C:14:66:92:C3:58:07:1B:2A:79:71
X509v3 Authority Key Identifier:
keyid:6D:AE:F3:02:96:29:DE:02:9D:B9:8A:B7:B4:E9:BD:22:1C:28:99:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
67:2c:54:59:fb:eb:3f:20:77:da:f6:c3:01:8a:7d:36:91:39:
34:75:49:eb:7e:83:ec:34:4b:bc:94:14:7e:ac:30:ce:8c:66:
75:b1:ae:99:46:32:90:34:9b:34:b9:dc:26:89:ca:f3:9a:28:
5c:08:f3:23:9a:34:8f:42:05:e7:cd:84:71:45:39:44:61:5e:
36:d0:2f:16:58:3c:8c:e4:84:36:7e:67:3a:8e:99:47:10:3e:
ef:b7:d6:c2:ce:09:cd:49:c6:03:b6:5a:29:2e:c2:52:23:5a:
b9:94:5a:aa:c0:8c:44:14:e2:3a:da:da:6e:0e:11:7c:e5:4d:
17:c4:79:6e:bd:a6:f1:0a:0d:47:4a:4f:16:28:90:ac:8c:1f:
84:26:13:4c:e9:4f:4d:8b:5d:e1:a0:5d:44:fd:60:e8:f1:99:
99:6c:b5:36:e5:62:4e:30:13:f9:6f:8b:21:97:52:b7:ed:6d:
98:f9:0e:fe:7e:c0:a4:74:ba:de:cf:a3:bc:1f:e0:f6:d8:db:
f5:c7:66:02:3f:5a:40:e2:39:4e:a4:15:4f:f8:52:07:24:48:
6d:17:b3:d8:50:a5:0b:65:af:58:7e:ef:7c:3c:3d:64:0e:32:
ab:06:d9:d4:99:5e:49:bb:e9:4a:a4:77:db:76:18:b8:ab:7b:
10:ad:06:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0OkwECrgq+OEKvqrEs6dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkYWVmMzAyOTYyOWRlMDI5ZGI5OGFiN2I0ZTliZDIyMWMy
ODk5MWMwHhcNMjUxMTA1MDcwMDE0WhcNMjUxMTA2MDcwMDE0WjAzMTEwLwYDVQQD
EygwN2NlY2NmZjRjYTFhZDU3MzM2YzE0NjY5MmMzNTgwNzFiMmE3OTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoijlDI6Nk4f5H1S7pVABQv1kFLlg
cFW8yzwuKJv0UI8LDYPjHJsfTcptUqJGYXq+9zZXeS1ECk+WOVat8Uz7ZNn++IDO
hqmJGBYf28D1nFKb2Q1K4fDTOdGDYi/HxjPscYOQYSi/oQoKE6Bt1taNrTtuv4eo
J/cRsow6PbfiOXB20t7huBrQQ121u9orMAZoBTjPwoQDK6whHY5V8uCBcT9nglUc
9q8pU5aj3oyQY8emuMwYMv0mbCAkSIuBRZckRM/45Ac+2M80WfBzPujFAmCaZSDJ
Loz5v5K3+R87W2d4ozWnCOxgfpznNQhqAty2ZeMbVBfLLaLb+kI9jgf8RwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAfOzP9Moa1XM2wUZpLDWAcbKnlxMB8GA1UdIwQY
MBaAFG2u8wKWKd4CnbmKt7TpvSIcKJkcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iNzM0MTEtY2Y0ZS00OTk5LTlmNDIt
Y2RlNDA0ODA1YjEwLzEvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iNzM0MTEtY2Y0ZS00OTk5LTlmNDItY2RlNDA0ODA1YjEw
LzEvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZyxUWfvr
PyB32vbDAYp9NpE5NHVJ636D7DRLvJQUfqwwzoxmdbGumUYykDSbNLncJonK85oo
XAjzI5o0j0IF582EcUU5RGFeNtAvFlg8jOSENn5nOo6ZRxA+77fWws4JzUnGA7Za
KS7CUiNauZRaqsCMRBTiOtrabg4RfOVNF8R5br2m8QoNR0pPFiiQrIwfhCYTTOlP
TYtd4aBdRP1g6PGZmWy1NuViTjAT+W+LIZdSt+1tmPkO/n7ApHS63s+jvB/g9tjb
9cdmAj9aQOI5TqQVT/hSByRIbRez2FClC2WvWH7vfDw9ZA4yqwbZ1JleSbvpSqR3
23YYuKt7EK0G+Q==
-----END CERTIFICATE-----
Generated at Wed Nov 5 11:36:22 2025 by rpki-client