Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
File: bNmlABXpaTdlb8DKW21WXkWb02A.mft (raw, json)
Hash identifier: 9yM5aa6Oz/1dBzk8eeDOVubh2yEjH8GXq+ZfSVAh7v4=
Subject key identifier: 85:35:99:58:AF:9E:40:2D:98:64:9F:7C:AD:34:8D:C6:4A:09:6A:92
Authority key identifier: 6C:D9:A5:00:15:E9:69:37:65:6F:C0:CA:5B:6D:56:5E:45:9B:D3:60
Certificate issuer: /CN=6cd9a50015e96937656fc0ca5b6d565e459bd360
Certificate serial: 019A52D1E8ED40CD0F5F2405703A17C61619
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
Manifest number: 170D
Signing time: Wed 05 Nov 2025 07:01:19 +0000
Manifest this update: Wed 05 Nov 2025 07:01:19 +0000
Manifest next update: Thu 06 Nov 2025 07:01:19 +0000
Files and hashes: 1: bNmlABXpaTdlb8DKW21WXkWb02A.crl (hash: mknuOL9k3YPNPKjh02sNOoJ3CARSErxG/QCEE5iDjac=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:d1:e8:ed:40:cd:0f:5f:24:05:70:3a:17:c6:16:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cd9a50015e96937656fc0ca5b6d565e459bd360
Validity
Not Before: Nov 5 07:01:19 2025 GMT
Not After : Nov 6 07:01:19 2025 GMT
Subject: CN=85359958af9e402d98649f7cad348dc64a096a92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:60:d5:a8:a6:8f:89:2e:8e:14:ff:ea:f5:93:
a4:25:c3:b4:bc:06:f8:7d:0b:da:2b:c7:51:a9:55:
5c:6a:11:ce:20:92:9b:29:49:57:42:83:96:ab:6d:
94:90:c6:50:5b:ab:99:77:82:3a:ff:80:34:4e:18:
1c:15:20:84:01:36:b5:07:de:37:e7:a3:85:59:69:
0a:fa:71:2d:87:3c:fc:7d:f8:09:cf:60:6c:86:4d:
94:4e:8d:64:99:22:74:33:f4:ce:dc:03:6c:72:44:
31:ed:ba:58:93:38:ee:2b:77:2e:83:49:ce:85:05:
73:91:6e:f5:59:98:8a:e7:ff:8a:8e:a0:fc:26:04:
29:53:3f:44:ed:6e:dc:2b:8f:bc:ed:25:85:04:13:
58:c8:9a:ac:d6:a8:33:9e:33:a7:35:3b:92:05:09:
71:b3:ef:76:11:dc:7c:83:e2:01:68:2a:39:e6:aa:
70:7c:ec:fe:24:4e:3b:06:c8:46:81:32:39:00:d7:
28:d1:de:26:7f:57:b0:78:54:28:19:66:da:05:d2:
b9:04:f0:7d:93:21:14:df:80:04:8f:11:28:43:db:
59:00:68:c9:61:41:04:45:c6:d1:71:47:09:fd:45:
dd:70:26:90:bd:ee:02:41:16:71:7d:3c:fc:24:6b:
3a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:35:99:58:AF:9E:40:2D:98:64:9F:7C:AD:34:8D:C6:4A:09:6A:92
X509v3 Authority Key Identifier:
keyid:6C:D9:A5:00:15:E9:69:37:65:6F:C0:CA:5B:6D:56:5E:45:9B:D3:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
81:f3:c9:49:fe:0c:69:c3:33:6a:ac:84:d8:d6:38:02:00:71:
90:32:53:cf:61:c1:6b:db:c6:67:16:cf:05:f8:b0:0f:cf:2d:
59:f4:45:91:17:16:96:f3:48:4b:7a:69:5e:a0:24:9a:42:fb:
47:3f:02:e1:54:b9:4f:e2:a7:17:61:c4:c5:f4:26:3b:03:a9:
5e:59:02:5d:61:33:ab:b7:35:82:5e:53:e3:7b:49:9a:d5:49:
e5:92:a8:63:76:46:c5:54:2e:79:40:0a:32:e2:ea:87:e0:4d:
ca:3b:70:a8:2c:a9:b3:05:fe:ba:56:ab:54:30:3c:08:d2:2a:
00:10:b8:31:39:1e:05:66:47:00:a5:02:9b:c6:41:a7:e9:cb:
18:e4:53:a0:c3:6c:00:c7:80:fd:90:76:60:a7:02:5b:1d:7f:
8d:19:7a:ec:4e:6e:1e:16:60:9f:92:f1:56:4f:de:f9:f6:e6:
2a:3a:c9:98:66:6b:12:00:4e:01:f6:cb:e9:f3:c7:33:39:87:
b2:41:c1:c7:3c:c7:7e:c9:8e:cd:8c:d6:15:d7:c6:66:84:f9:
d0:93:10:c1:45:e7:d8:37:2b:fe:dd:c8:fd:df:2a:ee:08:69:
16:04:ba:ad:9c:fd:39:d9:66:98:dc:3a:20:52:df:52:3d:e8:
ce:d3:43:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0ejtQM0PXyQFcDoXxhYZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZDlhNTAwMTVlOTY5Mzc2NTZmYzBjYTViNmQ1NjVlNDU5
YmQzNjAwHhcNMjUxMTA1MDcwMTE5WhcNMjUxMTA2MDcwMTE5WjAzMTEwLwYDVQQD
Eyg4NTM1OTk1OGFmOWU0MDJkOTg2NDlmN2NhZDM0OGRjNjRhMDk2YTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3GDVqKaPiS6OFP/q9ZOkJcO0vAb4
fQvaK8dRqVVcahHOIJKbKUlXQoOWq22UkMZQW6uZd4I6/4A0ThgcFSCEATa1B943
56OFWWkK+nEthzz8ffgJz2Bshk2UTo1kmSJ0M/TO3ANsckQx7bpYkzjuK3cug0nO
hQVzkW71WZiK5/+KjqD8JgQpUz9E7W7cK4+87SWFBBNYyJqs1qgznjOnNTuSBQlx
s+92Edx8g+IBaCo55qpwfOz+JE47BshGgTI5ANco0d4mf1eweFQoGWbaBdK5BPB9
kyEU34AEjxEoQ9tZAGjJYUEERcbRcUcJ/UXdcCaQve4CQRZxfTz8JGs6YQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIU1mVivnkAtmGSffK00jcZKCWqSMB8GA1UdIwQY
MBaAFGzZpQAV6Wk3ZW/AylttVl5Fm9NgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi83ZGJkMTEtMWIyMi00MDRjLTk0ZDMt
MmI5ZDQzN2ZlOTAyLzEvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi83ZGJkMTEtMWIyMi00MDRjLTk0ZDMtMmI5ZDQzN2ZlOTAy
LzEvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgfPJSf4M
acMzaqyE2NY4AgBxkDJTz2HBa9vGZxbPBfiwD88tWfRFkRcWlvNIS3ppXqAkmkL7
Rz8C4VS5T+KnF2HExfQmOwOpXlkCXWEzq7c1gl5T43tJmtVJ5ZKoY3ZGxVQueUAK
MuLqh+BNyjtwqCypswX+ularVDA8CNIqABC4MTkeBWZHAKUCm8ZBp+nLGORToMNs
AMeA/ZB2YKcCWx1/jRl67E5uHhZgn5LxVk/e+fbmKjrJmGZrEgBOAfbL6fPHMzmH
skHBxzzHfsmOzYzWFdfGZoT50JMQwUXn2Dcr/t3I/d8q7ghpFgS6rZz9OdlmmNw6
IFLfUj3oztNDug==
-----END CERTIFICATE-----
Generated at Wed Nov 5 09:08:57 2025 by rpki-client