Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/e43194-c37b-4e7a-9150-20e27f879ae7/1/v8qNbiIJkMc424yExmshnwNFVgw.mft
File: v8qNbiIJkMc424yExmshnwNFVgw.mft (raw, json)
Hash identifier: k1kFp/rLSV+M9d8vPhWSHvH8+jM8i6vOVqiv2vXwCtk=
Subject key identifier: EE:D0:D7:E3:19:AB:FC:2D:A6:5E:50:06:62:F3:0B:D6:83:B0:92:84
Authority key identifier: BF:CA:8D:6E:22:09:90:C7:38:DB:8C:84:C6:6B:21:9F:03:45:56:0C
Certificate issuer: /CN=bfca8d6e220990c738db8c84c66b219f0345560c
Certificate serial: 019A4D06EAF8D10D6F696EE333AF58E97C83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v8qNbiIJkMc424yExmshnwNFVgw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/e43194-c37b-4e7a-9150-20e27f879ae7/1/v8qNbiIJkMc424yExmshnwNFVgw.mft
Manifest number: 1104
Signing time: Tue 04 Nov 2025 04:01:30 +0000
Manifest this update: Tue 04 Nov 2025 04:01:30 +0000
Manifest next update: Wed 05 Nov 2025 04:01:30 +0000
Files and hashes: 1: v8qNbiIJkMc424yExmshnwNFVgw.crl (hash: SMf+uekMZYoEpHTg7Ldg3SZK3EoeKXyOw2HpuIgPQoY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/e43194-c37b-4e7a-9150-20e27f879ae7/1/v8qNbiIJkMc424yExmshnwNFVgw.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/e43194-c37b-4e7a-9150-20e27f879ae7/1/v8qNbiIJkMc424yExmshnwNFVgw.mft
rsync://rpki.ripe.net/repository/DEFAULT/v8qNbiIJkMc424yExmshnwNFVgw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 04:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:06:ea:f8:d1:0d:6f:69:6e:e3:33:af:58:e9:7c:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfca8d6e220990c738db8c84c66b219f0345560c
Validity
Not Before: Nov 4 04:01:30 2025 GMT
Not After : Nov 5 04:01:30 2025 GMT
Subject: CN=eed0d7e319abfc2da65e500662f30bd683b09284
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c8:f0:70:71:dd:5f:e7:88:17:67:97:76:94:
6d:93:3a:9a:91:37:d1:87:4a:01:8c:db:b1:be:28:
34:aa:57:c4:2c:2e:3e:12:63:14:ce:01:85:88:b2:
2b:40:39:80:6b:db:35:0c:8f:53:60:ca:93:ed:7a:
b0:a4:de:61:e7:c4:1f:11:b4:40:78:99:46:35:c5:
51:21:b8:55:68:a0:ac:b6:88:0e:1a:de:0a:f1:f1:
83:c3:90:d8:23:3f:32:62:79:89:79:b0:94:a8:4a:
78:ee:21:b3:78:3b:eb:7a:2b:51:ee:ab:58:1e:99:
ad:b6:9b:ec:b7:7b:06:48:92:7a:63:d0:d0:f6:94:
c2:4a:c4:f0:b0:d4:25:fe:bf:70:d8:4b:45:7a:2d:
9c:b6:d7:1a:b6:63:a8:8b:2a:93:11:35:26:6b:f8:
90:92:90:8b:3d:e4:4f:e9:ed:89:83:7f:08:79:66:
32:d8:06:88:e8:47:2c:93:d6:b1:72:bc:56:48:ec:
ad:ee:18:8e:cf:aa:59:51:ee:cc:f7:57:45:ca:6c:
2e:95:30:91:b1:af:12:8e:3a:8e:ba:70:72:cd:c6:
9e:16:e7:1c:75:fa:1e:78:52:7f:c2:6e:f9:f1:a8:
f1:8c:f4:3f:5c:de:36:58:7d:2f:a1:d1:b4:fc:8f:
97:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:D0:D7:E3:19:AB:FC:2D:A6:5E:50:06:62:F3:0B:D6:83:B0:92:84
X509v3 Authority Key Identifier:
keyid:BF:CA:8D:6E:22:09:90:C7:38:DB:8C:84:C6:6B:21:9F:03:45:56:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v8qNbiIJkMc424yExmshnwNFVgw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/e43194-c37b-4e7a-9150-20e27f879ae7/1/v8qNbiIJkMc424yExmshnwNFVgw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/e43194-c37b-4e7a-9150-20e27f879ae7/1/v8qNbiIJkMc424yExmshnwNFVgw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:78:15:87:6b:30:bb:00:46:58:4b:59:2e:c2:d0:b3:9e:eb:
5f:04:11:4c:80:74:c7:80:23:5b:91:34:f9:2e:0e:53:5f:0f:
a1:f6:05:3f:91:83:8c:7b:12:b9:33:b1:e0:ca:43:20:a5:e4:
5f:39:95:e0:07:2b:bf:ff:f8:2c:a9:78:a6:83:39:a1:86:b6:
80:90:92:c6:c4:ab:05:d4:6d:86:b9:76:c4:ac:c6:05:41:4d:
51:fc:39:98:08:bd:41:ab:a0:88:72:3d:2a:a6:44:8f:fe:c4:
e2:e4:37:c7:a2:26:3c:de:ca:ba:66:cc:c4:8b:05:41:bd:f6:
42:95:22:b0:9d:da:06:8d:08:a8:16:2c:03:c5:50:2f:7c:02:
f2:1d:7f:b0:3b:6d:e1:28:36:f7:ba:32:cf:39:ec:97:b3:01:
af:cc:18:9e:94:81:94:2b:85:f4:2c:b0:9f:67:60:43:b4:4c:
ce:aa:a3:f3:2b:63:6c:3b:1d:9e:3a:ed:0b:01:2c:44:07:5f:
42:3e:b4:14:3f:b8:99:48:33:73:b6:d5:8d:9f:24:f5:28:f9:
3c:2b:39:56:62:c7:fe:f8:24:f7:53:3b:ed:da:7d:e5:81:0a:
aa:8d:fc:c2:df:54:98:91:2b:e2:20:0f:cb:b5:63:0b:be:c7:
35:46:86:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNBur40Q1vaW7jM69Y6XyDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmY2E4ZDZlMjIwOTkwYzczOGRiOGM4NGM2NmIyMTlmMDM0
NTU2MGMwHhcNMjUxMTA0MDQwMTMwWhcNMjUxMTA1MDQwMTMwWjAzMTEwLwYDVQQD
EyhlZWQwZDdlMzE5YWJmYzJkYTY1ZTUwMDY2MmYzMGJkNjgzYjA5Mjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsjwcHHdX+eIF2eXdpRtkzqakTfR
h0oBjNuxvig0qlfELC4+EmMUzgGFiLIrQDmAa9s1DI9TYMqT7XqwpN5h58QfEbRA
eJlGNcVRIbhVaKCstogOGt4K8fGDw5DYIz8yYnmJebCUqEp47iGzeDvreitR7qtY
Hpmttpvst3sGSJJ6Y9DQ9pTCSsTwsNQl/r9w2EtFei2cttcatmOoiyqTETUma/iQ
kpCLPeRP6e2Jg38IeWYy2AaI6Ecsk9axcrxWSOyt7hiOz6pZUe7M91dFymwulTCR
sa8SjjqOunByzcaeFuccdfoeeFJ/wm758ajxjPQ/XN42WH0vodG0/I+X6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO7Q1+MZq/wtpl5QBmLzC9aDsJKEMB8GA1UdIwQY
MBaAFL/KjW4iCZDHONuMhMZrIZ8DRVYMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjhxTmJpSUprTWM0MjR5RXhtc2hud05GVmd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lNDMxOTQtYzM3Yi00ZTdhLTkxNTAt
MjBlMjdmODc5YWU3LzEvdjhxTmJpSUprTWM0MjR5RXhtc2hud05GVmd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lNDMxOTQtYzM3Yi00ZTdhLTkxNTAtMjBlMjdmODc5YWU3
LzEvdjhxTmJpSUprTWM0MjR5RXhtc2hud05GVmd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW3gVh2sw
uwBGWEtZLsLQs57rXwQRTIB0x4AjW5E0+S4OU18PofYFP5GDjHsSuTOx4MpDIKXk
XzmV4Acrv//4LKl4poM5oYa2gJCSxsSrBdRthrl2xKzGBUFNUfw5mAi9QaugiHI9
KqZEj/7E4uQ3x6ImPN7KumbMxIsFQb32QpUisJ3aBo0IqBYsA8VQL3wC8h1/sDtt
4Sg297oyzznsl7MBr8wYnpSBlCuF9Cywn2dgQ7RMzqqj8ytjbDsdnjrtCwEsRAdf
Qj60FD+4mUgzc7bVjZ8k9Sj5PCs5VmLH/vgk91M77dp95YEKqo38wt9UmJEr4iAP
y7VjC77HNUaGEQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 11:00:50 2025 by rpki-client