Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft
File: h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft (raw, json)
Hash identifier: 2DyLlpfq4FL5I4LWGqs8rhPIFgvh//3ylWcRp7tFvwM=
Subject key identifier: 85:5F:5B:65:78:F4:D1:1C:47:89:9B:BE:4F:65:64:A9:93:14:1E:62
Authority key identifier: 87:C0:A7:B4:3D:42:92:49:17:A5:90:59:8B:44:32:5E:4C:C9:2E:E4
Certificate issuer: /CN=87c0a7b43d42924917a590598b44325e4cc92ee4
Certificate serial: 019A4DE1A453CF569439D27660EC37E78FD6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h8CntD1CkkkXpZBZi0QyXkzJLuQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft
Manifest number: 0AE0
Signing time: Tue 04 Nov 2025 08:00:24 +0000
Manifest this update: Tue 04 Nov 2025 08:00:24 +0000
Manifest next update: Wed 05 Nov 2025 08:00:24 +0000
Files and hashes: 1: h8CntD1CkkkXpZBZi0QyXkzJLuQ.crl (hash: YTUG6zW7WiOCnf+ADjtWvKR5NLb6xbMMdX+KFjUBG9E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/h8CntD1CkkkXpZBZi0QyXkzJLuQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:e1:a4:53:cf:56:94:39:d2:76:60:ec:37:e7:8f:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87c0a7b43d42924917a590598b44325e4cc92ee4
Validity
Not Before: Nov 4 08:00:24 2025 GMT
Not After : Nov 5 08:00:24 2025 GMT
Subject: CN=855f5b6578f4d11c47899bbe4f6564a993141e62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d6:17:52:20:8c:8a:80:0f:0a:45:e1:d8:7b:
56:92:69:69:f1:d3:3c:55:46:cc:eb:e5:59:84:99:
44:c6:22:af:dd:df:91:2e:68:32:c4:16:34:d2:ef:
c8:24:83:6a:ea:02:7f:78:39:bf:d8:84:07:d3:f6:
e8:cd:0e:6d:4f:78:e4:f7:be:8c:4e:88:35:ce:bb:
28:82:52:ed:0d:7b:e8:af:de:90:8d:3a:5a:48:50:
e8:dc:3a:60:cc:9a:67:03:8a:63:18:ef:a0:5f:ae:
48:f3:41:fa:fe:ee:57:8e:40:b9:49:4f:6e:eb:5c:
ae:83:85:ec:b1:6d:b5:82:b4:3f:18:d3:e8:69:a8:
1e:41:5d:1f:ba:8d:32:b6:c7:77:af:8c:bb:cc:ea:
e6:87:40:ce:1b:f1:53:94:e6:12:c3:6b:84:37:d1:
6b:b4:62:59:fb:4b:e0:cc:12:06:e4:5b:9e:3b:28:
ed:19:fb:7c:7f:51:13:3b:c2:9f:9c:15:00:ed:0b:
66:e2:1c:cf:e7:80:95:30:38:d1:bf:56:63:75:17:
e6:40:63:2f:c5:cc:d0:7c:c4:a1:b7:ea:60:5e:ee:
ff:e9:95:a4:22:1e:42:5a:e3:05:3e:4f:87:33:89:
73:09:cf:35:65:74:f9:c8:b1:dd:02:bb:de:d5:2f:
4d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:5F:5B:65:78:F4:D1:1C:47:89:9B:BE:4F:65:64:A9:93:14:1E:62
X509v3 Authority Key Identifier:
keyid:87:C0:A7:B4:3D:42:92:49:17:A5:90:59:8B:44:32:5E:4C:C9:2E:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h8CntD1CkkkXpZBZi0QyXkzJLuQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6d:70:bb:59:8c:22:30:c3:49:79:19:d0:cf:c2:11:5b:53:71:
9b:d3:e6:a3:14:d6:fa:b5:88:0f:1c:11:20:b6:7c:d0:80:28:
69:fa:2c:e2:44:c5:2b:de:cb:2b:e0:2c:42:4c:1e:26:69:9d:
e4:a7:69:cf:07:af:82:5b:74:65:bc:b3:16:47:75:a5:ee:12:
37:b7:24:14:28:2f:c2:27:fc:40:09:62:1a:0f:0b:b8:20:10:
de:cb:c3:da:6a:99:7d:49:55:79:62:65:39:e7:ef:2d:07:01:
92:95:59:b6:0c:0d:8f:73:0e:33:87:0f:26:54:70:b1:c1:f8:
d2:c6:78:c1:29:56:dd:ce:81:4a:aa:15:4b:fa:69:56:85:d7:
28:22:98:b6:26:11:85:8b:46:cf:43:a3:df:08:c7:6f:93:ec:
40:e8:09:ae:69:c4:2e:2c:b1:3a:34:5d:ab:88:4e:47:6d:b0:
95:26:71:ee:72:3b:69:d9:8c:bc:34:4d:b1:09:07:c7:dd:77:
87:0a:18:fe:41:c4:e5:bf:66:b5:7e:ba:e6:cc:ef:77:85:0b:
95:0b:d0:aa:7f:57:a8:8c:a3:b5:e9:c4:bc:27:1e:25:34:d1:
c1:f5:8d:04:39:e2:19:d5:02:41:a6:83:84:d8:cd:d3:c0:d0:
71:71:d2:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4aRTz1aUOdJ2YOw354/WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YzBhN2I0M2Q0MjkyNDkxN2E1OTA1OThiNDQzMjVlNGNj
OTJlZTQwHhcNMjUxMTA0MDgwMDI0WhcNMjUxMTA1MDgwMDI0WjAzMTEwLwYDVQQD
Eyg4NTVmNWI2NTc4ZjRkMTFjNDc4OTliYmU0ZjY1NjRhOTkzMTQxZTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9YXUiCMioAPCkXh2HtWkmlp8dM8
VUbM6+VZhJlExiKv3d+RLmgyxBY00u/IJINq6gJ/eDm/2IQH0/bozQ5tT3jk976M
Tog1zrsoglLtDXvor96QjTpaSFDo3DpgzJpnA4pjGO+gX65I80H6/u5XjkC5SU9u
61yug4XssW21grQ/GNPoaageQV0fuo0ytsd3r4y7zOrmh0DOG/FTlOYSw2uEN9Fr
tGJZ+0vgzBIG5FueOyjtGft8f1ETO8KfnBUA7Qtm4hzP54CVMDjRv1ZjdRfmQGMv
xczQfMSht+pgXu7/6ZWkIh5CWuMFPk+HM4lzCc81ZXT5yLHdArve1S9N3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIVfW2V49NEcR4mbvk9lZKmTFB5iMB8GA1UdIwQY
MBaAFIfAp7Q9QpJJF6WQWYtEMl5MyS7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDhDbnREMUNra2tYcFpCWmkwUXlYa3pKTHVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9hMDA4M2MtZDBhOC00ZDhhLTk0YjQt
NzM1NjI1ZTBkMjk3LzEvaDhDbnREMUNra2tYcFpCWmkwUXlYa3pKTHVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9hMDA4M2MtZDBhOC00ZDhhLTk0YjQtNzM1NjI1ZTBkMjk3
LzEvaDhDbnREMUNra2tYcFpCWmkwUXlYa3pKTHVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbXC7WYwi
MMNJeRnQz8IRW1Nxm9PmoxTW+rWIDxwRILZ80IAoafos4kTFK97LK+AsQkweJmmd
5Kdpzwevglt0ZbyzFkd1pe4SN7ckFCgvwif8QAliGg8LuCAQ3svD2mqZfUlVeWJl
OefvLQcBkpVZtgwNj3MOM4cPJlRwscH40sZ4wSlW3c6BSqoVS/ppVoXXKCKYtiYR
hYtGz0Oj3wjHb5PsQOgJrmnELiyxOjRdq4hOR22wlSZx7nI7admMvDRNsQkHx913
hwoY/kHE5b9mtX665szvd4ULlQvQqn9XqIyjtenEvCceJTTRwfWNBDniGdUCQaaD
hNjN08DQcXHSyQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:17:41 2025 by rpki-client