Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.mft
File: idSzdf1Mr9XfusQG3SWmHSLdNso.mft (raw, json)
Hash identifier: n1mkBxU1wFNTP8l2QbI7z8PoI2IRit/XCEBbMhugNXw=
Subject key identifier: 73:30:E2:25:08:A7:F7:CA:26:3A:F2:58:02:E6:5C:69:67:87:0E:09
Authority key identifier: 89:D4:B3:75:FD:4C:AF:D5:DF:BA:C4:06:DD:25:A6:1D:22:DD:36:CA
Certificate issuer: /CN=89d4b375fd4cafd5dfbac406dd25a61d22dd36ca
Certificate serial: 019A4EF4A258CED7211C07D1B9D3C18E86A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/idSzdf1Mr9XfusQG3SWmHSLdNso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.mft
Manifest number: 128A
Signing time: Tue 04 Nov 2025 13:00:46 +0000
Manifest this update: Tue 04 Nov 2025 13:00:46 +0000
Manifest next update: Wed 05 Nov 2025 13:00:46 +0000
Files and hashes: 1: idSzdf1Mr9XfusQG3SWmHSLdNso.crl (hash: 3PMxtbDLTYW9gAF0AREaDYR21cV9u8cVs8ab9mcMjhg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.crl
rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.mft
rsync://rpki.ripe.net/repository/DEFAULT/idSzdf1Mr9XfusQG3SWmHSLdNso.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f4:a2:58:ce:d7:21:1c:07:d1:b9:d3:c1:8e:86:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89d4b375fd4cafd5dfbac406dd25a61d22dd36ca
Validity
Not Before: Nov 4 13:00:46 2025 GMT
Not After : Nov 5 13:00:46 2025 GMT
Subject: CN=7330e22508a7f7ca263af25802e65c6967870e09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ac:91:cd:c4:59:f1:64:32:1e:16:d9:ae:9a:
15:51:f5:0b:4b:22:86:f6:6e:95:fe:77:06:56:6c:
c1:5f:9a:f9:f6:0b:3c:ca:43:5a:e8:70:c4:ff:3b:
86:51:e5:15:3e:8b:9f:c8:30:c3:c3:9b:48:4a:b3:
39:00:85:b7:96:8c:7d:d1:3e:a9:b3:6d:09:21:6c:
a2:8f:87:4b:d4:c4:ef:63:b9:71:f0:1a:39:77:f3:
0d:3a:c0:99:7f:cb:0a:75:68:47:25:b6:76:0c:75:
6b:2d:23:26:cb:04:44:eb:9e:b9:93:6d:5e:e4:3a:
9e:29:ab:e1:44:af:f3:12:02:88:76:c4:d6:68:6b:
eb:07:f3:4d:35:03:63:33:c4:a3:b7:f7:c4:9f:f9:
df:ba:7d:21:e3:13:24:e1:3d:0a:a1:43:28:94:7f:
f6:4c:09:44:78:52:e8:e8:fe:d8:9e:6a:af:b1:1e:
4c:50:36:13:3e:5b:7a:35:38:63:ed:4c:ec:f2:16:
db:48:c6:73:b6:0e:b5:9f:0e:fa:12:18:25:89:33:
d0:9b:fd:d8:d8:03:a8:f1:e6:72:f5:65:6c:e0:8f:
16:aa:73:32:ff:0c:5b:3e:66:05:75:dd:e6:42:b4:
5c:8e:51:01:1e:ef:88:98:43:ba:57:7c:01:b4:d9:
e6:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:30:E2:25:08:A7:F7:CA:26:3A:F2:58:02:E6:5C:69:67:87:0E:09
X509v3 Authority Key Identifier:
keyid:89:D4:B3:75:FD:4C:AF:D5:DF:BA:C4:06:DD:25:A6:1D:22:DD:36:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/idSzdf1Mr9XfusQG3SWmHSLdNso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
69:df:65:9a:c1:9b:ee:86:10:ec:28:85:0e:f2:bc:ed:a6:a6:
78:2f:24:b8:82:bd:26:93:1e:a2:49:a2:2a:82:81:e6:fc:37:
a8:c6:ec:2e:f9:37:a2:7d:74:e3:4f:f7:f5:3f:79:02:12:5c:
20:ea:b8:55:67:d4:8a:e7:39:10:06:5f:24:fc:f8:a9:ec:cf:
96:12:a3:06:e4:df:32:80:b1:21:24:a5:21:cd:4e:44:36:ec:
23:9f:4d:d5:c2:6f:8d:d6:47:81:8e:0e:62:7d:93:b6:d4:fd:
98:17:ec:ad:6d:a6:47:ea:f0:41:5c:be:25:93:06:32:ea:94:
20:6a:57:83:58:36:9a:83:20:91:1a:bd:7a:09:57:d1:97:03:
92:37:5d:10:16:e9:2a:85:34:6b:09:4a:d3:92:d2:6a:77:29:
3d:3f:f0:db:c4:ae:8e:1c:ba:d7:af:ac:7e:b8:72:8a:67:90:
a1:22:fd:ae:35:98:d2:24:7a:c3:51:05:d3:5a:55:9f:32:de:
30:1a:2d:5e:a7:1c:f1:29:1c:95:7c:ec:68:ba:58:3d:ce:26:
fe:77:2e:43:36:8e:a6:7f:15:ea:db:b5:4f:81:0c:1e:f8:3e:
6b:5d:00:46:68:da:27:dc:18:c9:bd:e6:9d:03:b8:2b:19:5b:
05:93:16:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9KJYztchHAfRudPBjoakMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZDRiMzc1ZmQ0Y2FmZDVkZmJhYzQwNmRkMjVhNjFkMjJk
ZDM2Y2EwHhcNMjUxMTA0MTMwMDQ2WhcNMjUxMTA1MTMwMDQ2WjAzMTEwLwYDVQQD
Eyg3MzMwZTIyNTA4YTdmN2NhMjYzYWYyNTgwMmU2NWM2OTY3ODcwZTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ayRzcRZ8WQyHhbZrpoVUfULSyKG
9m6V/ncGVmzBX5r59gs8ykNa6HDE/zuGUeUVPoufyDDDw5tISrM5AIW3lox90T6p
s20JIWyij4dL1MTvY7lx8Bo5d/MNOsCZf8sKdWhHJbZ2DHVrLSMmywRE6565k21e
5DqeKavhRK/zEgKIdsTWaGvrB/NNNQNjM8Sjt/fEn/nfun0h4xMk4T0KoUMolH/2
TAlEeFLo6P7YnmqvsR5MUDYTPlt6NThj7Uzs8hbbSMZztg61nw76EhgliTPQm/3Y
2AOo8eZy9WVs4I8WqnMy/wxbPmYFdd3mQrRcjlEBHu+ImEO6V3wBtNnmhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHMw4iUIp/fKJjryWALmXGlnhw4JMB8GA1UdIwQY
MBaAFInUs3X9TK/V37rEBt0lph0i3TbKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWRTemRmMU1yOVhmdXNRRzNTV21IU0xkTnNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9iY2FkOGQtOGU1NS00YTgxLWIzOTMt
Mjc0MjUxMjUyMDc3LzEvaWRTemRmMU1yOVhmdXNRRzNTV21IU0xkTnNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9iY2FkOGQtOGU1NS00YTgxLWIzOTMtMjc0MjUxMjUyMDc3
LzEvaWRTemRmMU1yOVhmdXNRRzNTV21IU0xkTnNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAad9lmsGb
7oYQ7CiFDvK87aameC8kuIK9JpMeokmiKoKB5vw3qMbsLvk3on1040/39T95AhJc
IOq4VWfUiuc5EAZfJPz4qezPlhKjBuTfMoCxISSlIc1ORDbsI59N1cJvjdZHgY4O
Yn2TttT9mBfsrW2mR+rwQVy+JZMGMuqUIGpXg1g2moMgkRq9eglX0ZcDkjddEBbp
KoU0awlK05LSancpPT/w28Sujhy616+sfrhyimeQoSL9rjWY0iR6w1EF01pVnzLe
MBotXqcc8SkclXzsaLpYPc4m/ncuQzaOpn8V6tu1T4EMHvg+a10ARmjaJ9wYyb3m
nQO4KxlbBZMW2w==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:06:05 2025 by rpki-client