Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
File: Lokc9xG_fhxC4ILWoviaBL7rldE.mft (raw, json)
Hash identifier: 4owuHPTXtXxVpdjmKzY8Ho0StF4EQbNVvjnuSkGjVSo=
Subject key identifier: DF:77:CC:01:80:F1:6B:55:52:5A:62:E6:D7:15:4C:DE:9C:F6:67:96
Authority key identifier: 2E:89:1C:F7:11:BF:7E:1C:42:E0:82:D6:A2:F8:9A:04:BE:EB:95:D1
Certificate issuer: /CN=2e891cf711bf7e1c42e082d6a2f89a04beeb95d1
Certificate serial: 019A4F61F5F6E1C53C7190EF6A45AABFE88B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
Manifest number: 0311
Signing time: Tue 04 Nov 2025 15:00:11 +0000
Manifest this update: Tue 04 Nov 2025 15:00:11 +0000
Manifest next update: Wed 05 Nov 2025 15:00:11 +0000
Files and hashes: 1: Lokc9xG_fhxC4ILWoviaBL7rldE.crl (hash: oWc0KfVoqi6JJixTvSSlhudFeRqtQN5NcKxy/ASz9Jg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:61:f5:f6:e1:c5:3c:71:90:ef:6a:45:aa:bf:e8:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e891cf711bf7e1c42e082d6a2f89a04beeb95d1
Validity
Not Before: Nov 4 15:00:11 2025 GMT
Not After : Nov 5 15:00:11 2025 GMT
Subject: CN=df77cc0180f16b55525a62e6d7154cde9cf66796
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:87:9a:b0:26:eb:45:23:95:3c:c1:7a:43:57:
93:aa:f8:78:65:a7:07:04:35:02:e3:fc:7a:66:cc:
10:49:d1:b1:a9:f9:d5:c2:02:9c:2d:33:f1:5e:ac:
6c:41:21:ee:7e:7f:1d:2c:95:65:62:24:d6:81:2a:
a7:23:ae:d4:c5:1b:43:b8:0b:09:d7:df:08:fa:db:
7c:c6:7e:c6:a7:05:f4:c6:1b:aa:a1:34:41:82:55:
e1:04:42:53:cb:c9:41:2d:d5:64:80:fc:d2:06:34:
8c:6b:a0:a6:03:93:a2:4e:61:52:7a:15:cf:a4:e3:
b1:69:ee:ab:99:87:7e:e5:59:aa:2b:e8:b4:86:32:
6a:ce:48:e5:28:e1:10:ad:55:fa:9c:40:92:f9:9e:
4a:c7:35:e1:75:d3:ee:83:d2:be:a7:2f:26:17:60:
c6:8b:c6:6c:40:85:f2:1e:a0:0f:33:3f:e9:7f:84:
a2:44:ff:46:e8:03:a4:5c:a5:89:be:8b:b3:60:db:
8f:f8:b3:19:0c:79:4f:7c:ea:35:59:99:6a:a8:21:
81:51:6e:2a:5d:93:9a:4d:7e:da:81:e1:ce:3a:73:
70:26:26:7c:e3:a8:b1:7f:1d:88:d5:9b:45:5d:b0:
4f:4b:53:78:f6:d9:33:b4:93:8e:32:a1:24:86:4b:
b4:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:77:CC:01:80:F1:6B:55:52:5A:62:E6:D7:15:4C:DE:9C:F6:67:96
X509v3 Authority Key Identifier:
keyid:2E:89:1C:F7:11:BF:7E:1C:42:E0:82:D6:A2:F8:9A:04:BE:EB:95:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
22:a7:01:ea:e3:c6:36:17:a5:a5:89:23:94:66:4d:f1:3a:57:
37:f4:b8:3f:6f:ba:3f:a4:b8:2a:9b:f1:33:f7:ee:90:ed:05:
5f:0e:9d:b4:09:29:35:ae:59:78:a0:7a:1f:ac:4c:93:94:23:
f1:70:6d:12:64:a4:10:7e:01:1e:7a:85:a6:23:96:2e:31:ef:
66:4a:fc:e6:2f:63:a7:8e:3e:f8:a9:e3:93:84:7f:d0:0a:8c:
bf:cd:04:81:93:50:b1:69:d4:a2:61:01:ff:89:e0:7a:c3:34:
27:f8:37:59:a9:c7:f4:4e:19:d0:6c:a9:af:dd:fd:34:db:5a:
a4:72:f0:98:35:28:a7:75:38:0e:0a:77:6a:3f:4a:20:e6:4c:
99:3e:14:81:cd:56:25:53:aa:20:45:6c:79:11:44:2f:42:de:
75:3b:65:97:88:0d:29:d8:cd:04:7a:45:75:69:10:87:54:a7:
b4:5f:12:40:3c:06:30:92:41:cc:22:ac:48:dd:ec:9b:88:df:
ec:29:5a:9e:49:9c:34:da:10:6e:d4:15:64:b2:08:79:d4:33:
c7:5a:8f:d5:a7:94:69:08:3e:e7:12:0c:4c:b0:5b:12:62:05:
aa:82:41:98:8c:49:af:a1:74:42:ba:7d:21:47:4a:65:8f:af:
cc:00:3d:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYfX24cU8cZDvakWqv+iLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODkxY2Y3MTFiZjdlMWM0MmUwODJkNmEyZjg5YTA0YmVl
Yjk1ZDEwHhcNMjUxMTA0MTUwMDExWhcNMjUxMTA1MTUwMDExWjAzMTEwLwYDVQQD
EyhkZjc3Y2MwMTgwZjE2YjU1NTI1YTYyZTZkNzE1NGNkZTljZjY2Nzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIeasCbrRSOVPMF6Q1eTqvh4ZacH
BDUC4/x6ZswQSdGxqfnVwgKcLTPxXqxsQSHufn8dLJVlYiTWgSqnI67UxRtDuAsJ
198I+tt8xn7GpwX0xhuqoTRBglXhBEJTy8lBLdVkgPzSBjSMa6CmA5OiTmFSehXP
pOOxae6rmYd+5VmqK+i0hjJqzkjlKOEQrVX6nECS+Z5KxzXhddPug9K+py8mF2DG
i8ZsQIXyHqAPMz/pf4SiRP9G6AOkXKWJvouzYNuP+LMZDHlPfOo1WZlqqCGBUW4q
XZOaTX7ageHOOnNwJiZ846ixfx2I1ZtFXbBPS1N49tkztJOOMqEkhku0RwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN93zAGA8WtVUlpi5tcVTN6c9meWMB8GA1UdIwQY
MBaAFC6JHPcRv34cQuCC1qL4mgS+65XRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81MGI1NTAtZjg1ZS00ODliLTg0NzMt
ZTAzNjUzODFiYjg1LzEvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS81MGI1NTAtZjg1ZS00ODliLTg0NzMtZTAzNjUzODFiYjg1
LzEvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIqcB6uPG
NhelpYkjlGZN8TpXN/S4P2+6P6S4KpvxM/fukO0FXw6dtAkpNa5ZeKB6H6xMk5Qj
8XBtEmSkEH4BHnqFpiOWLjHvZkr85i9jp44++Knjk4R/0AqMv80EgZNQsWnUomEB
/4ngesM0J/g3WanH9E4Z0Gypr939NNtapHLwmDUop3U4Dgp3aj9KIOZMmT4Ugc1W
JVOqIEVseRFEL0LedTtll4gNKdjNBHpFdWkQh1SntF8SQDwGMJJBzCKsSN3sm4jf
7ClankmcNNoQbtQVZLIIedQzx1qP1aeUaQg+5xIMTLBbEmIFqoJBmIxJr6F0Qrp9
IUdKZY+vzAA9Vg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:09:51 2025 by rpki-client