Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.mft
File: 0krezYS7F0i9NbmezqRncuAeyTU.mft (raw, json)
Hash identifier: 9/2/E9veR3XYgnj80j2OOfuiobiG2/e3LPW9S81hi48=
Subject key identifier: 87:C8:BF:81:6A:11:A6:4C:23:46:72:54:03:AB:B5:EC:01:95:BC:AA
Authority key identifier: D2:4A:DE:CD:84:BB:17:48:BD:35:B9:9E:CE:A4:67:72:E0:1E:C9:35
Certificate issuer: /CN=d24adecd84bb1748bd35b99ecea46772e01ec935
Certificate serial: 019A5187C98DB106AC2DE34A697EB8CE7830
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0krezYS7F0i9NbmezqRncuAeyTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.mft
Manifest number: 1711
Signing time: Wed 05 Nov 2025 01:00:44 +0000
Manifest this update: Wed 05 Nov 2025 01:00:44 +0000
Manifest next update: Thu 06 Nov 2025 01:00:44 +0000
Files and hashes: 1: 0krezYS7F0i9NbmezqRncuAeyTU.crl (hash: 3CIxuYcQO9vrPb1v3qCdPjGT+mjsnTw4p9cymIKur+o=)
2: UON5AT9SXUWq39L68I_y2_ZUikk.roa (hash: JwjZjFuzIaj/y6AQtmJH9bJqGEr4cg/qlCiSjx+pXxc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.mft
rsync://rpki.ripe.net/repository/DEFAULT/0krezYS7F0i9NbmezqRncuAeyTU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 01:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:51:87:c9:8d:b1:06:ac:2d:e3:4a:69:7e:b8:ce:78:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d24adecd84bb1748bd35b99ecea46772e01ec935
Validity
Not Before: Nov 5 01:00:44 2025 GMT
Not After : Nov 6 01:00:44 2025 GMT
Subject: CN=87c8bf816a11a64c2346725403abb5ec0195bcaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:42:b4:5a:9d:28:04:aa:73:4a:61:b3:e9:01:
ee:3d:91:4f:09:7f:62:34:b5:df:f1:c6:19:e5:00:
1e:32:f8:ed:b0:14:ff:b7:fc:70:42:72:16:2c:53:
76:38:b1:da:2e:d8:78:87:9b:f6:01:96:c9:4e:6f:
5e:21:bb:74:f7:9a:93:1e:ad:90:09:0e:16:10:1d:
10:cb:8f:8c:ec:28:a9:b3:ce:79:ac:ad:87:0e:12:
4c:89:34:67:d6:e0:98:47:5b:b3:af:83:df:3e:cb:
eb:ae:31:12:e3:b3:fe:8a:3e:98:64:89:7a:52:d4:
7f:de:9a:78:37:59:a6:b5:55:6a:db:5a:b1:a2:d3:
16:0e:0c:8d:64:fa:ba:2b:8b:21:95:87:61:92:94:
be:55:21:55:d3:00:a4:11:a5:02:8b:d2:13:f0:0d:
67:45:95:70:05:17:04:a9:82:a4:79:7a:63:29:50:
89:6b:3c:56:06:b2:b6:ca:a3:96:05:ac:57:35:97:
8c:20:c3:4a:3f:62:41:a5:d0:62:6b:90:bf:30:ed:
90:d2:c8:5e:6c:1a:1f:e5:43:e3:b0:ca:95:9d:12:
7c:19:14:73:86:92:b1:36:29:87:3a:c7:bb:40:71:
4d:a4:26:66:7e:ac:d1:73:d8:7d:07:56:23:e1:9e:
0c:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:C8:BF:81:6A:11:A6:4C:23:46:72:54:03:AB:B5:EC:01:95:BC:AA
X509v3 Authority Key Identifier:
keyid:D2:4A:DE:CD:84:BB:17:48:BD:35:B9:9E:CE:A4:67:72:E0:1E:C9:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0krezYS7F0i9NbmezqRncuAeyTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
82:44:71:65:3e:ed:ec:7d:71:01:0f:25:a5:93:7d:f5:6e:0e:
3a:84:7a:77:9e:f8:f2:f4:1d:6d:db:8c:c8:25:04:e9:cd:bc:
0b:72:80:ed:5c:db:7b:11:0a:09:c5:63:56:d9:67:89:53:80:
23:12:c4:61:1d:48:93:91:99:6d:cb:31:f3:11:cf:a8:03:f1:
48:02:ed:4e:50:3d:71:fe:20:d2:94:13:6a:7c:39:a8:47:51:
b3:41:95:53:0e:51:64:d1:21:11:cb:ea:b8:fc:1b:dc:13:ae:
d0:7a:b1:5a:fb:d7:99:47:bb:a9:ad:18:2e:34:9b:a5:25:0e:
b4:a8:ce:18:3c:c2:44:6a:5c:d1:c5:80:ff:c3:55:7e:0e:f8:
6f:f2:11:e7:6c:f3:90:2a:ad:85:f3:06:f0:0e:69:ac:d6:8d:
9a:f9:3d:68:01:07:f9:16:34:18:d4:b0:6a:23:a4:85:89:75:
67:ca:e3:b1:f0:08:a3:31:ba:f6:7d:9a:14:af:25:63:0c:9a:
f7:03:c8:30:58:88:ac:a3:9e:91:ae:ec:47:7d:63:73:3a:86:
47:02:37:3a:5b:df:fa:6d:4f:4b:1b:53:4f:e7:af:22:40:0f:
49:21:1a:95:fc:02:4d:2f:8c:e9:74:ed:5a:9b:b4:a4:3e:4a:
fc:db:23:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRh8mNsQasLeNKaX64zngwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNGFkZWNkODRiYjE3NDhiZDM1Yjk5ZWNlYTQ2NzcyZTAx
ZWM5MzUwHhcNMjUxMTA1MDEwMDQ0WhcNMjUxMTA2MDEwMDQ0WjAzMTEwLwYDVQQD
Eyg4N2M4YmY4MTZhMTFhNjRjMjM0NjcyNTQwM2FiYjVlYzAxOTViY2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0K0Wp0oBKpzSmGz6QHuPZFPCX9i
NLXf8cYZ5QAeMvjtsBT/t/xwQnIWLFN2OLHaLth4h5v2AZbJTm9eIbt095qTHq2Q
CQ4WEB0Qy4+M7Cips855rK2HDhJMiTRn1uCYR1uzr4PfPsvrrjES47P+ij6YZIl6
UtR/3pp4N1mmtVVq21qxotMWDgyNZPq6K4shlYdhkpS+VSFV0wCkEaUCi9IT8A1n
RZVwBRcEqYKkeXpjKVCJazxWBrK2yqOWBaxXNZeMIMNKP2JBpdBia5C/MO2Q0she
bBof5UPjsMqVnRJ8GRRzhpKxNimHOse7QHFNpCZmfqzRc9h9B1Yj4Z4MEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIfIv4FqEaZMI0ZyVAOrtewBlbyqMB8GA1UdIwQY
MBaAFNJK3s2EuxdIvTW5ns6kZ3LgHsk1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGtyZXpZUzdGMGk5TmJtZXpxUm5jdUFleVRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS82M2E4NDUtOGMwOS00ZDY5LWE3NzEt
NDhhNjA3YmJlMjVlLzEvMGtyZXpZUzdGMGk5TmJtZXpxUm5jdUFleVRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS82M2E4NDUtOGMwOS00ZDY5LWE3NzEtNDhhNjA3YmJlMjVl
LzEvMGtyZXpZUzdGMGk5TmJtZXpxUm5jdUFleVRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgkRxZT7t
7H1xAQ8lpZN99W4OOoR6d5748vQdbduMyCUE6c28C3KA7VzbexEKCcVjVtlniVOA
IxLEYR1Ik5GZbcsx8xHPqAPxSALtTlA9cf4g0pQTanw5qEdRs0GVUw5RZNEhEcvq
uPwb3BOu0HqxWvvXmUe7qa0YLjSbpSUOtKjOGDzCRGpc0cWA/8NVfg74b/IR52zz
kCqthfMG8A5prNaNmvk9aAEH+RY0GNSwaiOkhYl1Z8rjsfAIozG69n2aFK8lYwya
9wPIMFiIrKOeka7sR31jczqGRwI3Olvf+m1PSxtTT+evIkAPSSEalfwCTS+M6XTt
Wpu0pD5K/Nsjbw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:58:10 2025 by rpki-client