Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/0c5ed7-0e72-4ead-906c-291a3164a0b8/1/mvnR5V9D5P3W0k-0sO2m6dEoqlE.mft
File: mvnR5V9D5P3W0k-0sO2m6dEoqlE.mft (raw, json)
Hash identifier: GsKwarBgoKUNNN+RfzvyfGnu7Q3OTs1AQYgnsXuxghM=
Subject key identifier: 26:35:17:9A:59:B9:97:30:D6:E6:FF:1E:D7:0F:4E:84:13:8B:09:50
Authority key identifier: 9A:F9:D1:E5:5F:43:E4:FD:D6:D2:4F:B4:B0:ED:A6:E9:D1:28:AA:51
Certificate issuer: /CN=9af9d1e55f43e4fdd6d24fb4b0eda6e9d128aa51
Certificate serial: 019A54BF668AE0AF416ABB2C8908D2DE97D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mvnR5V9D5P3W0k-0sO2m6dEoqlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/0c5ed7-0e72-4ead-906c-291a3164a0b8/1/mvnR5V9D5P3W0k-0sO2m6dEoqlE.mft
Manifest number: 11B2
Signing time: Wed 05 Nov 2025 16:00:20 +0000
Manifest this update: Wed 05 Nov 2025 16:00:20 +0000
Manifest next update: Thu 06 Nov 2025 16:00:20 +0000
Files and hashes: 1: mvnR5V9D5P3W0k-0sO2m6dEoqlE.crl (hash: XJR/h818iUo2OzBTtObY7QfHPz6gucItl4sDn4R6bx0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/0c5ed7-0e72-4ead-906c-291a3164a0b8/1/mvnR5V9D5P3W0k-0sO2m6dEoqlE.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/0c5ed7-0e72-4ead-906c-291a3164a0b8/1/mvnR5V9D5P3W0k-0sO2m6dEoqlE.mft
rsync://rpki.ripe.net/repository/DEFAULT/mvnR5V9D5P3W0k-0sO2m6dEoqlE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:54:bf:66:8a:e0:af:41:6a:bb:2c:89:08:d2:de:97:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9af9d1e55f43e4fdd6d24fb4b0eda6e9d128aa51
Validity
Not Before: Nov 5 16:00:20 2025 GMT
Not After : Nov 6 16:00:20 2025 GMT
Subject: CN=2635179a59b99730d6e6ff1ed70f4e84138b0950
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e9:f1:c5:81:c1:f0:b0:bf:72:17:95:16:b0:
a1:51:e9:d1:f0:e8:d6:85:66:4b:58:ee:02:ab:6e:
03:93:ba:64:4d:35:0e:65:a9:fc:07:49:bc:b0:4f:
86:9e:e9:fe:63:0f:23:7f:1b:e4:23:47:9a:c0:ae:
38:38:fd:6c:72:77:72:cf:de:3a:10:4b:d5:05:ee:
de:e7:60:08:70:71:70:71:b5:2a:e9:f3:13:fa:a2:
5d:9c:80:a1:37:b0:03:66:1c:d1:88:79:ad:5a:59:
9c:8b:2a:bb:10:89:0d:f6:68:bf:bd:13:5d:c3:d4:
f3:a8:50:6f:c5:c2:0f:e0:22:12:ae:9e:6e:fb:c7:
2c:2a:07:64:83:c4:0f:7d:cf:85:bd:a4:2b:61:de:
db:ab:72:0f:d6:4b:68:ae:2c:cd:6e:91:e7:c3:83:
50:67:13:78:62:0f:7c:c7:d1:3f:66:6b:3e:fd:21:
e9:5d:2d:d5:85:03:d8:e9:67:9a:df:30:ce:47:e5:
e5:53:a9:5b:58:66:28:74:50:5c:5f:72:22:66:c6:
9e:ec:1f:7b:c3:9f:e6:5a:63:aa:69:99:37:95:1a:
3f:05:c7:56:5f:53:84:f7:f6:c5:fb:b5:1b:01:eb:
81:21:25:6b:07:59:a3:82:43:01:51:5a:5b:24:b6:
da:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:35:17:9A:59:B9:97:30:D6:E6:FF:1E:D7:0F:4E:84:13:8B:09:50
X509v3 Authority Key Identifier:
keyid:9A:F9:D1:E5:5F:43:E4:FD:D6:D2:4F:B4:B0:ED:A6:E9:D1:28:AA:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mvnR5V9D5P3W0k-0sO2m6dEoqlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/0c5ed7-0e72-4ead-906c-291a3164a0b8/1/mvnR5V9D5P3W0k-0sO2m6dEoqlE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/0c5ed7-0e72-4ead-906c-291a3164a0b8/1/mvnR5V9D5P3W0k-0sO2m6dEoqlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
58:6b:22:79:b3:0e:5d:ed:1f:01:4f:f9:bd:dc:93:39:c1:d4:
15:c2:0a:22:6e:33:57:aa:45:cb:9b:96:71:89:3e:99:23:8b:
8b:08:44:41:c2:96:43:ae:96:e5:47:be:61:34:24:6e:d4:94:
c5:7a:b5:f5:0a:2d:68:cf:fe:15:b6:44:da:4d:87:ad:2e:18:
57:2c:34:90:a0:6f:49:21:0e:d0:54:7c:01:d1:98:9e:79:f4:
6f:f2:9d:7a:55:4b:28:66:0f:09:75:f9:f7:ab:57:04:84:f9:
5d:09:a7:01:31:5b:03:9b:80:be:d8:25:83:e5:ba:44:18:fb:
ac:3e:e9:e3:a7:f5:dd:8d:2b:43:bf:e3:b7:d1:e2:84:3f:10:
ba:e7:90:04:fe:10:40:82:57:24:83:8e:08:c0:fa:49:df:a1:
06:2d:e0:eb:f6:45:46:a5:79:32:02:84:99:66:b0:10:0e:cf:
1b:5e:8a:f0:7e:8a:0d:94:f6:7d:e4:e8:56:9f:05:2e:65:58:
f6:da:ac:ad:d5:e9:9c:c8:19:fe:7f:4a:7a:ed:cc:9c:9b:47:
8a:71:d3:a4:cb:d9:17:78:5f:f4:e3:d5:4f:82:88:f4:31:c1:
8a:63:d8:29:29:e1:ce:ef:45:4b:28:e2:21:cb:a3:73:bc:87:
72:94:d5:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpUv2aK4K9BarssiQjS3pfSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZjlkMWU1NWY0M2U0ZmRkNmQyNGZiNGIwZWRhNmU5ZDEy
OGFhNTEwHhcNMjUxMTA1MTYwMDIwWhcNMjUxMTA2MTYwMDIwWjAzMTEwLwYDVQQD
EygyNjM1MTc5YTU5Yjk5NzMwZDZlNmZmMWVkNzBmNGU4NDEzOGIwOTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOnxxYHB8LC/cheVFrChUenR8OjW
hWZLWO4Cq24Dk7pkTTUOZan8B0m8sE+Gnun+Yw8jfxvkI0eawK44OP1scndyz946
EEvVBe7e52AIcHFwcbUq6fMT+qJdnIChN7ADZhzRiHmtWlmciyq7EIkN9mi/vRNd
w9TzqFBvxcIP4CISrp5u+8csKgdkg8QPfc+FvaQrYd7bq3IP1ktorizNbpHnw4NQ
ZxN4Yg98x9E/Zms+/SHpXS3VhQPY6Wea3zDOR+XlU6lbWGYodFBcX3IiZsae7B97
w5/mWmOqaZk3lRo/BcdWX1OE9/bF+7UbAeuBISVrB1mjgkMBUVpbJLbaEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCY1F5pZuZcw1ub/HtcPToQTiwlQMB8GA1UdIwQY
MBaAFJr50eVfQ+T91tJPtLDtpunRKKpRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXZuUjVWOUQ1UDNXMGstMHNPMm02ZEVvcWxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS8wYzVlZDctMGU3Mi00ZWFkLTkwNmMt
MjkxYTMxNjRhMGI4LzEvbXZuUjVWOUQ1UDNXMGstMHNPMm02ZEVvcWxFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS8wYzVlZDctMGU3Mi00ZWFkLTkwNmMtMjkxYTMxNjRhMGI4
LzEvbXZuUjVWOUQ1UDNXMGstMHNPMm02ZEVvcWxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWGsiebMO
Xe0fAU/5vdyTOcHUFcIKIm4zV6pFy5uWcYk+mSOLiwhEQcKWQ66W5Ue+YTQkbtSU
xXq19QotaM/+FbZE2k2HrS4YVyw0kKBvSSEO0FR8AdGYnnn0b/KdelVLKGYPCXX5
96tXBIT5XQmnATFbA5uAvtglg+W6RBj7rD7p46f13Y0rQ7/jt9HihD8QuueQBP4Q
QIJXJIOOCMD6Sd+hBi3g6/ZFRqV5MgKEmWawEA7PG16K8H6KDZT2feToVp8FLmVY
9tqsrdXpnMgZ/n9Keu3MnJtHinHTpMvZF3hf9OPVT4KI9DHBimPYKSnhzu9FSyji
Icujc7yHcpTVCw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 17:48:53 2025 by rpki-client