Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
File: sd_KrmUzbQycpCWFpG2Yyawk9eU.mft (raw, json)
Hash identifier: 3H+BqpPN7c92lb9mWonxX/CzmSlbd9zA2zDzY7IUwkA=
Subject key identifier: 29:33:DD:4D:31:28:29:F2:9E:18:39:82:82:C5:03:40:8D:CF:06:B5
Authority key identifier: B1:DF:CA:AE:65:33:6D:0C:9C:A4:25:85:A4:6D:98:C9:AC:24:F5:E5
Certificate issuer: /CN=b1dfcaae65336d0c9ca42585a46d98c9ac24f5e5
Certificate serial: 019A02C7B879902A7BA4CF592E3C997C224E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
Manifest number: 032C
Signing time: Mon 20 Oct 2025 18:00:34 +0000
Manifest this update: Mon 20 Oct 2025 18:00:34 +0000
Manifest next update: Tue 21 Oct 2025 18:00:34 +0000
Files and hashes: 1: sd_KrmUzbQycpCWFpG2Yyawk9eU.crl (hash: jgKZ7ZVizQdXNWyYFH0R+P/rSYg3FFUotyLzFlF4iZI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:02:c7:b8:79:90:2a:7b:a4:cf:59:2e:3c:99:7c:22:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1dfcaae65336d0c9ca42585a46d98c9ac24f5e5
Validity
Not Before: Oct 20 18:00:34 2025 GMT
Not After : Oct 21 18:00:34 2025 GMT
Subject: CN=2933dd4d312829f29e18398282c503408dcf06b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:56:32:b4:65:ad:76:ec:cc:69:cf:e1:6b:7f:
51:b2:23:e8:b9:4c:29:c4:da:f5:cb:15:90:1c:50:
95:3b:08:b8:bc:12:88:cb:a9:b9:62:d3:2f:d7:de:
70:95:f3:17:fa:03:a6:03:ac:2e:f2:be:08:e7:65:
0a:6a:82:70:ad:57:cb:c6:b6:93:12:f1:31:49:d4:
d6:24:d5:a4:47:9d:25:04:3f:ce:60:b0:3e:de:54:
0a:91:2f:3e:cf:dd:e4:02:47:02:e1:aa:ca:22:fb:
24:8f:fc:4c:bf:c4:94:2c:3c:5e:78:73:bf:d3:35:
c4:6a:ae:1e:4d:c7:3f:e3:ae:e5:1f:a0:a1:b8:f5:
ae:5c:cc:5c:5e:f8:12:cb:fd:3f:bd:df:d1:2f:aa:
69:0a:9f:27:58:f5:86:c3:77:ba:9a:3e:7b:29:fd:
60:84:98:06:fb:3d:fe:c5:36:0a:80:22:9b:fd:43:
77:a4:17:3e:9d:6b:61:11:28:cf:1b:fb:82:0e:92:
79:b8:58:b0:5d:21:68:e0:fc:ae:dc:16:23:48:54:
98:bc:77:b9:a3:30:4f:58:52:78:cd:a5:b6:ae:ab:
2f:9b:b9:06:c3:91:42:3e:f7:81:b2:05:2c:3e:ec:
6c:75:70:58:5e:38:07:34:6b:f1:f4:ad:14:d7:d0:
6a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:33:DD:4D:31:28:29:F2:9E:18:39:82:82:C5:03:40:8D:CF:06:B5
X509v3 Authority Key Identifier:
keyid:B1:DF:CA:AE:65:33:6D:0C:9C:A4:25:85:A4:6D:98:C9:AC:24:F5:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
56:9a:d1:8b:07:28:03:33:db:86:30:85:7c:2a:16:8f:09:61:
43:df:ef:14:34:72:e2:62:8c:c0:a2:61:49:39:97:64:59:94:
91:3d:fa:ab:b2:96:ab:9f:99:b4:8c:63:30:51:03:03:a5:f6:
b4:e2:37:fa:4d:55:0e:aa:37:72:8d:52:62:bd:f7:8a:46:96:
40:37:2c:9a:29:72:45:a5:aa:37:79:3d:93:9d:21:9f:95:92:
c7:5e:8f:7e:f1:af:b9:41:32:5b:61:e2:83:dc:70:05:f3:55:
b2:10:29:4a:54:ca:d7:a4:f4:b4:c1:85:d8:8a:ea:45:31:e1:
44:83:40:a2:7f:38:6a:25:4a:d1:e2:61:61:f6:ca:9a:00:b7:
37:11:a6:e5:a7:33:1e:bc:5a:e7:e2:9a:a7:51:2f:5d:d8:2f:
80:db:09:92:fb:b6:b7:49:96:5e:8c:5a:ee:97:51:cf:69:56:
bd:a4:85:c7:ed:64:9f:29:56:5c:0d:88:e5:cb:3f:40:19:00:
fb:3d:3d:70:e4:27:7b:db:c3:70:6d:41:86:9d:c3:05:fe:e0:
c5:a5:7c:a7:b5:ea:73:40:b8:c6:cf:64:67:65:9c:14:dd:6b:
34:16:e1:be:5d:02:37:f9:c6:78:c2:80:f1:ed:2f:21:a2:96:
08:4f:f9:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoCx7h5kCp7pM9ZLjyZfCJOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZGZjYWFlNjUzMzZkMGM5Y2E0MjU4NWE0NmQ5OGM5YWMy
NGY1ZTUwHhcNMjUxMDIwMTgwMDM0WhcNMjUxMDIxMTgwMDM0WjAzMTEwLwYDVQQD
EygyOTMzZGQ0ZDMxMjgyOWYyOWUxODM5ODI4MmM1MDM0MDhkY2YwNmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7VYytGWtduzMac/ha39RsiPouUwp
xNr1yxWQHFCVOwi4vBKIy6m5YtMv195wlfMX+gOmA6wu8r4I52UKaoJwrVfLxraT
EvExSdTWJNWkR50lBD/OYLA+3lQKkS8+z93kAkcC4arKIvskj/xMv8SULDxeeHO/
0zXEaq4eTcc/467lH6ChuPWuXMxcXvgSy/0/vd/RL6ppCp8nWPWGw3e6mj57Kf1g
hJgG+z3+xTYKgCKb/UN3pBc+nWthESjPG/uCDpJ5uFiwXSFo4Pyu3BYjSFSYvHe5
ozBPWFJ4zaW2rqsvm7kGw5FCPveBsgUsPuxsdXBYXjgHNGvx9K0U19BqUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCkz3U0xKCnynhg5goLFA0CNzwa1MB8GA1UdIwQY
MBaAFLHfyq5lM20MnKQlhaRtmMmsJPXlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8xOTg3N2QtMzkzMi00NzJlLTllNjQt
YzQ1ZTg5MjRjNTRhLzEvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8xOTg3N2QtMzkzMi00NzJlLTllNjQtYzQ1ZTg5MjRjNTRh
LzEvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVprRiwco
AzPbhjCFfCoWjwlhQ9/vFDRy4mKMwKJhSTmXZFmUkT36q7KWq5+ZtIxjMFEDA6X2
tOI3+k1VDqo3co1SYr33ikaWQDcsmilyRaWqN3k9k50hn5WSx16PfvGvuUEyW2Hi
g9xwBfNVshApSlTK16T0tMGF2IrqRTHhRINAon84aiVK0eJhYfbKmgC3NxGm5acz
Hrxa5+Kap1EvXdgvgNsJkvu2t0mWXoxa7pdRz2lWvaSFx+1knylWXA2I5cs/QBkA
+z09cOQne9vDcG1Bhp3DBf7gxaV8p7Xqc0C4xs9kZ2WcFN1rNBbhvl0CN/nGeMKA
8e0vIaKWCE/54g==
-----END CERTIFICATE-----
Generated at Mon Oct 20 20:55:04 2025 by rpki-client