Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/dc9082-5a9f-41ee-8d44-618cd0682b10/1/gXS2uiCeYit5ihT86qlEdi-nYpo.mft
File: gXS2uiCeYit5ihT86qlEdi-nYpo.mft (raw, json)
Hash identifier: o9C5VgqCGLMGKYOS06TP+D8VFAM1P/z5ZT/5qQJhSFU=
Subject key identifier: B1:64:66:D8:B3:32:1D:20:45:A2:A9:9F:1B:2D:8D:8D:3E:38:D9:7E
Authority key identifier: 81:74:B6:BA:20:9E:62:2B:79:8A:14:FC:EA:A9:44:76:2F:A7:62:9A
Certificate issuer: /CN=8174b6ba209e622b798a14fceaa944762fa7629a
Certificate serial: 0199FE7DB5E5D0721EBC413ED3FE9C51365C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gXS2uiCeYit5ihT86qlEdi-nYpo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/dc9082-5a9f-41ee-8d44-618cd0682b10/1/gXS2uiCeYit5ihT86qlEdi-nYpo.mft
Manifest number: 01A2
Signing time: Sun 19 Oct 2025 22:01:15 +0000
Manifest this update: Sun 19 Oct 2025 22:01:15 +0000
Manifest next update: Mon 20 Oct 2025 22:01:15 +0000
Files and hashes: 1: gXS2uiCeYit5ihT86qlEdi-nYpo.crl (hash: C0iJAhoyWg7sAIfCtlVtVk2L6tTgQoqPTuD+ZBGN1SA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/dc9082-5a9f-41ee-8d44-618cd0682b10/1/gXS2uiCeYit5ihT86qlEdi-nYpo.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/dc9082-5a9f-41ee-8d44-618cd0682b10/1/gXS2uiCeYit5ihT86qlEdi-nYpo.mft
rsync://rpki.ripe.net/repository/DEFAULT/gXS2uiCeYit5ihT86qlEdi-nYpo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fe:7d:b5:e5:d0:72:1e:bc:41:3e:d3:fe:9c:51:36:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8174b6ba209e622b798a14fceaa944762fa7629a
Validity
Not Before: Oct 19 22:01:15 2025 GMT
Not After : Oct 20 22:01:15 2025 GMT
Subject: CN=b16466d8b3321d2045a2a99f1b2d8d8d3e38d97e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:42:c4:3d:5f:70:53:e6:c8:5a:62:0d:27:a3:
0e:c4:66:37:13:7a:d2:d2:7f:20:9b:e9:4f:6b:7f:
04:79:45:1d:1a:b4:f8:ee:c1:7b:55:92:a8:c0:5e:
2e:77:b3:16:4b:02:c4:73:df:d8:52:ad:66:a9:19:
5c:b4:6d:f5:5d:e9:fa:50:df:f7:6b:c8:11:7c:30:
c0:5f:00:0d:a5:74:8f:8b:58:8c:0c:22:84:04:a4:
5e:7f:8b:2e:65:e5:d1:36:71:1d:8e:01:4d:23:9e:
98:3a:a3:90:1c:e3:48:84:05:5d:a6:3c:da:f2:c6:
93:64:c2:0b:ac:1f:81:c5:46:aa:9a:83:bf:d1:44:
e1:aa:a3:75:d6:7a:72:07:47:b6:2d:76:0e:e3:cd:
4d:c7:b4:9c:cb:05:11:03:8f:83:85:40:f9:ef:2d:
8f:7d:20:2a:c4:42:a8:7e:6a:bc:b2:b8:fd:b5:29:
f2:84:63:0f:cf:39:58:85:43:97:14:ae:16:5e:63:
2d:51:ef:78:ae:a7:71:35:4d:12:7e:82:fc:56:d3:
c9:3a:22:0d:cd:7a:26:df:f0:3b:a3:ba:97:a9:af:
47:03:f2:a2:f9:33:b7:16:a5:99:b3:b4:1b:59:66:
0a:91:10:5c:42:b9:76:b9:db:14:46:d5:ec:5d:39:
df:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:64:66:D8:B3:32:1D:20:45:A2:A9:9F:1B:2D:8D:8D:3E:38:D9:7E
X509v3 Authority Key Identifier:
keyid:81:74:B6:BA:20:9E:62:2B:79:8A:14:FC:EA:A9:44:76:2F:A7:62:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gXS2uiCeYit5ihT86qlEdi-nYpo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/dc9082-5a9f-41ee-8d44-618cd0682b10/1/gXS2uiCeYit5ihT86qlEdi-nYpo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/dc9082-5a9f-41ee-8d44-618cd0682b10/1/gXS2uiCeYit5ihT86qlEdi-nYpo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
01:89:83:e4:0b:ad:1d:87:4f:c6:01:a0:3a:d6:0a:be:45:55:
f8:f6:81:4f:cd:84:a2:0d:0b:b8:30:4f:bc:38:3c:64:31:b8:
7d:9e:5b:97:fa:0d:af:1e:bf:fd:a0:c2:af:30:01:b8:4a:6c:
79:3f:e0:28:b2:26:99:8e:b9:9f:34:ca:42:45:e6:da:bc:a6:
89:4e:74:69:68:2c:bd:8a:50:c9:73:76:4c:69:bb:77:78:e8:
68:d4:bc:d3:12:04:bc:26:69:83:3b:e0:05:17:ce:5d:44:ff:
cd:34:b4:5f:46:e1:53:90:5e:fa:31:87:2a:d3:5e:41:81:b2:
cb:08:5a:1f:c4:eb:e8:26:42:0b:b6:51:f7:8a:1b:b4:be:4d:
23:e7:2c:f8:b5:d5:fa:cd:09:45:f5:5c:85:98:57:77:2b:8e:
bb:0c:6b:74:d7:a6:46:2f:c3:54:71:eb:1d:54:72:a2:63:b1:
8f:d1:53:c8:1a:6f:10:81:27:c9:c8:93:af:fb:d0:2f:f8:95:
b1:f8:4c:ec:59:b9:99:15:51:e0:7c:2b:53:09:75:9a:ed:57:
65:13:7b:4d:ec:25:20:34:77:8a:54:bf:d8:b8:93:ca:92:06:
9a:a2:91:33:8b:ec:ed:32:82:e5:26:dc:4e:9c:6b:30:dc:40:
94:6e:be:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+fbXl0HIevEE+0/6cUTZcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNzRiNmJhMjA5ZTYyMmI3OThhMTRmY2VhYTk0NDc2MmZh
NzYyOWEwHhcNMjUxMDE5MjIwMTE1WhcNMjUxMDIwMjIwMTE1WjAzMTEwLwYDVQQD
EyhiMTY0NjZkOGIzMzIxZDIwNDVhMmE5OWYxYjJkOGQ4ZDNlMzhkOTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA30LEPV9wU+bIWmINJ6MOxGY3E3rS
0n8gm+lPa38EeUUdGrT47sF7VZKowF4ud7MWSwLEc9/YUq1mqRlctG31Xen6UN/3
a8gRfDDAXwANpXSPi1iMDCKEBKRef4suZeXRNnEdjgFNI56YOqOQHONIhAVdpjza
8saTZMILrB+BxUaqmoO/0UThqqN11npyB0e2LXYO481Nx7ScywURA4+DhUD57y2P
fSAqxEKofmq8srj9tSnyhGMPzzlYhUOXFK4WXmMtUe94rqdxNU0SfoL8VtPJOiIN
zXom3/A7o7qXqa9HA/Ki+TO3FqWZs7QbWWYKkRBcQrl2udsURtXsXTnfxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLFkZtizMh0gRaKpnxstjY0+ONl+MB8GA1UdIwQY
MBaAFIF0trognmIreYoU/OqpRHYvp2KaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1hTMnVpQ2VZaXQ1aWhUODZxbEVkaS1uWXBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9kYzkwODItNWE5Zi00MWVlLThkNDQt
NjE4Y2QwNjgyYjEwLzEvZ1hTMnVpQ2VZaXQ1aWhUODZxbEVkaS1uWXBvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9kYzkwODItNWE5Zi00MWVlLThkNDQtNjE4Y2QwNjgyYjEw
LzEvZ1hTMnVpQ2VZaXQ1aWhUODZxbEVkaS1uWXBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAYmD5Aut
HYdPxgGgOtYKvkVV+PaBT82Eog0LuDBPvDg8ZDG4fZ5bl/oNrx6//aDCrzABuEps
eT/gKLImmY65nzTKQkXm2rymiU50aWgsvYpQyXN2TGm7d3joaNS80xIEvCZpgzvg
BRfOXUT/zTS0X0bhU5Be+jGHKtNeQYGyywhaH8Tr6CZCC7ZR94obtL5NI+cs+LXV
+s0JRfVchZhXdyuOuwxrdNemRi/DVHHrHVRyomOxj9FTyBpvEIEnyciTr/vQL/iV
sfhM7Fm5mRVR4HwrUwl1mu1XZRN7TewlIDR3ilS/2LiTypIGmqKRM4vs7TKC5Sbc
TpxrMNxAlG6+tA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:11:28 2025 by rpki-client