Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/caa68e-7a9e-4cae-8d2a-e90219bc8ff1/1/brmgpz47pWk4Hd2m1kcNx8hzyVk.mft
File: brmgpz47pWk4Hd2m1kcNx8hzyVk.mft (raw, json)
Hash identifier: R1Zc7LQVCR59a+pGmecc5YDPxVZRny09YMULmXnZe9w=
Subject key identifier: DF:66:94:2D:59:78:AA:A7:DA:AC:1D:72:5F:23:C6:4E:AB:8B:90:4A
Authority key identifier: 6E:B9:A0:A7:3E:3B:A5:69:38:1D:DD:A6:D6:47:0D:C7:C8:73:C9:59
Certificate issuer: /CN=6eb9a0a73e3ba569381ddda6d6470dc7c873c959
Certificate serial: 0199FEB4D65BE5447DFD3415A936F41A28C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/brmgpz47pWk4Hd2m1kcNx8hzyVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/caa68e-7a9e-4cae-8d2a-e90219bc8ff1/1/brmgpz47pWk4Hd2m1kcNx8hzyVk.mft
Manifest number: 16E1
Signing time: Sun 19 Oct 2025 23:01:28 +0000
Manifest this update: Sun 19 Oct 2025 23:01:28 +0000
Manifest next update: Mon 20 Oct 2025 23:01:28 +0000
Files and hashes: 1: brmgpz47pWk4Hd2m1kcNx8hzyVk.crl (hash: FwVAWlHcDAIzOZdzhqivQokI1GtqP5EnNOQa9MMQ0hM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/caa68e-7a9e-4cae-8d2a-e90219bc8ff1/1/brmgpz47pWk4Hd2m1kcNx8hzyVk.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/caa68e-7a9e-4cae-8d2a-e90219bc8ff1/1/brmgpz47pWk4Hd2m1kcNx8hzyVk.mft
rsync://rpki.ripe.net/repository/DEFAULT/brmgpz47pWk4Hd2m1kcNx8hzyVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fe:b4:d6:5b:e5:44:7d:fd:34:15:a9:36:f4:1a:28:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6eb9a0a73e3ba569381ddda6d6470dc7c873c959
Validity
Not Before: Oct 19 23:01:28 2025 GMT
Not After : Oct 20 23:01:28 2025 GMT
Subject: CN=df66942d5978aaa7daac1d725f23c64eab8b904a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:5d:e9:dd:e3:45:36:be:05:a0:d1:3d:0b:1c:
dc:d5:23:8d:49:24:45:f7:89:b8:ce:f7:f7:4f:f8:
07:4d:45:ae:79:e1:03:80:e7:b7:e5:5c:06:52:9d:
95:ed:66:ac:8f:27:b1:3d:b9:3a:56:2e:60:70:11:
cf:c6:9e:3d:44:5b:76:27:c3:99:e4:0a:5d:de:f0:
d8:c5:9a:f9:95:81:63:a2:ad:32:59:bd:71:a6:2e:
29:09:cf:99:52:72:92:ab:91:44:e4:fc:7f:69:20:
20:4f:ed:3a:93:79:e9:6d:4c:d2:f5:9c:91:ee:e2:
92:ba:01:07:f5:e9:30:0f:83:0a:54:f6:e8:fb:7f:
d8:ee:0f:bc:d0:83:3f:12:0d:5f:cc:2a:d6:3b:25:
2e:2a:b4:b8:84:9e:51:38:90:71:ec:fb:42:fe:7a:
1b:b1:e3:8f:88:ff:11:6f:39:3a:d5:90:8f:cc:f7:
14:48:89:20:b3:cc:03:8b:9e:8b:a6:81:12:0f:b4:
b9:a5:9c:96:63:d8:e0:74:fb:ba:35:fe:5d:69:ad:
02:91:93:be:d3:0a:03:89:c3:78:d2:7d:08:fc:76:
1a:6d:97:f1:bf:f2:00:4b:2d:a6:e0:da:a0:8d:20:
e6:60:3c:8f:d9:5e:c7:81:00:7a:78:31:c3:ac:02:
30:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:66:94:2D:59:78:AA:A7:DA:AC:1D:72:5F:23:C6:4E:AB:8B:90:4A
X509v3 Authority Key Identifier:
keyid:6E:B9:A0:A7:3E:3B:A5:69:38:1D:DD:A6:D6:47:0D:C7:C8:73:C9:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/brmgpz47pWk4Hd2m1kcNx8hzyVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/caa68e-7a9e-4cae-8d2a-e90219bc8ff1/1/brmgpz47pWk4Hd2m1kcNx8hzyVk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/caa68e-7a9e-4cae-8d2a-e90219bc8ff1/1/brmgpz47pWk4Hd2m1kcNx8hzyVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
03:7b:b3:ee:84:1e:62:ec:59:6d:0c:50:08:82:71:ef:68:d6:
29:35:cd:69:54:94:0d:e7:53:c4:b8:30:d1:27:63:8f:72:93:
6a:24:9c:3c:ca:90:40:48:9f:57:95:9f:b1:c4:1c:fc:a8:ca:
de:d9:b1:b6:29:27:ed:92:51:78:be:de:7a:f8:f6:c7:c6:fe:
ef:ad:e2:34:7a:40:8d:dc:c3:05:6c:e6:ef:1b:fa:c7:03:2e:
fa:91:b1:3b:3b:a0:a8:77:6d:1d:be:13:9d:99:11:9f:6e:b6:
88:b3:d6:75:fc:55:98:93:d9:e5:24:9b:00:d5:f3:cf:78:6f:
59:4a:11:1e:15:c0:df:39:10:82:bd:b9:b9:3b:e9:70:3e:af:
7f:0a:88:74:cd:7c:86:12:2d:64:43:1d:27:0c:03:72:39:9d:
28:6f:21:ca:a5:e5:85:59:5f:dd:95:49:08:d1:e3:20:7e:01:
29:e9:5c:3e:9a:5e:4b:00:d3:8a:08:a9:d0:ba:fa:2b:ab:58:
01:a5:63:df:cb:98:34:5b:ff:2e:59:26:64:52:81:09:f9:66:
2a:99:81:c7:3b:18:8d:97:02:74:c1:e1:48:b1:7f:7e:df:cf:
27:22:e4:d5:b6:74:0f:0b:89:67:e2:30:4f:89:09:45:7e:23:
81:2d:f4:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+tNZb5UR9/TQVqTb0GijDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlYjlhMGE3M2UzYmE1NjkzODFkZGRhNmQ2NDcwZGM3Yzg3
M2M5NTkwHhcNMjUxMDE5MjMwMTI4WhcNMjUxMDIwMjMwMTI4WjAzMTEwLwYDVQQD
EyhkZjY2OTQyZDU5NzhhYWE3ZGFhYzFkNzI1ZjIzYzY0ZWFiOGI5MDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAml3p3eNFNr4FoNE9Cxzc1SONSSRF
94m4zvf3T/gHTUWueeEDgOe35VwGUp2V7WasjyexPbk6Vi5gcBHPxp49RFt2J8OZ
5Apd3vDYxZr5lYFjoq0yWb1xpi4pCc+ZUnKSq5FE5Px/aSAgT+06k3npbUzS9ZyR
7uKSugEH9ekwD4MKVPbo+3/Y7g+80IM/Eg1fzCrWOyUuKrS4hJ5ROJBx7PtC/nob
seOPiP8Rbzk61ZCPzPcUSIkgs8wDi56LpoESD7S5pZyWY9jgdPu6Nf5daa0CkZO+
0woDicN40n0I/HYabZfxv/IASy2m4NqgjSDmYDyP2V7HgQB6eDHDrAIw9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN9mlC1ZeKqn2qwdcl8jxk6ri5BKMB8GA1UdIwQY
MBaAFG65oKc+O6VpOB3dptZHDcfIc8lZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnJtZ3B6NDdwV2s0SGQybTFrY054OGh6eVZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9jYWE2OGUtN2E5ZS00Y2FlLThkMmEt
ZTkwMjE5YmM4ZmYxLzEvYnJtZ3B6NDdwV2s0SGQybTFrY054OGh6eVZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9jYWE2OGUtN2E5ZS00Y2FlLThkMmEtZTkwMjE5YmM4ZmYx
LzEvYnJtZ3B6NDdwV2s0SGQybTFrY054OGh6eVZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA3uz7oQe
YuxZbQxQCIJx72jWKTXNaVSUDedTxLgw0Sdjj3KTaiScPMqQQEifV5WfscQc/KjK
3tmxtikn7ZJReL7eevj2x8b+763iNHpAjdzDBWzm7xv6xwMu+pGxOzugqHdtHb4T
nZkRn262iLPWdfxVmJPZ5SSbANXzz3hvWUoRHhXA3zkQgr25uTvpcD6vfwqIdM18
hhItZEMdJwwDcjmdKG8hyqXlhVlf3ZVJCNHjIH4BKelcPppeSwDTigip0Lr6K6tY
AaVj38uYNFv/LlkmZFKBCflmKpmBxzsYjZcCdMHhSLF/ft/PJyLk1bZ0DwuJZ+Iw
T4kJRX4jgS30PA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 05:55:41 2025 by rpki-client