Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.mft
File: 9aKrEck1CB9eSaaFyDl49vc9TaE.mft (raw, json)
Hash identifier: uIvFYXdO3A9Uo5NegQjqX4pfviH4yXd9uRrWhVBCnxY=
Subject key identifier: DD:F7:50:EB:A7:44:10:AD:EF:91:53:C3:DD:63:C0:4B:AB:D1:E9:23
Authority key identifier: F5:A2:AB:11:C9:35:08:1F:5E:49:A6:85:C8:39:78:F6:F7:3D:4D:A1
Certificate issuer: /CN=f5a2ab11c935081f5e49a685c83978f6f73d4da1
Certificate serial: 0199FF599328D3449E6DBF3C6A3CC6180D3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9aKrEck1CB9eSaaFyDl49vc9TaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.mft
Manifest number: 0431
Signing time: Mon 20 Oct 2025 02:01:24 +0000
Manifest this update: Mon 20 Oct 2025 02:01:24 +0000
Manifest next update: Tue 21 Oct 2025 02:01:24 +0000
Files and hashes: 1: 9aKrEck1CB9eSaaFyDl49vc9TaE.crl (hash: WHRRXDzLEIOftYiDmFVPGrCFx/gCgLN6OztwFvGVXOo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.mft
rsync://rpki.ripe.net/repository/DEFAULT/9aKrEck1CB9eSaaFyDl49vc9TaE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:59:93:28:d3:44:9e:6d:bf:3c:6a:3c:c6:18:0d:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5a2ab11c935081f5e49a685c83978f6f73d4da1
Validity
Not Before: Oct 20 02:01:24 2025 GMT
Not After : Oct 21 02:01:24 2025 GMT
Subject: CN=ddf750eba74410adef9153c3dd63c04babd1e923
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:eb:95:a4:70:00:f4:e6:bf:2c:92:0e:8d:b3:
10:a9:70:47:42:d5:14:b8:5a:75:6f:b3:b1:27:8a:
e7:1d:73:2e:43:e8:41:22:b7:58:b2:c1:b4:89:1a:
6e:3f:76:91:94:cb:2e:fe:a9:9f:04:73:93:5e:76:
67:a3:dc:d3:f7:21:63:72:09:1d:f5:5e:b9:29:f7:
b4:a3:ef:d1:bb:be:36:e9:7f:13:30:50:f4:77:94:
dc:4f:91:10:dc:51:47:f5:e8:e0:71:04:d9:91:6e:
3f:82:63:38:43:22:cb:87:fc:5a:d2:4d:2f:bf:9f:
05:0c:44:d2:2b:46:04:4b:5e:5f:4c:51:7f:f1:86:
9f:bc:46:6e:8b:d9:96:8c:1e:32:76:43:1c:22:21:
4a:26:3e:3a:1c:f9:5f:42:e8:d9:6e:05:8a:6a:d9:
8a:4b:c5:1c:51:15:9f:02:81:17:25:5f:86:fd:75:
31:ad:af:18:c2:34:0f:a7:8e:8f:ff:48:91:b7:c8:
ec:7b:7e:cd:be:9b:cf:a6:18:bf:6b:68:0e:87:d1:
bd:21:cf:70:b8:0f:6f:1d:c7:95:5d:27:bb:64:9f:
9f:94:65:c6:7b:e1:d5:01:c2:eb:ce:b1:c5:67:1e:
d8:29:e8:1a:4a:2d:6e:a4:99:15:58:63:c7:48:a9:
56:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:F7:50:EB:A7:44:10:AD:EF:91:53:C3:DD:63:C0:4B:AB:D1:E9:23
X509v3 Authority Key Identifier:
keyid:F5:A2:AB:11:C9:35:08:1F:5E:49:A6:85:C8:39:78:F6:F7:3D:4D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9aKrEck1CB9eSaaFyDl49vc9TaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
13:af:15:e9:dd:79:36:03:16:ff:a0:c3:de:f5:24:8a:cf:54:
32:59:d6:d8:8b:33:b2:fe:f0:16:66:03:84:d6:7d:aa:18:32:
e9:89:b7:16:88:56:6d:33:54:f8:cd:10:ae:aa:b1:cc:45:88:
9a:0f:a4:c2:c1:f0:2f:53:bf:79:11:85:f0:60:ef:91:b0:9b:
eb:4a:67:8b:78:18:d2:fc:cb:28:97:4e:a5:fb:23:60:ea:b1:
be:45:40:a0:a2:6d:5a:36:5d:4f:39:d9:3d:66:e4:b1:64:82:
24:02:78:6c:e7:fd:51:b9:c8:4d:2a:94:91:b7:53:a5:82:39:
98:6d:72:af:64:3e:82:5f:e2:36:b2:21:78:0f:17:31:18:aa:
2b:56:92:aa:5a:0a:16:bb:a2:8a:3d:16:b5:de:c5:8d:ec:07:
85:64:20:d6:b2:9f:bf:25:71:5c:93:6d:fa:73:c3:05:21:4f:
5d:62:6d:92:04:a2:65:c3:ba:63:26:40:19:69:fc:11:0c:c3:
cd:79:fd:68:99:0a:91:74:28:6b:6b:4b:ad:c3:ff:b4:17:b7:
09:d7:3a:f1:f7:de:74:49:4b:5d:97:0f:74:98:c2:47:d4:f1:
83:24:7a:c8:44:59:c3:c2:af:48:33:e6:04:21:9e:92:cc:fc:
e4:69:28:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/WZMo00Sebb88ajzGGA07MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YTJhYjExYzkzNTA4MWY1ZTQ5YTY4NWM4Mzk3OGY2Zjcz
ZDRkYTEwHhcNMjUxMDIwMDIwMTI0WhcNMjUxMDIxMDIwMTI0WjAzMTEwLwYDVQQD
EyhkZGY3NTBlYmE3NDQxMGFkZWY5MTUzYzNkZDYzYzA0YmFiZDFlOTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuuVpHAA9Oa/LJIOjbMQqXBHQtUU
uFp1b7OxJ4rnHXMuQ+hBIrdYssG0iRpuP3aRlMsu/qmfBHOTXnZno9zT9yFjcgkd
9V65Kfe0o+/Ru7426X8TMFD0d5TcT5EQ3FFH9ejgcQTZkW4/gmM4QyLLh/xa0k0v
v58FDETSK0YES15fTFF/8YafvEZui9mWjB4ydkMcIiFKJj46HPlfQujZbgWKatmK
S8UcURWfAoEXJV+G/XUxra8YwjQPp46P/0iRt8jse37NvpvPphi/a2gOh9G9Ic9w
uA9vHceVXSe7ZJ+flGXGe+HVAcLrzrHFZx7YKegaSi1upJkVWGPHSKlW6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN33UOunRBCt75FTw91jwEur0ekjMB8GA1UdIwQY
MBaAFPWiqxHJNQgfXkmmhcg5ePb3PU2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWFLckVjazFDQjllU2FhRnlEbDQ5dmM5VGFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9kNzhiYjQtNTY4YS00NTQ1LWIyMTAt
NTNhYjg2NTk1ZmMwLzEvOWFLckVjazFDQjllU2FhRnlEbDQ5dmM5VGFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9kNzhiYjQtNTY4YS00NTQ1LWIyMTAtNTNhYjg2NTk1ZmMw
LzEvOWFLckVjazFDQjllU2FhRnlEbDQ5dmM5VGFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE68V6d15
NgMW/6DD3vUkis9UMlnW2Iszsv7wFmYDhNZ9qhgy6Ym3FohWbTNU+M0QrqqxzEWI
mg+kwsHwL1O/eRGF8GDvkbCb60pni3gY0vzLKJdOpfsjYOqxvkVAoKJtWjZdTznZ
PWbksWSCJAJ4bOf9UbnITSqUkbdTpYI5mG1yr2Q+gl/iNrIheA8XMRiqK1aSqloK
Fruiij0Wtd7FjewHhWQg1rKfvyVxXJNt+nPDBSFPXWJtkgSiZcO6YyZAGWn8EQzD
zXn9aJkKkXQoa2tLrcP/tBe3Cdc68ffedElLXZcPdJjCR9TxgyR6yERZw8KvSDPm
BCGeksz85GkoFA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:03:42 2025 by rpki-client