Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.mft
File: ghTcSLPpGeVc6BhNOpaQ0UklvL0.mft (raw, json)
Hash identifier: CQsqS3s7uOxwr4DWtHvyGGMldh9C2DMiqp8lv+NiTnk=
Subject key identifier: 42:C9:0D:83:4E:5D:6D:47:DD:FD:D6:8A:17:1B:05:73:15:12:3F:4C
Authority key identifier: 82:14:DC:48:B3:E9:19:E5:5C:E8:18:4D:3A:96:90:D1:49:25:BC:BD
Certificate issuer: /CN=8214dc48b3e919e55ce8184d3a9690d14925bcbd
Certificate serial: 0199FFC83081DD3BB5D9F6442BE499563E0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ghTcSLPpGeVc6BhNOpaQ0UklvL0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.mft
Manifest number: 08CA
Signing time: Mon 20 Oct 2025 04:02:13 +0000
Manifest this update: Mon 20 Oct 2025 04:02:13 +0000
Manifest next update: Tue 21 Oct 2025 04:02:13 +0000
Files and hashes: 1: ghTcSLPpGeVc6BhNOpaQ0UklvL0.crl (hash: w787b4JDA/yC4GrG/gCDPr1j4scbzeiWtu846BFTQkE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.mft
rsync://rpki.ripe.net/repository/DEFAULT/ghTcSLPpGeVc6BhNOpaQ0UklvL0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:c8:30:81:dd:3b:b5:d9:f6:44:2b:e4:99:56:3e:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8214dc48b3e919e55ce8184d3a9690d14925bcbd
Validity
Not Before: Oct 20 04:02:13 2025 GMT
Not After : Oct 21 04:02:13 2025 GMT
Subject: CN=42c90d834e5d6d47ddfdd68a171b057315123f4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:3d:28:fc:ef:96:67:97:fa:e5:fc:50:cf:42:
e3:52:c0:67:c0:c2:5e:9d:95:09:0d:36:da:10:fe:
77:8a:df:d3:b9:65:10:5b:ad:8b:e8:16:b3:50:b4:
84:ca:70:1c:77:3b:90:7e:cf:ee:ce:34:69:de:5b:
21:8f:23:73:e5:fb:70:9e:55:90:c4:5a:90:08:03:
23:92:fe:71:67:70:1a:b6:69:2a:dd:98:6b:27:e7:
c5:6b:13:3d:65:63:2d:e5:e0:0f:0c:3e:8d:e5:7a:
ed:3e:69:89:bb:2d:ab:61:ab:12:b4:08:54:e8:a8:
f2:af:b2:be:da:bf:d8:a5:29:ea:df:73:e9:1c:c3:
9e:25:6e:d2:6a:65:b3:32:46:cb:39:bf:c5:89:5e:
4e:59:22:64:54:ec:f4:b1:9a:48:3a:36:56:fd:3f:
f7:2c:9b:10:0c:28:9d:56:3d:7a:71:c3:cd:74:80:
98:81:0b:62:ac:ac:22:6c:c1:9b:ad:f8:a1:2f:98:
e0:1b:55:b1:53:1c:8d:85:e4:b9:ef:21:13:68:0a:
db:0d:7d:eb:51:9e:fb:2c:d4:7f:ca:9a:12:aa:c2:
77:31:34:02:ef:de:43:6d:0c:1e:25:9e:9a:76:43:
73:da:52:af:57:72:8f:fd:2e:f8:ae:fd:3b:51:07:
30:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:C9:0D:83:4E:5D:6D:47:DD:FD:D6:8A:17:1B:05:73:15:12:3F:4C
X509v3 Authority Key Identifier:
keyid:82:14:DC:48:B3:E9:19:E5:5C:E8:18:4D:3A:96:90:D1:49:25:BC:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ghTcSLPpGeVc6BhNOpaQ0UklvL0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
43:20:bd:84:61:af:46:bc:f0:f9:17:9d:1a:71:9a:68:ad:1c:
8b:36:e5:07:47:b4:49:f3:72:d6:26:0e:06:5c:df:dc:22:7d:
c7:93:c3:c4:65:cd:29:7c:40:df:74:a9:e5:ac:36:18:c9:0f:
03:9a:3e:8f:6e:e3:48:59:bb:10:33:92:72:80:4a:9e:0e:24:
b6:9c:25:21:35:7e:1f:a0:ac:0f:df:3c:b5:db:8e:4b:79:ca:
59:84:b5:1a:db:ba:df:88:10:ad:dd:a0:81:f4:70:0f:ca:35:
3f:bb:43:35:97:71:37:51:c2:51:fd:d5:4d:1a:05:da:a8:d0:
92:16:62:c0:c9:fc:6e:ac:ee:c6:20:a7:79:f6:8f:04:64:2b:
9a:23:9f:b5:29:ae:97:f6:4e:66:9d:e8:49:3c:64:b1:db:2b:
d7:ee:02:a8:d8:94:70:ca:f8:4b:03:9a:36:c2:7b:6c:dd:89:
53:66:34:3e:b3:b4:8f:49:25:c7:42:a8:8e:0e:f6:38:94:bf:
fd:0b:84:95:00:98:ea:ba:2f:7f:b2:a2:b9:ea:50:9c:fc:18:
96:b2:ae:b1:e8:06:7e:81:87:de:19:e0:0f:4f:4a:8c:0c:dd:
cc:3e:dd:5a:ab:a2:47:8d:e4:92:e8:c0:63:60:15:5d:34:89:
b7:dd:65:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yDCB3Tu12fZEK+SZVj4KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMTRkYzQ4YjNlOTE5ZTU1Y2U4MTg0ZDNhOTY5MGQxNDky
NWJjYmQwHhcNMjUxMDIwMDQwMjEzWhcNMjUxMDIxMDQwMjEzWjAzMTEwLwYDVQQD
Eyg0MmM5MGQ4MzRlNWQ2ZDQ3ZGRmZGQ2OGExNzFiMDU3MzE1MTIzZjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtD0o/O+WZ5f65fxQz0LjUsBnwMJe
nZUJDTbaEP53it/TuWUQW62L6BazULSEynAcdzuQfs/uzjRp3lshjyNz5ftwnlWQ
xFqQCAMjkv5xZ3Aatmkq3ZhrJ+fFaxM9ZWMt5eAPDD6N5XrtPmmJuy2rYasStAhU
6Kjyr7K+2r/YpSnq33PpHMOeJW7SamWzMkbLOb/FiV5OWSJkVOz0sZpIOjZW/T/3
LJsQDCidVj16ccPNdICYgQtirKwibMGbrfihL5jgG1WxUxyNheS57yETaArbDX3r
UZ77LNR/ypoSqsJ3MTQC795DbQweJZ6adkNz2lKvV3KP/S74rv07UQcwtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFELJDYNOXW1H3f3WihcbBXMVEj9MMB8GA1UdIwQY
MBaAFIIU3Eiz6RnlXOgYTTqWkNFJJby9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hUY1NMUHBHZVZjNkJoTk9wYVEwVWtsdkwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8yYTdhMTgtOGQ0YS00ZTgxLTkwYTAt
ZmJjMDI2OTE3ZjYyLzEvZ2hUY1NMUHBHZVZjNkJoTk9wYVEwVWtsdkwwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8yYTdhMTgtOGQ0YS00ZTgxLTkwYTAtZmJjMDI2OTE3ZjYy
LzEvZ2hUY1NMUHBHZVZjNkJoTk9wYVEwVWtsdkwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQyC9hGGv
Rrzw+RedGnGaaK0cizblB0e0SfNy1iYOBlzf3CJ9x5PDxGXNKXxA33Sp5aw2GMkP
A5o+j27jSFm7EDOScoBKng4ktpwlITV+H6CsD988tduOS3nKWYS1Gtu634gQrd2g
gfRwD8o1P7tDNZdxN1HCUf3VTRoF2qjQkhZiwMn8bqzuxiCnefaPBGQrmiOftSmu
l/ZOZp3oSTxksdsr1+4CqNiUcMr4SwOaNsJ7bN2JU2Y0PrO0j0klx0Kojg72OJS/
/QuElQCY6rovf7KiuepQnPwYlrKusegGfoGH3hngD09KjAzdzD7dWquiR43kkujA
Y2AVXTSJt91lhw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:47:40 2025 by rpki-client