Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft
File: hD524S0l3izPRxnfAlToU5UO7rk.mft (raw, json)
Hash identifier: 0xNnA8GustQICMHAf64mrM62x9Br31sn3cD/+/73a1c=
Subject key identifier: 75:64:6E:37:A5:D4:DC:08:5A:97:E0:3D:1D:CD:83:1F:69:6A:FE:C3
Authority key identifier: 84:3E:76:E1:2D:25:DE:2C:CF:47:19:DF:02:54:E8:53:95:0E:EE:B9
Certificate issuer: /CN=843e76e12d25de2ccf4719df0254e853950eeeb9
Certificate serial: 0199FDD9A9DEE264166D6E3DD8E3ADEB1E2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hD524S0l3izPRxnfAlToU5UO7rk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft
Manifest number: 0D38
Signing time: Sun 19 Oct 2025 19:02:04 +0000
Manifest this update: Sun 19 Oct 2025 19:02:04 +0000
Manifest next update: Mon 20 Oct 2025 19:02:04 +0000
Files and hashes: 1: hD524S0l3izPRxnfAlToU5UO7rk.crl (hash: clZr+qdZXHPLPMgE0uoiIHgQZ1k7GPNl5G0sEw6Xpfk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft
rsync://rpki.ripe.net/repository/DEFAULT/hD524S0l3izPRxnfAlToU5UO7rk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:d9:a9:de:e2:64:16:6d:6e:3d:d8:e3:ad:eb:1e:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=843e76e12d25de2ccf4719df0254e853950eeeb9
Validity
Not Before: Oct 19 19:02:04 2025 GMT
Not After : Oct 20 19:02:04 2025 GMT
Subject: CN=75646e37a5d4dc085a97e03d1dcd831f696afec3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:fe:b8:fd:e8:b5:ef:dd:1c:a4:fa:20:20:53:
b7:e7:bc:42:c9:4e:2a:9e:17:42:43:f3:f5:23:79:
aa:99:33:cb:47:16:d7:1a:1e:fe:48:15:b9:66:93:
8e:c0:7d:3c:1b:67:1b:db:f0:28:2c:f1:8c:39:f4:
6d:a0:41:17:66:7e:61:fd:a5:4a:65:e8:c6:92:da:
aa:83:3a:4e:c7:b2:42:97:00:80:9a:f1:9d:4c:34:
09:9d:40:45:78:6a:75:16:2f:56:0d:a0:ad:17:bc:
06:a7:9b:6c:0e:34:c4:ed:b0:52:0d:50:ce:b0:8e:
90:a1:19:ee:5a:2c:6d:2f:45:13:a9:7c:84:a6:a9:
e7:4b:a2:4b:18:ee:dd:ca:95:00:86:47:b7:ed:d2:
c8:e3:dc:47:9e:59:6c:e8:1e:54:8e:91:be:37:ea:
cf:f8:12:3b:2b:cb:20:b1:e2:2a:d5:06:dc:8c:64:
7c:a2:0f:6b:f3:5e:48:5b:46:7a:59:17:a7:9f:ca:
cb:49:82:06:be:2d:72:fa:7d:9c:e0:de:d2:18:e2:
cb:ff:b0:78:03:77:77:56:d0:47:b0:ef:28:8f:0d:
57:24:a1:21:c3:5a:43:5c:b8:52:82:cb:93:d1:a3:
a0:00:e9:f3:58:6d:9e:39:1c:43:64:87:0b:62:70:
b5:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:64:6E:37:A5:D4:DC:08:5A:97:E0:3D:1D:CD:83:1F:69:6A:FE:C3
X509v3 Authority Key Identifier:
keyid:84:3E:76:E1:2D:25:DE:2C:CF:47:19:DF:02:54:E8:53:95:0E:EE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hD524S0l3izPRxnfAlToU5UO7rk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
83:b9:8f:ac:fd:dc:d4:b3:94:63:d2:94:fe:3b:a9:41:19:4e:
56:41:ce:7c:af:77:e4:94:8c:b5:36:61:09:fb:b0:0e:6d:a9:
8c:22:1f:4a:62:ee:c1:7c:39:21:de:fb:46:98:0d:2f:61:cf:
50:3a:d5:74:9c:00:69:20:5f:f2:29:16:69:46:2f:43:4b:da:
c5:36:01:b3:67:97:8e:00:76:87:19:13:8c:ca:da:19:b6:92:
44:31:42:6e:38:7c:c0:6a:11:5f:a7:b0:94:c6:08:80:40:ee:
02:6b:d1:ac:b2:14:12:3b:a0:ec:49:eb:4a:c1:d8:b4:1c:b1:
bf:86:30:fb:58:c2:d4:32:dd:18:15:66:dd:62:40:c4:f5:d2:
c8:09:a4:47:4a:9d:73:fe:94:87:d8:ab:66:de:0e:97:76:ec:
bd:8c:94:a8:1a:de:93:12:3d:c4:6b:9e:06:73:a5:8f:8f:ec:
87:76:f6:ff:93:a9:9d:03:77:41:0e:cb:1d:94:13:f3:37:b6:
af:34:a8:ca:a4:96:8b:a7:1d:56:f5:fd:01:c1:f2:da:82:b1:
b2:9c:81:27:e6:29:fe:4b:38:d8:db:fb:42:6a:e3:67:dc:8f:
91:35:00:98:dd:c2:94:64:e4:ed:02:de:22:b5:5a:3c:5e:4f:
24:e6:d0:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92ane4mQWbW492OOt6x4qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0M2U3NmUxMmQyNWRlMmNjZjQ3MTlkZjAyNTRlODUzOTUw
ZWVlYjkwHhcNMjUxMDE5MTkwMjA0WhcNMjUxMDIwMTkwMjA0WjAzMTEwLwYDVQQD
Eyg3NTY0NmUzN2E1ZDRkYzA4NWE5N2UwM2QxZGNkODMxZjY5NmFmZWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsf64/ei1790cpPogIFO357xCyU4q
nhdCQ/P1I3mqmTPLRxbXGh7+SBW5ZpOOwH08G2cb2/AoLPGMOfRtoEEXZn5h/aVK
ZejGktqqgzpOx7JClwCAmvGdTDQJnUBFeGp1Fi9WDaCtF7wGp5tsDjTE7bBSDVDO
sI6QoRnuWixtL0UTqXyEpqnnS6JLGO7dypUAhke37dLI49xHnlls6B5UjpG+N+rP
+BI7K8sgseIq1QbcjGR8og9r815IW0Z6WRenn8rLSYIGvi1y+n2c4N7SGOLL/7B4
A3d3VtBHsO8ojw1XJKEhw1pDXLhSgsuT0aOgAOnzWG2eORxDZIcLYnC11wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHVkbjel1NwIWpfgPR3Ngx9pav7DMB8GA1UdIwQY
MBaAFIQ+duEtJd4sz0cZ3wJU6FOVDu65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEQ1MjRTMGwzaXpQUnhuZkFsVG9VNVVPN3JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS85MzI1NmItYzkxMy00OTVhLWE3Zjkt
NjdmYzhkMjA2NWIxLzEvaEQ1MjRTMGwzaXpQUnhuZkFsVG9VNVVPN3JrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS85MzI1NmItYzkxMy00OTVhLWE3ZjktNjdmYzhkMjA2NWIx
LzEvaEQ1MjRTMGwzaXpQUnhuZkFsVG9VNVVPN3JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg7mPrP3c
1LOUY9KU/jupQRlOVkHOfK935JSMtTZhCfuwDm2pjCIfSmLuwXw5Id77RpgNL2HP
UDrVdJwAaSBf8ikWaUYvQ0vaxTYBs2eXjgB2hxkTjMraGbaSRDFCbjh8wGoRX6ew
lMYIgEDuAmvRrLIUEjug7EnrSsHYtByxv4Yw+1jC1DLdGBVm3WJAxPXSyAmkR0qd
c/6Uh9irZt4Ol3bsvYyUqBrekxI9xGueBnOlj4/sh3b2/5OpnQN3QQ7LHZQT8ze2
rzSoyqSWi6cdVvX9AcHy2oKxspyBJ+Yp/ks42Nv7QmrjZ9yPkTUAmN3ClGTk7QLe
IrVaPF5PJObQiA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:09:59 2025 by rpki-client