Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.mft
File: dCnR70knCBDhAgzqhhmGQjORMaA.mft (raw, json)
Hash identifier: HSZykSW+YkUSSxzMgXTH3vE78Eg2mHxvRRtsRD6lz8o=
Subject key identifier: 3F:07:41:44:A0:1F:9F:65:A5:3C:A5:8C:2D:2E:26:BB:82:B5:DA:AC
Authority key identifier: 74:29:D1:EF:49:27:08:10:E1:02:0C:EA:86:19:86:42:33:91:31:A0
Certificate issuer: /CN=7429d1ef49270810e1020cea86198642339131a0
Certificate serial: 0199FBEADE0B94D1CED8C4422ED0C6657932
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dCnR70knCBDhAgzqhhmGQjORMaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.mft
Manifest number: 0BAE
Signing time: Sun 19 Oct 2025 10:01:37 +0000
Manifest this update: Sun 19 Oct 2025 10:01:37 +0000
Manifest next update: Mon 20 Oct 2025 10:01:37 +0000
Files and hashes: 1: dCnR70knCBDhAgzqhhmGQjORMaA.crl (hash: h1OiV/NKHFhEoUXl6qWP1ly9XBbrzJwic8zBasM2g1U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.mft
rsync://rpki.ripe.net/repository/DEFAULT/dCnR70knCBDhAgzqhhmGQjORMaA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 10:01:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:ea:de:0b:94:d1:ce:d8:c4:42:2e:d0:c6:65:79:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7429d1ef49270810e1020cea86198642339131a0
Validity
Not Before: Oct 19 10:01:37 2025 GMT
Not After : Oct 20 10:01:37 2025 GMT
Subject: CN=3f074144a01f9f65a53ca58c2d2e26bb82b5daac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:d0:9a:8d:33:0d:c7:0f:87:74:a2:89:f2:36:
52:72:1a:39:72:00:28:0d:b3:47:cc:a4:fe:8e:1c:
07:ce:bc:03:5c:29:fc:0c:ec:aa:fc:81:ff:5b:76:
ed:16:95:9c:f7:ea:3e:ca:58:2b:ac:d6:f8:7e:13:
72:12:fb:eb:3d:28:c8:df:b9:1d:53:0f:39:17:cc:
ac:e6:41:cb:80:fc:23:94:3a:c2:c0:ff:33:fa:4b:
fb:10:3a:0d:2a:a6:cd:ec:a5:87:f8:d0:66:43:67:
61:ca:cf:6b:80:59:f4:5f:1e:45:0f:be:40:49:d0:
29:a3:ad:ae:13:bf:40:e8:ce:02:81:a5:fd:06:09:
6b:36:69:1e:8e:e3:9a:8d:52:7f:05:32:77:ce:35:
ce:87:5a:4d:79:dc:72:4a:c6:72:4d:fd:f2:11:bd:
03:a0:b3:72:9b:91:04:0f:23:cc:e1:b8:a8:32:f9:
65:9a:3b:e8:89:66:f8:9b:1a:80:58:95:2a:73:16:
28:33:15:84:23:f3:fc:e5:a5:52:4e:48:df:b7:02:
ef:2f:b6:c3:9e:4d:0c:66:de:13:77:a8:ef:1f:d0:
c4:40:29:3e:51:6c:d5:80:cd:d1:2b:ec:1f:0b:80:
53:e7:8c:b8:5b:55:82:99:e5:2f:3f:c0:f5:45:6a:
9a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:07:41:44:A0:1F:9F:65:A5:3C:A5:8C:2D:2E:26:BB:82:B5:DA:AC
X509v3 Authority Key Identifier:
keyid:74:29:D1:EF:49:27:08:10:E1:02:0C:EA:86:19:86:42:33:91:31:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dCnR70knCBDhAgzqhhmGQjORMaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
45:f7:a1:9f:24:7e:23:be:0d:6c:dc:48:9c:d1:a4:b5:36:4b:
ce:a0:c7:2d:f0:4d:7b:a5:6f:a1:ec:53:eb:2f:1a:7a:b5:98:
19:f2:45:41:3d:8f:c6:f1:f1:1e:66:0c:f5:92:c5:2e:92:05:
8e:b3:70:ee:b3:79:89:43:34:e1:f1:76:21:ec:f4:70:45:6f:
6f:fa:8d:d6:ce:ab:28:9b:73:21:fb:6d:00:de:86:13:61:23:
aa:39:06:c5:a1:69:45:8e:4c:0d:9c:07:dc:ff:a1:42:8e:16:
84:7a:8d:6e:06:0f:21:84:d5:62:78:e0:b8:a5:a8:06:a7:15:
7d:01:ea:93:d1:98:19:7d:e8:9e:11:2f:ab:16:25:ee:13:46:
aa:c3:31:f1:80:d2:64:35:32:5f:b3:48:22:6a:ff:1e:22:cb:
b5:bf:fa:c7:60:ae:ef:d3:ed:5a:81:19:58:95:1c:bd:2a:2e:
c4:fe:09:eb:6d:c0:fe:c7:f3:96:4f:b4:c5:f0:3b:ae:c9:68:
21:10:1c:73:46:55:8d:d4:04:93:07:dc:de:1b:f2:20:a8:57:
b5:8c:2b:05:ec:d4:af:80:3d:49:71:60:ed:ef:26:3e:c5:55:
69:10:6a:3c:12:ce:08:13:61:3c:32:98:8a:71:d8:a3:a3:7f:
7f:d2:aa:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76t4LlNHO2MRCLtDGZXkyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MjlkMWVmNDkyNzA4MTBlMTAyMGNlYTg2MTk4NjQyMzM5
MTMxYTAwHhcNMjUxMDE5MTAwMTM3WhcNMjUxMDIwMTAwMTM3WjAzMTEwLwYDVQQD
EygzZjA3NDE0NGEwMWY5ZjY1YTUzY2E1OGMyZDJlMjZiYjgyYjVkYWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4dCajTMNxw+HdKKJ8jZScho5cgAo
DbNHzKT+jhwHzrwDXCn8DOyq/IH/W3btFpWc9+o+ylgrrNb4fhNyEvvrPSjI37kd
Uw85F8ys5kHLgPwjlDrCwP8z+kv7EDoNKqbN7KWH+NBmQ2dhys9rgFn0Xx5FD75A
SdApo62uE79A6M4CgaX9BglrNmkejuOajVJ/BTJ3zjXOh1pNedxySsZyTf3yEb0D
oLNym5EEDyPM4bioMvllmjvoiWb4mxqAWJUqcxYoMxWEI/P85aVSTkjftwLvL7bD
nk0MZt4Td6jvH9DEQCk+UWzVgM3RK+wfC4BT54y4W1WCmeUvP8D1RWqavwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD8HQUSgH59lpTyljC0uJruCtdqsMB8GA1UdIwQY
MBaAFHQp0e9JJwgQ4QIM6oYZhkIzkTGgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZENuUjcwa25DQkRoQWd6cWhobUdRak9STWFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9mYzBkMjEtN2YxNC00NGFiLTk5NWMt
ZTBiYWU4YmFlNjc0LzEvZENuUjcwa25DQkRoQWd6cWhobUdRak9STWFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9mYzBkMjEtN2YxNC00NGFiLTk5NWMtZTBiYWU4YmFlNjc0
LzEvZENuUjcwa25DQkRoQWd6cWhobUdRak9STWFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARfehnyR+
I74NbNxInNGktTZLzqDHLfBNe6VvoexT6y8aerWYGfJFQT2PxvHxHmYM9ZLFLpIF
jrNw7rN5iUM04fF2Iez0cEVvb/qN1s6rKJtzIfttAN6GE2EjqjkGxaFpRY5MDZwH
3P+hQo4WhHqNbgYPIYTVYnjguKWoBqcVfQHqk9GYGX3onhEvqxYl7hNGqsMx8YDS
ZDUyX7NIImr/HiLLtb/6x2Cu79PtWoEZWJUcvSouxP4J623A/sfzlk+0xfA7rslo
IRAcc0ZVjdQEkwfc3hvyIKhXtYwrBezUr4A9SXFg7e8mPsVVaRBqPBLOCBNhPDKY
inHYo6N/f9Kqnw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:00:45 2025 by rpki-client