Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d0893a-1526-4c78-9d89-08acde32e664/1/ErMAjtt8ydYdr2XwAiaIrHMl8Do.mft
File: ErMAjtt8ydYdr2XwAiaIrHMl8Do.mft (raw, json)
Hash identifier: j/Jz7mpz7gbIolUMqxLf9pdAjIZI5sEfJbMegWHrWx8=
Subject key identifier: D1:AA:98:27:EA:03:6E:B6:F0:53:BF:84:58:9D:6C:D7:E7:4C:A5:9F
Authority key identifier: 12:B3:00:8E:DB:7C:C9:D6:1D:AF:65:F0:02:26:88:AC:73:25:F0:3A
Certificate issuer: /CN=12b3008edb7cc9d61daf65f0022688ac7325f03a
Certificate serial: 0199FDD8BEF8B54F11A3B45F1CF54AFBE7F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ErMAjtt8ydYdr2XwAiaIrHMl8Do.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d0893a-1526-4c78-9d89-08acde32e664/1/ErMAjtt8ydYdr2XwAiaIrHMl8Do.mft
Manifest number: 0A68
Signing time: Sun 19 Oct 2025 19:01:04 +0000
Manifest this update: Sun 19 Oct 2025 19:01:04 +0000
Manifest next update: Mon 20 Oct 2025 19:01:04 +0000
Files and hashes: 1: ErMAjtt8ydYdr2XwAiaIrHMl8Do.crl (hash: K+u0ao0iHZyAD9I5+YGrULzqgRBXbDwQ3TWWVhnYs48=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/d0893a-1526-4c78-9d89-08acde32e664/1/ErMAjtt8ydYdr2XwAiaIrHMl8Do.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/d0893a-1526-4c78-9d89-08acde32e664/1/ErMAjtt8ydYdr2XwAiaIrHMl8Do.mft
rsync://rpki.ripe.net/repository/DEFAULT/ErMAjtt8ydYdr2XwAiaIrHMl8Do.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:d8:be:f8:b5:4f:11:a3:b4:5f:1c:f5:4a:fb:e7:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12b3008edb7cc9d61daf65f0022688ac7325f03a
Validity
Not Before: Oct 19 19:01:04 2025 GMT
Not After : Oct 20 19:01:04 2025 GMT
Subject: CN=d1aa9827ea036eb6f053bf84589d6cd7e74ca59f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b7:59:82:16:5f:76:a8:4d:16:fa:03:25:ca:
ce:14:e8:11:87:8a:c1:a9:9b:5d:19:ea:5c:6a:89:
b9:9b:72:27:74:7b:5f:9e:3a:88:e1:9b:5c:d2:d9:
38:38:31:37:00:ed:00:21:12:27:55:d6:c8:33:dc:
86:be:1b:9f:7e:20:32:5c:05:83:33:fe:b3:a6:81:
dc:fb:1b:c9:03:7c:d4:60:9f:5c:9a:f7:4c:74:66:
5c:a6:ac:85:b2:9c:29:33:44:dc:8a:f3:d5:4d:4b:
be:d7:41:ef:d2:c0:d1:9d:b2:c5:bc:1a:f5:d1:d5:
bc:c8:ed:62:c5:1c:22:dd:67:a3:e1:ad:9d:d7:0e:
54:7c:fc:23:d2:41:7f:f8:2a:10:51:b0:7d:8c:61:
6e:c7:76:19:18:aa:c5:61:a4:a6:b3:86:b0:0c:bd:
f6:0f:5a:8d:ff:79:33:91:37:00:ba:df:68:ba:3b:
2f:7d:28:45:6c:e0:c2:88:c0:92:05:cf:fa:55:5a:
53:f0:5d:19:e4:75:37:98:0e:cf:88:08:f2:de:cf:
55:c3:a5:dd:f3:64:e2:45:a8:40:8a:92:75:46:57:
20:08:c8:21:43:f2:10:1b:a7:a4:af:52:43:d0:0d:
2a:22:04:bd:81:4a:9b:1e:07:a3:40:4e:36:ab:95:
59:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:AA:98:27:EA:03:6E:B6:F0:53:BF:84:58:9D:6C:D7:E7:4C:A5:9F
X509v3 Authority Key Identifier:
keyid:12:B3:00:8E:DB:7C:C9:D6:1D:AF:65:F0:02:26:88:AC:73:25:F0:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ErMAjtt8ydYdr2XwAiaIrHMl8Do.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d0893a-1526-4c78-9d89-08acde32e664/1/ErMAjtt8ydYdr2XwAiaIrHMl8Do.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d0893a-1526-4c78-9d89-08acde32e664/1/ErMAjtt8ydYdr2XwAiaIrHMl8Do.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
12:51:5e:2a:94:ba:43:48:d3:8f:b6:8c:66:de:b3:44:cd:c5:
f0:3b:8b:76:c7:e8:b3:b9:89:f8:95:23:3b:a8:cb:ce:2a:da:
6c:91:2a:d3:50:d6:42:15:a3:12:a3:f0:af:a1:90:d3:82:ac:
0f:dc:59:3c:e3:0f:2e:71:60:af:7a:a1:29:ce:c9:87:a7:aa:
dd:f0:72:d5:3e:1c:0e:ff:55:65:4d:f9:75:c4:34:3b:de:75:
aa:13:dd:7f:c2:42:7e:59:9d:3c:60:f8:df:57:a5:ae:87:c1:
0b:c1:d5:47:fa:0b:fb:e6:5a:a7:ac:84:c3:2a:f3:fc:49:35:
80:57:dc:4b:73:10:df:f4:45:79:5f:80:95:5e:d7:93:c1:7b:
29:f8:a5:e5:94:68:5b:f0:b2:1a:14:a4:2d:cd:b8:9d:34:9f:
29:31:20:19:b6:81:f5:64:c1:f0:f4:13:54:23:a1:05:e1:14:
63:58:1d:55:3c:45:85:f4:d2:56:cc:dc:11:20:65:22:63:f4:
98:2e:ac:5f:8f:06:a4:45:2d:3c:49:b1:5a:ff:08:ba:fa:e2:
8c:c2:f4:5e:45:1c:42:98:1e:93:fb:dc:6e:a1:57:30:84:59:
5e:01:0c:40:8b:39:23:da:f9:1d:d6:d1:0c:82:81:e3:9f:d0:
f2:24:18:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92L74tU8Ro7RfHPVK++f5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYjMwMDhlZGI3Y2M5ZDYxZGFmNjVmMDAyMjY4OGFjNzMy
NWYwM2EwHhcNMjUxMDE5MTkwMTA0WhcNMjUxMDIwMTkwMTA0WjAzMTEwLwYDVQQD
EyhkMWFhOTgyN2VhMDM2ZWI2ZjA1M2JmODQ1ODlkNmNkN2U3NGNhNTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybdZghZfdqhNFvoDJcrOFOgRh4rB
qZtdGepcaom5m3IndHtfnjqI4Ztc0tk4ODE3AO0AIRInVdbIM9yGvhuffiAyXAWD
M/6zpoHc+xvJA3zUYJ9cmvdMdGZcpqyFspwpM0TcivPVTUu+10Hv0sDRnbLFvBr1
0dW8yO1ixRwi3Wej4a2d1w5UfPwj0kF/+CoQUbB9jGFux3YZGKrFYaSms4awDL32
D1qN/3kzkTcAut9oujsvfShFbODCiMCSBc/6VVpT8F0Z5HU3mA7PiAjy3s9Vw6Xd
82TiRahAipJ1RlcgCMghQ/IQG6ekr1JD0A0qIgS9gUqbHgejQE42q5VZwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNGqmCfqA2628FO/hFidbNfnTKWfMB8GA1UdIwQY
MBaAFBKzAI7bfMnWHa9l8AImiKxzJfA6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXJNQWp0dDh5ZFlkcjJYd0FpYUlySE1sOERvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kMDg5M2EtMTUyNi00Yzc4LTlkODkt
MDhhY2RlMzJlNjY0LzEvRXJNQWp0dDh5ZFlkcjJYd0FpYUlySE1sOERvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kMDg5M2EtMTUyNi00Yzc4LTlkODktMDhhY2RlMzJlNjY0
LzEvRXJNQWp0dDh5ZFlkcjJYd0FpYUlySE1sOERvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAElFeKpS6
Q0jTj7aMZt6zRM3F8DuLdsfos7mJ+JUjO6jLzirabJEq01DWQhWjEqPwr6GQ04Ks
D9xZPOMPLnFgr3qhKc7Jh6eq3fBy1T4cDv9VZU35dcQ0O951qhPdf8JCflmdPGD4
31elrofBC8HVR/oL++Zap6yEwyrz/Ek1gFfcS3MQ3/RFeV+AlV7Xk8F7Kfil5ZRo
W/CyGhSkLc24nTSfKTEgGbaB9WTB8PQTVCOhBeEUY1gdVTxFhfTSVszcESBlImP0
mC6sX48GpEUtPEmxWv8IuvrijML0XkUcQpgek/vcbqFXMIRZXgEMQIs5I9r5HdbR
DIKB45/Q8iQYuA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:40:07 2025 by rpki-client