Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft
File: f1HfHfTohn5B5ef5Lef50foMFU0.mft (raw, json)
Hash identifier: uIGLGm/8xuvzWJOhiPloCh8VhpidRUvKzL7TtAZdkgs=
Subject key identifier: 98:61:5E:50:5F:A3:4D:E8:03:A3:A0:C6:D5:1D:F0:ED:3B:A6:4C:76
Authority key identifier: 7F:51:DF:1D:F4:E8:86:7E:41:E5:E7:F9:2D:E7:F9:D1:FA:0C:15:4D
Certificate issuer: /CN=7f51df1df4e8867e41e5e7f92de7f9d1fa0c154d
Certificate serial: 0199FC58B09657FDA3CBF07A4A6858D346AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f1HfHfTohn5B5ef5Lef50foMFU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft
Manifest number: 0BC7
Signing time: Sun 19 Oct 2025 12:01:34 +0000
Manifest this update: Sun 19 Oct 2025 12:01:34 +0000
Manifest next update: Mon 20 Oct 2025 12:01:34 +0000
Files and hashes: 1: f1HfHfTohn5B5ef5Lef50foMFU0.crl (hash: FbOiNhkhz1RQnrWNEW3a7gqTA0um4CmrfRgDRyOnSbM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft
rsync://rpki.ripe.net/repository/DEFAULT/f1HfHfTohn5B5ef5Lef50foMFU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:58:b0:96:57:fd:a3:cb:f0:7a:4a:68:58:d3:46:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f51df1df4e8867e41e5e7f92de7f9d1fa0c154d
Validity
Not Before: Oct 19 12:01:34 2025 GMT
Not After : Oct 20 12:01:34 2025 GMT
Subject: CN=98615e505fa34de803a3a0c6d51df0ed3ba64c76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:66:59:55:00:b6:87:66:fd:cd:3a:b3:b7:0a:
5f:1e:b3:30:c7:15:e9:ad:02:0f:c1:6c:2c:dc:b3:
dd:35:98:d6:bf:bd:b5:42:a0:3e:0c:9f:68:d4:a7:
e7:bf:32:1c:8b:e7:0f:23:4b:37:04:ba:05:d1:2a:
1f:1f:ea:eb:19:d0:ce:e1:d6:90:6f:3e:8d:90:0d:
c8:80:78:15:55:0a:b7:ff:74:fa:09:39:6d:71:8c:
f1:85:ef:50:47:c7:0e:db:5a:38:d2:32:48:43:44:
5e:7d:69:47:f2:66:f6:05:0e:8f:eb:bb:ad:9c:66:
d6:c7:78:7f:ad:fb:bd:e7:23:dd:64:95:55:8a:7a:
bc:25:b7:cc:85:3d:bd:9b:95:35:f2:d4:89:35:8b:
ac:33:c1:ac:61:b1:1a:2a:83:0d:7b:09:cc:d6:37:
47:b9:a3:8d:ae:de:66:c6:8c:a0:e8:05:10:4f:ea:
b0:b6:70:d1:bb:8e:7d:6a:e9:43:7a:95:6a:6e:64:
1b:af:d7:e6:0f:4e:f8:76:4e:8e:a4:cb:59:bc:6a:
00:a2:df:d2:48:c0:35:f9:83:23:b4:90:76:13:f5:
f8:4b:f1:2f:b5:6e:6a:93:f6:2a:0a:36:b8:22:96:
2b:7b:22:60:33:66:79:0c:36:55:bf:68:07:7c:c1:
f3:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:61:5E:50:5F:A3:4D:E8:03:A3:A0:C6:D5:1D:F0:ED:3B:A6:4C:76
X509v3 Authority Key Identifier:
keyid:7F:51:DF:1D:F4:E8:86:7E:41:E5:E7:F9:2D:E7:F9:D1:FA:0C:15:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1HfHfTohn5B5ef5Lef50foMFU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2e:fb:40:a5:1d:fb:a4:b7:35:46:8f:42:32:8a:16:7c:d1:4a:
77:05:8f:4d:7e:5d:e4:99:db:f6:65:47:00:00:0e:8b:b1:81:
a5:92:ea:77:a6:ae:fa:44:4b:c9:ff:36:c6:8e:e6:fd:ff:b1:
d4:2e:b9:00:5a:01:f3:77:01:2e:f6:0e:59:e1:68:31:e5:ed:
e8:9b:01:7a:d9:36:16:ce:4c:48:87:04:62:5a:db:84:b6:9e:
71:f5:d2:09:7b:0c:83:8e:d7:c4:f5:9f:24:4d:16:bb:57:c3:
66:af:03:f8:58:ca:eb:f0:60:91:e1:b4:a2:31:e8:bd:2a:11:
b6:08:99:03:68:c3:b5:c6:e2:64:8b:2a:c9:4b:77:35:be:e1:
4f:77:fb:00:e5:96:59:ca:a4:80:ff:91:a5:2f:ed:82:59:16:
89:de:6a:34:ca:cc:8f:e3:c2:e2:39:4d:ed:5d:ee:14:13:0f:
b6:2e:22:57:81:df:fc:cd:09:e7:d6:a8:04:43:01:22:37:aa:
13:07:bd:4d:41:7a:05:b2:cf:6b:83:ec:33:79:8f:87:cb:93:
9f:da:03:27:bb:19:e2:f3:d6:24:e4:04:df:0b:3d:ac:32:cb:
24:b2:b2:13:dd:08:d5:67:63:5e:0b:dd:d0:a6:9b:90:01:87:
eb:4c:b4:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WLCWV/2jy/B6SmhY00aqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNTFkZjFkZjRlODg2N2U0MWU1ZTdmOTJkZTdmOWQxZmEw
YzE1NGQwHhcNMjUxMDE5MTIwMTM0WhcNMjUxMDIwMTIwMTM0WjAzMTEwLwYDVQQD
Eyg5ODYxNWU1MDVmYTM0ZGU4MDNhM2EwYzZkNTFkZjBlZDNiYTY0Yzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2ZZVQC2h2b9zTqztwpfHrMwxxXp
rQIPwWws3LPdNZjWv721QqA+DJ9o1KfnvzIci+cPI0s3BLoF0SofH+rrGdDO4daQ
bz6NkA3IgHgVVQq3/3T6CTltcYzxhe9QR8cO21o40jJIQ0RefWlH8mb2BQ6P67ut
nGbWx3h/rfu95yPdZJVVinq8JbfMhT29m5U18tSJNYusM8GsYbEaKoMNewnM1jdH
uaONrt5mxoyg6AUQT+qwtnDRu459aulDepVqbmQbr9fmD074dk6OpMtZvGoAot/S
SMA1+YMjtJB2E/X4S/EvtW5qk/YqCja4IpYreyJgM2Z5DDZVv2gHfMHzKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJhhXlBfo03oA6OgxtUd8O07pkx2MB8GA1UdIwQY
MBaAFH9R3x306IZ+QeXn+S3n+dH6DBVNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjFIZkhmVG9objVCNWVmNUxlZjUwZm9NRlUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS81ZTczMWYtNTI4Yi00ZTAyLWFkNjgt
NmQ5MDM1YWYxNTM1LzEvZjFIZkhmVG9objVCNWVmNUxlZjUwZm9NRlUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS81ZTczMWYtNTI4Yi00ZTAyLWFkNjgtNmQ5MDM1YWYxNTM1
LzEvZjFIZkhmVG9objVCNWVmNUxlZjUwZm9NRlUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALvtApR37
pLc1Ro9CMooWfNFKdwWPTX5d5Jnb9mVHAAAOi7GBpZLqd6au+kRLyf82xo7m/f+x
1C65AFoB83cBLvYOWeFoMeXt6JsBetk2Fs5MSIcEYlrbhLaecfXSCXsMg47XxPWf
JE0Wu1fDZq8D+FjK6/BgkeG0ojHovSoRtgiZA2jDtcbiZIsqyUt3Nb7hT3f7AOWW
WcqkgP+RpS/tglkWid5qNMrMj+PC4jlN7V3uFBMPti4iV4Hf/M0J59aoBEMBIjeq
Ewe9TUF6BbLPa4PsM3mPh8uTn9oDJ7sZ4vPWJOQE3ws9rDLLJLKyE90I1WdjXgvd
0KabkAGH60y0rQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:28:03 2025 by rpki-client