Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/10a99c-1025-4da4-aef1-0251ae65aded/1/scl7vq9wVQohl7zw4nY0NapJcIo.mft
File: scl7vq9wVQohl7zw4nY0NapJcIo.mft (raw, json)
Hash identifier: TQUIgs7jMfahfGsyrw5oKKj94FiArjXARX0rySdG6QI=
Subject key identifier: 26:24:E6:5F:72:78:E3:B2:81:1C:44:FC:30:94:D5:68:0B:CF:A7:5A
Authority key identifier: B1:C9:7B:BE:AF:70:55:0A:21:97:BC:F0:E2:76:34:35:AA:49:70:8A
Certificate issuer: /CN=b1c97bbeaf70550a2197bcf0e2763435aa49708a
Certificate serial: 0199FBEAB98DE9466F5367F2190878C53F07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/scl7vq9wVQohl7zw4nY0NapJcIo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/10a99c-1025-4da4-aef1-0251ae65aded/1/scl7vq9wVQohl7zw4nY0NapJcIo.mft
Manifest number: 5B
Signing time: Sun 19 Oct 2025 10:01:28 +0000
Manifest this update: Sun 19 Oct 2025 10:01:28 +0000
Manifest next update: Mon 20 Oct 2025 10:01:28 +0000
Files and hashes: 1: scl7vq9wVQohl7zw4nY0NapJcIo.crl (hash: sfcEPQR8DDPMkn9ot2Qpb5Nh/Nozz8GlmmnbWWcrxCA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/10a99c-1025-4da4-aef1-0251ae65aded/1/scl7vq9wVQohl7zw4nY0NapJcIo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/10a99c-1025-4da4-aef1-0251ae65aded/1/scl7vq9wVQohl7zw4nY0NapJcIo.mft
rsync://rpki.ripe.net/repository/DEFAULT/scl7vq9wVQohl7zw4nY0NapJcIo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:ea:b9:8d:e9:46:6f:53:67:f2:19:08:78:c5:3f:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1c97bbeaf70550a2197bcf0e2763435aa49708a
Validity
Not Before: Oct 19 10:01:28 2025 GMT
Not After : Oct 20 10:01:28 2025 GMT
Subject: CN=2624e65f7278e3b2811c44fc3094d5680bcfa75a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:81:fa:a8:50:a2:75:79:d9:b5:c3:35:c6:9a:
dd:c9:11:c9:7d:0c:db:41:bd:fd:47:52:f6:71:44:
18:e0:7d:73:b0:85:47:63:ae:4f:a5:fd:4f:3b:14:
90:6a:75:9e:a3:a9:96:ef:7c:a4:0e:94:5e:f7:78:
65:e0:ab:26:ac:9d:9c:8d:5c:95:24:10:08:00:e0:
13:4e:77:64:76:b3:bb:68:62:c4:e0:70:f6:cf:1e:
db:bc:88:6b:9f:ce:4f:65:e2:a7:c1:a9:69:95:de:
eb:e5:3f:19:f2:37:93:80:61:65:e6:93:e3:cb:0c:
6b:52:4f:b1:80:72:80:72:ac:5d:e0:f6:a0:55:18:
d7:93:c0:5b:29:dc:5e:ce:28:fb:bb:b5:4a:f9:4c:
36:6f:14:a7:20:b4:c3:56:ea:fc:51:a5:1c:d9:58:
f6:7d:df:9d:a9:be:b9:fc:7a:10:51:92:88:a9:f2:
f6:81:24:50:72:63:46:f3:fd:74:78:ab:8a:f5:59:
60:31:d5:c6:65:e0:ae:51:f0:c2:ca:27:d0:2f:60:
3a:a3:3b:e4:19:4f:e5:d4:5e:7e:be:15:a9:88:ac:
b9:4e:cf:99:23:74:d3:1b:9b:31:0f:ad:f6:c9:df:
0a:da:5e:5a:90:ae:77:1d:25:b9:25:4d:af:68:74:
25:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:24:E6:5F:72:78:E3:B2:81:1C:44:FC:30:94:D5:68:0B:CF:A7:5A
X509v3 Authority Key Identifier:
keyid:B1:C9:7B:BE:AF:70:55:0A:21:97:BC:F0:E2:76:34:35:AA:49:70:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/scl7vq9wVQohl7zw4nY0NapJcIo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/10a99c-1025-4da4-aef1-0251ae65aded/1/scl7vq9wVQohl7zw4nY0NapJcIo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/10a99c-1025-4da4-aef1-0251ae65aded/1/scl7vq9wVQohl7zw4nY0NapJcIo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
29:b4:61:aa:aa:e0:68:b9:49:37:2e:16:60:6a:bc:13:1a:a2:
51:4d:49:bb:1d:ba:96:66:f5:b6:6f:16:91:79:ab:fa:35:36:
9a:c0:5a:d6:bf:0c:b8:46:51:35:99:86:16:d0:08:30:7a:10:
c4:c7:2e:8e:6e:e3:d8:f5:93:b5:e9:b1:ae:af:d3:e9:95:6c:
30:01:e2:12:73:2e:d6:3e:84:4f:ee:dd:c6:f0:09:37:6f:bd:
40:23:c1:83:6f:5a:66:cd:99:d2:41:8c:f5:8c:5e:18:60:11:
5c:7c:cd:9a:b1:c8:99:90:d0:b8:e6:15:0a:39:72:ca:96:3e:
7b:f5:11:81:33:61:b4:9c:ae:38:cf:24:01:8a:ef:a2:cb:94:
b0:36:ea:05:f4:24:9e:fa:8b:2f:aa:28:67:72:b8:97:80:0c:
8f:76:ac:7f:61:3f:4a:53:6d:7a:70:54:b4:da:a5:0d:49:9d:
88:b3:a9:0e:4e:69:e2:9c:d2:4d:88:bb:15:e8:0f:cf:29:42:
b1:20:ae:69:ec:51:f5:53:c5:89:aa:2e:11:bb:b1:fe:4b:5e:
aa:25:8d:ad:27:a5:08:5c:fd:a1:5a:57:7d:9a:77:8c:6b:af:
bb:86:55:08:be:c3:70:51:40:72:ab:f2:41:94:3b:a2:64:11:
16:0b:87:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76rmN6UZvU2fyGQh4xT8HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYzk3YmJlYWY3MDU1MGEyMTk3YmNmMGUyNzYzNDM1YWE0
OTcwOGEwHhcNMjUxMDE5MTAwMTI4WhcNMjUxMDIwMTAwMTI4WjAzMTEwLwYDVQQD
EygyNjI0ZTY1ZjcyNzhlM2IyODExYzQ0ZmMzMDk0ZDU2ODBiY2ZhNzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4H6qFCidXnZtcM1xprdyRHJfQzb
Qb39R1L2cUQY4H1zsIVHY65Ppf1POxSQanWeo6mW73ykDpRe93hl4KsmrJ2cjVyV
JBAIAOATTndkdrO7aGLE4HD2zx7bvIhrn85PZeKnwalpld7r5T8Z8jeTgGFl5pPj
ywxrUk+xgHKAcqxd4PagVRjXk8BbKdxezij7u7VK+Uw2bxSnILTDVur8UaUc2Vj2
fd+dqb65/HoQUZKIqfL2gSRQcmNG8/10eKuK9VlgMdXGZeCuUfDCyifQL2A6ozvk
GU/l1F5+vhWpiKy5Ts+ZI3TTG5sxD632yd8K2l5akK53HSW5JU2vaHQltwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCYk5l9yeOOygRxE/DCU1WgLz6daMB8GA1UdIwQY
MBaAFLHJe76vcFUKIZe88OJ2NDWqSXCKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2NsN3ZxOXdWUW9obDd6dzRuWTBOYXBKY0lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8xMGE5OWMtMTAyNS00ZGE0LWFlZjEt
MDI1MWFlNjVhZGVkLzEvc2NsN3ZxOXdWUW9obDd6dzRuWTBOYXBKY0lvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8xMGE5OWMtMTAyNS00ZGE0LWFlZjEtMDI1MWFlNjVhZGVk
LzEvc2NsN3ZxOXdWUW9obDd6dzRuWTBOYXBKY0lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKbRhqqrg
aLlJNy4WYGq8ExqiUU1Jux26lmb1tm8WkXmr+jU2msBa1r8MuEZRNZmGFtAIMHoQ
xMcujm7j2PWTtemxrq/T6ZVsMAHiEnMu1j6ET+7dxvAJN2+9QCPBg29aZs2Z0kGM
9YxeGGARXHzNmrHImZDQuOYVCjlyypY+e/URgTNhtJyuOM8kAYrvosuUsDbqBfQk
nvqLL6ooZ3K4l4AMj3asf2E/SlNtenBUtNqlDUmdiLOpDk5p4pzSTYi7FegPzylC
sSCuaexR9VPFiaouEbux/kteqiWNrSelCFz9oVpXfZp3jGuvu4ZVCL7DcFFAcqvy
QZQ7omQRFguHbQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:05:00 2025 by rpki-client