Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/CEIhaO2oQjBU2C6wGMOD4tvor98.mft
File: CEIhaO2oQjBU2C6wGMOD4tvor98.mft (raw, json)
Hash identifier: Gl/EQo8VYArCJVGMdCH5diWCiJ3tyMTcviYcAHfmD0c=
Subject key identifier: 62:53:5F:2C:6B:E1:86:49:E6:4E:61:84:AA:39:9E:3E:0A:55:3A:24
Authority key identifier: 08:42:21:68:ED:A8:42:30:54:D8:2E:B0:18:C3:83:E2:DB:E8:AF:DF
Certificate issuer: /CN=08422168eda8423054d82eb018c383e2dbe8afdf
Certificate serial: 019A72CA26EDE5AB67FF7E28E095C7A2561D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CEIhaO2oQjBU2C6wGMOD4tvor98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/CEIhaO2oQjBU2C6wGMOD4tvor98.mft
Manifest number: 1449
Signing time: Tue 11 Nov 2025 12:00:42 +0000
Manifest this update: Tue 11 Nov 2025 12:00:42 +0000
Manifest next update: Wed 12 Nov 2025 12:00:42 +0000
Files and hashes: 1: CEIhaO2oQjBU2C6wGMOD4tvor98.crl (hash: e4GKK6Be2SNLwOzlV9HbAE8OfoSwrPEjphOBqpl+Dx0=)
2: ESQpVAiSLlfE8UMM75aY_vsPDNc.roa (hash: ubyXNF+odFgCxSHtSbasAdaDvs7x7Wh5p2HTa/QrZgQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/CEIhaO2oQjBU2C6wGMOD4tvor98.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/CEIhaO2oQjBU2C6wGMOD4tvor98.mft
rsync://rpki.ripe.net/repository/DEFAULT/CEIhaO2oQjBU2C6wGMOD4tvor98.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:ca:26:ed:e5:ab:67:ff:7e:28:e0:95:c7:a2:56:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08422168eda8423054d82eb018c383e2dbe8afdf
Validity
Not Before: Nov 11 12:00:42 2025 GMT
Not After : Nov 12 12:00:42 2025 GMT
Subject: CN=62535f2c6be18649e64e6184aa399e3e0a553a24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:f5:53:5d:8e:2f:eb:1e:d5:3f:96:41:32:aa:
4d:b4:8d:31:8c:c0:3e:d5:1e:dc:bb:a6:4d:6d:8c:
36:30:81:1f:b9:d4:f1:27:08:f9:59:64:41:77:b6:
6d:e3:8c:bf:bf:9f:a8:a8:b1:52:14:bb:ea:b8:9d:
9a:0b:bc:6a:ef:8f:d4:53:93:b0:0f:bf:ab:23:6b:
4d:40:71:f7:9f:41:a6:a4:d2:46:5b:c4:54:3a:b1:
89:65:5b:31:83:5d:b3:cb:2d:6b:1f:e7:fb:b0:51:
4b:36:d2:ac:e0:19:ce:7a:84:10:1c:6a:a3:be:e7:
44:b7:f7:e7:23:62:a4:d3:c5:58:99:49:06:ac:59:
7e:47:23:5d:c7:51:1a:6e:e2:91:b9:49:29:e6:16:
84:00:16:c0:4e:2d:1f:cf:4b:15:52:88:22:33:7f:
19:ef:e6:8a:d5:0b:ab:45:32:9c:ee:94:69:ad:63:
3d:ef:75:8b:b9:1f:b1:d8:f6:e5:5a:6d:10:3e:4a:
55:4a:d4:64:77:98:7a:b7:26:c7:62:9e:b4:31:b7:
ae:44:41:70:9c:28:0d:a9:a2:91:40:51:39:b0:a2:
47:e2:d0:b0:0d:0f:4e:f3:97:d2:4a:e5:fa:cf:80:
06:ae:20:79:3f:eb:61:b8:db:25:13:dd:e0:57:b3:
31:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:53:5F:2C:6B:E1:86:49:E6:4E:61:84:AA:39:9E:3E:0A:55:3A:24
X509v3 Authority Key Identifier:
keyid:08:42:21:68:ED:A8:42:30:54:D8:2E:B0:18:C3:83:E2:DB:E8:AF:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CEIhaO2oQjBU2C6wGMOD4tvor98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/CEIhaO2oQjBU2C6wGMOD4tvor98.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/CEIhaO2oQjBU2C6wGMOD4tvor98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
10:92:b5:e9:f7:12:95:12:ab:59:98:b9:d0:f6:6c:71:32:89:
91:1a:fa:be:1d:a8:ef:9e:20:88:93:4a:56:98:c3:fe:cb:86:
e4:ed:17:55:9a:ca:28:6d:7f:75:46:4e:da:70:80:64:fe:80:
be:2f:30:10:69:b4:60:c5:46:86:c1:4d:42:5f:a5:46:1b:9b:
be:0e:38:35:7e:71:3a:0a:30:b5:3b:95:28:0e:13:05:fd:4e:
55:6f:2b:d4:77:0f:05:df:e1:44:23:53:f4:5e:2b:82:88:b9:
5a:15:bc:bb:92:e1:59:af:85:0e:02:be:85:2e:02:00:66:2b:
18:a9:63:67:53:8b:a3:94:55:8a:60:91:93:c4:c3:51:5f:4a:
c9:ac:4f:63:53:ab:05:72:e4:03:0b:36:b5:14:3c:90:96:b9:
3c:cb:f0:9d:c8:0e:98:c8:4c:e0:2d:64:75:c6:e3:de:dc:dc:
9a:ef:a3:a9:57:bd:65:7f:8c:04:c2:9e:75:6a:8b:b2:f0:0b:
6c:5d:1c:c8:d4:4c:5b:aa:4c:f6:90:5a:65:ed:3d:f0:e3:3a:
e3:2e:c1:40:89:22:a9:ea:b2:10:6b:77:9b:60:dc:fa:68:d1:
91:bf:9d:44:e7:71:41:ef:db:89:75:36:f2:68:fb:32:44:b0:
73:f0:c7:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyyibt5atn/34o4JXHolYdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4NDIyMTY4ZWRhODQyMzA1NGQ4MmViMDE4YzM4M2UyZGJl
OGFmZGYwHhcNMjUxMTExMTIwMDQyWhcNMjUxMTEyMTIwMDQyWjAzMTEwLwYDVQQD
Eyg2MjUzNWYyYzZiZTE4NjQ5ZTY0ZTYxODRhYTM5OWUzZTBhNTUzYTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3fVTXY4v6x7VP5ZBMqpNtI0xjMA+
1R7cu6ZNbYw2MIEfudTxJwj5WWRBd7Zt44y/v5+oqLFSFLvquJ2aC7xq74/UU5Ow
D7+rI2tNQHH3n0GmpNJGW8RUOrGJZVsxg12zyy1rH+f7sFFLNtKs4BnOeoQQHGqj
vudEt/fnI2Kk08VYmUkGrFl+RyNdx1EabuKRuUkp5haEABbATi0fz0sVUogiM38Z
7+aK1QurRTKc7pRprWM973WLuR+x2PblWm0QPkpVStRkd5h6tybHYp60MbeuREFw
nCgNqaKRQFE5sKJH4tCwDQ9O85fSSuX6z4AGriB5P+thuNslE93gV7MxhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGJTXyxr4YZJ5k5hhKo5nj4KVTokMB8GA1UdIwQY
MBaAFAhCIWjtqEIwVNgusBjDg+Lb6K/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0VJaGFPMm9RakJVMkM2d0dNT0Q0dHZvcjk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS85NjBhMmItMzM3ZC00ZDAyLWJhODEt
NmUxOWY2NzlhNjIzLzEvQ0VJaGFPMm9RakJVMkM2d0dNT0Q0dHZvcjk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS85NjBhMmItMzM3ZC00ZDAyLWJhODEtNmUxOWY2NzlhNjIz
LzEvQ0VJaGFPMm9RakJVMkM2d0dNT0Q0dHZvcjk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEJK16fcS
lRKrWZi50PZscTKJkRr6vh2o754giJNKVpjD/suG5O0XVZrKKG1/dUZO2nCAZP6A
vi8wEGm0YMVGhsFNQl+lRhubvg44NX5xOgowtTuVKA4TBf1OVW8r1HcPBd/hRCNT
9F4rgoi5WhW8u5LhWa+FDgK+hS4CAGYrGKljZ1OLo5RVimCRk8TDUV9KyaxPY1Or
BXLkAws2tRQ8kJa5PMvwncgOmMhM4C1kdcbj3tzcmu+jqVe9ZX+MBMKedWqLsvAL
bF0cyNRMW6pM9pBaZe098OM64y7BQIkiqeqyEGt3m2Dc+mjRkb+dROdxQe/biXU2
8mj7MkSwc/DHmw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:50:56 2025 by rpki-client