Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/5bf826-921e-44f5-af33-676b428925ab/1/1CWQAxL_O9pNL4lvZN9lZG_ZwlE.mft
File: 1CWQAxL_O9pNL4lvZN9lZG_ZwlE.mft (raw, json)
Hash identifier: c90BIDc0NOgriEmvAoJ3KzeY3MKXwZBcAayQq9Oc2oQ=
Subject key identifier: 21:EB:DB:24:83:29:CE:78:DB:12:D9:10:0D:AB:9C:A6:5C:80:0B:FD
Authority key identifier: D4:25:90:03:12:FF:3B:DA:4D:2F:89:6F:64:DF:65:64:6F:D9:C2:51
Certificate issuer: /CN=d425900312ff3bda4d2f896f64df65646fd9c251
Certificate serial: 019A7337F64C77CD20619EBDBC0A95F3B3CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1CWQAxL_O9pNL4lvZN9lZG_ZwlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/5bf826-921e-44f5-af33-676b428925ab/1/1CWQAxL_O9pNL4lvZN9lZG_ZwlE.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 14:00:38 +0000
Manifest this update: Tue 11 Nov 2025 14:00:38 +0000
Manifest next update: Wed 12 Nov 2025 14:00:38 +0000
Files and hashes: 1: 1CWQAxL_O9pNL4lvZN9lZG_ZwlE.crl (hash: +NT6QotnySupfYjsvRx6sG9ihqxnSvgJ33ymSmZdEcc=)
2: g_HTJXlqiVwcXNQwQ-5NsdWLDwY.roa (hash: T8aREzkEhzdTgcqG/dOQatsiFG6CYLxa2kl0FfKGWAQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/5bf826-921e-44f5-af33-676b428925ab/1/1CWQAxL_O9pNL4lvZN9lZG_ZwlE.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/5bf826-921e-44f5-af33-676b428925ab/1/1CWQAxL_O9pNL4lvZN9lZG_ZwlE.mft
rsync://rpki.ripe.net/repository/DEFAULT/1CWQAxL_O9pNL4lvZN9lZG_ZwlE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:37:f6:4c:77:cd:20:61:9e:bd:bc:0a:95:f3:b3:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d425900312ff3bda4d2f896f64df65646fd9c251
Validity
Not Before: Nov 11 14:00:38 2025 GMT
Not After : Nov 12 14:00:38 2025 GMT
Subject: CN=21ebdb248329ce78db12d9100dab9ca65c800bfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ab:55:51:3b:9c:d3:54:cc:6a:07:05:0c:bb:
dd:57:b6:3f:35:4d:d6:9b:dc:af:48:42:f0:cb:bc:
68:43:b7:bc:18:ea:c0:e2:f7:d6:37:81:03:2c:39:
b3:38:03:a7:98:16:88:22:80:38:16:31:10:01:13:
85:b3:5b:7d:c4:50:4b:c3:74:08:ae:50:11:2b:e6:
b0:a4:d8:42:b9:3c:68:6c:26:dc:37:10:07:ac:07:
f4:30:62:23:7b:4a:e8:61:a1:d4:a1:71:38:a6:9a:
00:42:ff:59:46:11:01:1e:6f:c6:1a:ce:04:4a:db:
d8:da:20:51:36:5e:24:9c:a6:a2:4f:f8:3e:6d:14:
f4:f5:02:80:95:32:cb:13:f6:2a:7e:7a:b6:71:9f:
35:5b:07:9a:72:1a:2e:ac:97:c6:b8:be:05:67:2c:
ef:b8:52:32:ff:90:f4:51:fd:04:39:bb:4b:2d:33:
e5:de:42:cf:3a:c8:f1:48:9e:4a:2a:a6:86:23:4b:
d7:f5:6d:32:0d:ff:89:09:4e:f0:ea:2c:81:bf:cf:
9b:19:b2:73:05:25:cc:76:d9:0a:5e:89:ef:2a:db:
6a:9d:e6:63:06:be:5f:24:4b:98:a6:6d:28:ca:70:
06:8f:86:65:00:8c:ba:ae:03:80:40:be:aa:25:07:
7d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:EB:DB:24:83:29:CE:78:DB:12:D9:10:0D:AB:9C:A6:5C:80:0B:FD
X509v3 Authority Key Identifier:
keyid:D4:25:90:03:12:FF:3B:DA:4D:2F:89:6F:64:DF:65:64:6F:D9:C2:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1CWQAxL_O9pNL4lvZN9lZG_ZwlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5bf826-921e-44f5-af33-676b428925ab/1/1CWQAxL_O9pNL4lvZN9lZG_ZwlE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5bf826-921e-44f5-af33-676b428925ab/1/1CWQAxL_O9pNL4lvZN9lZG_ZwlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a0:97:be:3e:23:d3:f3:93:ac:94:6e:e1:a1:43:02:b5:40:07:
91:e4:e0:63:13:e4:30:10:02:b9:54:b2:6c:08:8d:df:90:66:
f0:b9:6c:43:e0:c8:79:e4:f0:6b:d1:01:e9:1c:76:aa:2a:95:
90:92:2c:2c:73:54:d0:cc:c5:a6:11:67:55:50:1d:52:20:69:
c4:db:ba:5c:33:2d:d3:f1:d4:bb:53:81:fa:0e:98:d3:5c:7c:
59:e0:b4:ce:8a:43:98:00:52:09:fd:c6:9c:c6:12:cc:0a:ef:
fa:93:a8:0a:c2:32:ec:09:2c:52:7c:1b:8f:8f:d2:6a:20:a8:
ab:e6:0a:91:d2:d0:22:3d:0a:ae:53:63:8e:fb:d9:cc:58:17:
ef:49:d1:f3:ae:2c:99:f2:20:44:64:3c:10:57:4f:a6:28:ae:
cd:d9:ad:9a:0d:c5:ff:5d:9b:a3:a7:b6:04:b5:e6:ed:31:6c:
30:d3:4e:78:86:22:5a:ed:ba:45:3a:cc:00:2e:81:98:69:7a:
7d:e7:86:8c:ec:cb:70:1c:97:e7:08:6c:5b:37:e2:8d:29:30:
2b:69:bf:e7:24:c5:32:75:78:7e:70:1a:99:ab:b5:6d:fb:30:
e6:8e:5f:ea:c5:9d:90:99:54:88:0f:cb:21:e4:4b:e8:01:53:
cc:24:95:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzN/ZMd80gYZ69vAqV87PLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MjU5MDAzMTJmZjNiZGE0ZDJmODk2ZjY0ZGY2NTY0NmZk
OWMyNTEwHhcNMjUxMTExMTQwMDM4WhcNMjUxMTEyMTQwMDM4WjAzMTEwLwYDVQQD
EygyMWViZGIyNDgzMjljZTc4ZGIxMmQ5MTAwZGFiOWNhNjVjODAwYmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKtVUTuc01TMagcFDLvdV7Y/NU3W
m9yvSELwy7xoQ7e8GOrA4vfWN4EDLDmzOAOnmBaIIoA4FjEQAROFs1t9xFBLw3QI
rlARK+awpNhCuTxobCbcNxAHrAf0MGIje0roYaHUoXE4ppoAQv9ZRhEBHm/GGs4E
StvY2iBRNl4knKaiT/g+bRT09QKAlTLLE/Yqfnq2cZ81WweachourJfGuL4FZyzv
uFIy/5D0Uf0EObtLLTPl3kLPOsjxSJ5KKqaGI0vX9W0yDf+JCU7w6iyBv8+bGbJz
BSXMdtkKXonvKttqneZjBr5fJEuYpm0oynAGj4ZlAIy6rgOAQL6qJQd9QwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCHr2ySDKc542xLZEA2rnKZcgAv9MB8GA1UdIwQY
MBaAFNQlkAMS/zvaTS+Jb2TfZWRv2cJRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUNXUUF4TF9POXBOTDRsdlpOOWxaR19ad2xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy81YmY4MjYtOTIxZS00NGY1LWFmMzMt
Njc2YjQyODkyNWFiLzEvMUNXUUF4TF9POXBOTDRsdlpOOWxaR19ad2xFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy81YmY4MjYtOTIxZS00NGY1LWFmMzMtNjc2YjQyODkyNWFi
LzEvMUNXUUF4TF9POXBOTDRsdlpOOWxaR19ad2xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoJe+PiPT
85OslG7hoUMCtUAHkeTgYxPkMBACuVSybAiN35Bm8LlsQ+DIeeTwa9EB6Rx2qiqV
kJIsLHNU0MzFphFnVVAdUiBpxNu6XDMt0/HUu1OB+g6Y01x8WeC0zopDmABSCf3G
nMYSzArv+pOoCsIy7AksUnwbj4/SaiCoq+YKkdLQIj0KrlNjjvvZzFgX70nR864s
mfIgRGQ8EFdPpiiuzdmtmg3F/12bo6e2BLXm7TFsMNNOeIYiWu26RTrMAC6BmGl6
feeGjOzLcByX5whsWzfijSkwK2m/5yTFMnV4fnAamau1bfsw5o5f6sWdkJlUiA/L
IeRL6AFTzCSVWg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 18:35:55 2025 by rpki-client