Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/da5b32-20a7-4e0a-b834-ef31715611aa/1/CkpwL2d_M22bPjbDhOvIyf2IWfQ.mft
File: CkpwL2d_M22bPjbDhOvIyf2IWfQ.mft (raw, json)
Hash identifier: 0J4rYpldeQleWJr8gBnuUcGKJHCJFKU7jFA4BVGxB2I=
Subject key identifier: 5A:C2:3E:85:62:0B:D2:22:C9:51:77:85:21:7D:95:59:5D:6B:2F:4A
Authority key identifier: 0A:4A:70:2F:67:7F:33:6D:9B:3E:36:C3:84:EB:C8:C9:FD:88:59:F4
Certificate issuer: /CN=0a4a702f677f336d9b3e36c384ebc8c9fd8859f4
Certificate serial: 019A7225A15B9A5DE8B5EBA395DA68C5232E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CkpwL2d_M22bPjbDhOvIyf2IWfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/da5b32-20a7-4e0a-b834-ef31715611aa/1/CkpwL2d_M22bPjbDhOvIyf2IWfQ.mft
Manifest number: 16D9
Signing time: Tue 11 Nov 2025 09:01:00 +0000
Manifest this update: Tue 11 Nov 2025 09:01:00 +0000
Manifest next update: Wed 12 Nov 2025 09:01:00 +0000
Files and hashes: 1: CkpwL2d_M22bPjbDhOvIyf2IWfQ.crl (hash: cpLMnWrcFTz6dLktVLLTWTzEnyEQ8MDH9SdqnlDpNxo=)
2: Wy1LhCK9kxP-C2UiE5R2K8JtffM.roa (hash: DYS7fnBaD9Os9bSnRtbqX/rsXfSVI5HQGNbOlzCHNGw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/da5b32-20a7-4e0a-b834-ef31715611aa/1/CkpwL2d_M22bPjbDhOvIyf2IWfQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/da5b32-20a7-4e0a-b834-ef31715611aa/1/CkpwL2d_M22bPjbDhOvIyf2IWfQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/CkpwL2d_M22bPjbDhOvIyf2IWfQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:a1:5b:9a:5d:e8:b5:eb:a3:95:da:68:c5:23:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a4a702f677f336d9b3e36c384ebc8c9fd8859f4
Validity
Not Before: Nov 11 09:01:00 2025 GMT
Not After : Nov 12 09:01:00 2025 GMT
Subject: CN=5ac23e85620bd222c9517785217d95595d6b2f4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:90:c6:c6:04:5e:b1:b3:85:fa:ac:ef:b3:f4:
90:56:40:a9:49:08:de:ba:0f:99:73:3f:53:57:b6:
9a:f5:f9:2f:22:96:41:b6:ac:58:eb:80:c9:3b:14:
c5:2b:b6:ef:f9:fd:eb:66:aa:a1:72:12:2e:d6:42:
6b:26:e8:4c:50:97:de:c7:1b:b3:21:8e:d5:8b:e9:
22:f8:9f:11:32:cd:63:f1:b4:68:ec:88:2d:55:1d:
67:d7:76:f6:75:b3:a9:fb:f0:32:af:e6:03:64:c9:
14:35:53:dd:43:35:10:87:ee:2c:47:1b:b0:06:62:
47:d6:4e:e2:f1:bb:5b:ec:bc:aa:66:c0:e4:58:d5:
cc:d8:88:4e:ce:39:a1:5d:76:61:ca:c6:ed:78:8a:
1e:45:a7:f1:3f:57:e1:45:71:98:7c:8a:d3:1c:62:
aa:b1:f8:e1:d5:a2:a6:74:13:a2:82:a3:2a:06:47:
d7:ed:1d:b3:a5:7f:d7:21:c2:78:83:ac:5f:c8:e6:
a9:cb:63:8c:21:53:97:17:fa:6a:b8:ab:6a:3e:1e:
80:a0:d3:c4:48:dc:48:44:c2:5e:92:49:ad:1c:43:
09:59:b8:4e:51:83:f6:d4:33:ef:fc:df:e7:81:fe:
46:40:4d:60:df:18:ad:5c:02:0a:8a:fe:71:c4:c2:
fc:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:C2:3E:85:62:0B:D2:22:C9:51:77:85:21:7D:95:59:5D:6B:2F:4A
X509v3 Authority Key Identifier:
keyid:0A:4A:70:2F:67:7F:33:6D:9B:3E:36:C3:84:EB:C8:C9:FD:88:59:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CkpwL2d_M22bPjbDhOvIyf2IWfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/da5b32-20a7-4e0a-b834-ef31715611aa/1/CkpwL2d_M22bPjbDhOvIyf2IWfQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/da5b32-20a7-4e0a-b834-ef31715611aa/1/CkpwL2d_M22bPjbDhOvIyf2IWfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8d:45:31:99:8b:4f:f8:40:aa:bf:d5:5b:93:0e:b5:fb:50:8b:
c6:f9:07:8e:17:03:fc:7c:51:5e:27:fa:b0:ca:59:15:a5:a7:
0b:9b:70:50:31:df:e8:6d:3f:f3:2f:b4:2f:c1:e3:36:38:4c:
4b:c0:58:83:89:f2:37:1d:69:3d:1a:87:b8:2e:f3:a4:7a:7d:
38:37:00:c1:9b:4a:a2:8e:19:d6:24:79:c0:46:c7:33:a0:14:
a0:3b:87:bd:83:20:d7:2a:66:31:17:ca:1c:63:1c:7d:92:63:
f3:cc:98:2a:e0:38:30:bc:e8:88:95:16:43:a0:26:77:bd:7a:
75:96:95:e8:50:76:01:5b:ce:25:0b:35:67:66:f1:ed:65:c1:
8e:84:57:80:0e:17:06:72:92:05:e9:59:48:82:ae:fc:c1:de:
4a:38:64:c0:8a:92:41:58:59:90:38:3d:1a:c6:42:3e:2f:17:
6e:1d:73:b1:8b:5f:72:5f:5b:64:64:8a:f2:e7:3b:ab:d1:3b:
2b:ed:83:d4:b2:6c:e8:ff:ef:7d:71:d2:9e:fb:da:9f:7d:90:
28:ca:fa:99:86:0e:22:c7:9e:59:4e:65:9f:54:02:f6:51:e2:
22:b2:b4:9c:7a:0b:a5:de:25:88:25:a0:3a:7e:a0:63:5f:24:
22:9c:8e:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJaFbml3oteujldpoxSMuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNGE3MDJmNjc3ZjMzNmQ5YjNlMzZjMzg0ZWJjOGM5ZmQ4
ODU5ZjQwHhcNMjUxMTExMDkwMTAwWhcNMjUxMTEyMDkwMTAwWjAzMTEwLwYDVQQD
Eyg1YWMyM2U4NTYyMGJkMjIyYzk1MTc3ODUyMTdkOTU1OTVkNmIyZjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupDGxgResbOF+qzvs/SQVkCpSQje
ug+Zcz9TV7aa9fkvIpZBtqxY64DJOxTFK7bv+f3rZqqhchIu1kJrJuhMUJfexxuz
IY7Vi+ki+J8RMs1j8bRo7IgtVR1n13b2dbOp+/Ayr+YDZMkUNVPdQzUQh+4sRxuw
BmJH1k7i8btb7LyqZsDkWNXM2IhOzjmhXXZhysbteIoeRafxP1fhRXGYfIrTHGKq
sfjh1aKmdBOigqMqBkfX7R2zpX/XIcJ4g6xfyOapy2OMIVOXF/pquKtqPh6AoNPE
SNxIRMJekkmtHEMJWbhOUYP21DPv/N/ngf5GQE1g3xitXAIKiv5xxML8ZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFrCPoViC9IiyVF3hSF9lVlday9KMB8GA1UdIwQY
MBaAFApKcC9nfzNtmz42w4TryMn9iFn0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2twd0wyZF9NMjJiUGpiRGhPdkl5ZjJJV2ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kYTViMzItMjBhNy00ZTBhLWI4MzQt
ZWYzMTcxNTYxMWFhLzEvQ2twd0wyZF9NMjJiUGpiRGhPdkl5ZjJJV2ZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kYTViMzItMjBhNy00ZTBhLWI4MzQtZWYzMTcxNTYxMWFh
LzEvQ2twd0wyZF9NMjJiUGpiRGhPdkl5ZjJJV2ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjUUxmYtP
+ECqv9Vbkw61+1CLxvkHjhcD/HxRXif6sMpZFaWnC5twUDHf6G0/8y+0L8HjNjhM
S8BYg4nyNx1pPRqHuC7zpHp9ODcAwZtKoo4Z1iR5wEbHM6AUoDuHvYMg1ypmMRfK
HGMcfZJj88yYKuA4MLzoiJUWQ6Amd716dZaV6FB2AVvOJQs1Z2bx7WXBjoRXgA4X
BnKSBelZSIKu/MHeSjhkwIqSQVhZkDg9GsZCPi8Xbh1zsYtfcl9bZGSK8uc7q9E7
K+2D1LJs6P/vfXHSnvvan32QKMr6mYYOIseeWU5ln1QC9lHiIrK0nHoLpd4liCWg
On6gY18kIpyO8A==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:40:33 2025 by rpki-client