Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.mft
File: CWmio5Y1t5dHbx8WM66PJ78ztTM.mft (raw, json)
Hash identifier: xzmYvEKfsRF4ZKwLDRuSfcoSxsSwPPoDx2HbZGO03xo=
Subject key identifier: 5B:63:9D:14:2A:76:4E:65:E3:FF:7E:4E:3C:88:1E:2B:43:92:FB:D1
Authority key identifier: 09:69:A2:A3:96:35:B7:97:47:6F:1F:16:33:AE:8F:27:BF:33:B5:33
Certificate issuer: /CN=0969a2a39635b797476f1f1633ae8f27bf33b533
Certificate serial: 019A16BBFD8D84F7D117B7378DC27E2383F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CWmio5Y1t5dHbx8WM66PJ78ztTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.mft
Manifest number: 0852
Signing time: Fri 24 Oct 2025 15:00:10 +0000
Manifest this update: Fri 24 Oct 2025 15:00:10 +0000
Manifest next update: Sat 25 Oct 2025 15:00:10 +0000
Files and hashes: 1: BkCfOAyCGeDGXBzB_CRhpnT85-o.roa (hash: ZCOveNEcvLz0LB1AwVgKDEY4UTtWOnEKbeJWb81WBoE=)
2: CWmio5Y1t5dHbx8WM66PJ78ztTM.crl (hash: hWSaZi4vaMYIiOF+47TEaA3y3lljrv3Fa8kV1MBWEOM=)
3: NsSedmTQW8OnTTsqv3X8CBZy-xU.roa (hash: WFkKh3bAC4MDDNtqyFfpo7GUVyreugPfu/r7LcM/fN4=)
4: TeB088r0q83Xt0BxDsUFRJ09n_w.roa (hash: G48KXbKrX68pg0VWA7DNE58/xU413WQGSqX5xHVo4rY=)
5: XiH0gOSpoMJFdvBjBWzlMvnZ9hs.roa (hash: yKr2N5bCM8GXpbIakJJERWtJOnyqKHMRYj21ZgduTJA=)
6: eZ1oRKw2ZmvD0_NWa-kdmh2g-eo.roa (hash: 2jAE9EFeYAI0mBmHLdLHHE90HLI9cIG+7iKSbXwklN4=)
7: l5LQQJ1hscP11M9PGOZJoYipJjA.roa (hash: 1Qefj38Zjj0ROOLLrKtBW86/Osz3b9lr4tBY77Lptdo=)
8: nEOWg7Kmd6qTqNCYh_hqhP0HHz4.roa (hash: NGhjwZyIl+7tDpzWRbOKaVY9nx0e4i5L5ak98QKmrxE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.mft
rsync://rpki.ripe.net/repository/DEFAULT/CWmio5Y1t5dHbx8WM66PJ78ztTM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 Oct 2025 08:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:16:bb:fd:8d:84:f7:d1:17:b7:37:8d:c2:7e:23:83:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0969a2a39635b797476f1f1633ae8f27bf33b533
Validity
Not Before: Oct 24 15:00:10 2025 GMT
Not After : Oct 25 15:00:10 2025 GMT
Subject: CN=5b639d142a764e65e3ff7e4e3c881e2b4392fbd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:da:0f:94:8c:9f:39:6d:a7:0d:f1:b1:dc:99:
3c:94:af:d4:7f:51:2b:b1:93:06:25:41:88:67:01:
31:4b:e5:1f:88:42:c9:3f:08:c0:e4:87:3c:2e:e8:
b0:23:84:80:5f:ff:79:fe:25:6f:07:84:32:c2:ce:
d1:c1:9d:55:2b:58:88:ad:04:3a:02:03:0a:68:8a:
7e:ea:1b:f6:44:42:cf:1b:7f:f9:91:bc:2e:10:d0:
15:47:72:d3:99:ef:82:b1:5e:75:40:eb:f3:fb:e2:
72:b4:b4:12:48:b8:a9:14:fc:80:4e:f8:f5:58:05:
af:b3:6c:73:1d:b2:4a:5f:26:a0:8b:a7:a4:ab:7e:
af:f3:71:28:0b:56:81:a7:04:68:68:b9:bd:b9:d2:
9a:34:7b:2f:a2:a5:0c:3c:22:28:f3:8b:67:68:71:
c1:d7:2d:71:44:a5:fe:c8:b8:f7:86:e7:4d:87:2a:
38:13:63:5c:12:63:91:1b:0c:55:ce:82:d3:a4:3a:
a0:a1:2c:cb:2a:2e:f8:10:5c:1b:a8:f6:36:d7:38:
c6:22:36:5b:62:ab:18:97:81:19:4c:ce:bf:16:48:
43:97:39:2a:52:c8:a8:31:36:2f:27:f2:e9:3b:63:
14:6f:63:cd:70:2c:a7:c0:c2:26:b0:8c:a7:7b:65:
35:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:63:9D:14:2A:76:4E:65:E3:FF:7E:4E:3C:88:1E:2B:43:92:FB:D1
X509v3 Authority Key Identifier:
keyid:09:69:A2:A3:96:35:B7:97:47:6F:1F:16:33:AE:8F:27:BF:33:B5:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CWmio5Y1t5dHbx8WM66PJ78ztTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4e:1d:e4:b5:63:a7:a5:66:08:e9:3c:37:d7:60:fe:0b:40:f8:
4f:ec:4a:79:4c:da:b1:b5:1e:04:ab:52:18:46:5b:4e:94:81:
27:17:ff:50:34:b0:e0:eb:f5:23:40:28:0d:8e:69:1e:dd:33:
d7:52:1b:7d:2b:2c:6c:d1:b9:8c:37:0c:87:f2:86:bc:74:24:
b0:51:fc:b6:7c:1a:1f:5f:d1:e8:04:63:49:28:10:07:65:c9:
e8:9e:d5:69:ae:f1:c2:84:3d:07:48:32:4a:ab:95:18:6a:82:
f4:cc:c2:16:94:43:f0:d1:ec:68:1a:95:74:48:b2:ca:de:a1:
05:7e:44:34:1f:aa:df:50:dd:95:2c:86:86:fd:3c:b1:a2:55:
a6:ed:bc:3b:5c:a5:14:10:51:e0:2e:b3:57:eb:d5:c4:3b:33:
5d:0f:c4:5e:cb:e1:15:71:bf:fa:70:ff:43:93:44:75:01:80:
83:11:e2:a5:a4:6b:0f:58:aa:28:1b:d5:37:35:b6:68:6c:de:
39:bc:52:c1:8c:58:e1:e3:9c:78:0b:0d:f3:78:64:ef:7a:2e:
27:fa:03:45:9a:ff:a3:97:c1:13:a9:6a:b4:98:1b:96:09:ed:
ad:a2:30:37:99:d9:06:9b:3a:37:7c:ca:1d:39:fb:55:99:00:
bc:a3:ea:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoWu/2NhPfRF7c3jcJ+I4PzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NjlhMmEzOTYzNWI3OTc0NzZmMWYxNjMzYWU4ZjI3YmYz
M2I1MzMwHhcNMjUxMDI0MTUwMDEwWhcNMjUxMDI1MTUwMDEwWjAzMTEwLwYDVQQD
Eyg1YjYzOWQxNDJhNzY0ZTY1ZTNmZjdlNGUzYzg4MWUyYjQzOTJmYmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9oPlIyfOW2nDfGx3Jk8lK/Uf1Er
sZMGJUGIZwExS+UfiELJPwjA5Ic8LuiwI4SAX/95/iVvB4Qyws7RwZ1VK1iIrQQ6
AgMKaIp+6hv2RELPG3/5kbwuENAVR3LTme+CsV51QOvz++JytLQSSLipFPyATvj1
WAWvs2xzHbJKXyagi6ekq36v83EoC1aBpwRoaLm9udKaNHsvoqUMPCIo84tnaHHB
1y1xRKX+yLj3hudNhyo4E2NcEmORGwxVzoLTpDqgoSzLKi74EFwbqPY21zjGIjZb
YqsYl4EZTM6/FkhDlzkqUsioMTYvJ/LpO2MUb2PNcCynwMImsIyne2U18wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFtjnRQqdk5l4/9+TjyIHitDkvvRMB8GA1UdIwQY
MBaAFAlpoqOWNbeXR28fFjOujye/M7UzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1dtaW81WTF0NWRIYng4V002NlBKNzh6dFRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC82ZGI0MjctZjdkYy00ZWE5LWFlOTUt
NDE0OTA4NzJmYzRlLzEvQ1dtaW81WTF0NWRIYng4V002NlBKNzh6dFRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC82ZGI0MjctZjdkYy00ZWE5LWFlOTUtNDE0OTA4NzJmYzRl
LzEvQ1dtaW81WTF0NWRIYng4V002NlBKNzh6dFRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATh3ktWOn
pWYI6Tw312D+C0D4T+xKeUzasbUeBKtSGEZbTpSBJxf/UDSw4Ov1I0AoDY5pHt0z
11IbfSssbNG5jDcMh/KGvHQksFH8tnwaH1/R6ARjSSgQB2XJ6J7Vaa7xwoQ9B0gy
SquVGGqC9MzCFpRD8NHsaBqVdEiyyt6hBX5ENB+q31DdlSyGhv08saJVpu28O1yl
FBBR4C6zV+vVxDszXQ/EXsvhFXG/+nD/Q5NEdQGAgxHipaRrD1iqKBvVNzW2aGze
ObxSwYxY4eOceAsN83hk73ouJ/oDRZr/o5fBE6lqtJgblgntraIwN5nZBps6N3zK
HTn7VZkAvKPq3g==
-----END CERTIFICATE-----
Generated at Fri Oct 24 18:14:58 2025 by rpki-client