Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/6b9626-fb1a-445e-b95a-b002f35be739/1/cdiwl1czMSbftYNIDqji09NGwI0.mft
File: cdiwl1czMSbftYNIDqji09NGwI0.mft (raw, json)
Hash identifier: 2Q2wqHhl1YMxiu9vT3X9u+icnyBMIwhgvsdYweGM7l4=
Subject key identifier: BE:1C:0D:56:ED:95:D8:5B:DC:77:29:C3:FA:75:DC:AF:40:3B:BD:97
Authority key identifier: 71:D8:B0:97:57:33:31:26:DF:B5:83:48:0E:A8:E2:D3:D3:46:C0:8D
Certificate issuer: /CN=71d8b09757333126dfb583480ea8e2d3d346c08d
Certificate serial: 019A70A51A2D8E489F7A82A9DEC8EE59C73B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdiwl1czMSbftYNIDqji09NGwI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/6b9626-fb1a-445e-b95a-b002f35be739/1/cdiwl1czMSbftYNIDqji09NGwI0.mft
Manifest number: 36
Signing time: Tue 11 Nov 2025 02:00:59 +0000
Manifest this update: Tue 11 Nov 2025 02:00:59 +0000
Manifest next update: Wed 12 Nov 2025 02:00:59 +0000
Files and hashes: 1: 2EqRaIm0ahFzSQziRWxNhuiDeiY.roa (hash: 5jZKlaOwWZIRRP1zoyFgUhrGBnHTFy4tV4SJl+5yoHI=)
2: cdiwl1czMSbftYNIDqji09NGwI0.crl (hash: +lQC1fYjiu+9m4zFg5VVqqLpyNBMe+K625Gsp5ge21M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/6b9626-fb1a-445e-b95a-b002f35be739/1/cdiwl1czMSbftYNIDqji09NGwI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/6b9626-fb1a-445e-b95a-b002f35be739/1/cdiwl1czMSbftYNIDqji09NGwI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/cdiwl1czMSbftYNIDqji09NGwI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 02:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:a5:1a:2d:8e:48:9f:7a:82:a9:de:c8:ee:59:c7:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d8b09757333126dfb583480ea8e2d3d346c08d
Validity
Not Before: Nov 11 02:00:59 2025 GMT
Not After : Nov 12 02:00:59 2025 GMT
Subject: CN=be1c0d56ed95d85bdc7729c3fa75dcaf403bbd97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:76:6a:f4:e8:6f:18:e3:07:bb:8f:52:00:6c:
c0:4c:97:93:43:ad:73:1c:11:89:1d:40:52:7e:00:
09:13:58:f6:cb:0d:e4:f0:c0:1f:ed:25:1d:33:e1:
cd:90:f3:74:4e:4e:aa:91:30:c9:b8:d3:86:59:c8:
3b:2f:2e:63:13:79:42:94:c2:41:4c:c4:fe:78:68:
0a:aa:a6:9e:15:d2:6f:79:6b:9a:a2:c3:e7:5c:46:
1b:04:44:70:2b:6d:84:90:c4:1f:bb:28:b5:df:0a:
8f:a4:52:88:8a:9d:c6:31:7c:d0:02:b8:65:53:46:
db:00:c3:2c:25:bc:ed:58:02:91:48:a4:b8:f2:76:
03:e3:fd:9d:90:91:38:ab:66:02:70:22:cc:da:6d:
64:7f:43:d8:22:fc:90:c7:7b:b4:3e:97:72:fd:43:
05:b1:83:5b:1b:15:95:1e:95:31:2c:12:0b:0e:46:
5c:78:4e:04:a4:3f:7d:15:b6:34:bd:ae:22:88:aa:
7d:d3:08:da:c7:b8:7d:e6:5b:f9:ae:48:ed:3b:45:
ca:f3:fe:d9:d2:2a:39:bb:2a:fc:24:fe:ca:85:2f:
d5:59:49:76:4a:b1:65:5c:32:ee:8c:37:ab:14:d1:
e3:38:6d:07:53:67:36:a2:0d:b9:06:7e:55:e6:f5:
48:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:1C:0D:56:ED:95:D8:5B:DC:77:29:C3:FA:75:DC:AF:40:3B:BD:97
X509v3 Authority Key Identifier:
keyid:71:D8:B0:97:57:33:31:26:DF:B5:83:48:0E:A8:E2:D3:D3:46:C0:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdiwl1czMSbftYNIDqji09NGwI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/6b9626-fb1a-445e-b95a-b002f35be739/1/cdiwl1czMSbftYNIDqji09NGwI0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/6b9626-fb1a-445e-b95a-b002f35be739/1/cdiwl1czMSbftYNIDqji09NGwI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
07:89:d6:29:9f:18:56:fe:11:0d:8a:13:83:d1:9c:ed:a3:43:
98:1a:95:f8:28:d8:83:2d:6b:bf:89:6f:22:df:c5:12:0c:bf:
0a:ea:75:b1:fd:f3:15:78:17:7f:ee:a6:ef:fe:01:e4:11:5c:
f5:6c:27:68:73:05:18:a9:bb:cb:b2:ff:04:22:81:ca:04:6e:
d8:5a:fe:84:16:52:47:d9:10:a2:0a:0c:31:b2:5a:0d:54:93:
70:e2:d4:c6:07:c0:01:ce:98:0e:52:1a:c6:6a:74:f7:da:62:
70:82:1a:0e:02:e8:30:38:75:5e:89:11:f8:fd:5b:f5:2e:b5:
1d:5c:8e:e7:e1:4f:7b:ec:b8:14:a5:84:25:c3:68:82:6d:70:
3e:ff:85:91:27:dd:11:a0:09:a1:fd:45:49:41:c2:5f:0b:2e:
85:7f:05:2b:34:7f:f1:d2:6e:6e:61:f0:f3:e0:03:ce:08:0d:
a8:da:bf:0d:9e:3a:0c:5e:b0:ac:e4:1c:61:58:d0:f1:40:f4:
18:bc:6a:6c:2d:19:3e:01:6b:52:ae:ee:2c:37:11:aa:ca:a5:
1a:e8:f5:f9:aa:1f:2f:da:15:7b:71:4f:44:16:a3:d4:64:ff:
b3:b5:a7:f4:99:60:f3:19:1b:d7:f7:7a:e3:85:aa:c3:36:a5:
8b:91:60:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpRotjkifeoKp3sjuWcc7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxZDhiMDk3NTczMzMxMjZkZmI1ODM0ODBlYThlMmQzZDM0
NmMwOGQwHhcNMjUxMTExMDIwMDU5WhcNMjUxMTEyMDIwMDU5WjAzMTEwLwYDVQQD
EyhiZTFjMGQ1NmVkOTVkODViZGM3NzI5YzNmYTc1ZGNhZjQwM2JiZDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHZq9OhvGOMHu49SAGzATJeTQ61z
HBGJHUBSfgAJE1j2yw3k8MAf7SUdM+HNkPN0Tk6qkTDJuNOGWcg7Ly5jE3lClMJB
TMT+eGgKqqaeFdJveWuaosPnXEYbBERwK22EkMQfuyi13wqPpFKIip3GMXzQArhl
U0bbAMMsJbztWAKRSKS48nYD4/2dkJE4q2YCcCLM2m1kf0PYIvyQx3u0Ppdy/UMF
sYNbGxWVHpUxLBILDkZceE4EpD99FbY0va4iiKp90wjax7h95lv5rkjtO0XK8/7Z
0io5uyr8JP7KhS/VWUl2SrFlXDLujDerFNHjOG0HU2c2og25Bn5V5vVIlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL4cDVbtldhb3Hcpw/p13K9AO72XMB8GA1UdIwQY
MBaAFHHYsJdXMzEm37WDSA6o4tPTRsCNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2Rpd2wxY3pNU2JmdFlOSURxamkwOU5Hd0kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy82Yjk2MjYtZmIxYS00NDVlLWI5NWEt
YjAwMmYzNWJlNzM5LzEvY2Rpd2wxY3pNU2JmdFlOSURxamkwOU5Hd0kwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy82Yjk2MjYtZmIxYS00NDVlLWI5NWEtYjAwMmYzNWJlNzM5
LzEvY2Rpd2wxY3pNU2JmdFlOSURxamkwOU5Hd0kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB4nWKZ8Y
Vv4RDYoTg9Gc7aNDmBqV+CjYgy1rv4lvIt/FEgy/Cup1sf3zFXgXf+6m7/4B5BFc
9WwnaHMFGKm7y7L/BCKBygRu2Fr+hBZSR9kQogoMMbJaDVSTcOLUxgfAAc6YDlIa
xmp099picIIaDgLoMDh1XokR+P1b9S61HVyO5+FPe+y4FKWEJcNogm1wPv+FkSfd
EaAJof1FSUHCXwsuhX8FKzR/8dJubmHw8+ADzggNqNq/DZ46DF6wrOQcYVjQ8UD0
GLxqbC0ZPgFrUq7uLDcRqsqlGuj1+aofL9oVe3FPRBaj1GT/s7Wn9Jlg8xkb1/d6
44Wqwzali5FgCg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:37:21 2025 by rpki-client