Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.mft
File: cnS17iqgd4rxMENYIlrGflUXCog.mft (raw, json)
Hash identifier: m8NvL46fRaUkH3pwJbXk7Kd/pKrfP7IbpSlYG9sD+VU=
Subject key identifier: 4B:86:D9:C2:41:EA:94:24:0E:93:AB:3B:33:CB:91:89:FB:7F:63:39
Authority key identifier: 72:74:B5:EE:2A:A0:77:8A:F1:30:43:58:22:5A:C6:7E:55:17:0A:88
Certificate issuer: /CN=7274b5ee2aa0778af1304358225ac67e55170a88
Certificate serial: 019A7293D761218A7DE6EF444158C6DB7FDF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cnS17iqgd4rxMENYIlrGflUXCog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.mft
Manifest number: 0A4B
Signing time: Tue 11 Nov 2025 11:01:22 +0000
Manifest this update: Tue 11 Nov 2025 11:01:22 +0000
Manifest next update: Wed 12 Nov 2025 11:01:22 +0000
Files and hashes: 1: Ck9V105I1WzILyho--HhjxtMhOo.roa (hash: n/nSiTnqvWrHsmL1agIClZLa+JDSNKpvkkGREC8GFbY=)
2: cnS17iqgd4rxMENYIlrGflUXCog.crl (hash: cUY2Br3eeW0cMN9eL3D+Et9GX5mbfbgCCiz7c0gmbic=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.mft
rsync://rpki.ripe.net/repository/DEFAULT/cnS17iqgd4rxMENYIlrGflUXCog.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:d7:61:21:8a:7d:e6:ef:44:41:58:c6:db:7f:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7274b5ee2aa0778af1304358225ac67e55170a88
Validity
Not Before: Nov 11 11:01:22 2025 GMT
Not After : Nov 12 11:01:22 2025 GMT
Subject: CN=4b86d9c241ea94240e93ab3b33cb9189fb7f6339
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c8:9a:8c:05:79:bc:82:f5:21:cd:d4:c3:bb:
7b:4b:f4:0b:4c:57:bc:90:0d:65:e0:36:df:31:0e:
aa:8a:55:b7:33:fc:d9:53:da:ad:24:6e:bd:57:d0:
1e:44:7a:f4:31:ec:6e:4b:9a:4b:73:3c:7d:70:92:
bc:50:73:fb:59:48:d6:98:14:c7:e7:34:98:d7:f5:
2a:05:87:e4:b6:98:98:8a:f7:a2:41:ff:ce:08:4d:
d8:a8:f3:1b:3c:56:02:29:31:1c:77:79:2c:02:ed:
7d:f5:c6:6c:fe:1a:60:c7:53:2a:8f:27:e9:ea:0f:
7c:cc:df:64:8b:a4:94:01:35:e5:c3:44:f2:16:bc:
d8:f8:0c:7d:98:09:d5:04:29:cc:69:f6:6e:77:d3:
22:35:a7:2a:d3:9e:17:9a:60:68:c5:72:29:63:5e:
0d:0c:c3:f6:69:26:9e:8d:b4:f9:57:c7:6e:aa:31:
50:d3:56:7c:62:12:00:36:79:00:a7:98:d2:be:c8:
98:c4:dd:77:ae:ad:1c:e3:31:25:2a:c4:a7:8c:c7:
77:ac:f0:79:8f:cc:e2:f9:fd:92:ff:ae:31:96:af:
3b:0f:44:ca:a9:ea:9b:43:fc:4b:57:93:48:ca:85:
56:27:ef:f2:b8:38:bb:a0:c8:63:2b:63:07:76:2b:
13:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:86:D9:C2:41:EA:94:24:0E:93:AB:3B:33:CB:91:89:FB:7F:63:39
X509v3 Authority Key Identifier:
keyid:72:74:B5:EE:2A:A0:77:8A:F1:30:43:58:22:5A:C6:7E:55:17:0A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cnS17iqgd4rxMENYIlrGflUXCog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
73:73:6b:9a:93:01:ec:90:4f:3e:14:03:6c:63:25:f8:2a:41:
d8:c5:86:f1:0c:50:79:b9:8a:d1:ea:9b:cf:67:0d:e6:e5:cd:
6c:17:94:b5:f5:1a:25:37:32:ab:49:1e:b0:86:cb:db:27:f1:
06:9e:07:f9:a7:be:2a:45:9f:b4:5c:5e:87:d9:43:6f:3e:86:
29:fd:cc:65:65:5d:b5:df:a6:f6:ac:2f:17:58:f3:c9:f3:be:
8a:54:80:51:dc:18:08:11:94:da:49:7d:c3:0b:7a:53:c4:43:
cb:76:0f:1d:df:49:59:f5:79:81:82:5f:be:3a:09:22:d2:65:
ec:89:b9:20:77:dd:27:bf:3b:86:0e:a3:84:04:47:c8:4f:bd:
1e:eb:33:a9:b1:51:41:9e:b9:20:5d:39:0d:d3:2a:30:09:ce:
24:4f:f8:f2:98:8b:4d:83:9e:98:ff:f1:71:8e:18:4e:80:f8:
30:32:99:74:58:15:c9:ff:1f:c5:c6:23:a8:e8:4e:c8:a1:7f:
e6:4e:0b:a5:be:09:fa:29:0d:21:1e:1b:d3:d3:6c:0c:08:2a:
f3:57:2d:45:24:b9:3f:c8:e9:19:88:74:67:fd:ee:57:65:2b:
1f:4d:1b:0c:fe:7d:6e:f9:95:ae:c3:f7:0d:d2:5e:e7:b6:02:
9d:93:3b:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk9dhIYp95u9EQVjG23/fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNzRiNWVlMmFhMDc3OGFmMTMwNDM1ODIyNWFjNjdlNTUx
NzBhODgwHhcNMjUxMTExMTEwMTIyWhcNMjUxMTEyMTEwMTIyWjAzMTEwLwYDVQQD
Eyg0Yjg2ZDljMjQxZWE5NDI0MGU5M2FiM2IzM2NiOTE4OWZiN2Y2MzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosiajAV5vIL1Ic3Uw7t7S/QLTFe8
kA1l4DbfMQ6qilW3M/zZU9qtJG69V9AeRHr0MexuS5pLczx9cJK8UHP7WUjWmBTH
5zSY1/UqBYfktpiYiveiQf/OCE3YqPMbPFYCKTEcd3ksAu199cZs/hpgx1Mqjyfp
6g98zN9ki6SUATXlw0TyFrzY+Ax9mAnVBCnMafZud9MiNacq054XmmBoxXIpY14N
DMP2aSaejbT5V8duqjFQ01Z8YhIANnkAp5jSvsiYxN13rq0c4zElKsSnjMd3rPB5
j8zi+f2S/64xlq87D0TKqeqbQ/xLV5NIyoVWJ+/yuDi7oMhjK2MHdisTKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEuG2cJB6pQkDpOrOzPLkYn7f2M5MB8GA1UdIwQY
MBaAFHJ0te4qoHeK8TBDWCJaxn5VFwqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY25TMTdpcWdkNHJ4TUVOWUlsckdmbFVYQ29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi84MTA2YzYtOTZlMy00ODU2LThlNTMt
NjllYmVkMTc4MTRhLzEvY25TMTdpcWdkNHJ4TUVOWUlsckdmbFVYQ29nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi84MTA2YzYtOTZlMy00ODU2LThlNTMtNjllYmVkMTc4MTRh
LzEvY25TMTdpcWdkNHJ4TUVOWUlsckdmbFVYQ29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc3NrmpMB
7JBPPhQDbGMl+CpB2MWG8QxQebmK0eqbz2cN5uXNbBeUtfUaJTcyq0kesIbL2yfx
Bp4H+ae+KkWftFxeh9lDbz6GKf3MZWVdtd+m9qwvF1jzyfO+ilSAUdwYCBGU2kl9
wwt6U8RDy3YPHd9JWfV5gYJfvjoJItJl7Im5IHfdJ787hg6jhARHyE+9HuszqbFR
QZ65IF05DdMqMAnOJE/48piLTYOemP/xcY4YToD4MDKZdFgVyf8fxcYjqOhOyKF/
5k4Lpb4J+ikNIR4b09NsDAgq81ctRSS5P8jpGYh0Z/3uV2UrH00bDP59bvmVrsP3
DdJe57YCnZM7Ew==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:08:02 2025 by rpki-client