Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/139d23-802d-4224-832e-1f8581421760/1/ChCKKMcHsOXCwubCE31Fh5EUu5I.mft
File: ChCKKMcHsOXCwubCE31Fh5EUu5I.mft (raw, json)
Hash identifier: NdsI4wXNAWjW3Cqe1mSTAHykSNcLQie/q1WGLJpQq4s=
Subject key identifier: CD:36:0C:ED:18:51:3A:7D:90:F6:E5:FC:C0:F4:37:F7:D9:91:AD:53
Authority key identifier: 0A:10:8A:28:C7:07:B0:E5:C2:C2:E6:C2:13:7D:45:87:91:14:BB:92
Certificate issuer: /CN=0a108a28c707b0e5c2c2e6c2137d45879114bb92
Certificate serial: 019A70DC7A031AA3641A4051F3BE1B79CDF2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ChCKKMcHsOXCwubCE31Fh5EUu5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/139d23-802d-4224-832e-1f8581421760/1/ChCKKMcHsOXCwubCE31Fh5EUu5I.mft
Manifest number: 0918
Signing time: Tue 11 Nov 2025 03:01:28 +0000
Manifest this update: Tue 11 Nov 2025 03:01:28 +0000
Manifest next update: Wed 12 Nov 2025 03:01:28 +0000
Files and hashes: 1: ChCKKMcHsOXCwubCE31Fh5EUu5I.crl (hash: DZsO8grjhbwWOQSgknr/tm/ZLVt3wTBpmv+WLS7AVdE=)
2: eO8gPZF0Xg3a6oErz3xsis78_yg.roa (hash: ARYdnlTRJg0XCA/7uUE4AwiYMl9F7vHnb8qFPrerwpk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/139d23-802d-4224-832e-1f8581421760/1/ChCKKMcHsOXCwubCE31Fh5EUu5I.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/139d23-802d-4224-832e-1f8581421760/1/ChCKKMcHsOXCwubCE31Fh5EUu5I.mft
rsync://rpki.ripe.net/repository/DEFAULT/ChCKKMcHsOXCwubCE31Fh5EUu5I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:dc:7a:03:1a:a3:64:1a:40:51:f3:be:1b:79:cd:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a108a28c707b0e5c2c2e6c2137d45879114bb92
Validity
Not Before: Nov 11 03:01:28 2025 GMT
Not After : Nov 12 03:01:28 2025 GMT
Subject: CN=cd360ced18513a7d90f6e5fcc0f437f7d991ad53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:5c:95:43:96:09:ca:16:7f:1e:72:4c:a2:c9:
57:15:bc:04:2c:c5:32:04:f3:e0:44:14:7d:fc:92:
95:f2:6a:72:d8:8a:c9:49:db:d1:92:ae:40:30:73:
35:b3:42:7c:29:9a:4d:46:03:d2:33:fe:56:55:66:
38:6a:7b:c3:4f:55:9b:79:d3:fd:47:cf:af:f6:bb:
74:b3:a3:3a:ba:35:04:46:9d:20:95:62:3d:10:1d:
05:89:49:de:1c:48:ac:35:8d:0b:88:97:e0:5c:e4:
a5:a6:e2:44:94:2f:4a:28:04:9b:2a:9a:14:8e:79:
85:3a:55:75:50:c8:2d:ba:0f:b4:b0:48:bd:73:2f:
c6:55:54:7d:91:37:f8:8c:e3:54:b0:d8:f9:c1:30:
17:ae:0c:d8:ce:72:96:aa:d1:b7:eb:8c:e8:e3:39:
f5:67:da:65:8f:53:32:cc:09:7e:46:c9:3b:b5:7a:
22:4c:4f:f8:dd:04:6b:67:19:a4:7b:2a:00:f9:04:
2e:06:ac:0b:8c:59:e8:d4:05:0a:fd:8d:a8:1b:c9:
aa:e4:77:39:85:25:de:8f:0c:56:6a:10:79:d5:b1:
23:79:46:fd:e3:53:ba:ba:a6:28:9b:60:df:8f:26:
74:dd:08:2e:08:d3:82:65:e6:a5:09:b7:b2:9f:ef:
5a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:36:0C:ED:18:51:3A:7D:90:F6:E5:FC:C0:F4:37:F7:D9:91:AD:53
X509v3 Authority Key Identifier:
keyid:0A:10:8A:28:C7:07:B0:E5:C2:C2:E6:C2:13:7D:45:87:91:14:BB:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ChCKKMcHsOXCwubCE31Fh5EUu5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/139d23-802d-4224-832e-1f8581421760/1/ChCKKMcHsOXCwubCE31Fh5EUu5I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/139d23-802d-4224-832e-1f8581421760/1/ChCKKMcHsOXCwubCE31Fh5EUu5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
48:09:d1:ec:78:d8:ef:db:ec:ab:cc:3f:3a:6c:0c:7a:76:94:
2a:57:5a:52:a3:cd:18:72:13:be:5c:04:f9:60:7c:4f:ff:f4:
ae:51:fa:81:1d:94:77:9e:30:17:a5:9c:8e:ed:b4:6e:ca:0d:
a7:6a:97:71:c7:05:94:fe:93:bf:33:d1:6a:8a:5c:f9:9e:76:
44:9c:7b:31:6f:70:55:56:19:3b:66:48:79:c6:22:bc:c1:8c:
bf:46:fa:fe:c7:37:b5:e9:b8:c6:e5:40:90:72:1b:4c:e8:84:
76:4f:a4:01:7e:66:7e:0f:87:a5:0b:c4:cc:11:ab:17:2a:bd:
e4:f4:42:f9:45:d2:30:85:38:0c:a5:b1:e8:2e:71:b0:36:db:
07:9d:68:97:c7:e8:fe:ef:f8:21:e4:70:96:d3:b0:72:58:22:
40:72:33:49:51:b5:a5:91:72:f7:41:2b:ba:5b:b5:90:eb:a9:
9f:5a:85:4b:a7:ac:4a:8c:a2:84:81:37:56:d8:98:d5:2b:24:
b6:b1:1b:da:59:fc:dd:36:b3:4e:7c:0b:1c:00:70:8b:ab:ad:
d2:8a:47:58:a9:08:2f:7f:8c:ef:00:4b:b2:6a:6d:b0:dc:cf:
a6:68:be:90:99:be:bc:d4:61:ce:bf:3f:76:46:60:65:14:02:
4f:c2:79:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3HoDGqNkGkBR874bec3yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMTA4YTI4YzcwN2IwZTVjMmMyZTZjMjEzN2Q0NTg3OTEx
NGJiOTIwHhcNMjUxMTExMDMwMTI4WhcNMjUxMTEyMDMwMTI4WjAzMTEwLwYDVQQD
EyhjZDM2MGNlZDE4NTEzYTdkOTBmNmU1ZmNjMGY0MzdmN2Q5OTFhZDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlyVQ5YJyhZ/HnJMoslXFbwELMUy
BPPgRBR9/JKV8mpy2IrJSdvRkq5AMHM1s0J8KZpNRgPSM/5WVWY4anvDT1WbedP9
R8+v9rt0s6M6ujUERp0glWI9EB0FiUneHEisNY0LiJfgXOSlpuJElC9KKASbKpoU
jnmFOlV1UMgtug+0sEi9cy/GVVR9kTf4jONUsNj5wTAXrgzYznKWqtG364zo4zn1
Z9plj1MyzAl+Rsk7tXoiTE/43QRrZxmkeyoA+QQuBqwLjFno1AUK/Y2oG8mq5Hc5
hSXejwxWahB51bEjeUb941O6uqYom2DfjyZ03QguCNOCZealCbeyn+9aPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM02DO0YUTp9kPbl/MD0N/fZka1TMB8GA1UdIwQY
MBaAFAoQiijHB7DlwsLmwhN9RYeRFLuSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2hDS0tNY0hzT1hDd3ViQ0UzMUZoNUVVdTVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8xMzlkMjMtODAyZC00MjI0LTgzMmUt
MWY4NTgxNDIxNzYwLzEvQ2hDS0tNY0hzT1hDd3ViQ0UzMUZoNUVVdTVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8xMzlkMjMtODAyZC00MjI0LTgzMmUtMWY4NTgxNDIxNzYw
LzEvQ2hDS0tNY0hzT1hDd3ViQ0UzMUZoNUVVdTVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASAnR7HjY
79vsq8w/OmwMenaUKldaUqPNGHITvlwE+WB8T//0rlH6gR2Ud54wF6Wcju20bsoN
p2qXcccFlP6TvzPRaopc+Z52RJx7MW9wVVYZO2ZIecYivMGMv0b6/sc3tem4xuVA
kHIbTOiEdk+kAX5mfg+HpQvEzBGrFyq95PRC+UXSMIU4DKWx6C5xsDbbB51ol8fo
/u/4IeRwltOwclgiQHIzSVG1pZFy90Erulu1kOupn1qFS6esSoyihIE3VtiY1Ssk
trEb2ln83TazTnwLHABwi6ut0opHWKkIL3+M7wBLsmptsNzPpmi+kJm+vNRhzr8/
dkZgZRQCT8J5gw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:46:18 2025 by rpki-client