Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/CKXDq6Qht4p9XQm3W0zjvlJzyqw.mft
File: CKXDq6Qht4p9XQm3W0zjvlJzyqw.mft (raw, json)
Hash identifier: aQVqcwsemgynWqA81bNwTDUjA/CeimVIPfxVMPsUwro=
Subject key identifier: 1E:B5:D7:5B:CE:BE:B2:AA:9B:F6:54:A4:26:7F:67:6C:FE:09:A5:0F
Authority key identifier: 08:A5:C3:AB:A4:21:B7:8A:7D:5D:09:B7:5B:4C:E3:BE:52:73:CA:AC
Certificate issuer: /CN=08a5c3aba421b78a7d5d09b75b4ce3be5273caac
Certificate serial: 019A25C19D78A46E70D04990B8FE22CE7E0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKXDq6Qht4p9XQm3W0zjvlJzyqw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/CKXDq6Qht4p9XQm3W0zjvlJzyqw.mft
Manifest number: 16FC
Signing time: Mon 27 Oct 2025 13:00:36 +0000
Manifest this update: Mon 27 Oct 2025 13:00:36 +0000
Manifest next update: Tue 28 Oct 2025 13:00:36 +0000
Files and hashes: 1: CKXDq6Qht4p9XQm3W0zjvlJzyqw.crl (hash: s1j3W2qxqaWHG5gleygoCw/RTtYvnI5MlJH3VRViyq8=)
2: yW1cS9Mx29vTOamtTRsFT6bLIXw.roa (hash: PZBuxnii3Pq+stD6k3qQUstIcPbrvHDexZJKpw32ONQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/CKXDq6Qht4p9XQm3W0zjvlJzyqw.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/CKXDq6Qht4p9XQm3W0zjvlJzyqw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CKXDq6Qht4p9XQm3W0zjvlJzyqw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 13:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:25:c1:9d:78:a4:6e:70:d0:49:90:b8:fe:22:ce:7e:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08a5c3aba421b78a7d5d09b75b4ce3be5273caac
Validity
Not Before: Oct 27 13:00:36 2025 GMT
Not After : Oct 28 13:00:36 2025 GMT
Subject: CN=1eb5d75bcebeb2aa9bf654a4267f676cfe09a50f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:cb:ec:eb:cf:44:51:6a:f4:ee:68:a3:e0:49:
94:a1:8e:df:1b:f8:c1:d1:42:0d:88:13:32:5e:47:
0a:8e:5e:c6:3e:c0:16:c4:b3:51:6d:01:00:a5:dc:
a3:d9:4f:6e:80:0e:92:ac:67:5b:16:d1:c9:73:3e:
19:53:16:f4:51:96:1b:de:e4:2f:28:3b:c4:4a:bb:
c9:6c:b5:69:ee:2c:96:66:a5:d7:db:77:6f:64:39:
69:e4:90:b0:5a:50:76:c4:e6:18:1f:05:31:65:8c:
a9:05:96:8b:dc:e0:66:73:06:4c:57:27:c2:2f:05:
fe:5e:24:1c:ae:8d:4c:b1:1e:e0:36:71:39:64:2a:
07:03:96:3d:49:f6:e0:36:36:66:6b:71:39:3f:22:
a0:6c:2e:ab:1e:c1:a9:1d:68:58:7b:05:be:19:bc:
bb:16:b7:f2:27:0c:92:f9:43:b7:69:cc:67:86:54:
f1:4b:a3:7b:0c:67:64:b2:27:e8:cd:14:46:3c:df:
9c:d6:8a:1f:8b:a7:b4:74:6a:56:88:19:4a:35:f0:
80:a4:c5:8d:50:4b:ca:e5:a3:e3:32:0b:61:56:5d:
20:98:73:95:9b:c3:dc:35:93:2c:8f:18:48:09:ae:
d5:b0:b9:fe:cb:a5:47:7c:d0:e9:0a:75:fe:66:e5:
2c:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:B5:D7:5B:CE:BE:B2:AA:9B:F6:54:A4:26:7F:67:6C:FE:09:A5:0F
X509v3 Authority Key Identifier:
keyid:08:A5:C3:AB:A4:21:B7:8A:7D:5D:09:B7:5B:4C:E3:BE:52:73:CA:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKXDq6Qht4p9XQm3W0zjvlJzyqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/CKXDq6Qht4p9XQm3W0zjvlJzyqw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/CKXDq6Qht4p9XQm3W0zjvlJzyqw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
50:f5:3c:66:00:bc:3d:9d:59:71:27:c4:af:9d:68:9b:85:25:
7a:0d:f1:6f:2d:3e:61:73:c6:47:3a:77:ae:1b:91:04:ee:0e:
93:d0:70:67:a7:c0:77:1f:24:76:e8:c4:91:6d:61:c1:df:1f:
74:4d:e0:65:99:82:f0:3a:87:82:a9:b8:88:0a:18:27:8c:02:
69:e6:78:ee:11:74:3b:54:bf:b7:01:67:9e:7a:28:7d:e1:73:
02:27:f1:6a:a7:3a:7f:0f:a2:0a:85:af:44:64:3f:f3:21:d0:
61:9b:7e:44:fa:63:48:f3:d2:ed:ca:b3:07:9e:f1:18:4b:63:
d9:5c:43:32:3b:4a:da:0f:6b:a9:41:b9:85:05:3d:5e:a1:25:
4a:74:88:7d:81:56:12:26:c8:ac:d9:57:af:9c:a1:6d:5f:39:
22:c8:7d:0e:de:62:1b:f6:f2:e7:66:4b:32:18:d7:ba:f0:20:
59:fa:e3:ac:30:6f:2e:a3:44:dc:78:93:92:98:96:20:fc:b8:
61:ad:44:36:e7:c9:37:70:ab:27:7d:3a:e5:fd:bc:e1:d0:4c:
c4:ea:10:d5:72:54:03:59:6b:5a:17:3b:51:65:92:e7:19:b7:
67:5e:f8:43:8b:4e:e9:74:d0:7b:88:ec:92:78:af:d2:1b:69:
01:05:fa:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZolwZ14pG5w0EmQuP4izn4LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YTVjM2FiYTQyMWI3OGE3ZDVkMDliNzViNGNlM2JlNTI3
M2NhYWMwHhcNMjUxMDI3MTMwMDM2WhcNMjUxMDI4MTMwMDM2WjAzMTEwLwYDVQQD
EygxZWI1ZDc1YmNlYmViMmFhOWJmNjU0YTQyNjdmNjc2Y2ZlMDlhNTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsvs689EUWr07mij4EmUoY7fG/jB
0UINiBMyXkcKjl7GPsAWxLNRbQEApdyj2U9ugA6SrGdbFtHJcz4ZUxb0UZYb3uQv
KDvESrvJbLVp7iyWZqXX23dvZDlp5JCwWlB2xOYYHwUxZYypBZaL3OBmcwZMVyfC
LwX+XiQcro1MsR7gNnE5ZCoHA5Y9SfbgNjZma3E5PyKgbC6rHsGpHWhYewW+Gby7
FrfyJwyS+UO3acxnhlTxS6N7DGdksifozRRGPN+c1oofi6e0dGpWiBlKNfCApMWN
UEvK5aPjMgthVl0gmHOVm8PcNZMsjxhICa7VsLn+y6VHfNDpCnX+ZuUsMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB6111vOvrKqm/ZUpCZ/Z2z+CaUPMB8GA1UdIwQY
MBaAFAilw6ukIbeKfV0Jt1tM475Sc8qsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0tYRHE2UWh0NHA5WFFtM1cwemp2bEp6eXF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My83YmQ4Y2YtMmE2MS00Yjc0LTg2MGQt
MzY0ZmFlN2M3MmM0LzEvQ0tYRHE2UWh0NHA5WFFtM1cwemp2bEp6eXF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My83YmQ4Y2YtMmE2MS00Yjc0LTg2MGQtMzY0ZmFlN2M3MmM0
LzEvQ0tYRHE2UWh0NHA5WFFtM1cwemp2bEp6eXF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUPU8ZgC8
PZ1ZcSfEr51om4Uleg3xby0+YXPGRzp3rhuRBO4Ok9BwZ6fAdx8kdujEkW1hwd8f
dE3gZZmC8DqHgqm4iAoYJ4wCaeZ47hF0O1S/twFnnnoofeFzAifxaqc6fw+iCoWv
RGQ/8yHQYZt+RPpjSPPS7cqzB57xGEtj2VxDMjtK2g9rqUG5hQU9XqElSnSIfYFW
EibIrNlXr5yhbV85Ish9Dt5iG/by52ZLMhjXuvAgWfrjrDBvLqNE3HiTkpiWIPy4
Ya1ENufJN3CrJ3065f284dBMxOoQ1XJUA1lrWhc7UWWS5xm3Z174Q4tO6XTQe4js
kniv0htpAQX69g==
-----END CERTIFICATE-----
Generated at Mon Oct 27 16:56:56 2025 by rpki-client