Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/CEGOlpDQ-3Eavzh04cUApidpPAo.mft
File: CEGOlpDQ-3Eavzh04cUApidpPAo.mft (raw, json)
Hash identifier: eab9kpgtZcgOyMIIpLN5Fo1Wyy+rdIHEvgIHlPleaLY=
Subject key identifier: FB:32:65:10:82:C6:57:EB:B7:A6:84:E9:81:0A:47:4E:F2:D7:0B:0D
Authority key identifier: 08:41:8E:96:90:D0:FB:71:1A:BF:38:74:E1:C5:00:A6:27:69:3C:0A
Certificate issuer: /CN=08418e9690d0fb711abf3874e1c500a627693c0a
Certificate serial: 019A239C4E415EDE3E6F068D242BD619C5F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CEGOlpDQ-3Eavzh04cUApidpPAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/CEGOlpDQ-3Eavzh04cUApidpPAo.mft
Manifest number: 100B
Signing time: Mon 27 Oct 2025 03:00:37 +0000
Manifest this update: Mon 27 Oct 2025 03:00:37 +0000
Manifest next update: Tue 28 Oct 2025 03:00:37 +0000
Files and hashes: 1: 8QToh95n76MX0haqvJV4iXYdSiU.roa (hash: bccQP6DZQf854mroc1UFT6HPAcTOCvETn4EYHYUjQ3o=)
2: CEGOlpDQ-3Eavzh04cUApidpPAo.crl (hash: qc0gkjeKZWHMelA+kQ5xCS0t0sNhnLRrKdnnLtm6v1M=)
3: WXokG7cKriDfqWoaHraaATikOZM.roa (hash: l03IsJpcA1hZ2SxrPxTFFWqboVv9JIckV/GXuLQrkcI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/CEGOlpDQ-3Eavzh04cUApidpPAo.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/CEGOlpDQ-3Eavzh04cUApidpPAo.mft
rsync://rpki.ripe.net/repository/DEFAULT/CEGOlpDQ-3Eavzh04cUApidpPAo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 03:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:23:9c:4e:41:5e:de:3e:6f:06:8d:24:2b:d6:19:c5:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08418e9690d0fb711abf3874e1c500a627693c0a
Validity
Not Before: Oct 27 03:00:37 2025 GMT
Not After : Oct 28 03:00:37 2025 GMT
Subject: CN=fb32651082c657ebb7a684e9810a474ef2d70b0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:54:40:4c:17:7d:d8:4e:0e:9a:1c:4e:84:18:
c0:a8:07:e7:81:fc:55:35:80:4d:4f:c3:b1:40:3e:
c2:f8:00:b6:e8:62:c8:75:ed:18:09:9a:c2:0c:7a:
29:9a:f8:21:0c:28:bf:da:7b:ba:ac:45:a2:52:10:
a9:66:16:f3:49:98:b9:92:ce:86:a7:3b:85:cf:ad:
53:33:98:5d:14:25:a0:ae:df:d9:12:73:51:cc:a8:
9e:11:1a:3f:32:2a:5e:b1:8a:06:cf:cd:52:5c:b5:
ba:e8:dd:26:8e:c1:a5:de:db:38:78:f5:66:c5:12:
a8:59:84:b3:70:b9:d2:cc:3e:e5:72:97:f7:b3:ca:
27:48:e6:e3:12:1c:ea:fe:0b:9e:21:07:a5:03:97:
67:6d:f5:b1:66:f1:e3:25:17:a6:20:b6:1d:b9:62:
90:93:7d:0f:a8:e6:86:ea:fa:28:b1:ea:5a:51:7e:
a9:78:a3:24:d5:7d:2d:a4:ba:25:ce:72:8b:7a:31:
ff:d1:68:5d:c1:f0:4c:cd:a9:98:ee:6b:5c:a8:73:
f1:cf:00:08:d2:a7:99:1e:0a:ef:64:3b:48:3b:02:
e7:c9:b5:49:ff:c7:e8:86:81:b5:dd:07:fe:5b:e5:
93:3a:c5:28:4a:4f:47:cd:c5:44:14:0c:91:5e:6e:
d1:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:32:65:10:82:C6:57:EB:B7:A6:84:E9:81:0A:47:4E:F2:D7:0B:0D
X509v3 Authority Key Identifier:
keyid:08:41:8E:96:90:D0:FB:71:1A:BF:38:74:E1:C5:00:A6:27:69:3C:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CEGOlpDQ-3Eavzh04cUApidpPAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/CEGOlpDQ-3Eavzh04cUApidpPAo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/CEGOlpDQ-3Eavzh04cUApidpPAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
59:f9:7d:33:eb:21:d7:a3:fc:5f:ad:9e:72:26:1e:ac:34:9c:
be:2f:80:c7:f9:e5:a3:08:33:be:f2:4d:00:8b:fd:d6:15:68:
70:ad:8d:5b:70:1c:35:7c:2d:7f:f9:2e:8d:bf:c9:17:30:6a:
15:56:e2:c0:86:55:0f:0e:8b:ec:a1:bc:e0:94:17:74:bd:de:
b9:92:2e:2f:7c:c7:af:8c:34:59:68:78:09:7f:17:8f:df:85:
bb:6d:fb:41:bb:e8:91:99:1d:6e:00:67:f4:a1:d5:0a:0e:1c:
fd:6b:0f:b7:1a:00:86:c6:ee:5d:14:59:33:cf:1b:ad:4a:71:
d2:11:0b:86:70:93:ce:4a:f6:9f:24:7e:7a:cd:48:7c:89:11:
97:7d:57:66:a1:6e:be:c0:4e:db:59:ab:a9:3d:01:13:5a:70:
2d:f4:8f:76:f0:25:c8:ff:b1:ce:7c:ab:52:f7:09:53:69:23:
f7:42:db:55:78:bf:8d:88:ad:71:d9:23:4e:05:c7:dd:a7:3a:
c4:30:f9:67:c5:fb:d5:87:47:43:3c:3b:5b:c6:52:99:7f:a5:
c1:fc:d0:26:71:2f:6a:f4:f0:45:2c:35:cc:ae:74:01:b0:3e:
39:60:1a:9b:f2:75:d8:0c:89:40:a0:f0:9e:5f:fb:7a:34:9f:
9f:12:3f:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZojnE5BXt4+bwaNJCvWGcX1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4NDE4ZTk2OTBkMGZiNzExYWJmMzg3NGUxYzUwMGE2Mjc2
OTNjMGEwHhcNMjUxMDI3MDMwMDM3WhcNMjUxMDI4MDMwMDM3WjAzMTEwLwYDVQQD
EyhmYjMyNjUxMDgyYzY1N2ViYjdhNjg0ZTk4MTBhNDc0ZWYyZDcwYjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVRATBd92E4OmhxOhBjAqAfngfxV
NYBNT8OxQD7C+AC26GLIde0YCZrCDHopmvghDCi/2nu6rEWiUhCpZhbzSZi5ks6G
pzuFz61TM5hdFCWgrt/ZEnNRzKieERo/MipesYoGz81SXLW66N0mjsGl3ts4ePVm
xRKoWYSzcLnSzD7lcpf3s8onSObjEhzq/gueIQelA5dnbfWxZvHjJRemILYduWKQ
k30PqOaG6voosepaUX6peKMk1X0tpLolznKLejH/0WhdwfBMzamY7mtcqHPxzwAI
0qeZHgrvZDtIOwLnybVJ/8fohoG13Qf+W+WTOsUoSk9HzcVEFAyRXm7R7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPsyZRCCxlfrt6aE6YEKR07y1wsNMB8GA1UdIwQY
MBaAFAhBjpaQ0PtxGr84dOHFAKYnaTwKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0VHT2xwRFEtM0VhdnpoMDRjVUFwaWRwUEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9lOTc1NjMtYzdlNS00MDM2LWE3OTYt
MjJjMGNhMjEzMzgwLzEvQ0VHT2xwRFEtM0VhdnpoMDRjVUFwaWRwUEFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9lOTc1NjMtYzdlNS00MDM2LWE3OTYtMjJjMGNhMjEzMzgw
LzEvQ0VHT2xwRFEtM0VhdnpoMDRjVUFwaWRwUEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWfl9M+sh
16P8X62eciYerDScvi+Ax/nlowgzvvJNAIv91hVocK2NW3AcNXwtf/kujb/JFzBq
FVbiwIZVDw6L7KG84JQXdL3euZIuL3zHr4w0WWh4CX8Xj9+Fu237QbvokZkdbgBn
9KHVCg4c/WsPtxoAhsbuXRRZM88brUpx0hELhnCTzkr2nyR+es1IfIkRl31XZqFu
vsBO21mrqT0BE1pwLfSPdvAlyP+xznyrUvcJU2kj90LbVXi/jYitcdkjTgXH3ac6
xDD5Z8X71YdHQzw7W8ZSmX+lwfzQJnEvavTwRSw1zK50AbA+OWAam/J12AyJQKDw
nl/7ejSfnxI/vw==
-----END CERTIFICATE-----
Generated at Mon Oct 27 12:02:42 2025 by rpki-client