Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/88a580-5dc1-4c86-92c5-5eebb1259dc9/1/cNySeAi5pn58uhunTvtb9sEsiVs.mft
File: cNySeAi5pn58uhunTvtb9sEsiVs.mft (raw, json)
Hash identifier: r4ZdMTto63Fto5iCmYKtnO9qCnCFah/vqvV4zOVFk7U=
Subject key identifier: 17:AE:49:76:6E:8A:42:E3:58:C8:18:6D:5B:96:BC:74:91:34:7F:40
Authority key identifier: 70:DC:92:78:08:B9:A6:7E:7C:BA:1B:A7:4E:FB:5B:F6:C1:2C:89:5B
Certificate issuer: /CN=70dc927808b9a67e7cba1ba74efb5bf6c12c895b
Certificate serial: 019A7301D03FCB4C742545AFEF0C7C02DEC4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cNySeAi5pn58uhunTvtb9sEsiVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/88a580-5dc1-4c86-92c5-5eebb1259dc9/1/cNySeAi5pn58uhunTvtb9sEsiVs.mft
Manifest number: 171C
Signing time: Tue 11 Nov 2025 13:01:29 +0000
Manifest this update: Tue 11 Nov 2025 13:01:29 +0000
Manifest next update: Wed 12 Nov 2025 13:01:29 +0000
Files and hashes: 1: BAJtDqJxaWUqQAfiueye7uuRaiw.roa (hash: xliJwPehY40wkTea7xdHZ3Ii3nZae+NEE66sFETvyTA=)
2: cNySeAi5pn58uhunTvtb9sEsiVs.crl (hash: /Vzb5hjpl5XCwmTYjteWLf+zHpxW5683P7ZhCSSQVdc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/88a580-5dc1-4c86-92c5-5eebb1259dc9/1/cNySeAi5pn58uhunTvtb9sEsiVs.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/88a580-5dc1-4c86-92c5-5eebb1259dc9/1/cNySeAi5pn58uhunTvtb9sEsiVs.mft
rsync://rpki.ripe.net/repository/DEFAULT/cNySeAi5pn58uhunTvtb9sEsiVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:01:d0:3f:cb:4c:74:25:45:af:ef:0c:7c:02:de:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70dc927808b9a67e7cba1ba74efb5bf6c12c895b
Validity
Not Before: Nov 11 13:01:29 2025 GMT
Not After : Nov 12 13:01:29 2025 GMT
Subject: CN=17ae49766e8a42e358c8186d5b96bc7491347f40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:01:b4:ec:f3:c6:ad:36:6f:10:61:1e:3a:fb:
5d:b6:20:4d:8b:0c:c2:e8:28:91:43:c6:b0:88:10:
39:92:b6:5c:96:f8:7f:79:a1:5c:e7:0f:ca:f9:60:
4a:23:4f:d0:22:65:d8:22:62:e5:05:4e:03:2e:04:
9c:4f:80:8f:03:7e:07:2b:87:49:0a:11:45:ab:ec:
05:5c:7a:20:61:4f:be:fb:af:0d:12:70:fe:3c:63:
a5:6c:e1:7a:08:85:c5:25:5e:6d:38:ab:b8:97:13:
cc:c1:75:4e:80:04:d3:c6:93:56:c5:d7:b0:ec:78:
cc:74:da:aa:78:5e:89:77:2e:94:39:bd:6c:3b:7d:
b9:87:57:0b:96:cb:19:d9:6b:4e:7b:74:b3:ca:77:
69:82:64:20:91:f6:a1:3f:3c:e7:5b:36:d2:bd:d0:
85:c9:b9:db:7b:a8:ba:00:c3:5a:22:66:38:3a:e0:
8f:67:c8:13:41:9b:3c:84:e6:74:de:3d:e3:8e:1c:
11:85:64:f5:d3:3d:a4:5c:02:73:b8:60:b7:1c:a2:
d4:e4:19:37:ff:b8:9f:df:47:34:75:60:ff:92:29:
72:b0:29:1f:a7:33:bd:da:ff:43:78:1e:b8:6f:7e:
7e:b5:49:86:9e:e6:ac:dd:53:e4:22:47:f2:a0:03:
45:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:AE:49:76:6E:8A:42:E3:58:C8:18:6D:5B:96:BC:74:91:34:7F:40
X509v3 Authority Key Identifier:
keyid:70:DC:92:78:08:B9:A6:7E:7C:BA:1B:A7:4E:FB:5B:F6:C1:2C:89:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cNySeAi5pn58uhunTvtb9sEsiVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/88a580-5dc1-4c86-92c5-5eebb1259dc9/1/cNySeAi5pn58uhunTvtb9sEsiVs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/88a580-5dc1-4c86-92c5-5eebb1259dc9/1/cNySeAi5pn58uhunTvtb9sEsiVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6a:db:13:1c:0b:09:a5:5e:ca:d8:cc:58:56:ea:46:45:18:ac:
1f:03:ed:c3:f9:af:e6:c3:ec:60:8a:3d:91:b7:2f:81:8e:9b:
4b:f4:73:60:2d:a2:af:c0:0e:55:58:71:ae:6b:63:04:f0:f0:
e4:06:e4:a6:5b:c9:14:05:0b:e6:8d:bf:ab:44:7e:72:e9:e8:
ac:66:d7:74:49:d5:6a:d7:be:46:34:50:cf:10:d3:88:37:ff:
6b:ac:17:49:44:88:96:fa:38:6d:52:b8:40:9e:86:43:45:42:
a9:e9:96:b8:b8:46:ac:93:ff:4f:bd:ee:9a:37:2b:61:c9:f8:
2a:90:49:88:84:f4:05:4c:95:39:da:d2:94:99:a3:de:d5:56:
fb:aa:4a:89:40:dc:31:74:d5:94:5b:39:0c:6a:73:13:8a:78:
b3:0f:12:92:51:f3:52:21:3a:41:f2:06:c1:65:49:ea:4a:54:
05:bf:3a:19:2a:1d:67:71:74:5c:5e:4d:62:26:88:ab:88:89:
12:32:92:71:32:6d:9b:1a:e8:c7:c5:23:71:fd:20:28:f3:62:
c8:3e:86:75:36:4c:2f:d9:0f:47:be:7e:a4:5b:67:fa:f7:ac:
ca:d0:88:0e:cc:1b:ae:74:b7:90:ff:d0:98:d3:c5:a0:f9:d3:
f4:3a:a0:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAdA/y0x0JUWv7wx8At7EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZGM5Mjc4MDhiOWE2N2U3Y2JhMWJhNzRlZmI1YmY2YzEy
Yzg5NWIwHhcNMjUxMTExMTMwMTI5WhcNMjUxMTEyMTMwMTI5WjAzMTEwLwYDVQQD
EygxN2FlNDk3NjZlOGE0MmUzNThjODE4NmQ1Yjk2YmM3NDkxMzQ3ZjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAG07PPGrTZvEGEeOvtdtiBNiwzC
6CiRQ8awiBA5krZclvh/eaFc5w/K+WBKI0/QImXYImLlBU4DLgScT4CPA34HK4dJ
ChFFq+wFXHogYU+++68NEnD+PGOlbOF6CIXFJV5tOKu4lxPMwXVOgATTxpNWxdew
7HjMdNqqeF6Jdy6UOb1sO325h1cLlssZ2WtOe3SzyndpgmQgkfahPzznWzbSvdCF
ybnbe6i6AMNaImY4OuCPZ8gTQZs8hOZ03j3jjhwRhWT10z2kXAJzuGC3HKLU5Bk3
/7if30c0dWD/kilysCkfpzO92v9DeB64b35+tUmGnuas3VPkIkfyoANFAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBeuSXZuikLjWMgYbVuWvHSRNH9AMB8GA1UdIwQY
MBaAFHDckngIuaZ+fLobp077W/bBLIlbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY055U2VBaTVwbjU4dWh1blR2dGI5c0VzaVZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy84OGE1ODAtNWRjMS00Yzg2LTkyYzUt
NWVlYmIxMjU5ZGM5LzEvY055U2VBaTVwbjU4dWh1blR2dGI5c0VzaVZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy84OGE1ODAtNWRjMS00Yzg2LTkyYzUtNWVlYmIxMjU5ZGM5
LzEvY055U2VBaTVwbjU4dWh1blR2dGI5c0VzaVZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAatsTHAsJ
pV7K2MxYVupGRRisHwPtw/mv5sPsYIo9kbcvgY6bS/RzYC2ir8AOVVhxrmtjBPDw
5AbkplvJFAUL5o2/q0R+cunorGbXdEnVate+RjRQzxDTiDf/a6wXSUSIlvo4bVK4
QJ6GQ0VCqemWuLhGrJP/T73umjcrYcn4KpBJiIT0BUyVOdrSlJmj3tVW+6pKiUDc
MXTVlFs5DGpzE4p4sw8SklHzUiE6QfIGwWVJ6kpUBb86GSodZ3F0XF5NYiaIq4iJ
EjKScTJtmxrox8Ujcf0gKPNiyD6GdTZML9kPR75+pFtn+vesytCIDswbrnS3kP/Q
mNPFoPnT9DqgBQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 18:37:52 2025 by rpki-client