Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/9d5bcf-2db9-4afa-b000-822953f8cf77/1/Cfuz7S8CnEusxuosTH9MHNboDnk.mft
File: Cfuz7S8CnEusxuosTH9MHNboDnk.mft (raw, json)
Hash identifier: VZ8j0DhGbDSBHiYHlQUl2l/G0wzZpyd+iVz8xQYNCKY=
Subject key identifier: 25:D5:27:D0:B4:91:68:1C:F4:63:C7:87:BD:52:92:9B:78:1D:DE:11
Authority key identifier: 09:FB:B3:ED:2F:02:9C:4B:AC:C6:EA:2C:4C:7F:4C:1C:D6:E8:0E:79
Certificate issuer: /CN=09fbb3ed2f029c4bacc6ea2c4c7f4c1cd6e80e79
Certificate serial: 019A71B8D161C0B3C0C3A5A3CEA59F09A864
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cfuz7S8CnEusxuosTH9MHNboDnk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/9d5bcf-2db9-4afa-b000-822953f8cf77/1/Cfuz7S8CnEusxuosTH9MHNboDnk.mft
Manifest number: 0D87
Signing time: Tue 11 Nov 2025 07:02:08 +0000
Manifest this update: Tue 11 Nov 2025 07:02:08 +0000
Manifest next update: Wed 12 Nov 2025 07:02:08 +0000
Files and hashes: 1: Cfuz7S8CnEusxuosTH9MHNboDnk.crl (hash: 3ZhUOQrJfdxqwQrllQM2kJ47BW0KlJlPAvhvGsBUxqU=)
2: GWHlXKm0sM09h00CHS4OA90ZDEo.roa (hash: nINowmfDfKGL1Tvt7j8uTMeqVpzK8gUstL889w0cG50=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/9d5bcf-2db9-4afa-b000-822953f8cf77/1/Cfuz7S8CnEusxuosTH9MHNboDnk.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/9d5bcf-2db9-4afa-b000-822953f8cf77/1/Cfuz7S8CnEusxuosTH9MHNboDnk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Cfuz7S8CnEusxuosTH9MHNboDnk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:d1:61:c0:b3:c0:c3:a5:a3:ce:a5:9f:09:a8:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09fbb3ed2f029c4bacc6ea2c4c7f4c1cd6e80e79
Validity
Not Before: Nov 11 07:02:08 2025 GMT
Not After : Nov 12 07:02:08 2025 GMT
Subject: CN=25d527d0b491681cf463c787bd52929b781dde11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:14:1f:6b:72:05:3e:c3:a1:d4:a3:6f:20:ec:
34:7f:af:7b:95:6f:8c:3e:9e:0e:65:aa:98:50:e7:
6e:27:89:32:a5:18:fa:e4:7c:48:85:d9:24:17:19:
7c:38:22:e9:f5:3a:65:78:c1:37:a9:78:28:c9:1e:
1a:91:37:d3:76:bc:e0:6e:76:5d:d6:67:58:46:06:
96:f4:5f:df:47:38:88:0e:0a:19:06:d6:f2:eb:5c:
76:c2:21:a4:52:9a:a4:7d:c5:5a:90:da:29:90:21:
de:58:2c:e2:0b:1f:03:7d:a1:e9:da:2d:12:b1:ba:
50:44:75:45:a9:bc:13:7c:ae:63:15:23:ba:b4:38:
60:d5:34:e3:91:fd:30:8c:68:21:5c:fb:62:4b:64:
c9:d6:91:cc:93:20:2d:4b:68:63:90:ec:f6:1d:e4:
1d:de:e3:16:85:6f:4d:36:d9:9d:c4:83:8b:b2:9d:
78:2a:4e:7f:74:c1:a1:1b:03:b3:c2:25:ca:f2:0b:
7f:58:b9:cb:dd:ff:74:23:b1:0b:9d:dc:df:66:6d:
a4:52:83:e6:a3:7d:24:29:26:3b:47:b1:73:2f:1f:
16:9d:2b:59:9f:4b:6a:4f:b4:d3:20:04:75:a5:c2:
69:17:26:07:5f:4b:33:23:09:9c:7b:41:5a:9b:49:
77:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:D5:27:D0:B4:91:68:1C:F4:63:C7:87:BD:52:92:9B:78:1D:DE:11
X509v3 Authority Key Identifier:
keyid:09:FB:B3:ED:2F:02:9C:4B:AC:C6:EA:2C:4C:7F:4C:1C:D6:E8:0E:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cfuz7S8CnEusxuosTH9MHNboDnk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9d5bcf-2db9-4afa-b000-822953f8cf77/1/Cfuz7S8CnEusxuosTH9MHNboDnk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9d5bcf-2db9-4afa-b000-822953f8cf77/1/Cfuz7S8CnEusxuosTH9MHNboDnk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:e6:2d:96:92:42:6e:a4:3a:b3:e5:68:a2:40:84:17:e7:50:
20:6c:38:32:be:f2:e5:cd:c3:70:ba:7c:cc:54:4e:1c:f6:76:
ae:fb:d0:1b:28:35:09:fc:66:96:7b:49:35:40:d0:68:1b:c4:
9c:db:3a:7d:0d:30:1f:9b:4d:51:35:aa:b0:c5:33:fe:a1:cc:
82:b6:a9:8d:cb:e1:13:dd:d6:8f:85:b2:a7:bb:5f:8d:59:b2:
5b:7e:8e:d4:66:04:fb:08:a1:5a:61:45:a3:03:9a:76:b1:4e:
59:10:1d:b7:2b:fc:d8:62:f1:c8:75:50:d4:be:9c:c8:06:2c:
8e:39:2d:d1:79:31:4c:7e:6b:cf:f0:a8:98:e5:23:b7:13:35:
5f:e8:01:51:ea:9b:0e:60:27:ba:f3:08:2e:74:f4:5d:96:b8:
90:b0:27:3e:a1:d1:9b:98:af:39:98:c3:74:2c:48:5c:e9:f4:
44:f2:b1:83:46:22:7f:66:dd:a1:cd:d5:1c:aa:56:c4:73:aa:
22:18:49:4c:2b:5a:59:70:40:1d:5e:5d:8f:35:eb:2c:2e:66:
00:a3:a1:f3:5b:79:72:61:b3:ec:28:91:a7:b9:9f:c5:3d:52:
82:44:7a:76:55:56:05:ff:e9:8b:66:08:be:b4:63:63:3e:a4:
72:a1:b8:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuNFhwLPAw6WjzqWfCahkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZmJiM2VkMmYwMjljNGJhY2M2ZWEyYzRjN2Y0YzFjZDZl
ODBlNzkwHhcNMjUxMTExMDcwMjA4WhcNMjUxMTEyMDcwMjA4WjAzMTEwLwYDVQQD
EygyNWQ1MjdkMGI0OTE2ODFjZjQ2M2M3ODdiZDUyOTI5Yjc4MWRkZTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBQfa3IFPsOh1KNvIOw0f697lW+M
Pp4OZaqYUOduJ4kypRj65HxIhdkkFxl8OCLp9TpleME3qXgoyR4akTfTdrzgbnZd
1mdYRgaW9F/fRziIDgoZBtby61x2wiGkUpqkfcVakNopkCHeWCziCx8DfaHp2i0S
sbpQRHVFqbwTfK5jFSO6tDhg1TTjkf0wjGghXPtiS2TJ1pHMkyAtS2hjkOz2HeQd
3uMWhW9NNtmdxIOLsp14Kk5/dMGhGwOzwiXK8gt/WLnL3f90I7ELndzfZm2kUoPm
o30kKSY7R7FzLx8WnStZn0tqT7TTIAR1pcJpFyYHX0szIwmce0Fam0l3XQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCXVJ9C0kWgc9GPHh71Skpt4Hd4RMB8GA1UdIwQY
MBaAFAn7s+0vApxLrMbqLEx/TBzW6A55MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2Z1ejdTOENuRXVzeHVvc1RIOU1ITmJvRG5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS85ZDViY2YtMmRiOS00YWZhLWIwMDAt
ODIyOTUzZjhjZjc3LzEvQ2Z1ejdTOENuRXVzeHVvc1RIOU1ITmJvRG5rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS85ZDViY2YtMmRiOS00YWZhLWIwMDAtODIyOTUzZjhjZjc3
LzEvQ2Z1ejdTOENuRXVzeHVvc1RIOU1ITmJvRG5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC+YtlpJC
bqQ6s+VookCEF+dQIGw4Mr7y5c3DcLp8zFROHPZ2rvvQGyg1CfxmlntJNUDQaBvE
nNs6fQ0wH5tNUTWqsMUz/qHMgrapjcvhE93Wj4Wyp7tfjVmyW36O1GYE+wihWmFF
owOadrFOWRAdtyv82GLxyHVQ1L6cyAYsjjkt0XkxTH5rz/ComOUjtxM1X+gBUeqb
DmAnuvMILnT0XZa4kLAnPqHRm5ivOZjDdCxIXOn0RPKxg0Yif2bdoc3VHKpWxHOq
IhhJTCtaWXBAHV5djzXrLC5mAKOh81t5cmGz7CiRp7mfxT1SgkR6dlVWBf/pi2YI
vrRjYz6kcqG4Kw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:51:37 2025 by rpki-client