Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/4d5295-f8f2-4e05-add0-519795a22502/1/cM9eaXxglK22vJcVazXgBf1M8uI.mft
File: cM9eaXxglK22vJcVazXgBf1M8uI.mft (raw, json)
Hash identifier: +f1WSloNijeuCshHVJ/ZrOTYndAQBW8ei6q9fb07uDA=
Subject key identifier: A3:CE:E5:F8:EE:CB:2E:9B:37:5C:BD:B3:CD:CD:41:E8:89:6E:62:0D
Authority key identifier: 70:CF:5E:69:7C:60:94:AD:B6:BC:97:15:6B:35:E0:05:FD:4C:F2:E2
Certificate issuer: /CN=70cf5e697c6094adb6bc97156b35e005fd4cf2e2
Certificate serial: 019A729393F5B76C25E4EE6916FAA886D66F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cM9eaXxglK22vJcVazXgBf1M8uI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/4d5295-f8f2-4e05-add0-519795a22502/1/cM9eaXxglK22vJcVazXgBf1M8uI.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 11:01:05 +0000
Manifest this update: Tue 11 Nov 2025 11:01:05 +0000
Manifest next update: Wed 12 Nov 2025 11:01:05 +0000
Files and hashes: 1: ZMvF8N06VsuZ5tNxMMczzsSTe5w.roa (hash: D7vN+YdR9s6oznh1bq9p5ngAxVIRYXDWMiWld/VomNA=)
2: cM9eaXxglK22vJcVazXgBf1M8uI.crl (hash: BdMgRJSWXkuF5bsnYVT1w6yWeHid3ohPlrGrshxLRy4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/4d5295-f8f2-4e05-add0-519795a22502/1/cM9eaXxglK22vJcVazXgBf1M8uI.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/4d5295-f8f2-4e05-add0-519795a22502/1/cM9eaXxglK22vJcVazXgBf1M8uI.mft
rsync://rpki.ripe.net/repository/DEFAULT/cM9eaXxglK22vJcVazXgBf1M8uI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:93:f5:b7:6c:25:e4:ee:69:16:fa:a8:86:d6:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cf5e697c6094adb6bc97156b35e005fd4cf2e2
Validity
Not Before: Nov 11 11:01:05 2025 GMT
Not After : Nov 12 11:01:05 2025 GMT
Subject: CN=a3cee5f8eecb2e9b375cbdb3cdcd41e8896e620d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:21:19:36:ac:6b:bc:72:82:43:71:ec:7a:d8:
08:f9:de:8b:6f:4d:2d:af:74:cc:d5:0b:de:8b:56:
f8:f5:c7:0c:ce:17:ad:9c:66:f1:b3:25:0f:e3:76:
f4:d2:fd:4f:29:fa:be:76:34:e2:e8:b0:55:06:76:
75:f6:15:2a:54:40:e6:b6:2a:11:f5:c9:70:8f:a8:
41:f6:68:a0:66:a9:ee:e6:84:4e:28:e5:86:4a:80:
e2:c1:c6:9f:2b:16:fc:a0:0a:d6:96:cb:81:ef:ab:
fd:ab:57:44:92:13:31:88:98:95:9b:03:d5:46:64:
27:68:f1:d9:b0:71:8a:42:36:20:07:e8:ca:f2:92:
ca:72:07:80:32:59:f1:64:7c:89:89:1a:20:a4:f3:
a3:29:88:62:76:03:08:00:86:e9:65:5b:da:23:3e:
62:44:ff:df:04:9e:72:ba:c7:df:45:1f:fa:1d:3b:
74:cc:13:69:e5:02:29:23:b3:37:a9:79:1a:56:8d:
96:92:87:25:68:e9:ac:7f:d8:62:f6:02:68:2c:5c:
ba:96:de:6a:3a:58:f3:90:d5:2d:fd:29:7a:23:38:
33:57:06:65:8c:49:a6:e7:56:d5:6c:dc:ef:ac:88:
a3:b1:25:7c:30:d4:1a:65:be:ff:0f:76:37:38:e0:
a4:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:CE:E5:F8:EE:CB:2E:9B:37:5C:BD:B3:CD:CD:41:E8:89:6E:62:0D
X509v3 Authority Key Identifier:
keyid:70:CF:5E:69:7C:60:94:AD:B6:BC:97:15:6B:35:E0:05:FD:4C:F2:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cM9eaXxglK22vJcVazXgBf1M8uI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/4d5295-f8f2-4e05-add0-519795a22502/1/cM9eaXxglK22vJcVazXgBf1M8uI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/4d5295-f8f2-4e05-add0-519795a22502/1/cM9eaXxglK22vJcVazXgBf1M8uI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0d:c5:11:6d:ef:e2:4f:3e:cb:bc:05:87:a2:0e:9e:66:48:86:
c6:72:41:f3:18:a1:34:90:e0:11:0a:f2:4b:77:63:ee:30:f0:
74:ef:68:47:f4:7b:31:fb:69:59:59:82:b2:17:e7:c0:ab:ba:
66:57:72:26:0b:69:b2:6c:6e:7e:94:d1:17:b8:ac:6d:34:b3:
b3:0a:fe:5e:70:d2:fc:aa:c3:57:d6:ce:1f:12:36:65:71:0c:
25:f1:ee:8e:43:b2:22:ab:ba:ed:7c:5e:8f:ba:1a:d7:2a:00:
43:f5:6a:29:69:d3:7d:69:c4:68:33:2f:f1:df:50:15:25:4a:
dc:79:47:07:72:35:69:ed:6b:e8:4b:72:ca:83:13:ed:18:b0:
5a:49:b2:89:5f:4f:4a:21:8c:a0:5a:14:ce:fa:18:fb:35:30:
fd:99:98:f1:7f:07:20:54:b9:09:d9:0f:aa:fd:c6:df:d4:fe:
f2:3e:c0:b2:63:3b:4f:dc:06:09:86:c0:3f:34:57:56:cd:6f:
c3:15:e5:27:3d:7f:93:09:38:6f:bc:dd:e1:61:3c:02:eb:f9:
1d:e2:e2:f6:d9:62:54:40:df:c9:82:27:4c:df:28:9b:62:68:
31:79:7e:5b:22:f1:24:13:de:84:6f:11:74:b1:78:17:7a:7f:
2f:5d:f4:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk5P1t2wl5O5pFvqohtZvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwY2Y1ZTY5N2M2MDk0YWRiNmJjOTcxNTZiMzVlMDA1ZmQ0
Y2YyZTIwHhcNMjUxMTExMTEwMTA1WhcNMjUxMTEyMTEwMTA1WjAzMTEwLwYDVQQD
EyhhM2NlZTVmOGVlY2IyZTliMzc1Y2JkYjNjZGNkNDFlODg5NmU2MjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSEZNqxrvHKCQ3HsetgI+d6Lb00t
r3TM1Qvei1b49ccMzhetnGbxsyUP43b00v1PKfq+djTi6LBVBnZ19hUqVEDmtioR
9clwj6hB9migZqnu5oROKOWGSoDiwcafKxb8oArWlsuB76v9q1dEkhMxiJiVmwPV
RmQnaPHZsHGKQjYgB+jK8pLKcgeAMlnxZHyJiRogpPOjKYhidgMIAIbpZVvaIz5i
RP/fBJ5yusffRR/6HTt0zBNp5QIpI7M3qXkaVo2WkoclaOmsf9hi9gJoLFy6lt5q
OljzkNUt/Sl6IzgzVwZljEmm51bVbNzvrIijsSV8MNQaZb7/D3Y3OOCkCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKPO5fjuyy6bN1y9s83NQeiJbmINMB8GA1UdIwQY
MBaAFHDPXml8YJSttryXFWs14AX9TPLiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY005ZWFYeGdsSzIydkpjVmF6WGdCZjFNOHVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy80ZDUyOTUtZjhmMi00ZTA1LWFkZDAt
NTE5Nzk1YTIyNTAyLzEvY005ZWFYeGdsSzIydkpjVmF6WGdCZjFNOHVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy80ZDUyOTUtZjhmMi00ZTA1LWFkZDAtNTE5Nzk1YTIyNTAy
LzEvY005ZWFYeGdsSzIydkpjVmF6WGdCZjFNOHVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADcURbe/i
Tz7LvAWHog6eZkiGxnJB8xihNJDgEQryS3dj7jDwdO9oR/R7MftpWVmCshfnwKu6
ZldyJgtpsmxufpTRF7isbTSzswr+XnDS/KrDV9bOHxI2ZXEMJfHujkOyIqu67Xxe
j7oa1yoAQ/VqKWnTfWnEaDMv8d9QFSVK3HlHB3I1ae1r6EtyyoMT7RiwWkmyiV9P
SiGMoFoUzvoY+zUw/ZmY8X8HIFS5CdkPqv3G39T+8j7AsmM7T9wGCYbAPzRXVs1v
wxXlJz1/kwk4b7zd4WE8Auv5HeLi9tliVEDfyYInTN8om2JoMXl+WyLxJBPehG8R
dLF4F3p/L130jw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 16:53:03 2025 by rpki-client