Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.mft
File: CnAgLDEt0sem_8MXqobk4gaSSaY.mft (raw, json)
Hash identifier: GOd/ZCYkPdtBO64EnhQ/zAv+wCBwJpkkZI62LjCfa/8=
Subject key identifier: BB:2C:41:83:29:CF:24:82:24:16:05:21:7F:63:86:DC:0D:33:D6:F6
Authority key identifier: 0A:70:20:2C:31:2D:D2:C7:A6:FF:C3:17:AA:86:E4:E2:06:92:49:A6
Certificate issuer: /CN=0a70202c312dd2c7a6ffc317aa86e4e2069249a6
Certificate serial: 019A255392BAB057656A365C650F57A6BAE6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CnAgLDEt0sem_8MXqobk4gaSSaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.mft
Manifest number: 0A24
Signing time: Mon 27 Oct 2025 11:00:25 +0000
Manifest this update: Mon 27 Oct 2025 11:00:25 +0000
Manifest next update: Tue 28 Oct 2025 11:00:25 +0000
Files and hashes: 1: CnAgLDEt0sem_8MXqobk4gaSSaY.crl (hash: aMsSwbWM3svsqHwPohpAuROL20B2p2qCEdGsBmTZy5Q=)
2: eTuN91J09OBNoZtxEtruVhH4DbY.roa (hash: F1iOkNAfZrkXFWgz/sdsk9Ul6Wkc9BDyHiaUC1recQY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.mft
rsync://rpki.ripe.net/repository/DEFAULT/CnAgLDEt0sem_8MXqobk4gaSSaY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 11:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:25:53:92:ba:b0:57:65:6a:36:5c:65:0f:57:a6:ba:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a70202c312dd2c7a6ffc317aa86e4e2069249a6
Validity
Not Before: Oct 27 11:00:25 2025 GMT
Not After : Oct 28 11:00:25 2025 GMT
Subject: CN=bb2c418329cf2482241605217f6386dc0d33d6f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:44:e6:58:78:d3:84:a9:6b:42:f8:04:a6:08:
2b:7a:9b:87:0e:5c:3a:ad:a9:30:30:54:7f:43:11:
67:d1:f5:cd:7a:d9:32:77:6b:27:3d:ae:35:69:93:
ef:69:f1:64:78:83:58:48:e3:2b:f2:b4:e7:71:eb:
4e:fc:40:f4:4f:59:87:72:eb:8f:fe:42:73:e6:6f:
1c:5e:ef:55:75:25:cf:42:e7:68:e7:a6:79:d5:1d:
37:01:75:52:45:21:40:8c:d0:e3:8e:d5:f9:eb:f2:
c8:8f:45:a7:5d:56:57:52:55:9f:aa:c4:88:08:cb:
37:f5:39:33:7f:2a:92:eb:e3:eb:47:b0:69:81:91:
36:a1:e1:47:b5:3c:bf:37:37:a5:e7:41:ab:73:54:
45:fe:0e:c8:1d:b2:88:d2:cb:dd:17:8b:f7:0a:53:
98:51:e9:2f:43:64:6a:f9:18:c2:4c:98:b4:0b:ce:
81:2c:9f:5d:ce:fd:c6:34:f0:a1:10:44:f9:7a:ef:
bb:8e:cd:25:50:4b:87:59:0f:f0:02:3b:e7:dd:ac:
38:da:50:65:e2:d2:79:f8:e1:41:08:47:ba:52:e2:
8c:48:d1:fd:e7:7a:2d:49:1b:8d:19:5e:56:db:52:
26:3c:e4:65:8b:d8:27:f7:bb:a7:ef:a1:54:db:b5:
55:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:2C:41:83:29:CF:24:82:24:16:05:21:7F:63:86:DC:0D:33:D6:F6
X509v3 Authority Key Identifier:
keyid:0A:70:20:2C:31:2D:D2:C7:A6:FF:C3:17:AA:86:E4:E2:06:92:49:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnAgLDEt0sem_8MXqobk4gaSSaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ab:7c:b7:cb:71:5d:01:35:4e:24:c4:a9:ca:00:59:88:bf:a4:
c9:d7:8f:ca:19:a1:8e:17:53:33:fd:b3:d5:3d:98:09:9f:db:
29:23:b6:b3:0b:73:1a:ca:d9:15:45:06:c4:26:4a:3b:4b:03:
e7:b0:c8:0a:eb:41:f0:8d:ed:2c:5a:ab:70:cb:09:b5:79:f5:
07:73:49:7c:2f:87:39:01:8b:06:30:07:5d:53:8e:55:2a:1b:
4d:8a:be:b3:fb:3f:40:73:7a:0c:1a:56:02:93:81:d3:21:5d:
8e:82:57:ff:60:ee:82:9e:ef:08:40:c9:02:a5:56:28:9f:01:
ee:7f:48:b6:f9:2e:77:7d:a5:62:36:86:77:ac:b0:5c:d9:46:
39:f9:cd:63:7a:92:57:b8:71:17:61:71:e0:44:4b:e6:ae:60:
d0:62:e9:24:97:67:b8:ab:b6:c0:6d:6a:1e:de:64:2b:3f:96:
cc:91:14:88:b2:21:98:8d:08:9f:92:6f:d5:92:bb:2d:c2:a7:
bf:30:55:c9:a0:48:0f:f5:fa:95:72:23:e3:12:3e:03:97:8d:
15:3f:b0:be:0b:72:74:64:c9:c1:93:df:1b:e4:65:ec:f7:dd:
f3:f0:20:40:fd:f2:1a:f5:e9:e1:fc:47:f0:92:3b:f8:5d:7a:
d2:d6:11:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZolU5K6sFdlajZcZQ9XprrmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNzAyMDJjMzEyZGQyYzdhNmZmYzMxN2FhODZlNGUyMDY5
MjQ5YTYwHhcNMjUxMDI3MTEwMDI1WhcNMjUxMDI4MTEwMDI1WjAzMTEwLwYDVQQD
EyhiYjJjNDE4MzI5Y2YyNDgyMjQxNjA1MjE3ZjYzODZkYzBkMzNkNmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUTmWHjThKlrQvgEpggrepuHDlw6
rakwMFR/QxFn0fXNetkyd2snPa41aZPvafFkeINYSOMr8rTncetO/ED0T1mHcuuP
/kJz5m8cXu9VdSXPQudo56Z51R03AXVSRSFAjNDjjtX56/LIj0WnXVZXUlWfqsSI
CMs39TkzfyqS6+PrR7BpgZE2oeFHtTy/Nzel50Grc1RF/g7IHbKI0svdF4v3ClOY
UekvQ2Rq+RjCTJi0C86BLJ9dzv3GNPChEET5eu+7js0lUEuHWQ/wAjvn3aw42lBl
4tJ5+OFBCEe6UuKMSNH953otSRuNGV5W21ImPORli9gn97un76FU27VVHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLssQYMpzySCJBYFIX9jhtwNM9b2MB8GA1UdIwQY
MBaAFApwICwxLdLHpv/DF6qG5OIGkkmmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ25BZ0xERXQwc2VtXzhNWHFvYms0Z2FTU2FZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS84ZmY2OTctNTdmYy00MGZmLThhNTMt
NjhjODQ5Mjc3ZDczLzEvQ25BZ0xERXQwc2VtXzhNWHFvYms0Z2FTU2FZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS84ZmY2OTctNTdmYy00MGZmLThhNTMtNjhjODQ5Mjc3ZDcz
LzEvQ25BZ0xERXQwc2VtXzhNWHFvYms0Z2FTU2FZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq3y3y3Fd
ATVOJMSpygBZiL+kydePyhmhjhdTM/2z1T2YCZ/bKSO2swtzGsrZFUUGxCZKO0sD
57DICutB8I3tLFqrcMsJtXn1B3NJfC+HOQGLBjAHXVOOVSobTYq+s/s/QHN6DBpW
ApOB0yFdjoJX/2Dugp7vCEDJAqVWKJ8B7n9Itvkud32lYjaGd6ywXNlGOfnNY3qS
V7hxF2Fx4ERL5q5g0GLpJJdnuKu2wG1qHt5kKz+WzJEUiLIhmI0In5Jv1ZK7LcKn
vzBVyaBID/X6lXIj4xI+A5eNFT+wvgtydGTJwZPfG+Rl7Pfd8/AgQP3yGvXp4fxH
8JI7+F160tYRJg==
-----END CERTIFICATE-----
Generated at Mon Oct 27 21:06:08 2025 by rpki-client