Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.mft
File: CgIUob8dOv0t1msjqZcxBrXTFso.mft (raw, json)
Hash identifier: jMZjITtP5YrzfMisCZdIO62pYXJyoisCpnb1bi0eSfU=
Subject key identifier: 5A:CC:FE:EB:8E:66:B2:99:E9:E7:8F:45:C5:2F:86:40:2F:B2:03:C6
Authority key identifier: 0A:02:14:A1:BF:1D:3A:FD:2D:D6:6B:23:A9:97:31:06:B5:D3:16:CA
Certificate issuer: /CN=0a0214a1bf1d3afd2dd66b23a9973106b5d316ca
Certificate serial: 019A725C6C666E6908DD544CBEF5731D49B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.mft
Manifest number: 1201
Signing time: Tue 11 Nov 2025 10:00:50 +0000
Manifest this update: Tue 11 Nov 2025 10:00:50 +0000
Manifest next update: Wed 12 Nov 2025 10:00:50 +0000
Files and hashes: 1: CgIUob8dOv0t1msjqZcxBrXTFso.crl (hash: MznwuzepQvLoIl5F7vrOaVvdLV/ooa2VmRLn8oD4OHc=)
2: EaaXkbC8P0tMcWH8_B2AeHqJuik.roa (hash: Agyi8/XYUtn0V9u60ReeITYzaWhDJOT1A+JDHxK163o=)
3: iRncY0RPMdG6ZS1FNbvbNQvbM88.roa (hash: cZd3pDxm+3G7IN3N9+ceJiYJz5MHexdMYYiB+WqQjOw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.mft
rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:6c:66:6e:69:08:dd:54:4c:be:f5:73:1d:49:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a0214a1bf1d3afd2dd66b23a9973106b5d316ca
Validity
Not Before: Nov 11 10:00:50 2025 GMT
Not After : Nov 12 10:00:50 2025 GMT
Subject: CN=5accfeeb8e66b299e9e78f45c52f86402fb203c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:96:22:0e:30:f3:62:c9:d2:56:9c:9e:75:4d:
b8:9f:31:4c:5b:55:38:db:ec:bd:d7:72:21:4d:02:
33:64:a7:54:df:68:c3:0c:9d:88:ad:78:d0:ac:f7:
22:c6:ba:17:ed:8f:b5:c1:0d:2e:08:f4:53:3c:95:
e4:a8:e1:02:c3:d8:99:f9:ad:fd:fe:97:5f:28:22:
7d:4f:71:b5:52:ad:12:b9:e3:ae:f8:da:87:fd:52:
bf:7c:8f:93:22:77:59:43:59:91:c8:e8:c2:9d:9d:
45:64:20:43:5b:80:0b:11:f0:71:20:8a:b4:6b:34:
1c:a9:f7:af:7f:bf:b0:f8:3e:96:42:ff:07:de:6f:
d2:70:4b:62:9b:83:0a:0d:26:0d:5c:aa:a7:d1:ef:
00:9a:a2:7a:82:98:fe:2b:47:23:07:7c:7f:33:2e:
17:61:ca:c0:e7:db:28:e5:ce:8f:d3:7e:c8:8a:a1:
5a:e8:22:79:62:ea:95:bd:a8:7d:bd:85:65:e8:aa:
a2:44:46:56:1d:a8:9a:7c:c4:46:e4:43:1a:d6:3a:
8f:71:a9:31:89:4a:1d:01:6d:5d:92:d9:9c:90:4d:
d2:ed:fe:66:87:7d:17:8b:81:a3:88:d2:b7:c8:75:
3a:99:4f:4c:6e:69:66:33:b1:84:bb:f1:83:0d:e2:
76:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:CC:FE:EB:8E:66:B2:99:E9:E7:8F:45:C5:2F:86:40:2F:B2:03:C6
X509v3 Authority Key Identifier:
keyid:0A:02:14:A1:BF:1D:3A:FD:2D:D6:6B:23:A9:97:31:06:B5:D3:16:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
03:a8:66:5b:f6:47:14:06:c1:34:51:16:0a:9c:2b:09:17:16:
0f:46:9c:fe:b2:42:8b:46:bf:b0:b7:bc:49:25:b1:33:56:c3:
59:4f:09:8c:04:d1:66:4b:6b:7e:39:4b:bf:1d:f0:4d:59:58:
48:23:fb:1e:2a:c4:71:af:78:eb:ed:44:e5:77:ef:f3:f7:54:
b5:45:1d:11:79:ec:03:db:87:3c:67:60:6b:50:93:1e:12:0f:
8e:61:16:96:ca:90:58:bc:56:80:bd:6a:a3:c0:8b:d0:06:66:
70:41:7f:7d:f6:59:a9:79:34:99:6a:68:58:1c:d4:62:dc:aa:
96:91:7e:f6:91:85:d5:86:59:f7:14:96:c1:64:e9:8b:7c:a0:
58:97:07:42:90:4e:72:37:af:63:30:c9:84:4d:03:57:d9:f8:
10:8d:95:32:05:c2:1a:d3:77:47:b0:d5:7f:eb:04:07:e4:63:
8f:fc:5e:ed:6e:da:6c:cd:73:cd:c8:e3:06:26:b9:36:7a:5f:
0d:62:7c:89:4c:54:97:41:b3:be:60:08:75:6c:4e:1e:04:88:
e0:22:82:8f:7a:c9:d1:fb:f3:fb:9d:8f:99:48:26:83:c3:43:
a6:d2:57:85:34:62:3a:76:e9:90:6a:df:83:e1:89:a9:88:84:
3b:54:37:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXGxmbmkI3VRMvvVzHUmwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMDIxNGExYmYxZDNhZmQyZGQ2NmIyM2E5OTczMTA2YjVk
MzE2Y2EwHhcNMjUxMTExMTAwMDUwWhcNMjUxMTEyMTAwMDUwWjAzMTEwLwYDVQQD
Eyg1YWNjZmVlYjhlNjZiMjk5ZTllNzhmNDVjNTJmODY0MDJmYjIwM2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpYiDjDzYsnSVpyedU24nzFMW1U4
2+y913IhTQIzZKdU32jDDJ2IrXjQrPcixroX7Y+1wQ0uCPRTPJXkqOECw9iZ+a39
/pdfKCJ9T3G1Uq0SueOu+NqH/VK/fI+TIndZQ1mRyOjCnZ1FZCBDW4ALEfBxIIq0
azQcqfevf7+w+D6WQv8H3m/ScEtim4MKDSYNXKqn0e8AmqJ6gpj+K0cjB3x/My4X
YcrA59so5c6P037IiqFa6CJ5YuqVvah9vYVl6KqiREZWHaiafMRG5EMa1jqPcakx
iUodAW1dktmckE3S7f5mh30Xi4GjiNK3yHU6mU9MbmlmM7GEu/GDDeJ2ewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFrM/uuOZrKZ6eePRcUvhkAvsgPGMB8GA1UdIwQY
MBaAFAoCFKG/HTr9LdZrI6mXMQa10xbKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2dJVW9iOGRPdjB0MW1zanFaY3hCclhURnNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8wNGVjYzAtNjYzYy00NjBlLTkyMGQt
MzMyZWU1NDI1YzdhLzEvQ2dJVW9iOGRPdjB0MW1zanFaY3hCclhURnNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8wNGVjYzAtNjYzYy00NjBlLTkyMGQtMzMyZWU1NDI1Yzdh
LzEvQ2dJVW9iOGRPdjB0MW1zanFaY3hCclhURnNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA6hmW/ZH
FAbBNFEWCpwrCRcWD0ac/rJCi0a/sLe8SSWxM1bDWU8JjATRZktrfjlLvx3wTVlY
SCP7HirEca946+1E5Xfv8/dUtUUdEXnsA9uHPGdga1CTHhIPjmEWlsqQWLxWgL1q
o8CL0AZmcEF/ffZZqXk0mWpoWBzUYtyqlpF+9pGF1YZZ9xSWwWTpi3ygWJcHQpBO
cjevYzDJhE0DV9n4EI2VMgXCGtN3R7DVf+sEB+Rjj/xe7W7abM1zzcjjBia5Nnpf
DWJ8iUxUl0GzvmAIdWxOHgSI4CKCj3rJ0fvz+52PmUgmg8NDptJXhTRiOnbpkGrf
g+GJqYiEO1Q3iQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 16:46:16 2025 by rpki-client