Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.mft
File: CgIUob8dOv0t1msjqZcxBrXTFso.mft (raw, json)
Hash identifier: wkvgPzYmhKhDqiVVw4950pesvGbgp/KikCGqC33R4G8=
Subject key identifier: 48:02:6D:A9:52:B5:87:15:14:FA:8B:05:8A:38:FD:12:C0:3B:D5:3E
Authority key identifier: 0A:02:14:A1:BF:1D:3A:FD:2D:D6:6B:23:A9:97:31:06:B5:D3:16:CA
Certificate issuer: /CN=0a0214a1bf1d3afd2dd66b23a9973106b5d316ca
Certificate serial: 01992255EA4619B47FC8C20CA9A9CDEDF1C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.mft
Manifest number: 1153
Signing time: Sun 07 Sep 2025 04:01:19 +0000
Manifest this update: Sun 07 Sep 2025 04:01:19 +0000
Manifest next update: Mon 08 Sep 2025 04:01:19 +0000
Files and hashes: 1: CgIUob8dOv0t1msjqZcxBrXTFso.crl (hash: UTOpu4FJzZmKTCufYINS4XXhBOctrbnOzAzyGPQXlfM=)
2: EaaXkbC8P0tMcWH8_B2AeHqJuik.roa (hash: Agyi8/XYUtn0V9u60ReeITYzaWhDJOT1A+JDHxK163o=)
3: iRncY0RPMdG6ZS1FNbvbNQvbM88.roa (hash: cZd3pDxm+3G7IN3N9+ceJiYJz5MHexdMYYiB+WqQjOw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.mft
rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 04:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:55:ea:46:19:b4:7f:c8:c2:0c:a9:a9:cd:ed:f1:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a0214a1bf1d3afd2dd66b23a9973106b5d316ca
Validity
Not Before: Sep 7 04:01:19 2025 GMT
Not After : Sep 8 04:01:19 2025 GMT
Subject: CN=48026da952b5871514fa8b058a38fd12c03bd53e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:23:27:57:ed:34:2f:e6:5e:fe:3a:c4:4e:9b:
fb:e1:cf:67:27:99:5b:6d:af:f7:3e:2a:2c:f0:d9:
7a:d6:6b:94:9d:fb:cb:05:60:17:0c:e9:a3:21:8c:
8a:eb:41:4d:c5:dd:28:30:e4:86:85:5b:1c:19:de:
29:45:d8:6d:d0:2b:8d:dc:88:4f:8e:96:48:4b:90:
19:67:6b:8c:e7:f3:0a:09:ab:22:b7:d5:da:ea:d9:
85:21:0c:cb:4e:7a:6a:5b:e5:38:41:07:af:2c:3d:
97:0c:d6:f2:7d:30:bb:44:07:8b:53:81:09:65:a9:
aa:39:84:17:a6:96:af:de:21:c8:19:f3:2b:c9:a0:
92:d2:38:34:ab:67:9d:bf:2d:b1:c2:b5:f0:91:7d:
b4:79:f0:b5:04:78:29:66:67:b3:3c:e6:3c:44:5d:
10:5d:ad:d3:e8:37:c9:c6:59:07:0f:9f:90:55:5c:
7e:4d:58:0c:8b:9e:8f:22:c9:2d:6f:3b:9f:d4:bf:
b6:46:ba:26:d4:0e:26:73:0f:49:f8:66:c7:91:45:
3b:c4:b0:55:7b:54:b1:48:e2:ad:3c:dd:5c:28:ea:
d6:38:da:c4:35:60:7a:ff:7b:2a:87:95:cf:e3:63:
6e:f3:d8:40:59:89:44:2c:fc:46:c3:b0:40:3d:89:
61:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:02:6D:A9:52:B5:87:15:14:FA:8B:05:8A:38:FD:12:C0:3B:D5:3E
X509v3 Authority Key Identifier:
keyid:0A:02:14:A1:BF:1D:3A:FD:2D:D6:6B:23:A9:97:31:06:B5:D3:16:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0d:c9:6b:77:ae:f0:06:3a:91:ce:c1:ad:bd:d2:f3:63:6b:f8:
5d:62:f5:3a:b5:93:3b:92:59:5b:90:6c:ae:f2:c0:a1:80:5c:
1d:a5:e9:f0:f5:41:9d:28:c4:ff:09:4b:ac:b1:b9:12:65:5d:
e0:cd:1e:d8:d3:fb:7c:8b:39:e6:33:85:4d:de:ce:15:fb:eb:
21:1f:63:57:41:0b:f5:2f:ea:b3:87:a1:68:83:de:0b:d0:e4:
44:ac:17:45:95:84:ee:41:15:3a:7d:14:de:4f:64:04:b3:35:
a0:db:aa:1f:ce:c1:b2:05:00:a7:a8:6e:a9:5c:e9:48:77:29:
71:7f:5e:dc:3f:38:ca:9f:cb:dc:24:0f:e8:d7:db:b8:93:c2:
ab:1b:93:30:46:d4:c6:ee:8f:3b:1e:73:e1:15:23:1e:30:28:
db:a8:25:1a:68:c6:25:f3:aa:cf:7e:03:68:2f:30:ea:6f:fc:
26:0f:ec:e1:da:19:6b:27:83:3b:7f:36:a4:b9:31:bc:9f:27:
d1:7c:18:b4:e4:1f:3c:80:b2:53:d3:6c:3f:f5:97:4e:4e:9b:
93:cf:e8:16:1a:3c:a5:b1:1b:c8:fb:0e:e7:6c:d9:8b:0a:51:
ec:4e:69:41:6c:a0:d8:bb:d7:3c:98:16:2b:7f:58:c5:0c:95:
7a:80:82:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVepGGbR/yMIMqanN7fHGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMDIxNGExYmYxZDNhZmQyZGQ2NmIyM2E5OTczMTA2YjVk
MzE2Y2EwHhcNMjUwOTA3MDQwMTE5WhcNMjUwOTA4MDQwMTE5WjAzMTEwLwYDVQQD
Eyg0ODAyNmRhOTUyYjU4NzE1MTRmYThiMDU4YTM4ZmQxMmMwM2JkNTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCMnV+00L+Ze/jrETpv74c9nJ5lb
ba/3Pios8Nl61muUnfvLBWAXDOmjIYyK60FNxd0oMOSGhVscGd4pRdht0CuN3IhP
jpZIS5AZZ2uM5/MKCasit9Xa6tmFIQzLTnpqW+U4QQevLD2XDNbyfTC7RAeLU4EJ
ZamqOYQXppav3iHIGfMryaCS0jg0q2edvy2xwrXwkX20efC1BHgpZmezPOY8RF0Q
Xa3T6DfJxlkHD5+QVVx+TVgMi56PIsktbzuf1L+2Rrom1A4mcw9J+GbHkUU7xLBV
e1SxSOKtPN1cKOrWONrENWB6/3sqh5XP42Nu89hAWYlELPxGw7BAPYlhbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEgCbalStYcVFPqLBYo4/RLAO9U+MB8GA1UdIwQY
MBaAFAoCFKG/HTr9LdZrI6mXMQa10xbKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2dJVW9iOGRPdjB0MW1zanFaY3hCclhURnNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8wNGVjYzAtNjYzYy00NjBlLTkyMGQt
MzMyZWU1NDI1YzdhLzEvQ2dJVW9iOGRPdjB0MW1zanFaY3hCclhURnNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8wNGVjYzAtNjYzYy00NjBlLTkyMGQtMzMyZWU1NDI1Yzdh
LzEvQ2dJVW9iOGRPdjB0MW1zanFaY3hCclhURnNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADclrd67w
BjqRzsGtvdLzY2v4XWL1OrWTO5JZW5BsrvLAoYBcHaXp8PVBnSjE/wlLrLG5EmVd
4M0e2NP7fIs55jOFTd7OFfvrIR9jV0EL9S/qs4ehaIPeC9DkRKwXRZWE7kEVOn0U
3k9kBLM1oNuqH87BsgUAp6huqVzpSHcpcX9e3D84yp/L3CQP6NfbuJPCqxuTMEbU
xu6POx5z4RUjHjAo26glGmjGJfOqz34DaC8w6m/8Jg/s4doZayeDO382pLkxvJ8n
0XwYtOQfPICyU9NsP/WXTk6bk8/oFho8pbEbyPsO52zZiwpR7E5pQWyg2LvXPJgW
K39YxQyVeoCCnQ==
-----END CERTIFICATE-----
Generated at Sun Sep 7 11:25:34 2025 by rpki-client