Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/cbf425-b958-4e49-9c96-8356d2d42771/1/6OcnETayGhWK70CdMOLGAB1bDak.mft
File: 6OcnETayGhWK70CdMOLGAB1bDak.mft (raw, json)
Hash identifier: gJle7k16wFSERfFMpAhvfZRMF1mS1IDmQwrnUPIsjU8=
Subject key identifier: B4:2C:1E:B8:03:C4:BB:F6:E8:9E:CE:18:B8:52:14:34:FC:14:90:00
Authority key identifier: E8:E7:27:11:36:B2:1A:15:8A:EF:40:9D:30:E2:C6:00:1D:5B:0D:A9
Certificate issuer: /CN=e8e7271136b21a158aef409d30e2c6001d5b0da9
Certificate serial: 019A21ADF29F4D707737E3698A07DEBABFEE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6OcnETayGhWK70CdMOLGAB1bDak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/cbf425-b958-4e49-9c96-8356d2d42771/1/6OcnETayGhWK70CdMOLGAB1bDak.mft
Manifest number: 104C
Signing time: Sun 26 Oct 2025 18:00:39 +0000
Manifest this update: Sun 26 Oct 2025 18:00:39 +0000
Manifest next update: Mon 27 Oct 2025 18:00:39 +0000
Files and hashes: 1: 6OcnETayGhWK70CdMOLGAB1bDak.crl (hash: U5WdDyiKzsT1y4Z96P3/WIK1cO8kaTrJDje8Uopz48g=)
2: dxgxd6-xP9JkwgZUnUwpf-WY-Kw.roa (hash: hqOsy5iRYOF259KVMk0QtmelCMMCDmkaOIHQ2ucYLWE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/cbf425-b958-4e49-9c96-8356d2d42771/1/6OcnETayGhWK70CdMOLGAB1bDak.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/cbf425-b958-4e49-9c96-8356d2d42771/1/6OcnETayGhWK70CdMOLGAB1bDak.mft
rsync://rpki.ripe.net/repository/DEFAULT/6OcnETayGhWK70CdMOLGAB1bDak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 14:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:21:ad:f2:9f:4d:70:77:37:e3:69:8a:07:de:ba:bf:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8e7271136b21a158aef409d30e2c6001d5b0da9
Validity
Not Before: Oct 26 18:00:39 2025 GMT
Not After : Oct 27 18:00:39 2025 GMT
Subject: CN=b42c1eb803c4bbf6e89ece18b8521434fc149000
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f9:a8:78:c8:3a:20:8d:dc:bb:db:92:00:63:
91:36:7f:4b:92:c6:b2:2c:c0:27:fb:7f:11:0f:06:
73:9a:da:cd:12:98:fb:cd:63:cd:7e:b8:cc:00:a1:
04:3c:b1:8d:fd:ca:08:15:6d:dd:45:ed:5f:8d:02:
1f:7b:68:80:48:48:82:6a:9d:a3:ac:be:85:d6:e7:
cd:5f:61:c2:c8:a2:be:16:1a:1b:06:0e:52:4c:19:
61:d9:1a:2d:7a:44:4a:0d:b7:6a:3d:ac:09:8e:68:
c5:3f:6c:3f:d4:37:6a:6f:da:20:b4:e9:4f:2a:a1:
61:76:30:57:15:65:85:35:d5:40:c0:2b:ab:f4:5b:
02:3f:13:3a:74:58:31:65:ef:c7:a1:21:81:34:3a:
4c:74:9f:e3:27:8b:91:31:7b:11:fd:8d:bf:54:79:
0d:40:4d:a3:99:d3:ac:7e:5c:95:c1:78:8e:71:14:
4d:4e:51:c0:f3:5a:12:cd:99:3c:7d:18:db:63:98:
09:67:cb:a6:eb:ad:49:59:3c:ba:73:80:a0:70:e0:
d7:33:9f:db:9f:a4:6f:ea:99:f5:9f:85:84:4d:f7:
a3:ab:9e:7f:73:77:e3:ec:24:12:96:8f:ef:fa:39:
5e:62:e9:aa:2b:ec:10:a7:d9:a3:ed:7f:8a:b4:79:
51:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:2C:1E:B8:03:C4:BB:F6:E8:9E:CE:18:B8:52:14:34:FC:14:90:00
X509v3 Authority Key Identifier:
keyid:E8:E7:27:11:36:B2:1A:15:8A:EF:40:9D:30:E2:C6:00:1D:5B:0D:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6OcnETayGhWK70CdMOLGAB1bDak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/cbf425-b958-4e49-9c96-8356d2d42771/1/6OcnETayGhWK70CdMOLGAB1bDak.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/cbf425-b958-4e49-9c96-8356d2d42771/1/6OcnETayGhWK70CdMOLGAB1bDak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:fb:83:f4:58:bc:9f:d5:ad:8a:7c:37:43:95:ee:78:0d:60:
ad:3e:81:16:4f:d6:b9:6e:24:6a:ed:8e:55:cd:23:aa:51:53:
35:41:10:bc:db:dd:99:04:10:8a:aa:4a:fe:22:8f:da:a5:2d:
c8:a4:45:c2:4c:4a:bd:40:94:f4:3a:95:3a:93:97:54:9b:f9:
53:e0:c5:4f:6a:cb:cc:ba:d8:79:e9:d0:6d:6b:c1:eb:3f:14:
4b:7c:e0:75:78:1c:7c:42:7c:6d:24:5b:51:bd:54:9f:94:35:
f8:b4:ae:ef:b7:37:d3:ba:13:e2:43:8e:0d:ba:d6:25:52:27:
54:19:84:00:23:d1:f8:27:e3:4e:d6:68:0e:50:79:bc:56:38:
e2:41:6e:1e:d1:b8:f8:eb:b4:b2:bf:09:87:00:af:1a:cc:77:
de:4d:a6:04:7d:cf:d7:e5:7b:1a:fe:cf:10:eb:c4:f6:4b:87:
9e:ab:ff:5c:f6:bc:82:e8:af:cd:07:b3:a2:ff:4f:fa:f9:2d:
be:dd:17:e0:6d:fa:a8:2b:8a:a4:38:c5:73:fc:0f:04:ca:6b:
b7:91:25:77:81:78:53:1f:b7:ae:92:62:74:90:77:5b:96:aa:
0b:7d:a5:db:db:35:eb:99:d9:89:a4:df:9c:12:1c:8c:53:bf:
28:3a:7a:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZohrfKfTXB3N+Npigfeur/uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4ZTcyNzExMzZiMjFhMTU4YWVmNDA5ZDMwZTJjNjAwMWQ1
YjBkYTkwHhcNMjUxMDI2MTgwMDM5WhcNMjUxMDI3MTgwMDM5WjAzMTEwLwYDVQQD
EyhiNDJjMWViODAzYzRiYmY2ZTg5ZWNlMThiODUyMTQzNGZjMTQ5MDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfmoeMg6II3cu9uSAGORNn9Lksay
LMAn+38RDwZzmtrNEpj7zWPNfrjMAKEEPLGN/coIFW3dRe1fjQIfe2iASEiCap2j
rL6F1ufNX2HCyKK+FhobBg5STBlh2RotekRKDbdqPawJjmjFP2w/1Ddqb9ogtOlP
KqFhdjBXFWWFNdVAwCur9FsCPxM6dFgxZe/HoSGBNDpMdJ/jJ4uRMXsR/Y2/VHkN
QE2jmdOsflyVwXiOcRRNTlHA81oSzZk8fRjbY5gJZ8um661JWTy6c4CgcODXM5/b
n6Rv6pn1n4WETfejq55/c3fj7CQSlo/v+jleYumqK+wQp9mj7X+KtHlRxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLQsHrgDxLv26J7OGLhSFDT8FJAAMB8GA1UdIwQY
MBaAFOjnJxE2shoViu9AnTDixgAdWw2pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNk9jbkVUYXlHaFdLNzBDZE1PTEdBQjFiRGFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9jYmY0MjUtYjk1OC00ZTQ5LTljOTYt
ODM1NmQyZDQyNzcxLzEvNk9jbkVUYXlHaFdLNzBDZE1PTEdBQjFiRGFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9jYmY0MjUtYjk1OC00ZTQ5LTljOTYtODM1NmQyZDQyNzcx
LzEvNk9jbkVUYXlHaFdLNzBDZE1PTEdBQjFiRGFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZPuD9Fi8
n9Wtinw3Q5XueA1grT6BFk/WuW4kau2OVc0jqlFTNUEQvNvdmQQQiqpK/iKP2qUt
yKRFwkxKvUCU9DqVOpOXVJv5U+DFT2rLzLrYeenQbWvB6z8US3zgdXgcfEJ8bSRb
Ub1Un5Q1+LSu77c307oT4kOODbrWJVInVBmEACPR+CfjTtZoDlB5vFY44kFuHtG4
+Ou0sr8JhwCvGsx33k2mBH3P1+V7Gv7PEOvE9kuHnqv/XPa8guivzQezov9P+vkt
vt0X4G36qCuKpDjFc/wPBMprt5Eld4F4Ux+3rpJidJB3W5aqC32l29s165nZiaTf
nBIcjFO/KDp6Eg==
-----END CERTIFICATE-----
Generated at Mon Oct 27 00:32:02 2025 by rpki-client