Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.mft
File: cBKlLoiwGDLPDuN8zath3s59EsY.mft (raw, json)
Hash identifier: 8vNvu0ayhiA+ditQjs0rcO3fUS/ez4qmYhtSfM0vWmA=
Subject key identifier: B4:46:50:C5:93:46:63:B6:E5:0B:96:0B:CD:A3:B7:2F:BB:DF:90:A3
Authority key identifier: 70:12:A5:2E:88:B0:18:32:CF:0E:E3:7C:CD:AB:61:DE:CE:7D:12:C6
Certificate issuer: /CN=7012a52e88b01832cf0ee37ccdab61dece7d12c6
Certificate serial: 019924441AB9D8F82DE386FD16BAD6F4DA92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cBKlLoiwGDLPDuN8zath3s59EsY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.mft
Manifest number: 0AF3
Signing time: Sun 07 Sep 2025 13:01:06 +0000
Manifest this update: Sun 07 Sep 2025 13:01:06 +0000
Manifest next update: Mon 08 Sep 2025 13:01:06 +0000
Files and hashes: 1: cBKlLoiwGDLPDuN8zath3s59EsY.crl (hash: jAAHP2Q73vBTLfWy90pVH3DgbC9BVncbEsVsvGXV2xM=)
2: muE7z7bw5WUF44PtXee-WtjAnUQ.roa (hash: eOTAuS8cb5e4NeqERvCCoU2l75Ey2kGH2CxTpug1Tes=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.mft
rsync://rpki.ripe.net/repository/DEFAULT/cBKlLoiwGDLPDuN8zath3s59EsY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:24:44:1a:b9:d8:f8:2d:e3:86:fd:16:ba:d6:f4:da:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7012a52e88b01832cf0ee37ccdab61dece7d12c6
Validity
Not Before: Sep 7 13:01:06 2025 GMT
Not After : Sep 8 13:01:06 2025 GMT
Subject: CN=b44650c5934663b6e50b960bcda3b72fbbdf90a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a6:5e:65:3a:d7:9e:c8:f2:f8:1e:ce:f5:0d:
53:de:1b:e2:1c:9b:e4:87:2e:1c:27:5e:0d:67:49:
3a:54:c9:2e:3e:f7:dd:ec:4d:e4:ac:f1:79:3b:fe:
c1:03:01:47:0d:9d:79:dd:5b:5b:c5:02:6f:99:e0:
7f:8c:75:c8:80:0c:93:bf:7d:1d:ef:ed:a6:c8:42:
f7:e6:1d:cb:1f:ba:dd:30:18:bb:e2:fc:cc:b7:47:
b3:67:86:e4:38:43:e2:36:98:c2:04:e5:30:fa:e1:
ed:60:c4:e9:a5:05:b7:a2:9b:56:d8:57:92:92:b6:
28:21:41:07:e2:6f:92:8b:72:a1:b2:21:9a:65:cf:
09:cf:46:20:eb:58:db:19:78:da:8b:11:31:a1:23:
0c:6b:fa:6e:29:95:73:f5:06:9d:2e:78:dc:0a:82:
d1:cc:c6:1d:77:8b:e3:25:fc:31:c7:da:b8:2e:ef:
49:83:5a:b4:22:23:b9:d9:9f:cf:9d:67:d3:25:0e:
82:2d:e8:07:7f:96:51:bc:a2:46:c1:12:80:13:bc:
26:61:37:58:11:8b:89:db:cb:9c:75:7b:c4:bb:55:
08:9d:d2:dd:f3:7e:ba:9b:fe:67:ae:b6:53:ee:e7:
65:dd:ed:80:ea:bf:8d:0c:47:d2:5f:0f:1e:e8:02:
3d:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:46:50:C5:93:46:63:B6:E5:0B:96:0B:CD:A3:B7:2F:BB:DF:90:A3
X509v3 Authority Key Identifier:
keyid:70:12:A5:2E:88:B0:18:32:CF:0E:E3:7C:CD:AB:61:DE:CE:7D:12:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cBKlLoiwGDLPDuN8zath3s59EsY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:ef:1e:e4:c9:a1:07:8c:71:2c:0c:1c:c9:26:62:1f:f3:ac:
89:cf:87:dc:5a:00:db:37:f1:82:1f:2e:45:b0:d5:fb:17:90:
ac:f2:95:18:60:66:94:26:a6:a3:80:46:29:ec:c2:8a:71:bc:
75:f0:33:9e:98:38:68:5b:cf:ba:84:e5:c3:ea:4c:e8:09:18:
88:4e:f0:8d:f9:9c:de:46:87:be:f9:31:7d:f4:2f:b1:b3:57:
3e:c0:9c:b0:9e:71:40:1b:4f:ad:90:1c:cb:2f:3d:ed:10:82:
55:1b:e7:a3:55:52:63:05:46:5c:8c:32:80:97:a9:34:a2:10:
61:96:4d:3a:f4:3d:ff:e1:76:64:c9:b6:de:a0:fe:08:78:80:
a3:f0:76:61:b6:2b:c1:1f:19:2b:34:7f:b5:35:60:b3:82:4c:
88:73:c7:18:d2:a4:aa:43:5f:a5:1a:84:db:be:63:6b:8a:54:
cd:1f:a0:ba:d0:f2:ad:e7:14:6a:2c:d2:ca:2d:5c:b8:1e:12:
4d:ee:9e:38:3a:ef:29:9b:3e:9b:e4:d1:65:40:d8:50:e5:7f:
92:80:50:70:b0:f4:26:4e:21:63:03:ad:4b:ef:e6:68:01:c7:
be:82:8d:6a:fd:58:60:6f:d4:5d:11:65:01:86:26:d8:1a:ac:
28:26:50:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkkRBq52Pgt44b9FrrW9NqSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMTJhNTJlODhiMDE4MzJjZjBlZTM3Y2NkYWI2MWRlY2U3
ZDEyYzYwHhcNMjUwOTA3MTMwMTA2WhcNMjUwOTA4MTMwMTA2WjAzMTEwLwYDVQQD
EyhiNDQ2NTBjNTkzNDY2M2I2ZTUwYjk2MGJjZGEzYjcyZmJiZGY5MGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqZeZTrXnsjy+B7O9Q1T3hviHJvk
hy4cJ14NZ0k6VMkuPvfd7E3krPF5O/7BAwFHDZ153VtbxQJvmeB/jHXIgAyTv30d
7+2myEL35h3LH7rdMBi74vzMt0ezZ4bkOEPiNpjCBOUw+uHtYMTppQW3optW2FeS
krYoIUEH4m+Si3KhsiGaZc8Jz0Yg61jbGXjaixExoSMMa/puKZVz9QadLnjcCoLR
zMYdd4vjJfwxx9q4Lu9Jg1q0IiO52Z/PnWfTJQ6CLegHf5ZRvKJGwRKAE7wmYTdY
EYuJ28ucdXvEu1UIndLd8366m/5nrrZT7udl3e2A6r+NDEfSXw8e6AI9uwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLRGUMWTRmO25QuWC82jty+735CjMB8GA1UdIwQY
MBaAFHASpS6IsBgyzw7jfM2rYd7OfRLGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0JLbExvaXdHRExQRHVOOHphdGgzczU5RXNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8wZTU0NWItNDQzZi00Y2ZiLThjMjgt
MzIwMWI4N2YxNDkwLzEvY0JLbExvaXdHRExQRHVOOHphdGgzczU5RXNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8wZTU0NWItNDQzZi00Y2ZiLThjMjgtMzIwMWI4N2YxNDkw
LzEvY0JLbExvaXdHRExQRHVOOHphdGgzczU5RXNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC+8e5Mmh
B4xxLAwcySZiH/Osic+H3FoA2zfxgh8uRbDV+xeQrPKVGGBmlCamo4BGKezCinG8
dfAznpg4aFvPuoTlw+pM6AkYiE7wjfmc3kaHvvkxffQvsbNXPsCcsJ5xQBtPrZAc
yy897RCCVRvno1VSYwVGXIwygJepNKIQYZZNOvQ9/+F2ZMm23qD+CHiAo/B2YbYr
wR8ZKzR/tTVgs4JMiHPHGNKkqkNfpRqE275ja4pUzR+gutDyrecUaizSyi1cuB4S
Te6eODrvKZs+m+TRZUDYUOV/koBQcLD0Jk4hYwOtS+/maAHHvoKNav1YYG/UXRFl
AYYm2BqsKCZQ1Q==
-----END CERTIFICATE-----
Generated at Sun Sep 7 14:42:08 2025 by rpki-client