Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.mft
File: cBKlLoiwGDLPDuN8zath3s59EsY.mft (raw, json)
Hash identifier: 9Z71D9syXs/iTFIEMYIFHblNTUsw3yX8CAwZlUlg0FY=
Subject key identifier: 40:EE:71:4F:DF:46:F0:3C:A2:D3:AC:28:F5:C8:1D:46:F4:5C:56:A2
Authority key identifier: 70:12:A5:2E:88:B0:18:32:CF:0E:E3:7C:CD:AB:61:DE:CE:7D:12:C6
Certificate issuer: /CN=7012a52e88b01832cf0ee37ccdab61dece7d12c6
Certificate serial: 019A725C6703594D1C7C6611655C1099F31A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cBKlLoiwGDLPDuN8zath3s59EsY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.mft
Manifest number: 0BA0
Signing time: Tue 11 Nov 2025 10:00:49 +0000
Manifest this update: Tue 11 Nov 2025 10:00:49 +0000
Manifest next update: Wed 12 Nov 2025 10:00:49 +0000
Files and hashes: 1: cBKlLoiwGDLPDuN8zath3s59EsY.crl (hash: AzyZA/fT/R9Vbcv7xy4J+Y4NeSHhu4k53ZnzBc5NJFE=)
2: muE7z7bw5WUF44PtXee-WtjAnUQ.roa (hash: eOTAuS8cb5e4NeqERvCCoU2l75Ey2kGH2CxTpug1Tes=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.mft
rsync://rpki.ripe.net/repository/DEFAULT/cBKlLoiwGDLPDuN8zath3s59EsY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:67:03:59:4d:1c:7c:66:11:65:5c:10:99:f3:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7012a52e88b01832cf0ee37ccdab61dece7d12c6
Validity
Not Before: Nov 11 10:00:49 2025 GMT
Not After : Nov 12 10:00:49 2025 GMT
Subject: CN=40ee714fdf46f03ca2d3ac28f5c81d46f45c56a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:36:54:f7:7c:af:b0:10:62:16:93:eb:f4:8b:
b6:ab:be:fa:1d:e7:4b:3c:47:80:b4:c6:17:54:0c:
55:5a:94:ff:f6:40:7d:8b:e0:9d:46:7e:f9:09:e8:
b9:ed:e8:9b:a7:d2:b8:6d:85:ad:12:94:c0:bb:e1:
60:ce:5c:bb:88:e0:5a:e6:06:d4:54:38:c4:e2:9b:
06:f1:b6:36:65:68:93:f1:ff:9a:1b:b4:e0:75:d3:
91:f5:ac:6c:88:74:61:43:0d:bc:33:35:2c:50:42:
83:fe:ea:a1:5d:c6:79:f9:28:aa:04:9c:b0:7f:a1:
20:5d:17:48:0f:81:54:cc:0f:c4:b4:76:3c:4a:2f:
00:3d:bd:6b:53:dd:76:30:b9:7b:3a:c2:d7:af:03:
cf:71:21:12:00:b6:a7:88:c7:5b:ee:ee:df:c8:62:
fe:be:06:a7:87:51:80:c2:46:f8:42:48:37:7f:6a:
00:26:49:13:10:1e:bd:3d:fe:96:26:a6:cd:8f:48:
e5:81:ce:44:20:d9:a0:1c:1c:f4:14:54:73:c9:5d:
7f:c9:92:79:38:fa:cf:9b:11:8d:10:24:7f:46:90:
c3:96:2e:ec:20:37:7c:e5:c4:58:66:5e:95:75:1f:
84:37:02:bd:fa:7f:d8:82:c4:ae:69:e2:0c:92:66:
e3:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:EE:71:4F:DF:46:F0:3C:A2:D3:AC:28:F5:C8:1D:46:F4:5C:56:A2
X509v3 Authority Key Identifier:
keyid:70:12:A5:2E:88:B0:18:32:CF:0E:E3:7C:CD:AB:61:DE:CE:7D:12:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cBKlLoiwGDLPDuN8zath3s59EsY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:71:41:73:7b:91:f1:e0:30:bc:83:07:0e:ff:70:eb:9b:c9:
1a:fb:be:55:56:fc:18:89:56:9a:77:22:d8:5c:15:75:0a:12:
ef:a2:c9:55:bd:25:c5:20:63:86:45:67:cf:f1:9e:38:b3:24:
a7:31:a9:06:1f:dc:59:19:92:3b:a6:70:02:d8:02:e5:a7:6d:
ec:de:c4:ce:50:c7:b7:5f:81:56:4d:7f:13:46:44:b9:d2:b6:
cb:87:f3:c4:c8:17:da:81:cc:f4:b5:b7:78:e9:58:22:4a:a2:
05:ea:fb:a8:09:9b:ca:82:fb:76:9d:26:3e:a6:52:a8:64:94:
5b:1c:78:8c:c6:5d:04:d4:b0:98:34:71:8f:77:cd:0c:2d:b0:
eb:75:d8:6d:50:1d:48:ad:26:9f:03:73:32:5c:30:5d:fb:41:
78:59:a8:20:80:94:45:ef:d7:72:85:9d:c9:92:e2:70:fd:1b:
36:88:0d:6c:04:81:d7:68:28:b5:aa:07:ee:c3:e6:3f:99:65:
45:5d:3b:3c:bf:4f:ee:f3:00:96:e8:f1:e0:4f:57:cc:14:6d:
dc:a6:18:e0:2e:c6:58:5d:34:10:b3:f3:b4:00:70:d4:e8:b3:
af:1c:fb:0b:df:e7:f2:ab:d3:82:ac:9d:7a:30:28:39:9f:f3:
bc:57:f4:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXGcDWU0cfGYRZVwQmfMaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMTJhNTJlODhiMDE4MzJjZjBlZTM3Y2NkYWI2MWRlY2U3
ZDEyYzYwHhcNMjUxMTExMTAwMDQ5WhcNMjUxMTEyMTAwMDQ5WjAzMTEwLwYDVQQD
Eyg0MGVlNzE0ZmRmNDZmMDNjYTJkM2FjMjhmNWM4MWQ0NmY0NWM1NmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjZU93yvsBBiFpPr9Iu2q776HedL
PEeAtMYXVAxVWpT/9kB9i+CdRn75Cei57eibp9K4bYWtEpTAu+Fgzly7iOBa5gbU
VDjE4psG8bY2ZWiT8f+aG7TgddOR9axsiHRhQw28MzUsUEKD/uqhXcZ5+SiqBJyw
f6EgXRdID4FUzA/EtHY8Si8APb1rU912MLl7OsLXrwPPcSESALaniMdb7u7fyGL+
vganh1GAwkb4Qkg3f2oAJkkTEB69Pf6WJqbNj0jlgc5EINmgHBz0FFRzyV1/yZJ5
OPrPmxGNECR/RpDDli7sIDd85cRYZl6VdR+ENwK9+n/YgsSuaeIMkmbjAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEDucU/fRvA8otOsKPXIHUb0XFaiMB8GA1UdIwQY
MBaAFHASpS6IsBgyzw7jfM2rYd7OfRLGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0JLbExvaXdHRExQRHVOOHphdGgzczU5RXNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8wZTU0NWItNDQzZi00Y2ZiLThjMjgt
MzIwMWI4N2YxNDkwLzEvY0JLbExvaXdHRExQRHVOOHphdGgzczU5RXNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8wZTU0NWItNDQzZi00Y2ZiLThjMjgtMzIwMWI4N2YxNDkw
LzEvY0JLbExvaXdHRExQRHVOOHphdGgzczU5RXNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh3FBc3uR
8eAwvIMHDv9w65vJGvu+VVb8GIlWmnci2FwVdQoS76LJVb0lxSBjhkVnz/GeOLMk
pzGpBh/cWRmSO6ZwAtgC5adt7N7EzlDHt1+BVk1/E0ZEudK2y4fzxMgX2oHM9LW3
eOlYIkqiBer7qAmbyoL7dp0mPqZSqGSUWxx4jMZdBNSwmDRxj3fNDC2w63XYbVAd
SK0mnwNzMlwwXftBeFmoIICURe/XcoWdyZLicP0bNogNbASB12gotaoH7sPmP5ll
RV07PL9P7vMAlujx4E9XzBRt3KYY4C7GWF00ELPztABw1Oizrxz7C9/n8qvTgqyd
ejAoOZ/zvFf0Ww==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:46:20 2025 by rpki-client