Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/8c3fb8-40df-4d5d-9363-504727a50b8e/1/cdm6oCIZQu3-SzqaVwgpXARBboA.mft
File: cdm6oCIZQu3-SzqaVwgpXARBboA.mft (raw, json)
Hash identifier: OBpAIfmcqNoHuTFo5MU4tk8q32wvi2V/CH8VoKeZnRc=
Subject key identifier: BB:CA:48:0E:31:CD:E2:C7:B2:A8:6E:29:8A:2E:C8:EB:63:D0:E5:74
Authority key identifier: 71:D9:BA:A0:22:19:42:ED:FE:4B:3A:9A:57:08:29:5C:04:41:6E:80
Certificate issuer: /CN=71d9baa0221942edfe4b3a9a5708295c04416e80
Certificate serial: 019A71B853FF166CA04033685F0C8FE40ED8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdm6oCIZQu3-SzqaVwgpXARBboA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/8c3fb8-40df-4d5d-9363-504727a50b8e/1/cdm6oCIZQu3-SzqaVwgpXARBboA.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 07:01:36 +0000
Manifest this update: Tue 11 Nov 2025 07:01:36 +0000
Manifest next update: Wed 12 Nov 2025 07:01:36 +0000
Files and hashes: 1: Uqk6ZpOTGE36LT5fcwe3jUUK8bs.roa (hash: 3ocr9qZ6ri2OW2BEWPNTcZs9jR00BhDPO+YzVSk3MLY=)
2: cdm6oCIZQu3-SzqaVwgpXARBboA.crl (hash: C6jKI2f1FUdDckVdxB8FFQkoaDpSdDRJZVz2BGqOMzk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/8c3fb8-40df-4d5d-9363-504727a50b8e/1/cdm6oCIZQu3-SzqaVwgpXARBboA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/8c3fb8-40df-4d5d-9363-504727a50b8e/1/cdm6oCIZQu3-SzqaVwgpXARBboA.mft
rsync://rpki.ripe.net/repository/DEFAULT/cdm6oCIZQu3-SzqaVwgpXARBboA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:53:ff:16:6c:a0:40:33:68:5f:0c:8f:e4:0e:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d9baa0221942edfe4b3a9a5708295c04416e80
Validity
Not Before: Nov 11 07:01:36 2025 GMT
Not After : Nov 12 07:01:36 2025 GMT
Subject: CN=bbca480e31cde2c7b2a86e298a2ec8eb63d0e574
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ff:b6:41:13:24:b6:ce:11:16:52:7e:08:96:
cd:3f:df:5e:46:cc:ae:05:8b:f2:a5:f2:a4:6d:c1:
dd:bd:54:da:81:b0:0a:81:ac:2a:f5:22:54:9a:97:
b2:df:e0:62:0e:12:c1:a5:76:a6:fd:b6:59:ad:c1:
47:9d:20:3e:2e:7d:1d:f7:de:e3:fb:f4:07:3e:03:
9d:33:bf:a5:c0:4c:49:a2:e3:f7:5a:6c:6f:65:27:
0e:f4:b1:40:1f:4a:d2:b7:cf:0f:40:3b:29:88:4c:
0c:a1:cd:6c:d8:fa:74:1f:15:67:90:c0:33:55:72:
f5:51:be:8f:08:49:df:ac:2c:01:7f:bd:96:a2:ff:
8c:99:d2:f6:3e:41:fa:d9:ba:c9:5c:0c:c5:84:4d:
54:39:66:33:48:1d:7d:79:41:f9:08:91:d1:88:d4:
d9:85:33:34:6e:b1:d8:1d:a8:64:90:b5:79:05:7f:
ec:7c:3f:af:99:f6:02:cd:d4:d2:35:e8:85:d0:9a:
2a:96:a1:51:a7:b1:d4:e5:5c:81:f0:09:f0:0e:1e:
b3:4c:5f:42:25:4f:f9:c9:22:24:7f:fa:c0:f2:3c:
8c:d9:64:cb:58:23:15:d8:96:dc:87:93:63:92:a9:
54:c9:f3:b8:f6:e6:7a:6b:b9:9e:d4:d0:54:13:be:
da:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:CA:48:0E:31:CD:E2:C7:B2:A8:6E:29:8A:2E:C8:EB:63:D0:E5:74
X509v3 Authority Key Identifier:
keyid:71:D9:BA:A0:22:19:42:ED:FE:4B:3A:9A:57:08:29:5C:04:41:6E:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdm6oCIZQu3-SzqaVwgpXARBboA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/8c3fb8-40df-4d5d-9363-504727a50b8e/1/cdm6oCIZQu3-SzqaVwgpXARBboA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/8c3fb8-40df-4d5d-9363-504727a50b8e/1/cdm6oCIZQu3-SzqaVwgpXARBboA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
41:56:6b:27:86:e2:02:ff:25:bf:32:85:90:75:1a:d3:e8:1d:
98:c3:60:8d:fb:63:b1:b3:23:e0:72:d8:2e:d1:45:70:09:0b:
9a:f8:00:50:52:33:5a:bb:ae:18:fb:87:46:0c:b0:5d:4b:8b:
57:77:b8:d0:05:04:a5:00:8b:e7:7b:70:78:5b:cd:2e:50:b2:
8b:af:3f:08:b6:e8:28:cd:89:ab:0a:79:41:e6:11:af:ed:97:
18:b2:05:f7:f4:87:e9:81:85:16:de:6b:4a:bd:ef:45:ec:15:
38:fd:b6:14:6c:24:0d:1c:ed:ed:fd:ea:19:b8:fc:d9:dc:47:
44:3f:8c:3e:d0:40:3e:b8:47:03:68:17:66:0c:5c:8b:b7:9c:
59:9f:02:cd:c6:e6:ec:23:b0:b8:b1:08:d2:d4:ca:94:57:ad:
3c:9b:e7:ca:ff:2b:39:4b:a0:4f:89:e8:04:9e:d0:33:91:0e:
01:69:8c:4a:1f:ec:b4:a4:56:6a:b8:df:20:fd:f0:7b:5d:5d:
fc:18:34:d0:6a:fe:d2:18:87:8b:df:08:d1:c3:d7:cc:38:c2:
c9:92:02:07:ba:1f:71:71:34:01:88:42:dd:17:12:9d:aa:d9:
b3:02:6e:f5:d9:1b:05:11:a6:c2:3d:bb:d8:3c:2b:e6:fa:e8:
8e:25:71:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuFP/FmygQDNoXwyP5A7YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxZDliYWEwMjIxOTQyZWRmZTRiM2E5YTU3MDgyOTVjMDQ0
MTZlODAwHhcNMjUxMTExMDcwMTM2WhcNMjUxMTEyMDcwMTM2WjAzMTEwLwYDVQQD
EyhiYmNhNDgwZTMxY2RlMmM3YjJhODZlMjk4YTJlYzhlYjYzZDBlNTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhP+2QRMkts4RFlJ+CJbNP99eRsyu
BYvypfKkbcHdvVTagbAKgawq9SJUmpey3+BiDhLBpXam/bZZrcFHnSA+Ln0d997j
+/QHPgOdM7+lwExJouP3WmxvZScO9LFAH0rSt88PQDspiEwMoc1s2Pp0HxVnkMAz
VXL1Ub6PCEnfrCwBf72Wov+MmdL2PkH62brJXAzFhE1UOWYzSB19eUH5CJHRiNTZ
hTM0brHYHahkkLV5BX/sfD+vmfYCzdTSNeiF0JoqlqFRp7HU5VyB8AnwDh6zTF9C
JU/5ySIkf/rA8jyM2WTLWCMV2Jbch5NjkqlUyfO49uZ6a7me1NBUE77aGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLvKSA4xzeLHsqhuKYouyOtj0OV0MB8GA1UdIwQY
MBaAFHHZuqAiGULt/ks6mlcIKVwEQW6AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2RtNm9DSVpRdTMtU3pxYVZ3Z3BYQVJCYm9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS84YzNmYjgtNDBkZi00ZDVkLTkzNjMt
NTA0NzI3YTUwYjhlLzEvY2RtNm9DSVpRdTMtU3pxYVZ3Z3BYQVJCYm9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS84YzNmYjgtNDBkZi00ZDVkLTkzNjMtNTA0NzI3YTUwYjhl
LzEvY2RtNm9DSVpRdTMtU3pxYVZ3Z3BYQVJCYm9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQVZrJ4bi
Av8lvzKFkHUa0+gdmMNgjftjsbMj4HLYLtFFcAkLmvgAUFIzWruuGPuHRgywXUuL
V3e40AUEpQCL53tweFvNLlCyi68/CLboKM2Jqwp5QeYRr+2XGLIF9/SH6YGFFt5r
Sr3vRewVOP22FGwkDRzt7f3qGbj82dxHRD+MPtBAPrhHA2gXZgxci7ecWZ8Czcbm
7COwuLEI0tTKlFetPJvnyv8rOUugT4noBJ7QM5EOAWmMSh/stKRWarjfIP3we11d
/Bg00Gr+0hiHi98I0cPXzDjCyZICB7ofcXE0AYhC3RcSnarZswJu9dkbBRGmwj27
2Dwr5vrojiVx+Q==
-----END CERTIFICATE-----
Generated at Tue Nov 11 16:51:41 2025 by rpki-client