Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/cpnOZKDxYk17stKWnlwRrbqlSFw.mft
File: cpnOZKDxYk17stKWnlwRrbqlSFw.mft (raw, json)
Hash identifier: 0RcT6Rb4ewnbAIFCfvhZMpIvzy5apxzHj7n+UKaCHxo=
Subject key identifier: 12:A2:86:F8:DD:D5:82:BF:F4:3B:60:43:60:77:7A:78:9A:9C:83:C1
Authority key identifier: 72:99:CE:64:A0:F1:62:4D:7B:B2:D2:96:9E:5C:11:AD:BA:A5:48:5C
Certificate issuer: /CN=7299ce64a0f1624d7bb2d2969e5c11adbaa5485c
Certificate serial: 019A725C6A3F7BF3175D7443EFC26C84B9EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cpnOZKDxYk17stKWnlwRrbqlSFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/cpnOZKDxYk17stKWnlwRrbqlSFw.mft
Manifest number: 0B47
Signing time: Tue 11 Nov 2025 10:00:50 +0000
Manifest this update: Tue 11 Nov 2025 10:00:50 +0000
Manifest next update: Wed 12 Nov 2025 10:00:50 +0000
Files and hashes: 1: cpnOZKDxYk17stKWnlwRrbqlSFw.crl (hash: Gz2C8H6ZSy3s7iOul9NaMF9rBgBEUFFzbAZ+H/QTBHM=)
2: hGLXMAJyrLLUknw2I4rIa47GY5A.roa (hash: 2PfIq+E4/YZaE6ygL6f+ygB4E8ocD+aiVc7FkOqVsVA=)
3: vbTBxrwzB75awQdnuHxvUmGSxrI.roa (hash: BNvntPsh9Cs3tqn2zXlS+7ZhQF3J782Zk6D2d5jtV8U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/cpnOZKDxYk17stKWnlwRrbqlSFw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/cpnOZKDxYk17stKWnlwRrbqlSFw.mft
rsync://rpki.ripe.net/repository/DEFAULT/cpnOZKDxYk17stKWnlwRrbqlSFw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:6a:3f:7b:f3:17:5d:74:43:ef:c2:6c:84:b9:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7299ce64a0f1624d7bb2d2969e5c11adbaa5485c
Validity
Not Before: Nov 11 10:00:50 2025 GMT
Not After : Nov 12 10:00:50 2025 GMT
Subject: CN=12a286f8ddd582bff43b604360777a789a9c83c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:4a:48:29:e8:72:b6:da:b4:94:80:fd:03:cc:
ff:61:ca:48:1c:f7:9c:74:a7:2b:c9:99:3b:5e:fd:
ef:38:d8:6c:19:81:c7:66:81:43:3e:9c:34:31:37:
ce:b9:54:bd:c5:fe:7b:52:5b:cc:5c:47:83:88:ea:
35:2b:98:23:9e:f0:09:f7:bb:0c:99:8a:68:bb:65:
2a:6b:c4:e1:a7:cb:ec:c2:d2:c1:d2:21:5a:2c:37:
e3:5c:f3:0b:f3:16:e8:7b:9f:d2:18:c4:6b:ab:9f:
7f:87:ca:9c:a1:9d:ec:4f:19:2a:7e:b5:cd:8a:fa:
df:3f:eb:02:c6:69:b4:0c:4b:68:f9:38:20:0f:76:
42:6d:5a:2b:2f:d2:f9:ed:30:1f:73:73:7c:74:3f:
9f:fa:8e:ce:24:1a:fe:7c:4a:b6:52:74:01:76:7c:
21:97:a2:23:bd:dd:53:be:d8:e0:3b:d6:33:5e:0c:
51:18:46:a1:21:52:e1:2c:44:e2:c0:c9:b4:ab:b7:
ad:a0:f4:bc:84:da:27:9a:70:c7:47:bb:54:6c:f7:
b4:8a:2b:4d:f5:9d:fb:8d:2a:31:da:12:c7:14:70:
94:2e:a7:71:6d:11:d5:90:27:a7:9d:df:da:ea:89:
95:01:dd:04:0b:3d:49:4c:ed:e5:80:9c:51:85:c2:
d6:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:A2:86:F8:DD:D5:82:BF:F4:3B:60:43:60:77:7A:78:9A:9C:83:C1
X509v3 Authority Key Identifier:
keyid:72:99:CE:64:A0:F1:62:4D:7B:B2:D2:96:9E:5C:11:AD:BA:A5:48:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cpnOZKDxYk17stKWnlwRrbqlSFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/cpnOZKDxYk17stKWnlwRrbqlSFw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/cpnOZKDxYk17stKWnlwRrbqlSFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
47:ee:ac:26:e6:8c:ff:31:05:81:9f:19:d1:d7:5b:c4:2d:c3:
ec:39:64:2d:f1:fd:7e:94:e6:2c:2f:dd:06:dd:ec:4c:32:75:
f7:2d:50:69:21:5f:05:bf:f4:2d:d6:0c:7a:d6:18:44:da:e3:
f8:53:2a:5d:db:60:13:8b:57:de:96:de:79:43:ed:89:63:3e:
80:52:49:af:8c:56:d3:28:c8:48:a4:3f:bd:90:53:73:32:7d:
a5:f0:3c:e6:d0:62:2f:00:64:1a:2d:f7:c1:e7:83:b7:7a:4b:
52:23:d5:b3:90:0b:dc:de:ec:f6:5a:93:c6:3b:03:dc:3f:1f:
82:97:78:ab:7d:28:c0:3b:59:db:9e:58:2c:e7:88:fe:19:86:
7a:c7:12:f1:75:44:96:14:26:c1:aa:34:cc:df:cc:bf:c6:a9:
59:0f:5c:8f:a0:00:45:f9:c7:04:51:1c:87:76:d8:b8:62:18:
c9:99:fa:65:ca:99:4f:59:77:69:b0:ce:88:9b:b3:68:b3:b9:
f5:a9:5c:c4:d7:08:90:8a:a0:de:09:62:5c:e8:0e:50:da:7b:
b3:ba:d1:91:0c:d7:6c:c3:87:8a:45:e0:f4:ec:99:35:f7:58:
40:b9:43:c1:df:85:b4:e5:c1:6f:6c:1d:d2:c5:62:8f:17:d6:
9a:64:ee:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXGo/e/MXXXRD78JshLnvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyOTljZTY0YTBmMTYyNGQ3YmIyZDI5NjllNWMxMWFkYmFh
NTQ4NWMwHhcNMjUxMTExMTAwMDUwWhcNMjUxMTEyMTAwMDUwWjAzMTEwLwYDVQQD
EygxMmEyODZmOGRkZDU4MmJmZjQzYjYwNDM2MDc3N2E3ODlhOWM4M2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6UpIKehyttq0lID9A8z/YcpIHPec
dKcryZk7Xv3vONhsGYHHZoFDPpw0MTfOuVS9xf57UlvMXEeDiOo1K5gjnvAJ97sM
mYpou2Uqa8Thp8vswtLB0iFaLDfjXPML8xboe5/SGMRrq59/h8qcoZ3sTxkqfrXN
ivrfP+sCxmm0DEto+TggD3ZCbVorL9L57TAfc3N8dD+f+o7OJBr+fEq2UnQBdnwh
l6Ijvd1TvtjgO9YzXgxRGEahIVLhLETiwMm0q7etoPS8hNonmnDHR7tUbPe0iitN
9Z37jSox2hLHFHCULqdxbRHVkCennd/a6omVAd0ECz1JTO3lgJxRhcLW4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBKihvjd1YK/9DtgQ2B3enianIPBMB8GA1UdIwQY
MBaAFHKZzmSg8WJNe7LSlp5cEa26pUhcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3BuT1pLRHhZazE3c3RLV25sd1JyYnFsU0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9jMjBmYmEtNWI2Ny00MzhjLWFiMDAt
YzdlYjM0ZTJkY2E2LzEvY3BuT1pLRHhZazE3c3RLV25sd1JyYnFsU0Z3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9jMjBmYmEtNWI2Ny00MzhjLWFiMDAtYzdlYjM0ZTJkY2E2
LzEvY3BuT1pLRHhZazE3c3RLV25sd1JyYnFsU0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR+6sJuaM
/zEFgZ8Z0ddbxC3D7DlkLfH9fpTmLC/dBt3sTDJ19y1QaSFfBb/0LdYMetYYRNrj
+FMqXdtgE4tX3pbeeUPtiWM+gFJJr4xW0yjISKQ/vZBTczJ9pfA85tBiLwBkGi33
weeDt3pLUiPVs5AL3N7s9lqTxjsD3D8fgpd4q30owDtZ255YLOeI/hmGescS8XVE
lhQmwao0zN/Mv8apWQ9cj6AARfnHBFEch3bYuGIYyZn6ZcqZT1l3abDOiJuzaLO5
9alcxNcIkIqg3gliXOgOUNp7s7rRkQzXbMOHikXg9OyZNfdYQLlDwd+FtOXBb2wd
0sVijxfWmmTuOQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:22:25 2025 by rpki-client