Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/cpnOZKDxYk17stKWnlwRrbqlSFw.mft
File: cpnOZKDxYk17stKWnlwRrbqlSFw.mft (raw, json)
Hash identifier: irBmDO9s2r5a73/5WJC94ZZbdI0i7+u0OPVklRjhUz4=
Subject key identifier: 3A:12:B2:25:C8:9E:27:B1:9A:39:29:C1:E7:59:C7:FB:D2:77:CA:A2
Authority key identifier: 72:99:CE:64:A0:F1:62:4D:7B:B2:D2:96:9E:5C:11:AD:BA:A5:48:5C
Certificate issuer: /CN=7299ce64a0f1624d7bb2d2969e5c11adbaa5485c
Certificate serial: 0199225533708112D70245CD943901C35DD9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cpnOZKDxYk17stKWnlwRrbqlSFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/cpnOZKDxYk17stKWnlwRrbqlSFw.mft
Manifest number: 0A99
Signing time: Sun 07 Sep 2025 04:00:32 +0000
Manifest this update: Sun 07 Sep 2025 04:00:32 +0000
Manifest next update: Mon 08 Sep 2025 04:00:32 +0000
Files and hashes: 1: cpnOZKDxYk17stKWnlwRrbqlSFw.crl (hash: WWUhBcpWup+8tamfug6/RxP20gsG/Ltknxs+BVDEYaI=)
2: hGLXMAJyrLLUknw2I4rIa47GY5A.roa (hash: 2PfIq+E4/YZaE6ygL6f+ygB4E8ocD+aiVc7FkOqVsVA=)
3: vbTBxrwzB75awQdnuHxvUmGSxrI.roa (hash: BNvntPsh9Cs3tqn2zXlS+7ZhQF3J782Zk6D2d5jtV8U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/cpnOZKDxYk17stKWnlwRrbqlSFw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/cpnOZKDxYk17stKWnlwRrbqlSFw.mft
rsync://rpki.ripe.net/repository/DEFAULT/cpnOZKDxYk17stKWnlwRrbqlSFw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 04:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:55:33:70:81:12:d7:02:45:cd:94:39:01:c3:5d:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7299ce64a0f1624d7bb2d2969e5c11adbaa5485c
Validity
Not Before: Sep 7 04:00:32 2025 GMT
Not After : Sep 8 04:00:32 2025 GMT
Subject: CN=3a12b225c89e27b19a3929c1e759c7fbd277caa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b0:93:37:8d:de:f0:a4:3c:8e:d8:b6:ba:81:
98:4c:fc:d2:14:8e:92:42:86:c8:0f:82:f0:78:ee:
2e:9d:65:a8:82:2c:60:0f:94:7c:61:31:dd:56:35:
27:e1:8a:34:96:52:a7:14:a1:d1:6e:ba:9c:1e:80:
75:f3:92:c4:f7:ea:d8:86:64:96:fa:3c:4e:61:c4:
27:b0:47:73:19:b1:1a:b8:f9:b3:36:6d:62:74:55:
94:68:ed:09:db:01:56:16:17:ea:33:98:ed:39:91:
78:2a:b7:aa:88:98:d4:1d:b8:9c:e3:44:8b:3c:52:
db:55:64:76:7d:2c:fd:7a:3d:36:4a:17:57:06:32:
53:e0:eb:78:1e:8a:75:93:95:95:e4:90:1c:29:93:
8c:8b:8b:55:0c:bf:d0:5b:49:6a:b9:47:04:29:51:
ba:91:af:1d:06:43:49:80:1c:08:69:9a:d3:2f:f6:
18:c8:3c:ae:05:4e:ca:91:bb:99:13:22:ca:63:83:
83:d7:ee:fa:44:47:bb:76:fb:e6:bd:7d:5a:f2:a4:
42:c1:a9:2b:64:36:4a:e7:cd:29:9c:e5:e2:44:6e:
79:44:4c:8c:65:8c:f1:45:83:22:ac:c1:02:21:91:
00:c4:4c:ea:e5:3b:dd:0d:73:62:03:c9:c4:f8:68:
5a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:12:B2:25:C8:9E:27:B1:9A:39:29:C1:E7:59:C7:FB:D2:77:CA:A2
X509v3 Authority Key Identifier:
keyid:72:99:CE:64:A0:F1:62:4D:7B:B2:D2:96:9E:5C:11:AD:BA:A5:48:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cpnOZKDxYk17stKWnlwRrbqlSFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/cpnOZKDxYk17stKWnlwRrbqlSFw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/cpnOZKDxYk17stKWnlwRrbqlSFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
77:b7:24:da:d0:97:55:55:74:b1:1e:53:30:20:b5:a5:ec:6c:
87:4f:d5:59:78:de:39:a0:a8:e8:c5:12:e2:7c:e4:5e:1a:e5:
c6:37:96:73:b7:62:e7:2e:29:a2:b1:22:47:6c:a7:9d:89:82:
10:9c:31:6e:24:d3:58:eb:89:4f:8a:8a:f8:19:99:a2:05:f7:
03:cd:17:15:fb:e8:04:86:d8:9f:3d:0b:54:e5:36:10:67:ff:
05:8a:a8:7f:a9:48:33:b2:27:06:26:a7:8a:85:90:a3:4b:0a:
ad:d2:28:05:9e:bd:41:d3:84:8f:62:b5:56:00:f4:7f:2b:fa:
1f:a1:fc:dc:3a:17:c9:b2:64:5f:8c:0e:11:0a:c8:c6:b9:e2:
a4:f6:ee:4c:df:3b:5d:5a:ef:a0:cf:25:1d:12:96:bd:7a:b7:
9f:6d:c3:58:0d:7d:10:9f:e0:85:c1:75:a9:ec:8a:c7:15:36:
0e:6e:1d:b4:4f:4e:d8:17:e8:ff:66:05:de:14:6b:2e:3c:4e:
a1:fe:ce:a9:93:9c:d1:7b:c0:36:ce:a4:10:67:f5:4b:82:7e:
a9:b1:a4:5d:ac:72:f0:b6:16:54:50:bf:af:53:ee:81:9d:67:
95:e4:3f:ab:d7:a1:03:ff:43:b5:25:32:de:23:58:66:54:d6:
6e:eb:df:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVTNwgRLXAkXNlDkBw13ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyOTljZTY0YTBmMTYyNGQ3YmIyZDI5NjllNWMxMWFkYmFh
NTQ4NWMwHhcNMjUwOTA3MDQwMDMyWhcNMjUwOTA4MDQwMDMyWjAzMTEwLwYDVQQD
EygzYTEyYjIyNWM4OWUyN2IxOWEzOTI5YzFlNzU5YzdmYmQyNzdjYWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLCTN43e8KQ8jti2uoGYTPzSFI6S
QobID4LweO4unWWogixgD5R8YTHdVjUn4Yo0llKnFKHRbrqcHoB185LE9+rYhmSW
+jxOYcQnsEdzGbEauPmzNm1idFWUaO0J2wFWFhfqM5jtOZF4KreqiJjUHbic40SL
PFLbVWR2fSz9ej02ShdXBjJT4Ot4Hop1k5WV5JAcKZOMi4tVDL/QW0lquUcEKVG6
ka8dBkNJgBwIaZrTL/YYyDyuBU7KkbuZEyLKY4OD1+76REe7dvvmvX1a8qRCwakr
ZDZK580pnOXiRG55REyMZYzxRYMirMECIZEAxEzq5TvdDXNiA8nE+Gha3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDoSsiXIniexmjkpwedZx/vSd8qiMB8GA1UdIwQY
MBaAFHKZzmSg8WJNe7LSlp5cEa26pUhcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3BuT1pLRHhZazE3c3RLV25sd1JyYnFsU0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9jMjBmYmEtNWI2Ny00MzhjLWFiMDAt
YzdlYjM0ZTJkY2E2LzEvY3BuT1pLRHhZazE3c3RLV25sd1JyYnFsU0Z3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9jMjBmYmEtNWI2Ny00MzhjLWFiMDAtYzdlYjM0ZTJkY2E2
LzEvY3BuT1pLRHhZazE3c3RLV25sd1JyYnFsU0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd7ck2tCX
VVV0sR5TMCC1pexsh0/VWXjeOaCo6MUS4nzkXhrlxjeWc7di5y4porEiR2ynnYmC
EJwxbiTTWOuJT4qK+BmZogX3A80XFfvoBIbYnz0LVOU2EGf/BYqof6lIM7InBian
ioWQo0sKrdIoBZ69QdOEj2K1VgD0fyv6H6H83DoXybJkX4wOEQrIxrnipPbuTN87
XVrvoM8lHRKWvXq3n23DWA19EJ/ghcF1qeyKxxU2Dm4dtE9O2Bfo/2YF3hRrLjxO
of7OqZOc0XvANs6kEGf1S4J+qbGkXaxy8LYWVFC/r1PugZ1nleQ/q9ehA/9DtSUy
3iNYZlTWbuvfnA==
-----END CERTIFICATE-----
Generated at Sun Sep 7 13:45:22 2025 by rpki-client