Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/33970f-fa9a-4d11-9766-a844aab0511c/1/CRiOI1NxcPsuRX8xLVRflL2d1-4.mft
File: CRiOI1NxcPsuRX8xLVRflL2d1-4.mft (raw, json)
Hash identifier: chmmScv+Jjnsg41AgH5ZHKzZChAoeN9dWUuXDHLrUsY=
Subject key identifier: 90:A0:49:0D:4F:45:CA:5F:0A:80:86:DE:59:DC:D5:69:A5:F7:2B:70
Authority key identifier: 09:18:8E:23:53:71:70:FB:2E:45:7F:31:2D:54:5F:94:BD:9D:D7:EE
Certificate issuer: /CN=09188e23537170fb2e457f312d545f94bd9dd7ee
Certificate serial: 019A70A4DD506C14E83801ADA72DF1D30B68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CRiOI1NxcPsuRX8xLVRflL2d1-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/33970f-fa9a-4d11-9766-a844aab0511c/1/CRiOI1NxcPsuRX8xLVRflL2d1-4.mft
Manifest number: 4C
Signing time: Tue 11 Nov 2025 02:00:44 +0000
Manifest this update: Tue 11 Nov 2025 02:00:44 +0000
Manifest next update: Wed 12 Nov 2025 02:00:44 +0000
Files and hashes: 1: A0XZ01XiZ_dD4RFgEp2-voPmlc8.roa (hash: gtIaaWoptBm+CPJmcGJG/IY/H9h8R350lE5kH246vNI=)
2: CRiOI1NxcPsuRX8xLVRflL2d1-4.crl (hash: Bphr6CAxv7p2u/eo+v49+IjedOM5ekhzZh6ZxcdNMYM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/33970f-fa9a-4d11-9766-a844aab0511c/1/CRiOI1NxcPsuRX8xLVRflL2d1-4.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/33970f-fa9a-4d11-9766-a844aab0511c/1/CRiOI1NxcPsuRX8xLVRflL2d1-4.mft
rsync://rpki.ripe.net/repository/DEFAULT/CRiOI1NxcPsuRX8xLVRflL2d1-4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 02:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:a4:dd:50:6c:14:e8:38:01:ad:a7:2d:f1:d3:0b:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09188e23537170fb2e457f312d545f94bd9dd7ee
Validity
Not Before: Nov 11 02:00:44 2025 GMT
Not After : Nov 12 02:00:44 2025 GMT
Subject: CN=90a0490d4f45ca5f0a8086de59dcd569a5f72b70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4f:c0:67:91:c2:e8:35:7a:30:cf:98:a9:70:
64:7d:3c:6a:c6:47:61:f6:43:fe:a8:c2:59:72:95:
ca:25:2e:5f:20:a9:84:e6:f1:7e:f4:0e:f8:73:79:
d7:57:3d:d6:8f:fd:92:ab:af:71:96:53:b4:16:b7:
4e:f1:0e:8c:54:84:ed:05:5f:e5:8f:16:82:2e:74:
67:96:30:5f:2d:b4:96:42:a7:0a:5b:80:10:21:a8:
52:ce:8c:06:9a:03:34:23:94:17:9b:6e:f1:c7:ab:
6f:df:4c:db:7f:62:8e:2a:a6:cd:dc:92:c2:2f:25:
d5:6c:ad:a4:83:d5:40:f6:11:0e:4f:4d:c7:2b:fc:
f8:26:0f:11:06:7f:35:9a:81:8a:dd:7a:00:12:a8:
1f:9e:b4:cd:b1:66:8a:80:91:21:32:84:8f:03:58:
6d:f1:a4:27:e2:ce:0e:86:d6:2b:37:c3:ff:31:95:
db:84:96:ba:a8:3e:90:e1:31:ad:e9:2f:68:d3:29:
42:14:1c:56:3f:f8:4f:1f:72:ef:12:78:e3:ff:ec:
e4:5d:03:1d:a5:4f:92:10:d6:8a:f9:b4:3a:68:c4:
d9:b4:7a:85:a0:cc:ec:d4:37:7f:d2:d7:ea:2b:97:
cd:07:ba:22:6d:71:42:17:94:b4:45:5f:50:eb:d1:
5d:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:A0:49:0D:4F:45:CA:5F:0A:80:86:DE:59:DC:D5:69:A5:F7:2B:70
X509v3 Authority Key Identifier:
keyid:09:18:8E:23:53:71:70:FB:2E:45:7F:31:2D:54:5F:94:BD:9D:D7:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CRiOI1NxcPsuRX8xLVRflL2d1-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/33970f-fa9a-4d11-9766-a844aab0511c/1/CRiOI1NxcPsuRX8xLVRflL2d1-4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/33970f-fa9a-4d11-9766-a844aab0511c/1/CRiOI1NxcPsuRX8xLVRflL2d1-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8e:1e:27:63:c0:c0:50:23:b7:96:cb:d3:1f:3f:19:68:16:63:
89:b8:d7:2c:28:27:83:d7:b1:0f:ba:78:5f:46:95:bf:e3:18:
cb:74:0b:57:00:24:8b:93:c7:a5:6f:52:15:0f:3d:7e:ac:f5:
51:34:fb:cb:ab:14:de:69:b8:bf:12:ae:7f:98:e9:ec:80:ec:
98:bc:8d:0a:d9:57:74:9e:40:e7:32:ab:f2:76:54:46:15:cd:
fe:4c:49:6c:8c:d1:52:10:5b:44:9e:5c:5d:92:1d:39:fe:24:
92:cd:a0:6c:51:b7:dd:8f:af:23:6d:2d:41:9e:8c:63:cd:67:
7e:83:cd:b2:76:92:8b:c6:5b:4b:40:a4:52:ff:b9:ae:4a:55:
e8:8a:46:55:9e:3e:c2:82:52:d7:31:fe:20:7b:e9:20:62:31:
2b:a8:5f:4a:c0:eb:95:e0:aa:ae:2c:60:b7:dc:11:43:86:62:
fc:05:04:9c:4a:43:66:14:29:5a:4f:f3:01:4b:4d:d8:24:5f:
5f:20:3e:68:a6:9c:0f:c4:3e:bf:46:ce:87:6b:08:45:97:fa:
31:d9:c5:1d:cd:c1:e3:0d:27:4f:8f:22:ea:ac:90:ed:98:f3:
6d:ba:a9:fb:c4:58:49:20:96:ad:3e:89:a3:c3:01:14:b9:21:
21:44:fe:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpN1QbBToOAGtpy3x0wtoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MTg4ZTIzNTM3MTcwZmIyZTQ1N2YzMTJkNTQ1Zjk0YmQ5
ZGQ3ZWUwHhcNMjUxMTExMDIwMDQ0WhcNMjUxMTEyMDIwMDQ0WjAzMTEwLwYDVQQD
Eyg5MGEwNDkwZDRmNDVjYTVmMGE4MDg2ZGU1OWRjZDU2OWE1ZjcyYjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvk/AZ5HC6DV6MM+YqXBkfTxqxkdh
9kP+qMJZcpXKJS5fIKmE5vF+9A74c3nXVz3Wj/2Sq69xllO0FrdO8Q6MVITtBV/l
jxaCLnRnljBfLbSWQqcKW4AQIahSzowGmgM0I5QXm27xx6tv30zbf2KOKqbN3JLC
LyXVbK2kg9VA9hEOT03HK/z4Jg8RBn81moGK3XoAEqgfnrTNsWaKgJEhMoSPA1ht
8aQn4s4OhtYrN8P/MZXbhJa6qD6Q4TGt6S9o0ylCFBxWP/hPH3LvEnjj/+zkXQMd
pU+SENaK+bQ6aMTZtHqFoMzs1Dd/0tfqK5fNB7oibXFCF5S0RV9Q69FdCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJCgSQ1PRcpfCoCG3lnc1Wml9ytwMB8GA1UdIwQY
MBaAFAkYjiNTcXD7LkV/MS1UX5S9ndfuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1JpT0kxTnhjUHN1Ulg4eExWUmZsTDJkMS00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8zMzk3MGYtZmE5YS00ZDExLTk3NjYt
YTg0NGFhYjA1MTFjLzEvQ1JpT0kxTnhjUHN1Ulg4eExWUmZsTDJkMS00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8zMzk3MGYtZmE5YS00ZDExLTk3NjYtYTg0NGFhYjA1MTFj
LzEvQ1JpT0kxTnhjUHN1Ulg4eExWUmZsTDJkMS00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjh4nY8DA
UCO3lsvTHz8ZaBZjibjXLCgng9exD7p4X0aVv+MYy3QLVwAki5PHpW9SFQ89fqz1
UTT7y6sU3mm4vxKuf5jp7IDsmLyNCtlXdJ5A5zKr8nZURhXN/kxJbIzRUhBbRJ5c
XZIdOf4kks2gbFG33Y+vI20tQZ6MY81nfoPNsnaSi8ZbS0CkUv+5rkpV6IpGVZ4+
woJS1zH+IHvpIGIxK6hfSsDrleCqrixgt9wRQ4Zi/AUEnEpDZhQpWk/zAUtN2CRf
XyA+aKacD8Q+v0bOh2sIRZf6MdnFHc3B4w0nT48i6qyQ7Zjzbbqp+8RYSSCWrT6J
o8MBFLkhIUT+Tw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:37:37 2025 by rpki-client