Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/47d7f7-b019-42e9-bb08-d69c0134f5a8/1/POwGHF7VbcoHdT_ktbjAkNl60OE.mft
File: POwGHF7VbcoHdT_ktbjAkNl60OE.mft (raw, json)
Hash identifier: E+h7qv1cWJwBc7O1mOYGjxD3Jha6Ds+qSvUzDbUA2bc=
Subject key identifier: 94:F9:AF:23:0B:8E:99:C6:0F:B9:D2:A3:FC:BF:E6:D8:61:67:F6:4B
Authority key identifier: 3C:EC:06:1C:5E:D5:6D:CA:07:75:3F:E4:B5:B8:C0:90:D9:7A:D0:E1
Certificate issuer: /CN=3cec061c5ed56dca07753fe4b5b8c090d97ad0e1
Certificate serial: 019A71EEC8FF0E094D9F079DF7BC41C61E42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/POwGHF7VbcoHdT_ktbjAkNl60OE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/47d7f7-b019-42e9-bb08-d69c0134f5a8/1/POwGHF7VbcoHdT_ktbjAkNl60OE.mft
Manifest number: 06C1
Signing time: Tue 11 Nov 2025 08:01:05 +0000
Manifest this update: Tue 11 Nov 2025 08:01:05 +0000
Manifest next update: Wed 12 Nov 2025 08:01:05 +0000
Files and hashes: 1: J--9FTqyd7jwis3viXw5cnMN5-o.roa (hash: DC3T7Frr+GR57cEYLFoZVlKHfiR/SiiUWqjetZEXAWY=)
2: POwGHF7VbcoHdT_ktbjAkNl60OE.crl (hash: 0REU5EbvezDmX19ek75Pqd20QSai3wH7zQFZ1f8fR3g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/47d7f7-b019-42e9-bb08-d69c0134f5a8/1/POwGHF7VbcoHdT_ktbjAkNl60OE.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/47d7f7-b019-42e9-bb08-d69c0134f5a8/1/POwGHF7VbcoHdT_ktbjAkNl60OE.mft
rsync://rpki.ripe.net/repository/DEFAULT/POwGHF7VbcoHdT_ktbjAkNl60OE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:c8:ff:0e:09:4d:9f:07:9d:f7:bc:41:c6:1e:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cec061c5ed56dca07753fe4b5b8c090d97ad0e1
Validity
Not Before: Nov 11 08:01:05 2025 GMT
Not After : Nov 12 08:01:05 2025 GMT
Subject: CN=94f9af230b8e99c60fb9d2a3fcbfe6d86167f64b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:cd:e8:12:4b:d5:b6:15:1b:97:b3:9d:38:fc:
ba:11:b7:e9:ee:7f:ce:45:de:11:19:6d:ec:92:29:
9b:c2:5e:c7:ad:f3:de:9b:b5:af:8e:54:04:71:67:
2e:f7:98:61:e3:3a:84:b7:09:5e:4b:7b:0a:04:a4:
a3:14:7d:15:1a:22:42:c9:4d:31:65:d5:99:94:f0:
c2:1a:53:c5:5b:0e:42:81:9c:44:d0:3f:32:72:a8:
8a:d1:a9:57:84:21:45:7e:ca:60:46:02:0f:7e:69:
d4:47:1a:d1:f9:ca:62:5b:3e:c5:50:31:3a:e7:9a:
6f:0e:bd:ff:51:9e:a5:07:6c:d6:10:2c:9a:12:7c:
50:1e:e4:e8:43:32:05:4f:e3:79:bb:0f:fe:55:91:
e3:3f:94:41:47:e7:27:09:96:91:af:e3:e0:68:a7:
2d:17:a5:ed:5d:5d:a2:1a:43:01:cc:18:32:86:5b:
97:18:34:fa:b7:82:89:59:73:80:01:a9:5c:91:05:
0a:33:e1:84:5a:00:a0:f9:eb:b3:79:7f:37:96:bc:
af:30:88:b8:b6:25:97:52:4e:ce:75:28:5e:71:ba:
0c:e9:8a:f6:74:3e:42:0e:94:a1:68:c6:27:fb:da:
6e:4f:6b:14:f8:69:93:b5:2b:e0:02:0c:a6:e5:e9:
47:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:F9:AF:23:0B:8E:99:C6:0F:B9:D2:A3:FC:BF:E6:D8:61:67:F6:4B
X509v3 Authority Key Identifier:
keyid:3C:EC:06:1C:5E:D5:6D:CA:07:75:3F:E4:B5:B8:C0:90:D9:7A:D0:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/POwGHF7VbcoHdT_ktbjAkNl60OE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/47d7f7-b019-42e9-bb08-d69c0134f5a8/1/POwGHF7VbcoHdT_ktbjAkNl60OE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/47d7f7-b019-42e9-bb08-d69c0134f5a8/1/POwGHF7VbcoHdT_ktbjAkNl60OE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
07:88:42:da:e8:52:85:a9:aa:b9:a6:87:81:7a:75:1c:47:32:
51:39:66:33:74:54:84:e1:49:bb:a1:50:c0:ab:61:f0:fc:75:
8f:dd:62:ef:25:c3:cf:7e:5d:69:ed:cf:be:20:c4:68:e6:d5:
f7:7c:70:4e:f4:86:4b:71:1b:24:42:a2:4c:0a:84:07:7f:22:
35:2b:86:3f:a7:cd:f4:ed:f5:36:0a:75:41:6c:48:a0:d7:df:
d9:41:1a:1c:9a:6a:c4:cd:3f:fb:83:2a:0a:a9:89:cf:fd:fe:
7b:5c:80:06:77:6d:32:c0:7b:67:13:a2:4b:01:21:24:5f:5c:
80:3c:15:b2:e1:76:ee:2a:ce:89:99:4f:01:63:41:a9:b1:1d:
8a:de:70:7d:f4:2f:70:c1:9f:42:c4:4f:e3:a7:5d:ba:9c:44:
40:6b:01:d4:d9:97:74:71:ff:89:a0:85:b6:e9:70:15:42:67:
88:f4:ee:59:71:6d:af:44:a4:a2:f0:de:90:1a:e4:01:90:fc:
1e:32:86:84:a2:01:95:61:12:6a:4a:50:7f:b4:22:78:16:46:
c2:37:bc:a9:97:95:59:35:c3:a9:da:d6:23:08:da:fa:bb:d4:
36:02:cc:ac:5c:2a:a4:d5:25:77:26:c2:6a:26:49:83:bf:7e:
3a:07:a5:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7sj/DglNnwed97xBxh5CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZWMwNjFjNWVkNTZkY2EwNzc1M2ZlNGI1YjhjMDkwZDk3
YWQwZTEwHhcNMjUxMTExMDgwMTA1WhcNMjUxMTEyMDgwMTA1WjAzMTEwLwYDVQQD
Eyg5NGY5YWYyMzBiOGU5OWM2MGZiOWQyYTNmY2JmZTZkODYxNjdmNjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjs3oEkvVthUbl7OdOPy6Ebfp7n/O
Rd4RGW3skimbwl7HrfPem7WvjlQEcWcu95hh4zqEtwleS3sKBKSjFH0VGiJCyU0x
ZdWZlPDCGlPFWw5CgZxE0D8ycqiK0alXhCFFfspgRgIPfmnURxrR+cpiWz7FUDE6
55pvDr3/UZ6lB2zWECyaEnxQHuToQzIFT+N5uw/+VZHjP5RBR+cnCZaRr+PgaKct
F6XtXV2iGkMBzBgyhluXGDT6t4KJWXOAAalckQUKM+GEWgCg+euzeX83lryvMIi4
tiWXUk7OdShecboM6Yr2dD5CDpShaMYn+9puT2sU+GmTtSvgAgym5elHWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJT5ryMLjpnGD7nSo/y/5thhZ/ZLMB8GA1UdIwQY
MBaAFDzsBhxe1W3KB3U/5LW4wJDZetDhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE93R0hGN1ZiY29IZFRfa3RiakFrTmw2ME9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80N2Q3ZjctYjAxOS00MmU5LWJiMDgt
ZDY5YzAxMzRmNWE4LzEvUE93R0hGN1ZiY29IZFRfa3RiakFrTmw2ME9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC80N2Q3ZjctYjAxOS00MmU5LWJiMDgtZDY5YzAxMzRmNWE4
LzEvUE93R0hGN1ZiY29IZFRfa3RiakFrTmw2ME9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB4hC2uhS
hamquaaHgXp1HEcyUTlmM3RUhOFJu6FQwKth8Px1j91i7yXDz35dae3PviDEaObV
93xwTvSGS3EbJEKiTAqEB38iNSuGP6fN9O31Ngp1QWxIoNff2UEaHJpqxM0/+4Mq
CqmJz/3+e1yABndtMsB7ZxOiSwEhJF9cgDwVsuF27irOiZlPAWNBqbEdit5wffQv
cMGfQsRP46ddupxEQGsB1NmXdHH/iaCFtulwFUJniPTuWXFtr0SkovDekBrkAZD8
HjKGhKIBlWESakpQf7QieBZGwje8qZeVWTXDqdrWIwja+rvUNgLMrFwqpNUldybC
aiZJg79+Ogel+w==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:23:54 2025 by rpki-client