Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/b80000-0609-488f-a34a-2ca626cfed45/1/c4DHWfVY-ca-iN0iakOdmcnqzww.mft
File: c4DHWfVY-ca-iN0iakOdmcnqzww.mft (raw, json)
Hash identifier: na/Jrj1H+/U904pv9kOXzVKukLme5/iloNy7MW4p7FA=
Subject key identifier: 50:CB:75:0B:C8:16:41:1C:A1:DD:40:99:45:22:6D:E6:3A:44:6A:AE
Authority key identifier: 73:80:C7:59:F5:58:F9:C6:BE:88:DD:22:6A:43:9D:99:C9:EA:CF:0C
Certificate issuer: /CN=7380c759f558f9c6be88dd226a439d99c9eacf0c
Certificate serial: 019A71B8068CA29493F46C3391B7DC9AC66B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c4DHWfVY-ca-iN0iakOdmcnqzww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/b80000-0609-488f-a34a-2ca626cfed45/1/c4DHWfVY-ca-iN0iakOdmcnqzww.mft
Manifest number: 0E50
Signing time: Tue 11 Nov 2025 07:01:16 +0000
Manifest this update: Tue 11 Nov 2025 07:01:16 +0000
Manifest next update: Wed 12 Nov 2025 07:01:16 +0000
Files and hashes: 1: RBq_sIlJapW_qBhhOYs3cfjmb6g.roa (hash: fg25CTdh4wWfSSlLDFZZPAEIB6IEQNMofjk6UtMoVYc=)
2: c4DHWfVY-ca-iN0iakOdmcnqzww.crl (hash: YBMhv5Kt+zjUWjtSbRLQa9lGLJKNZKb1PFajh9jSYnY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/b80000-0609-488f-a34a-2ca626cfed45/1/c4DHWfVY-ca-iN0iakOdmcnqzww.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/b80000-0609-488f-a34a-2ca626cfed45/1/c4DHWfVY-ca-iN0iakOdmcnqzww.mft
rsync://rpki.ripe.net/repository/DEFAULT/c4DHWfVY-ca-iN0iakOdmcnqzww.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:06:8c:a2:94:93:f4:6c:33:91:b7:dc:9a:c6:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7380c759f558f9c6be88dd226a439d99c9eacf0c
Validity
Not Before: Nov 11 07:01:16 2025 GMT
Not After : Nov 12 07:01:16 2025 GMT
Subject: CN=50cb750bc816411ca1dd409945226de63a446aae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:45:9f:cf:f3:ad:11:a7:fb:ab:27:16:53:83:
a7:5d:dd:34:31:9d:ce:f2:3e:35:87:93:fb:1c:24:
07:9e:3a:89:e9:3e:92:4f:8e:bd:6e:e8:39:20:3f:
41:61:2f:bf:d6:5b:96:ef:0a:42:50:d8:0e:81:81:
5b:49:e3:32:0e:cf:94:8c:dc:03:f4:30:b8:e3:1e:
df:2c:d5:8f:0e:63:27:d9:d9:19:88:07:27:72:a2:
16:db:78:2e:4a:d5:9a:ea:b4:09:8f:c5:ef:e0:8f:
37:c8:43:95:fd:09:fc:65:12:da:3c:c7:dc:e0:ef:
46:32:29:5d:c2:9f:ac:29:27:87:c9:94:d6:26:49:
74:8a:34:3b:ea:bd:3f:10:20:3b:b9:c8:b8:5d:26:
12:14:29:64:b9:d8:11:a6:0f:64:b2:0d:af:58:7d:
11:a4:df:e6:50:5d:5d:f6:1b:4e:8a:d5:28:30:a2:
51:dd:25:82:38:70:0d:57:d7:a7:12:c7:21:49:89:
7c:33:ab:37:d1:7d:ba:1a:8a:e9:d3:73:68:ba:3a:
4a:72:03:cb:66:be:7d:9d:c3:cb:b3:ca:91:88:32:
c1:aa:19:4e:ca:3d:70:a3:f8:a4:b5:e9:b5:e0:83:
e6:ff:88:05:ac:e5:ba:1c:5c:8a:8d:46:7e:0f:0d:
11:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:CB:75:0B:C8:16:41:1C:A1:DD:40:99:45:22:6D:E6:3A:44:6A:AE
X509v3 Authority Key Identifier:
keyid:73:80:C7:59:F5:58:F9:C6:BE:88:DD:22:6A:43:9D:99:C9:EA:CF:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4DHWfVY-ca-iN0iakOdmcnqzww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/b80000-0609-488f-a34a-2ca626cfed45/1/c4DHWfVY-ca-iN0iakOdmcnqzww.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/b80000-0609-488f-a34a-2ca626cfed45/1/c4DHWfVY-ca-iN0iakOdmcnqzww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
02:53:2b:2b:38:0e:9c:9f:ea:38:bc:b9:a4:6e:a2:d5:a0:ab:
40:f0:e1:4c:79:fa:ad:aa:07:bb:24:3e:84:67:99:fb:e9:34:
c2:45:17:29:15:13:0e:20:21:14:7d:3c:2f:2b:e1:13:2d:d0:
af:fb:50:ba:ae:1a:1a:e8:3d:3c:75:6d:30:c7:27:77:12:94:
84:7c:96:87:ff:3a:03:4f:11:7c:a7:c6:65:3c:35:cf:d7:23:
1d:c3:78:40:69:45:b4:be:9e:01:63:c4:f0:6b:4f:1f:cc:12:
9a:6a:7b:62:51:1f:fe:b3:14:0e:04:4d:e6:40:9a:bd:cc:a8:
28:2b:f3:ff:d0:e1:3e:9d:60:0f:9e:24:b1:86:41:96:68:57:
66:85:9d:d4:57:c1:c7:a9:17:9b:6f:e8:e1:a2:43:ca:52:5c:
0e:bb:a0:48:2a:30:d8:0a:5b:8f:f2:02:e0:3e:42:d9:73:42:
80:f3:3b:3f:ab:fb:1b:8e:91:4b:8f:38:a8:d7:97:d5:9d:b7:
b2:34:23:80:eb:1d:e9:02:10:84:dc:07:d1:43:8e:b6:bb:1f:
db:ef:59:c0:83:76:ba:bf:ad:cc:92:ec:53:03:0d:4c:87:ae:
7d:53:59:8f:d0:b2:ab:39:90:67:fa:24:2b:68:3d:ef:7e:72:
a9:a0:57:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuAaMopST9GwzkbfcmsZrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczODBjNzU5ZjU1OGY5YzZiZTg4ZGQyMjZhNDM5ZDk5Yzll
YWNmMGMwHhcNMjUxMTExMDcwMTE2WhcNMjUxMTEyMDcwMTE2WjAzMTEwLwYDVQQD
Eyg1MGNiNzUwYmM4MTY0MTFjYTFkZDQwOTk0NTIyNmRlNjNhNDQ2YWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUWfz/OtEaf7qycWU4OnXd00MZ3O
8j41h5P7HCQHnjqJ6T6ST469bug5ID9BYS+/1luW7wpCUNgOgYFbSeMyDs+UjNwD
9DC44x7fLNWPDmMn2dkZiAcncqIW23guStWa6rQJj8Xv4I83yEOV/Qn8ZRLaPMfc
4O9GMildwp+sKSeHyZTWJkl0ijQ76r0/ECA7uci4XSYSFClkudgRpg9ksg2vWH0R
pN/mUF1d9htOitUoMKJR3SWCOHANV9enEschSYl8M6s30X26Gorp03NoujpKcgPL
Zr59ncPLs8qRiDLBqhlOyj1wo/iktem14IPm/4gFrOW6HFyKjUZ+Dw0RCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFDLdQvIFkEcod1AmUUibeY6RGquMB8GA1UdIwQY
MBaAFHOAx1n1WPnGvojdImpDnZnJ6s8MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzRESFdmVlktY2EtaU4waWFrT2RtY25xend3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9iODAwMDAtMDYwOS00ODhmLWEzNGEt
MmNhNjI2Y2ZlZDQ1LzEvYzRESFdmVlktY2EtaU4waWFrT2RtY25xend3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9iODAwMDAtMDYwOS00ODhmLWEzNGEtMmNhNjI2Y2ZlZDQ1
LzEvYzRESFdmVlktY2EtaU4waWFrT2RtY25xend3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAlMrKzgO
nJ/qOLy5pG6i1aCrQPDhTHn6raoHuyQ+hGeZ++k0wkUXKRUTDiAhFH08LyvhEy3Q
r/tQuq4aGug9PHVtMMcndxKUhHyWh/86A08RfKfGZTw1z9cjHcN4QGlFtL6eAWPE
8GtPH8wSmmp7YlEf/rMUDgRN5kCavcyoKCvz/9DhPp1gD54ksYZBlmhXZoWd1FfB
x6kXm2/o4aJDylJcDrugSCow2Apbj/IC4D5C2XNCgPM7P6v7G46RS484qNeX1Z23
sjQjgOsd6QIQhNwH0UOOtrsf2+9ZwIN2ur+tzJLsUwMNTIeufVNZj9CyqzmQZ/ok
K2g9735yqaBXig==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:14:19 2025 by rpki-client