Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/cef3b5-a848-43d5-873a-0757a6d28224/1/CGZINfiq_mFJcf-oaD-fdL9ND_Q.mft
File: CGZINfiq_mFJcf-oaD-fdL9ND_Q.mft (raw, json)
Hash identifier: jHUECNtma7Yncw6hhpVgUrAcEEvUrW9X+PKGwALTY0w=
Subject key identifier: 9B:81:E2:5D:1C:84:60:47:51:01:82:AC:61:3A:0A:C3:B4:EA:5F:44
Authority key identifier: 08:66:48:35:F8:AA:FE:61:49:71:FF:A8:68:3F:9F:74:BF:4D:0F:F4
Certificate issuer: /CN=08664835f8aafe614971ffa8683f9f74bf4d0ff4
Certificate serial: 019A71EE6A12F0BB31F4C275B1F31461025B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CGZINfiq_mFJcf-oaD-fdL9ND_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/cef3b5-a848-43d5-873a-0757a6d28224/1/CGZINfiq_mFJcf-oaD-fdL9ND_Q.mft
Manifest number: 0F63
Signing time: Tue 11 Nov 2025 08:00:41 +0000
Manifest this update: Tue 11 Nov 2025 08:00:41 +0000
Manifest next update: Wed 12 Nov 2025 08:00:41 +0000
Files and hashes: 1: CGZINfiq_mFJcf-oaD-fdL9ND_Q.crl (hash: 4Z8iobcYQAHbIjQMU8jjTxGUxFSSiVd42KSHwYRjK1k=)
2: xhegVBAKk0XT86_ijfwUPQBwbjE.roa (hash: HzUtvDRCwVOU+h+rA3imDZdqrxNmwf2Nw3JBM6GcfyM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/cef3b5-a848-43d5-873a-0757a6d28224/1/CGZINfiq_mFJcf-oaD-fdL9ND_Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/cef3b5-a848-43d5-873a-0757a6d28224/1/CGZINfiq_mFJcf-oaD-fdL9ND_Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/CGZINfiq_mFJcf-oaD-fdL9ND_Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:6a:12:f0:bb:31:f4:c2:75:b1:f3:14:61:02:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08664835f8aafe614971ffa8683f9f74bf4d0ff4
Validity
Not Before: Nov 11 08:00:41 2025 GMT
Not After : Nov 12 08:00:41 2025 GMT
Subject: CN=9b81e25d1c846047510182ac613a0ac3b4ea5f44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:68:b2:d4:2f:15:bd:15:61:81:75:e5:9c:72:
ae:3a:96:2e:80:9e:46:d3:47:ce:12:7a:9c:22:10:
7f:7a:d7:1a:8e:b6:76:74:68:2f:4b:ce:3e:dd:de:
8f:d7:fa:ad:1f:5c:98:77:40:f0:2e:06:8f:d7:f0:
04:24:2a:86:46:23:f4:01:dc:bb:ba:c6:5e:0c:09:
61:f3:2a:2c:05:cd:ed:cc:2b:88:fb:ea:a3:39:07:
b0:a1:bf:6a:f9:e0:d5:8e:cf:00:6e:62:9d:1d:ac:
5e:23:65:a8:88:d6:b2:9e:c5:6c:5a:b3:1c:a7:14:
15:f7:d9:f7:cc:8f:06:72:8a:8f:1a:98:99:d7:b9:
bd:3b:4c:e1:e9:dc:f7:2d:bb:7b:da:e4:d3:74:bd:
a0:5e:eb:39:ff:b5:88:1d:da:3e:f2:4c:a2:7e:a4:
5c:dd:65:1a:c5:0e:20:93:ee:f3:86:70:76:95:38:
48:ac:29:6b:28:d7:5b:b0:e4:b3:b0:97:b3:ad:0a:
d0:66:90:7c:0c:04:42:0e:05:b4:cb:5f:72:eb:d0:
81:35:9b:9b:b9:05:87:ff:15:a3:2b:c0:39:33:24:
af:33:5e:8e:4e:1e:3c:ed:9f:1b:6c:c7:fc:04:13:
60:35:49:d3:17:c3:0b:df:f9:11:89:8d:a7:43:18:
f2:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:81:E2:5D:1C:84:60:47:51:01:82:AC:61:3A:0A:C3:B4:EA:5F:44
X509v3 Authority Key Identifier:
keyid:08:66:48:35:F8:AA:FE:61:49:71:FF:A8:68:3F:9F:74:BF:4D:0F:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CGZINfiq_mFJcf-oaD-fdL9ND_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/cef3b5-a848-43d5-873a-0757a6d28224/1/CGZINfiq_mFJcf-oaD-fdL9ND_Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/cef3b5-a848-43d5-873a-0757a6d28224/1/CGZINfiq_mFJcf-oaD-fdL9ND_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8b:3c:a6:17:4f:e0:4e:b1:7b:2e:4f:a7:b9:8f:b1:ec:45:24:
cd:5a:76:79:52:52:f8:d5:f9:5b:4d:12:d4:4e:81:b2:0a:36:
c7:be:13:8d:fb:ac:c0:fd:7c:da:97:83:48:cf:68:47:56:cd:
a6:4c:30:f5:a4:b4:ce:c4:cd:c4:82:20:b8:f9:9f:13:74:47:
f6:ea:ff:aa:6a:87:73:fb:b7:99:25:6e:ab:7c:f7:e9:97:d3:
3b:39:30:b8:51:d1:c3:e7:4d:07:ae:bf:bf:f3:c5:d6:bd:e5:
07:40:44:2f:ef:71:df:72:59:49:84:67:8e:d6:8d:4e:12:23:
fd:90:1e:5a:92:d8:83:28:29:c2:7a:5d:db:53:35:d3:18:2e:
d0:84:f5:fd:a7:32:7e:33:a4:b4:f1:da:43:41:12:d8:61:d2:
c1:59:71:f6:d6:61:99:39:de:45:d9:6f:3d:c8:d0:4e:fd:da:
92:86:be:74:78:63:52:b7:70:42:9a:a7:a8:56:e3:5e:3b:0b:
b8:ca:db:9a:b3:a4:4d:6b:8f:db:e1:d3:d6:6c:2d:d1:22:f4:
35:b4:de:4a:cf:13:27:b1:a1:c0:49:55:84:9f:74:9c:bf:2a:
92:b6:c8:c0:4f:94:bf:35:9d:dc:d6:3d:55:d0:f7:24:f6:cc:
25:2f:f4:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7moS8Lsx9MJ1sfMUYQJbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4NjY0ODM1ZjhhYWZlNjE0OTcxZmZhODY4M2Y5Zjc0YmY0
ZDBmZjQwHhcNMjUxMTExMDgwMDQxWhcNMjUxMTEyMDgwMDQxWjAzMTEwLwYDVQQD
Eyg5YjgxZTI1ZDFjODQ2MDQ3NTEwMTgyYWM2MTNhMGFjM2I0ZWE1ZjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmiy1C8VvRVhgXXlnHKuOpYugJ5G
00fOEnqcIhB/etcajrZ2dGgvS84+3d6P1/qtH1yYd0DwLgaP1/AEJCqGRiP0Ady7
usZeDAlh8yosBc3tzCuI++qjOQewob9q+eDVjs8AbmKdHaxeI2WoiNaynsVsWrMc
pxQV99n3zI8GcoqPGpiZ17m9O0zh6dz3Lbt72uTTdL2gXus5/7WIHdo+8kyifqRc
3WUaxQ4gk+7zhnB2lThIrClrKNdbsOSzsJezrQrQZpB8DARCDgW0y19y69CBNZub
uQWH/xWjK8A5MySvM16OTh487Z8bbMf8BBNgNUnTF8ML3/kRiY2nQxjyaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJuB4l0chGBHUQGCrGE6CsO06l9EMB8GA1UdIwQY
MBaAFAhmSDX4qv5hSXH/qGg/n3S/TQ/0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0daSU5maXFfbUZKY2Ytb2FELWZkTDlORF9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jZWYzYjUtYTg0OC00M2Q1LTg3M2Et
MDc1N2E2ZDI4MjI0LzEvQ0daSU5maXFfbUZKY2Ytb2FELWZkTDlORF9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jZWYzYjUtYTg0OC00M2Q1LTg3M2EtMDc1N2E2ZDI4MjI0
LzEvQ0daSU5maXFfbUZKY2Ytb2FELWZkTDlORF9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAizymF0/g
TrF7Lk+nuY+x7EUkzVp2eVJS+NX5W00S1E6Bsgo2x74TjfuswP182peDSM9oR1bN
pkww9aS0zsTNxIIguPmfE3RH9ur/qmqHc/u3mSVuq3z36ZfTOzkwuFHRw+dNB66/
v/PF1r3lB0BEL+9x33JZSYRnjtaNThIj/ZAeWpLYgygpwnpd21M10xgu0IT1/acy
fjOktPHaQ0ES2GHSwVlx9tZhmTneRdlvPcjQTv3akoa+dHhjUrdwQpqnqFbjXjsL
uMrbmrOkTWuP2+HT1mwt0SL0NbTeSs8TJ7GhwElVhJ90nL8qkrbIwE+UvzWd3NY9
VdD3JPbMJS/03g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:38:44 2025 by rpki-client