Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/434849-89da-43ae-b2be-66cd01961e46/1/CUSqrH8uuymBwkdj6z1gRe-9bwY.mft
File: CUSqrH8uuymBwkdj6z1gRe-9bwY.mft (raw, json)
Hash identifier: 7kiAoaSJCGjRx8o+0K7Gk9sSo54nPAAOF1siC0c3fSo=
Subject key identifier: D7:21:7E:FE:18:86:17:43:3A:29:61:DC:12:C7:6C:C5:65:CF:64:6B
Authority key identifier: 09:44:AA:AC:7F:2E:BB:29:81:C2:47:63:EB:3D:60:45:EF:BD:6F:06
Certificate issuer: /CN=0944aaac7f2ebb2981c24763eb3d6045efbd6f06
Certificate serial: 019A25C1BDA92403D17C7A0B03605D3155EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CUSqrH8uuymBwkdj6z1gRe-9bwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/434849-89da-43ae-b2be-66cd01961e46/1/CUSqrH8uuymBwkdj6z1gRe-9bwY.mft
Manifest number: 0D37
Signing time: Mon 27 Oct 2025 13:00:45 +0000
Manifest this update: Mon 27 Oct 2025 13:00:45 +0000
Manifest next update: Tue 28 Oct 2025 13:00:45 +0000
Files and hashes: 1: CUSqrH8uuymBwkdj6z1gRe-9bwY.crl (hash: rzQvHnuR1Otp72ClDxi2rib1CAHSPKBQkgyC+ndrC64=)
2: U0OBxV0NmzWdhOROB_4XE_nOuxo.roa (hash: R0oHniHcgRLjr+xP295YEa+yjJ7+h87sW92ahFuO7CI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/434849-89da-43ae-b2be-66cd01961e46/1/CUSqrH8uuymBwkdj6z1gRe-9bwY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/434849-89da-43ae-b2be-66cd01961e46/1/CUSqrH8uuymBwkdj6z1gRe-9bwY.mft
rsync://rpki.ripe.net/repository/DEFAULT/CUSqrH8uuymBwkdj6z1gRe-9bwY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 08:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:25:c1:bd:a9:24:03:d1:7c:7a:0b:03:60:5d:31:55:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0944aaac7f2ebb2981c24763eb3d6045efbd6f06
Validity
Not Before: Oct 27 13:00:45 2025 GMT
Not After : Oct 28 13:00:45 2025 GMT
Subject: CN=d7217efe188617433a2961dc12c76cc565cf646b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:53:4b:96:e2:42:87:f2:89:a4:2c:a2:a5:43:
84:f6:9a:b0:4d:9c:1a:e4:c9:84:e4:ed:98:96:39:
3d:3f:c8:23:c8:ff:c1:dc:20:8a:60:4c:be:a9:19:
9c:9b:b6:7d:9e:98:6e:b9:41:c7:be:ca:e7:bd:a2:
37:e0:1b:7d:c5:ac:78:b5:32:34:b7:f6:17:8e:99:
32:cc:4c:61:73:a5:83:6d:8c:b6:26:4c:ad:b0:82:
fa:b3:b9:11:0b:d2:8a:e7:c0:8a:bc:f0:74:5f:0c:
cb:bf:80:e0:f0:6b:a0:30:6b:45:b2:83:84:6a:62:
49:28:dd:d9:cd:35:64:78:f6:f1:7a:a5:8e:58:07:
9d:0d:00:0c:9b:50:30:92:2b:c9:94:2b:28:6f:b9:
d3:0f:4f:7c:6b:8e:84:7e:72:31:e3:a1:8b:a6:b2:
d0:f0:8e:c0:8a:40:46:e7:a3:79:e9:d5:1b:24:cb:
3d:1d:28:4e:da:d6:ba:3c:5f:f9:04:e8:e9:d8:f3:
25:73:93:e5:20:e6:9c:f5:e8:23:43:99:52:33:1f:
ef:a2:b4:b1:23:b0:51:2c:b5:45:db:0c:f7:d0:fc:
15:ba:2c:f9:03:3f:f4:06:9d:22:d3:20:82:1f:33:
89:30:0a:6d:85:5f:3a:55:1c:4b:4a:f6:a1:86:f0:
eb:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:21:7E:FE:18:86:17:43:3A:29:61:DC:12:C7:6C:C5:65:CF:64:6B
X509v3 Authority Key Identifier:
keyid:09:44:AA:AC:7F:2E:BB:29:81:C2:47:63:EB:3D:60:45:EF:BD:6F:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CUSqrH8uuymBwkdj6z1gRe-9bwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/434849-89da-43ae-b2be-66cd01961e46/1/CUSqrH8uuymBwkdj6z1gRe-9bwY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/434849-89da-43ae-b2be-66cd01961e46/1/CUSqrH8uuymBwkdj6z1gRe-9bwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
07:d5:f5:23:bd:9f:86:ed:33:46:2f:20:6d:fd:aa:de:1e:3b:
47:0a:80:68:6d:56:6c:d2:4a:fc:33:5c:84:79:26:a1:fc:36:
7b:18:2a:4e:8e:89:00:85:5c:7b:99:68:eb:47:cc:c9:30:2f:
13:9d:1b:05:dd:63:f7:4e:6d:25:a0:fa:bd:31:2e:24:4b:b7:
30:77:d0:a6:86:c1:ce:bf:06:ea:69:e9:3f:0c:6f:61:11:d4:
ce:b3:7d:50:87:b3:05:6a:c7:93:e3:f0:e3:66:c0:94:df:7f:
1e:3d:be:2b:7c:ae:e6:b0:b2:b8:53:41:3d:c5:9c:63:e5:23:
84:21:ac:43:73:52:05:7a:84:85:89:79:0f:5f:0e:65:86:10:
9b:af:55:2b:9c:67:33:9e:ea:09:7a:81:33:b9:66:50:8a:b3:
23:f1:05:ff:34:90:2b:66:8b:1f:32:55:16:f0:05:d6:57:b5:
58:3c:cb:02:e3:47:4f:38:71:6c:3e:14:36:82:68:8a:56:da:
f7:01:bb:07:ba:0d:e1:b6:17:db:cc:74:27:3a:94:72:d8:0a:
8e:70:79:34:04:19:a3:91:d9:ee:2b:54:27:7d:ab:1f:de:20:
da:5c:63:30:0b:ac:b6:da:a5:b6:4c:4f:7d:ac:98:8e:25:a0:
fe:24:b3:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZolwb2pJAPRfHoLA2BdMVXqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NDRhYWFjN2YyZWJiMjk4MWMyNDc2M2ViM2Q2MDQ1ZWZi
ZDZmMDYwHhcNMjUxMDI3MTMwMDQ1WhcNMjUxMDI4MTMwMDQ1WjAzMTEwLwYDVQQD
EyhkNzIxN2VmZTE4ODYxNzQzM2EyOTYxZGMxMmM3NmNjNTY1Y2Y2NDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA51NLluJCh/KJpCyipUOE9pqwTZwa
5MmE5O2Yljk9P8gjyP/B3CCKYEy+qRmcm7Z9nphuuUHHvsrnvaI34Bt9xax4tTI0
t/YXjpkyzExhc6WDbYy2JkytsIL6s7kRC9KK58CKvPB0XwzLv4Dg8GugMGtFsoOE
amJJKN3ZzTVkePbxeqWOWAedDQAMm1AwkivJlCsob7nTD098a46EfnIx46GLprLQ
8I7AikBG56N56dUbJMs9HShO2ta6PF/5BOjp2PMlc5PlIOac9egjQ5lSMx/vorSx
I7BRLLVF2wz30PwVuiz5Az/0Bp0i0yCCHzOJMApthV86VRxLSvahhvDr7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNchfv4YhhdDOilh3BLHbMVlz2RrMB8GA1UdIwQY
MBaAFAlEqqx/LrspgcJHY+s9YEXvvW8GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1VTcXJIOHV1eW1Cd2tkajZ6MWdSZS05YndZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS80MzQ4NDktODlkYS00M2FlLWIyYmUt
NjZjZDAxOTYxZTQ2LzEvQ1VTcXJIOHV1eW1Cd2tkajZ6MWdSZS05YndZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS80MzQ4NDktODlkYS00M2FlLWIyYmUtNjZjZDAxOTYxZTQ2
LzEvQ1VTcXJIOHV1eW1Cd2tkajZ6MWdSZS05YndZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB9X1I72f
hu0zRi8gbf2q3h47RwqAaG1WbNJK/DNchHkmofw2exgqTo6JAIVce5lo60fMyTAv
E50bBd1j905tJaD6vTEuJEu3MHfQpobBzr8G6mnpPwxvYRHUzrN9UIezBWrHk+Pw
42bAlN9/Hj2+K3yu5rCyuFNBPcWcY+UjhCGsQ3NSBXqEhYl5D18OZYYQm69VK5xn
M57qCXqBM7lmUIqzI/EF/zSQK2aLHzJVFvAF1le1WDzLAuNHTzhxbD4UNoJoilba
9wG7B7oN4bYX28x0JzqUctgKjnB5NAQZo5HZ7itUJ32rH94g2lxjMAusttqltkxP
fayYjiWg/iSzhQ==
-----END CERTIFICATE-----
Generated at Mon Oct 27 14:31:58 2025 by rpki-client