Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/52476d-a794-47d5-8f50-aeda824678d4/1/cr0ONuHCAjBKNRM7EWZmJeXW5e8.mft
File: cr0ONuHCAjBKNRM7EWZmJeXW5e8.mft (raw, json)
Hash identifier: n7Sr9b/oy3gXziZtUpY2juDv+d5Q7LlTD6EzHd1RY+c=
Subject key identifier: 5C:3D:63:CA:4C:5A:68:48:B4:69:F8:F8:CE:68:B7:7F:34:1F:10:8E
Authority key identifier: 72:BD:0E:36:E1:C2:02:30:4A:35:13:3B:11:66:66:25:E5:D6:E5:EF
Certificate issuer: /CN=72bd0e36e1c202304a35133b11666625e5d6e5ef
Certificate serial: 019A71B91DB8DD60AB53535AFFBCE28ED48A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cr0ONuHCAjBKNRM7EWZmJeXW5e8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/52476d-a794-47d5-8f50-aeda824678d4/1/cr0ONuHCAjBKNRM7EWZmJeXW5e8.mft
Manifest number: 0AC0
Signing time: Tue 11 Nov 2025 07:02:28 +0000
Manifest this update: Tue 11 Nov 2025 07:02:28 +0000
Manifest next update: Wed 12 Nov 2025 07:02:28 +0000
Files and hashes: 1: YJ__Jpr1denKLIU4A4wwpaBEGuM.roa (hash: HQMvWJSgBySt+TDaIiCe+VSZte2lW30WZtz1IJWSvxM=)
2: cr0ONuHCAjBKNRM7EWZmJeXW5e8.crl (hash: uYxkxhNnEFTiIe2uqzE+ebRplCoBeuKCHjw4fbVkxnw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/52476d-a794-47d5-8f50-aeda824678d4/1/cr0ONuHCAjBKNRM7EWZmJeXW5e8.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/52476d-a794-47d5-8f50-aeda824678d4/1/cr0ONuHCAjBKNRM7EWZmJeXW5e8.mft
rsync://rpki.ripe.net/repository/DEFAULT/cr0ONuHCAjBKNRM7EWZmJeXW5e8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b9:1d:b8:dd:60:ab:53:53:5a:ff:bc:e2:8e:d4:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72bd0e36e1c202304a35133b11666625e5d6e5ef
Validity
Not Before: Nov 11 07:02:28 2025 GMT
Not After : Nov 12 07:02:28 2025 GMT
Subject: CN=5c3d63ca4c5a6848b469f8f8ce68b77f341f108e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f5:95:12:f1:2b:b3:ce:2a:44:53:77:15:9b:
b3:8e:59:6a:07:33:fa:11:53:74:eb:b8:4c:b2:40:
2b:59:cd:bc:7b:7c:55:ed:b4:e3:73:25:04:c2:a3:
22:0c:5f:f2:23:39:9c:b4:2b:a7:a1:27:de:2a:b2:
47:33:22:08:6c:32:1b:09:4d:33:0e:3f:e6:43:c8:
84:f5:f7:6a:d7:c8:ae:6b:80:20:cd:a0:8e:1e:2f:
84:a2:3f:51:7f:5a:2e:5e:2d:1f:28:50:34:c5:d4:
2f:c2:0f:fa:e9:9a:6e:94:b9:ae:35:0d:83:70:57:
a6:e4:51:e4:cc:8b:20:d4:f1:f1:50:08:74:78:b6:
08:5d:92:15:64:2b:99:72:8c:5f:2d:49:c7:ed:06:
0b:77:3a:bf:a7:75:f9:e6:90:5d:e6:47:d9:e2:9d:
ec:f5:8e:e2:ff:f0:38:2f:06:04:dd:b4:a9:d3:86:
49:76:79:7b:4e:16:7f:d0:e1:e9:2d:0f:0f:a7:30:
12:d9:bb:fe:f0:0e:2d:85:11:83:c0:da:1f:7e:2f:
21:e7:aa:24:10:4e:26:c3:28:bd:e7:cb:be:e0:80:
74:c7:e3:be:c2:55:e6:77:0f:65:c9:e4:eb:fd:9f:
8d:31:c0:52:38:06:3b:50:79:f2:8d:00:5f:01:e1:
3a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:3D:63:CA:4C:5A:68:48:B4:69:F8:F8:CE:68:B7:7F:34:1F:10:8E
X509v3 Authority Key Identifier:
keyid:72:BD:0E:36:E1:C2:02:30:4A:35:13:3B:11:66:66:25:E5:D6:E5:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cr0ONuHCAjBKNRM7EWZmJeXW5e8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/52476d-a794-47d5-8f50-aeda824678d4/1/cr0ONuHCAjBKNRM7EWZmJeXW5e8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/52476d-a794-47d5-8f50-aeda824678d4/1/cr0ONuHCAjBKNRM7EWZmJeXW5e8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
55:09:e8:6b:da:67:dd:e2:a5:8f:04:25:0d:0c:2c:82:7c:71:
27:6b:e0:9c:b1:b5:47:da:57:f7:b9:c0:39:77:cc:08:01:93:
ee:b6:df:c8:89:42:a8:44:b0:43:73:d6:c9:93:d0:16:ef:8a:
bc:15:0d:56:98:58:f7:37:2b:0e:f0:55:fc:c2:a7:7a:9f:c4:
a4:26:36:71:60:ee:56:8d:0c:6a:fe:76:28:87:2f:4b:4f:63:
a5:3b:05:a0:69:bd:5a:a7:08:5d:7f:0a:ac:0c:da:7b:10:10:
0d:bc:65:c5:73:16:7d:56:70:a6:1f:25:a3:e3:30:fb:b4:2f:
f9:20:51:52:40:92:ae:81:b0:45:e1:e1:7f:a7:61:27:8b:1c:
f8:93:ca:36:86:5b:5e:2c:59:42:c8:17:cf:87:cb:2d:e2:bb:
64:5e:ef:5c:82:4a:e4:86:98:ad:1e:7a:82:a8:95:5c:9a:81:
2f:08:69:db:61:e8:f2:8b:f6:23:4c:59:35:bd:5a:a1:42:0d:
eb:71:e2:18:0b:19:8c:fc:fd:55:ec:8d:d4:e5:58:42:0d:e8:
11:69:7c:d5:66:f1:52:e9:7b:ae:57:4b:e8:c2:30:ed:b7:3f:
b2:15:15:d3:ea:a2:49:10:ed:72:3d:98:ad:8a:c8:95:cc:4e:
e0:42:1d:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuR243WCrU1Na/7zijtSKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYmQwZTM2ZTFjMjAyMzA0YTM1MTMzYjExNjY2NjI1ZTVk
NmU1ZWYwHhcNMjUxMTExMDcwMjI4WhcNMjUxMTEyMDcwMjI4WjAzMTEwLwYDVQQD
Eyg1YzNkNjNjYTRjNWE2ODQ4YjQ2OWY4ZjhjZTY4Yjc3ZjM0MWYxMDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovWVEvErs84qRFN3FZuzjllqBzP6
EVN067hMskArWc28e3xV7bTjcyUEwqMiDF/yIzmctCunoSfeKrJHMyIIbDIbCU0z
Dj/mQ8iE9fdq18iua4AgzaCOHi+Eoj9Rf1ouXi0fKFA0xdQvwg/66ZpulLmuNQ2D
cFem5FHkzIsg1PHxUAh0eLYIXZIVZCuZcoxfLUnH7QYLdzq/p3X55pBd5kfZ4p3s
9Y7i//A4LwYE3bSp04ZJdnl7ThZ/0OHpLQ8PpzAS2bv+8A4thRGDwNoffi8h56ok
EE4mwyi958u+4IB0x+O+wlXmdw9lyeTr/Z+NMcBSOAY7UHnyjQBfAeE6OQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFw9Y8pMWmhItGn4+M5ot380HxCOMB8GA1UdIwQY
MBaAFHK9DjbhwgIwSjUTOxFmZiXl1uXvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3IwT051SENBakJLTlJNN0VXWm1KZVhXNWU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC81MjQ3NmQtYTc5NC00N2Q1LThmNTAt
YWVkYTgyNDY3OGQ0LzEvY3IwT051SENBakJLTlJNN0VXWm1KZVhXNWU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC81MjQ3NmQtYTc5NC00N2Q1LThmNTAtYWVkYTgyNDY3OGQ0
LzEvY3IwT051SENBakJLTlJNN0VXWm1KZVhXNWU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVQnoa9pn
3eKljwQlDQwsgnxxJ2vgnLG1R9pX97nAOXfMCAGT7rbfyIlCqESwQ3PWyZPQFu+K
vBUNVphY9zcrDvBV/MKnep/EpCY2cWDuVo0Mav52KIcvS09jpTsFoGm9WqcIXX8K
rAzaexAQDbxlxXMWfVZwph8lo+Mw+7Qv+SBRUkCSroGwReHhf6dhJ4sc+JPKNoZb
XixZQsgXz4fLLeK7ZF7vXIJK5IaYrR56gqiVXJqBLwhp22Ho8ov2I0xZNb1aoUIN
63HiGAsZjPz9VeyN1OVYQg3oEWl81WbxUul7rldL6MIw7bc/shUV0+qiSRDtcj2Y
rYrIlcxO4EIdIg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:45:20 2025 by rpki-client