Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
File: cHl9sHv21Fl6wtyL40-JKYAI8s0.mft (raw, json)
Hash identifier: /nvpKnAhPvuMcIL22TXO9VPGkF9IrZttfwXhYgd5SQc=
Subject key identifier: EE:46:5B:90:C1:12:89:1B:0D:1C:DD:50:0F:87:CE:59:BE:F4:2E:20
Authority key identifier: 70:79:7D:B0:7B:F6:D4:59:7A:C2:DC:8B:E3:4F:89:29:80:08:F2:CD
Certificate issuer: /CN=70797db07bf6d4597ac2dc8be34f89298008f2cd
Certificate serial: 019A73387401B2D11CAD2F314F71FC923AD4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
Manifest number: 1724
Signing time: Tue 11 Nov 2025 14:01:10 +0000
Manifest this update: Tue 11 Nov 2025 14:01:10 +0000
Manifest next update: Wed 12 Nov 2025 14:01:10 +0000
Files and hashes: 1: aSlfyLBw9tgMgXUQzZob6GMDMuM.roa (hash: DQ6riuAx/+y5wvPOEmkDzdZnToFJiPSBUt3sxo+9O3s=)
2: cHl9sHv21Fl6wtyL40-JKYAI8s0.crl (hash: K+iPB891XmN3V1GyFrbfVbS8ZP3JZrM4IpMFsomRqEw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:38:74:01:b2:d1:1c:ad:2f:31:4f:71:fc:92:3a:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70797db07bf6d4597ac2dc8be34f89298008f2cd
Validity
Not Before: Nov 11 14:01:10 2025 GMT
Not After : Nov 12 14:01:10 2025 GMT
Subject: CN=ee465b90c112891b0d1cdd500f87ce59bef42e20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:06:f2:ee:d8:22:9f:21:05:67:75:15:8f:a1:
c6:a8:9c:fe:a4:66:8c:4b:03:df:ce:14:bb:27:5d:
30:59:ef:79:f6:f8:f3:9c:d6:1e:4f:f6:58:28:35:
02:dc:37:2e:01:6b:d7:8b:19:1b:ec:6a:20:79:58:
21:6f:97:1e:2f:27:06:b5:38:d6:62:96:0f:e3:86:
a3:82:ce:78:33:90:e5:da:4e:a1:f9:15:9a:07:66:
55:fe:25:a8:88:38:5c:e1:e7:5a:0c:77:91:a7:dc:
93:f4:2a:cc:ff:e4:11:c8:ce:8d:0f:14:8f:79:49:
fb:12:1b:d8:b9:c3:5f:2f:fb:1f:36:76:03:3b:09:
c1:21:a9:b3:c7:ec:12:e8:49:09:14:92:88:3e:fc:
3a:35:fc:b3:3f:d0:c1:6d:d2:4f:3f:6b:0d:d9:f2:
4b:c3:18:c9:5a:05:f1:b1:0a:c6:41:51:e0:7f:bb:
8b:c2:e2:ad:52:a8:c0:57:e5:d8:17:01:8e:b6:52:
57:f4:90:70:78:bd:02:22:9e:f1:91:c4:1e:47:16:
fa:6b:7f:8b:5e:dc:38:ce:b5:e9:bf:20:f7:bc:89:
0d:86:fa:ae:7f:1b:ae:46:4e:51:22:90:e7:aa:05:
07:46:f2:bd:11:1a:56:52:6a:28:26:de:ea:68:43:
1b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:46:5B:90:C1:12:89:1B:0D:1C:DD:50:0F:87:CE:59:BE:F4:2E:20
X509v3 Authority Key Identifier:
keyid:70:79:7D:B0:7B:F6:D4:59:7A:C2:DC:8B:E3:4F:89:29:80:08:F2:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
84:bd:7d:27:30:6a:fb:38:f6:52:1a:a1:1a:1c:cf:55:1f:24:
44:c8:1c:80:7d:b0:63:64:d3:22:c5:d3:45:ee:20:d3:0a:e1:
3d:65:65:1d:82:9a:66:05:17:f5:ed:e7:01:bc:7c:d3:f3:75:
54:1f:8b:86:4b:67:1a:d3:b1:23:62:60:95:5c:5c:9b:c7:18:
b4:e5:b6:3d:9c:e3:bb:ba:72:57:c8:ec:a9:c6:48:06:01:b1:
ec:96:ac:87:43:4b:75:83:15:f7:b0:76:a4:7d:6d:de:c5:9f:
4c:21:45:11:25:72:63:c0:0b:35:49:fd:49:da:4f:04:8f:3c:
30:98:e1:f7:24:75:3c:b8:53:ef:96:f8:55:53:d5:80:ae:2e:
dd:74:e8:f2:37:58:a6:12:a3:db:1a:52:70:42:1f:56:34:4d:
21:a1:72:02:ee:e6:1a:5f:bf:4c:eb:5b:a9:91:83:50:24:48:
73:90:26:a0:03:52:17:13:c6:8f:72:14:c0:6a:a3:37:e2:03:
5e:6d:d4:1c:6d:97:07:32:25:da:82:1b:db:3e:40:be:7a:f9:
1a:99:fd:97:96:8e:c9:f4:bb:3c:56:3b:52:35:9b:21:4b:90:
b4:98:1c:53:20:37:fb:a8:ef:14:38:d8:b9:fe:fd:a1:62:c4:
63:7b:9b:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzOHQBstEcrS8xT3H8kjrUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNzk3ZGIwN2JmNmQ0NTk3YWMyZGM4YmUzNGY4OTI5ODAw
OGYyY2QwHhcNMjUxMTExMTQwMTEwWhcNMjUxMTEyMTQwMTEwWjAzMTEwLwYDVQQD
EyhlZTQ2NWI5MGMxMTI4OTFiMGQxY2RkNTAwZjg3Y2U1OWJlZjQyZTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgby7tginyEFZ3UVj6HGqJz+pGaM
SwPfzhS7J10wWe959vjznNYeT/ZYKDUC3DcuAWvXixkb7GogeVghb5ceLycGtTjW
YpYP44ajgs54M5Dl2k6h+RWaB2ZV/iWoiDhc4edaDHeRp9yT9CrM/+QRyM6NDxSP
eUn7EhvYucNfL/sfNnYDOwnBIamzx+wS6EkJFJKIPvw6NfyzP9DBbdJPP2sN2fJL
wxjJWgXxsQrGQVHgf7uLwuKtUqjAV+XYFwGOtlJX9JBweL0CIp7xkcQeRxb6a3+L
Xtw4zrXpvyD3vIkNhvqufxuuRk5RIpDnqgUHRvK9ERpWUmooJt7qaEMbLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO5GW5DBEokbDRzdUA+Hzlm+9C4gMB8GA1UdIwQY
MBaAFHB5fbB79tRZesLci+NPiSmACPLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9jMmVlN2EtY2JiNy00NzBlLWI5NjUt
OTA3ZGFhNDY0NjNiLzEvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9jMmVlN2EtY2JiNy00NzBlLWI5NjUtOTA3ZGFhNDY0NjNi
LzEvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhL19JzBq
+zj2UhqhGhzPVR8kRMgcgH2wY2TTIsXTRe4g0wrhPWVlHYKaZgUX9e3nAbx80/N1
VB+LhktnGtOxI2JglVxcm8cYtOW2PZzju7pyV8jsqcZIBgGx7Jash0NLdYMV97B2
pH1t3sWfTCFFESVyY8ALNUn9SdpPBI88MJjh9yR1PLhT75b4VVPVgK4u3XTo8jdY
phKj2xpScEIfVjRNIaFyAu7mGl+/TOtbqZGDUCRIc5AmoANSFxPGj3IUwGqjN+ID
Xm3UHG2XBzIl2oIb2z5Avnr5Gpn9l5aOyfS7PFY7UjWbIUuQtJgcUyA3+6jvFDjY
uf79oWLEY3ubMw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:17:34 2025 by rpki-client