Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/212a76-7934-4cc1-82c4-f5618477f8d4/1/cF3hUpBmZK56yfIIesTQBoWl1_A.mft
File: cF3hUpBmZK56yfIIesTQBoWl1_A.mft (raw, json)
Hash identifier: cMLy0iBDlWKOvLLKKeMx8D34z5McUOaMvmYSJ6L7X/w=
Subject key identifier: 4F:49:DC:DF:AA:D5:DE:5C:1C:D1:E8:2C:98:15:16:C4:62:92:6D:35
Authority key identifier: 70:5D:E1:52:90:66:64:AE:7A:C9:F2:08:7A:C4:D0:06:85:A5:D7:F0
Certificate issuer: /CN=705de152906664ae7ac9f2087ac4d00685a5d7f0
Certificate serial: 019A70DBFD30CFE23DC41C985C28A5871C31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cF3hUpBmZK56yfIIesTQBoWl1_A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/212a76-7934-4cc1-82c4-f5618477f8d4/1/cF3hUpBmZK56yfIIesTQBoWl1_A.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 03:00:56 +0000
Manifest this update: Tue 11 Nov 2025 03:00:56 +0000
Manifest next update: Wed 12 Nov 2025 03:00:56 +0000
Files and hashes: 1: TKoxALo9u8PRYJQQjNMDBzOManE.roa (hash: e6LRQQhGn2Pm43QUsi5AMgfehOrdW1tISUFnEIiJny4=)
2: cF3hUpBmZK56yfIIesTQBoWl1_A.crl (hash: XL3ad/I2SxTBd6OfIO+V5pVC/hkGIAb6Snfw791noGY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/212a76-7934-4cc1-82c4-f5618477f8d4/1/cF3hUpBmZK56yfIIesTQBoWl1_A.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/212a76-7934-4cc1-82c4-f5618477f8d4/1/cF3hUpBmZK56yfIIesTQBoWl1_A.mft
rsync://rpki.ripe.net/repository/DEFAULT/cF3hUpBmZK56yfIIesTQBoWl1_A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:db:fd:30:cf:e2:3d:c4:1c:98:5c:28:a5:87:1c:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=705de152906664ae7ac9f2087ac4d00685a5d7f0
Validity
Not Before: Nov 11 03:00:56 2025 GMT
Not After : Nov 12 03:00:56 2025 GMT
Subject: CN=4f49dcdfaad5de5c1cd1e82c981516c462926d35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:99:d0:91:bb:01:89:9f:85:2a:ae:47:da:dd:
15:24:74:ca:78:10:9d:da:6d:28:0c:21:96:e0:26:
30:1c:e4:a3:60:bd:6d:e5:6f:94:5d:69:54:38:22:
e0:aa:de:7e:53:70:31:be:2c:ba:c0:2b:c2:01:7c:
35:05:72:01:26:98:e7:ea:a4:2e:00:94:f8:eb:83:
8f:37:5a:f6:21:55:3b:02:57:ad:20:ea:c0:1c:e0:
97:08:6b:00:b9:fc:f6:17:cc:f3:cf:58:49:dc:fd:
c1:f2:58:6e:07:3b:fd:2d:a6:4c:ae:9a:17:41:e4:
2d:6d:24:2b:11:08:c6:90:8d:18:14:7b:58:a6:28:
9b:5a:59:8f:d2:db:6d:8c:3c:43:19:89:a2:6f:4d:
70:52:6b:4c:75:e2:35:b2:7c:97:86:8e:3a:6b:27:
9f:37:13:1a:fc:2c:80:52:c9:b7:92:c8:42:6b:32:
9b:b7:9a:36:57:5a:bd:7b:bd:b0:ec:f9:ab:9c:3c:
07:00:68:92:25:07:ae:9b:1c:08:fa:05:c7:a0:64:
49:90:ee:43:88:9d:63:8a:82:89:02:39:e7:dc:55:
e1:8a:54:6b:1b:28:43:3c:fa:58:6d:cf:8c:e5:cd:
ed:99:44:24:1c:de:9d:85:8b:5d:ab:d8:98:48:28:
e0:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:49:DC:DF:AA:D5:DE:5C:1C:D1:E8:2C:98:15:16:C4:62:92:6D:35
X509v3 Authority Key Identifier:
keyid:70:5D:E1:52:90:66:64:AE:7A:C9:F2:08:7A:C4:D0:06:85:A5:D7:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cF3hUpBmZK56yfIIesTQBoWl1_A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/212a76-7934-4cc1-82c4-f5618477f8d4/1/cF3hUpBmZK56yfIIesTQBoWl1_A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/212a76-7934-4cc1-82c4-f5618477f8d4/1/cF3hUpBmZK56yfIIesTQBoWl1_A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2b:f3:6e:ca:64:91:3d:f1:cd:5b:72:6e:dc:32:19:32:a6:ce:
1a:b2:bc:35:9f:ec:7b:f4:c6:49:d0:91:75:47:f4:da:3a:c1:
d1:93:27:79:58:c3:9e:ad:74:53:56:7d:f1:75:53:9b:0b:0a:
38:61:fd:94:8d:b2:33:2e:e8:7f:25:d1:37:b9:69:d0:2c:b0:
9e:24:11:cf:eb:08:4f:6d:cd:51:05:78:c0:0e:d2:c2:46:30:
d9:d8:b3:23:39:6b:de:12:2b:c6:62:2b:46:f0:17:11:4c:c4:
62:6e:86:8d:9e:23:e0:3a:a6:a3:90:b3:bd:d6:32:2c:7e:e4:
53:84:3e:07:49:1b:a5:f9:6c:87:9a:47:0c:33:cd:52:99:61:
f6:ff:b6:f7:e0:bd:f1:1b:d8:6f:d2:c9:a9:1f:3a:02:d4:c6:
9f:4a:99:42:b2:1e:24:c7:c8:c5:46:ec:8a:c9:8c:31:7c:39:
ec:f5:87:4b:ef:63:a9:a9:73:19:91:b1:aa:2e:e9:3e:7f:4b:
35:fe:4d:9f:aa:94:29:e1:23:af:9f:40:88:22:ce:39:b6:17:
12:a4:d6:fa:66:d7:a3:56:5b:b2:e9:df:e1:6e:45:d8:28:df:
0b:99:bd:ba:01:d6:77:f4:92:44:94:ec:9f:e4:9d:ce:55:f0:
d0:c8:f9:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw2/0wz+I9xByYXCilhxwxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNWRlMTUyOTA2NjY0YWU3YWM5ZjIwODdhYzRkMDA2ODVh
NWQ3ZjAwHhcNMjUxMTExMDMwMDU2WhcNMjUxMTEyMDMwMDU2WjAzMTEwLwYDVQQD
Eyg0ZjQ5ZGNkZmFhZDVkZTVjMWNkMWU4MmM5ODE1MTZjNDYyOTI2ZDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspnQkbsBiZ+FKq5H2t0VJHTKeBCd
2m0oDCGW4CYwHOSjYL1t5W+UXWlUOCLgqt5+U3Axviy6wCvCAXw1BXIBJpjn6qQu
AJT464OPN1r2IVU7AletIOrAHOCXCGsAufz2F8zzz1hJ3P3B8lhuBzv9LaZMrpoX
QeQtbSQrEQjGkI0YFHtYpiibWlmP0tttjDxDGYmib01wUmtMdeI1snyXho46ayef
NxMa/CyAUsm3kshCazKbt5o2V1q9e72w7PmrnDwHAGiSJQeumxwI+gXHoGRJkO5D
iJ1jioKJAjnn3FXhilRrGyhDPPpYbc+M5c3tmUQkHN6dhYtdq9iYSCjgSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE9J3N+q1d5cHNHoLJgVFsRikm01MB8GA1UdIwQY
MBaAFHBd4VKQZmSuesnyCHrE0AaFpdfwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0YzaFVwQm1aSzU2eWZJSWVzVFFCb1dsMV9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi8yMTJhNzYtNzkzNC00Y2MxLTgyYzQt
ZjU2MTg0NzdmOGQ0LzEvY0YzaFVwQm1aSzU2eWZJSWVzVFFCb1dsMV9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi8yMTJhNzYtNzkzNC00Y2MxLTgyYzQtZjU2MTg0NzdmOGQ0
LzEvY0YzaFVwQm1aSzU2eWZJSWVzVFFCb1dsMV9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK/NuymSR
PfHNW3Ju3DIZMqbOGrK8NZ/se/TGSdCRdUf02jrB0ZMneVjDnq10U1Z98XVTmwsK
OGH9lI2yMy7ofyXRN7lp0CywniQRz+sIT23NUQV4wA7SwkYw2dizIzlr3hIrxmIr
RvAXEUzEYm6GjZ4j4Dqmo5CzvdYyLH7kU4Q+B0kbpflsh5pHDDPNUplh9v+29+C9
8RvYb9LJqR86AtTGn0qZQrIeJMfIxUbsismMMXw57PWHS+9jqalzGZGxqi7pPn9L
Nf5Nn6qUKeEjr59AiCLOObYXEqTW+mbXo1Zbsunf4W5F2CjfC5m9ugHWd/SSRJTs
n+SdzlXw0Mj55Q==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:47:27 2025 by rpki-client