Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft
File: cvpBoKemgQK1OrMXQtthJC91kIw.mft (raw, json)
Hash identifier: hhDdm1VM15DvBHG2yjWB/W7cz9KbLNp5zBMHyf7Uwf4=
Subject key identifier: 3B:9B:DD:A6:83:7C:46:63:83:37:A7:DC:E2:45:71:90:58:DC:98:99
Authority key identifier: 72:FA:41:A0:A7:A6:81:02:B5:3A:B3:17:42:DB:61:24:2F:75:90:8C
Certificate issuer: /CN=72fa41a0a7a68102b53ab31742db61242f75908c
Certificate serial: 019A51507027B3651321C678826635475007
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft
Manifest number: 1558
Signing time: Wed 05 Nov 2025 00:00:17 +0000
Manifest this update: Wed 05 Nov 2025 00:00:17 +0000
Manifest next update: Thu 06 Nov 2025 00:00:17 +0000
Files and hashes: 1: LPL5COduulE_WMolEzZwrGXijT4.roa (hash: H3PvlGhuhwCJd5x48Dt0jme9fPhyxLV/+QRuAD/R+ek=)
2: cvpBoKemgQK1OrMXQtthJC91kIw.crl (hash: SfAwY8Q0ORkMyMFtRR3SelPMQZKYIy7m3MrQItHkgco=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft
rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:51:50:70:27:b3:65:13:21:c6:78:82:66:35:47:50:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72fa41a0a7a68102b53ab31742db61242f75908c
Validity
Not Before: Nov 5 00:00:17 2025 GMT
Not After : Nov 6 00:00:17 2025 GMT
Subject: CN=3b9bdda6837c46638337a7dce245719058dc9899
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f6:10:46:60:5d:8d:e8:ea:0c:17:48:d2:ca:
1b:d2:e3:d2:85:8e:db:fa:a3:24:a6:34:87:80:f3:
f5:48:9b:83:38:79:24:bf:cd:62:ad:49:48:a2:a5:
ee:48:30:fd:63:99:e8:dc:ba:d0:e6:25:45:b4:2c:
82:8e:dd:36:e8:d0:dc:b6:2c:01:d2:8b:b5:f7:1f:
67:7f:69:ba:09:b6:b2:fa:61:08:be:a4:fc:68:2f:
0e:5e:8f:c2:cc:f5:16:9c:c1:33:f5:b9:0e:bc:dd:
1e:c7:d3:0a:c6:95:24:e5:dc:e3:5d:32:e3:f0:4b:
95:00:d3:41:57:91:0f:3e:36:42:f8:73:39:a9:50:
2e:c3:cf:c1:cd:2d:81:d1:75:eb:78:85:b4:a4:45:
b1:52:b8:65:2d:c2:e2:a4:0a:6c:43:02:1a:ce:54:
2a:ee:dd:ec:84:d2:e7:1c:06:ec:bb:73:d5:c2:7e:
14:f0:df:55:a9:a6:6e:56:a5:23:bc:90:04:10:09:
98:97:31:2b:d0:6a:35:57:c1:a7:06:16:b6:42:cf:
4c:59:5b:92:60:ec:ba:16:ba:55:e0:93:ea:d8:e5:
ff:c6:82:63:a0:34:b1:99:35:99:8c:9e:23:fc:2f:
8c:5b:92:39:97:4b:f5:b0:87:72:2b:5f:b4:f7:0b:
13:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:9B:DD:A6:83:7C:46:63:83:37:A7:DC:E2:45:71:90:58:DC:98:99
X509v3 Authority Key Identifier:
keyid:72:FA:41:A0:A7:A6:81:02:B5:3A:B3:17:42:DB:61:24:2F:75:90:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ab:ef:34:7a:bc:c4:49:11:c7:59:dd:d7:57:96:67:92:f9:91:
cc:53:c2:0c:3c:b3:af:85:9b:88:6c:71:c9:e6:6d:0c:6e:29:
13:b9:5f:45:e9:91:b1:54:ce:57:a5:a4:2e:a9:3f:73:ff:95:
3d:d0:3d:74:bc:ac:b7:a8:65:f3:a7:a7:e4:e2:53:e6:78:84:
f9:46:be:44:eb:82:ca:e1:4a:80:7b:d4:39:88:54:ec:4b:71:
ad:60:92:0a:94:0d:e4:7a:82:b2:0c:26:0d:ef:0e:6e:b5:36:
54:af:0f:cb:ad:d3:52:5c:0c:ef:13:30:33:b0:98:67:a8:f7:
e5:d3:24:6d:b3:c4:2c:04:45:f3:a8:10:83:fb:9c:77:b4:73:
8b:50:50:37:0e:b6:05:93:b4:9f:23:df:13:fb:fd:ea:b8:47:
d2:c3:02:5c:4f:bb:de:a6:57:09:96:3a:d8:f9:29:cf:d8:63:
c3:a8:9c:3e:b3:74:9e:11:52:5f:6e:84:db:7f:27:9c:23:ea:
c0:be:aa:29:92:0a:7c:ee:55:0f:2f:05:e6:d2:e1:12:55:b8:
41:33:d0:2d:0f:0e:72:20:d2:70:f0:5a:8b:37:5a:92:e7:5c:
c3:a7:00:70:94:50:6d:5e:d7:19:b6:09:c4:1a:d8:ac:53:3a:
81:cf:f9:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRUHAns2UTIcZ4gmY1R1AHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZmE0MWEwYTdhNjgxMDJiNTNhYjMxNzQyZGI2MTI0MmY3
NTkwOGMwHhcNMjUxMTA1MDAwMDE3WhcNMjUxMTA2MDAwMDE3WjAzMTEwLwYDVQQD
EygzYjliZGRhNjgzN2M0NjYzODMzN2E3ZGNlMjQ1NzE5MDU4ZGM5ODk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfYQRmBdjejqDBdI0sob0uPShY7b
+qMkpjSHgPP1SJuDOHkkv81irUlIoqXuSDD9Y5no3LrQ5iVFtCyCjt026NDctiwB
0ou19x9nf2m6Cbay+mEIvqT8aC8OXo/CzPUWnMEz9bkOvN0ex9MKxpUk5dzjXTLj
8EuVANNBV5EPPjZC+HM5qVAuw8/BzS2B0XXreIW0pEWxUrhlLcLipApsQwIazlQq
7t3shNLnHAbsu3PVwn4U8N9VqaZuVqUjvJAEEAmYlzEr0Go1V8GnBha2Qs9MWVuS
YOy6FrpV4JPq2OX/xoJjoDSxmTWZjJ4j/C+MW5I5l0v1sIdyK1+09wsTPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDub3aaDfEZjgzen3OJFcZBY3JiZMB8GA1UdIwQY
MBaAFHL6QaCnpoECtTqzF0LbYSQvdZCMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3ZwQm9LZW1nUUsxT3JNWFF0dGhKQzkxa0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hOTBkYjEtZDJmMy00OGQxLTkxOGMt
ZmNlYmRjMGRmYzNmLzEvY3ZwQm9LZW1nUUsxT3JNWFF0dGhKQzkxa0l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hOTBkYjEtZDJmMy00OGQxLTkxOGMtZmNlYmRjMGRmYzNm
LzEvY3ZwQm9LZW1nUUsxT3JNWFF0dGhKQzkxa0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq+80erzE
SRHHWd3XV5ZnkvmRzFPCDDyzr4WbiGxxyeZtDG4pE7lfRemRsVTOV6WkLqk/c/+V
PdA9dLyst6hl86en5OJT5niE+Ua+ROuCyuFKgHvUOYhU7EtxrWCSCpQN5HqCsgwm
De8ObrU2VK8Py63TUlwM7xMwM7CYZ6j35dMkbbPELARF86gQg/ucd7Rzi1BQNw62
BZO0nyPfE/v96rhH0sMCXE+73qZXCZY62Pkpz9hjw6icPrN0nhFSX26E238nnCPq
wL6qKZIKfO5VDy8F5tLhElW4QTPQLQ8OciDScPBaizdakudcw6cAcJRQbV7XGbYJ
xBrYrFM6gc/5Tg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 06:50:36 2025 by rpki-client