Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/6ac73a-6b5f-4232-9b8c-305e33ef8b29/1/CLFH055Du3X596_0XnvyuDUw-HQ.mft
File: CLFH055Du3X596_0XnvyuDUw-HQ.mft (raw, json)
Hash identifier: aeI9lsgec34TqZhNC7FS9S604DZVqhffcfTwOtniaH4=
Subject key identifier: 86:E5:63:D9:29:66:8B:C0:9F:D3:D1:BE:00:F9:E1:7A:0D:29:A6:6F
Authority key identifier: 08:B1:47:D3:9E:43:BB:75:F9:F7:AF:F4:5E:7B:F2:B8:35:30:F8:74
Certificate issuer: /CN=08b147d39e43bb75f9f7aff45e7bf2b83530f874
Certificate serial: 019A4E86471D5A39000187823304D764CB60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CLFH055Du3X596_0XnvyuDUw-HQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/6ac73a-6b5f-4232-9b8c-305e33ef8b29/1/CLFH055Du3X596_0XnvyuDUw-HQ.mft
Manifest number: 0472
Signing time: Tue 04 Nov 2025 11:00:14 +0000
Manifest this update: Tue 04 Nov 2025 11:00:14 +0000
Manifest next update: Wed 05 Nov 2025 11:00:14 +0000
Files and hashes: 1: 7SbxWOq-MRP5ULWQ2099XB6fnsw.roa (hash: 5+GTdZJjZ/hGlJyiza+hMgn0Xvc9DgVXyOpbY9SRSSQ=)
2: CLFH055Du3X596_0XnvyuDUw-HQ.crl (hash: EkJhPlePT50VDqTXUIPuLSLhqqAfLsXhmgANmhdCR7M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/6ac73a-6b5f-4232-9b8c-305e33ef8b29/1/CLFH055Du3X596_0XnvyuDUw-HQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/6ac73a-6b5f-4232-9b8c-305e33ef8b29/1/CLFH055Du3X596_0XnvyuDUw-HQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/CLFH055Du3X596_0XnvyuDUw-HQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:86:47:1d:5a:39:00:01:87:82:33:04:d7:64:cb:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08b147d39e43bb75f9f7aff45e7bf2b83530f874
Validity
Not Before: Nov 4 11:00:14 2025 GMT
Not After : Nov 5 11:00:14 2025 GMT
Subject: CN=86e563d929668bc09fd3d1be00f9e17a0d29a66f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:51:c1:d0:b2:09:fa:27:b5:e0:c5:84:c1:7d:
8e:20:2b:d1:68:2b:0d:a9:26:00:0a:f0:c4:27:4a:
bf:b7:bb:be:c8:5e:32:56:cd:5a:d0:fe:7b:82:86:
04:14:ab:a4:0d:9e:1a:e6:c2:48:18:b8:3f:de:7c:
a8:d0:b5:0b:ee:1f:7a:35:b7:ff:b9:91:5c:ab:d4:
fa:3d:c4:f9:98:9c:8c:b9:b8:bd:1e:b8:2b:b6:13:
36:7e:9a:92:04:02:0c:ec:17:23:d5:ef:48:45:be:
f1:e1:83:98:2b:35:2c:ae:d7:60:f3:25:a7:0a:83:
66:94:00:c3:f5:1e:a2:2a:eb:b7:72:2a:67:71:0c:
fa:c5:ef:85:32:39:44:f8:04:60:5f:77:30:53:41:
fa:1d:9a:12:e1:59:12:63:05:55:2e:96:9a:1e:5a:
6a:c2:37:72:27:1d:b0:d1:fe:8d:f2:28:95:86:11:
54:72:67:dc:8b:42:99:95:1d:c5:e6:99:12:8b:8c:
54:b6:6f:be:24:91:ce:f6:a6:4c:ef:6c:e5:13:b0:
45:96:14:0c:e2:10:61:0c:ff:69:54:17:fe:3e:52:
30:8b:29:2b:01:e0:c3:3f:c8:25:83:f7:ca:26:5b:
9c:af:43:f8:21:dc:db:b2:bb:99:1a:f7:0b:c3:a3:
60:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:E5:63:D9:29:66:8B:C0:9F:D3:D1:BE:00:F9:E1:7A:0D:29:A6:6F
X509v3 Authority Key Identifier:
keyid:08:B1:47:D3:9E:43:BB:75:F9:F7:AF:F4:5E:7B:F2:B8:35:30:F8:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CLFH055Du3X596_0XnvyuDUw-HQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/6ac73a-6b5f-4232-9b8c-305e33ef8b29/1/CLFH055Du3X596_0XnvyuDUw-HQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/6ac73a-6b5f-4232-9b8c-305e33ef8b29/1/CLFH055Du3X596_0XnvyuDUw-HQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
53:3c:63:76:04:1c:8d:16:38:f1:ab:1f:fb:a5:96:aa:de:22:
c0:fc:3c:32:23:c5:e2:bd:50:32:53:02:51:78:3f:8f:c5:ca:
06:76:53:c2:e0:79:a2:d7:a9:41:26:74:e3:7c:c7:fe:17:c2:
c7:9c:28:6c:19:c6:40:d5:44:1f:de:75:ad:bb:75:a4:5f:0a:
55:e4:29:37:fc:3b:81:1d:27:39:23:32:b5:f6:32:98:a6:d6:
d9:2b:71:52:44:94:a1:1a:86:10:81:46:92:c7:7c:19:ad:7e:
9c:07:c8:b8:17:7f:70:9a:54:1d:29:46:d2:0b:db:97:17:d2:
64:32:0e:43:e8:53:c6:c1:56:ed:d0:15:2f:e0:2e:1c:90:39:
36:60:e9:d7:93:dc:66:58:db:18:b2:9b:62:6a:d9:74:00:44:
39:38:e4:4e:ea:b1:e7:69:fe:31:2d:a4:af:79:43:7e:c0:c5:
4c:77:bc:c7:24:d5:8c:1a:fa:46:7b:e2:02:c4:1d:d2:44:0d:
0a:0a:9a:74:e3:21:ce:61:1e:a2:af:96:c8:fd:9d:9a:51:e3:
fb:b7:21:2e:9a:4f:ae:59:f3:d7:ff:e4:90:cb:d4:b3:0c:c7:
ba:10:23:3b:80:17:7e:41:50:46:db:9d:8c:35:b2:9d:b6:39:
49:d3:df:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOhkcdWjkAAYeCMwTXZMtgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YjE0N2QzOWU0M2JiNzVmOWY3YWZmNDVlN2JmMmI4MzUz
MGY4NzQwHhcNMjUxMTA0MTEwMDE0WhcNMjUxMTA1MTEwMDE0WjAzMTEwLwYDVQQD
Eyg4NmU1NjNkOTI5NjY4YmMwOWZkM2QxYmUwMGY5ZTE3YTBkMjlhNjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0lHB0LIJ+ie14MWEwX2OICvRaCsN
qSYACvDEJ0q/t7u+yF4yVs1a0P57goYEFKukDZ4a5sJIGLg/3nyo0LUL7h96Nbf/
uZFcq9T6PcT5mJyMubi9HrgrthM2fpqSBAIM7Bcj1e9IRb7x4YOYKzUsrtdg8yWn
CoNmlADD9R6iKuu3cipncQz6xe+FMjlE+ARgX3cwU0H6HZoS4VkSYwVVLpaaHlpq
wjdyJx2w0f6N8iiVhhFUcmfci0KZlR3F5pkSi4xUtm++JJHO9qZM72zlE7BFlhQM
4hBhDP9pVBf+PlIwiykrAeDDP8glg/fKJlucr0P4IdzbsruZGvcLw6NglwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIblY9kpZovAn9PRvgD54XoNKaZvMB8GA1UdIwQY
MBaAFAixR9OeQ7t1+fev9F578rg1MPh0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0xGSDA1NUR1M1g1OTZfMFhudnl1RFV3LUhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC82YWM3M2EtNmI1Zi00MjMyLTliOGMt
MzA1ZTMzZWY4YjI5LzEvQ0xGSDA1NUR1M1g1OTZfMFhudnl1RFV3LUhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC82YWM3M2EtNmI1Zi00MjMyLTliOGMtMzA1ZTMzZWY4YjI5
LzEvQ0xGSDA1NUR1M1g1OTZfMFhudnl1RFV3LUhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUzxjdgQc
jRY48asf+6WWqt4iwPw8MiPF4r1QMlMCUXg/j8XKBnZTwuB5otepQSZ043zH/hfC
x5wobBnGQNVEH951rbt1pF8KVeQpN/w7gR0nOSMytfYymKbW2StxUkSUoRqGEIFG
ksd8Ga1+nAfIuBd/cJpUHSlG0gvblxfSZDIOQ+hTxsFW7dAVL+AuHJA5NmDp15Pc
ZljbGLKbYmrZdABEOTjkTuqx52n+MS2kr3lDfsDFTHe8xyTVjBr6RnviAsQd0kQN
CgqadOMhzmEeoq+WyP2dmlHj+7chLppPrlnz1//kkMvUswzHuhAjO4AXfkFQRtud
jDWynbY5SdPfxw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:47:03 2025 by rpki-client