Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.mft
File: cxkAeiit4HgdMS2NSUcts2dnBBY.mft (raw, json)
Hash identifier: FRXm/v9esdFEl3lyq29vr21AKmeoaNJVRtElA0auG/4=
Subject key identifier: 89:62:E5:9E:6A:E2:7B:D5:90:E1:42:96:92:2A:4A:AC:A2:3E:4D:87
Authority key identifier: 73:19:00:7A:28:AD:E0:78:1D:31:2D:8D:49:47:2D:B3:67:67:04:16
Certificate issuer: /CN=7319007a28ade0781d312d8d49472db367670416
Certificate serial: 019A4DAAA661281C80DC6E0ABFBF1C6B5103
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cxkAeiit4HgdMS2NSUcts2dnBBY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.mft
Manifest number: 0988
Signing time: Tue 04 Nov 2025 07:00:20 +0000
Manifest this update: Tue 04 Nov 2025 07:00:20 +0000
Manifest next update: Wed 05 Nov 2025 07:00:20 +0000
Files and hashes: 1: cxkAeiit4HgdMS2NSUcts2dnBBY.crl (hash: z9l7+E5IR5IiYMYTFSGdLbBAC5hRZGD8faU0S9u7UTA=)
2: rOIGMeXF9bxOY5fu4vCOE7NrCP0.roa (hash: 1nU5+mzZGJaibKrLnnLB5qj48GydY1KP7W2pluR6Ujw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.mft
rsync://rpki.ripe.net/repository/DEFAULT/cxkAeiit4HgdMS2NSUcts2dnBBY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:aa:a6:61:28:1c:80:dc:6e:0a:bf:bf:1c:6b:51:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7319007a28ade0781d312d8d49472db367670416
Validity
Not Before: Nov 4 07:00:20 2025 GMT
Not After : Nov 5 07:00:20 2025 GMT
Subject: CN=8962e59e6ae27bd590e14296922a4aaca23e4d87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:2b:4c:8a:fc:ef:ca:86:33:01:30:1d:0f:51:
12:1d:ac:19:3b:ab:47:6e:7c:91:47:ec:a2:54:5c:
66:85:dd:2c:2c:d1:bc:14:9c:bf:de:6f:4c:a8:33:
0d:86:ad:cb:ae:da:cc:92:03:19:e5:22:3f:8b:d4:
24:78:e1:c1:ba:a9:81:0d:5c:f7:28:07:ca:b6:36:
e8:51:2b:b8:af:fa:13:0f:c8:8d:8c:cc:56:da:37:
9c:62:30:ca:2d:ab:6c:77:4b:61:bf:06:32:d8:9f:
fb:bd:2b:16:22:fd:e3:81:86:4a:a2:71:42:26:4f:
99:c6:e1:2c:b3:80:ff:04:72:ff:6a:47:a9:3a:1e:
82:68:15:5d:1d:5e:5f:8d:06:7c:8c:10:85:b6:e3:
5b:6c:af:da:2f:a3:13:47:6f:6b:36:54:3f:e5:3b:
0e:87:b7:ce:30:36:33:3d:90:2b:65:6b:43:79:a8:
a5:7f:85:e1:cc:f1:2a:17:b4:75:68:08:7f:44:0b:
5d:ef:47:16:d1:9f:f2:24:36:0f:93:d1:81:aa:aa:
3d:df:0b:1d:0f:ad:b4:c4:ab:72:e3:51:9b:80:88:
21:5b:9f:7a:d5:f7:b1:d6:f0:f2:fc:c2:14:e7:c9:
ea:53:94:f3:79:2f:eb:35:50:8d:77:2d:3e:d3:82:
2d:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:62:E5:9E:6A:E2:7B:D5:90:E1:42:96:92:2A:4A:AC:A2:3E:4D:87
X509v3 Authority Key Identifier:
keyid:73:19:00:7A:28:AD:E0:78:1D:31:2D:8D:49:47:2D:B3:67:67:04:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cxkAeiit4HgdMS2NSUcts2dnBBY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
73:21:f5:78:00:e5:b4:3f:5d:b6:e0:89:68:2b:bb:3c:da:e2:
70:ef:2b:71:9c:7b:04:de:38:f7:69:3a:04:a7:1e:77:dd:38:
05:2d:21:46:bf:43:35:5b:d8:0c:2c:1f:17:c7:6f:75:1d:72:
f2:59:f4:8e:ad:75:e9:a5:80:fb:31:ba:fa:ba:43:d5:74:dd:
14:6e:fa:d4:c4:58:48:9d:5a:e9:c8:b0:f8:72:d9:78:d2:ae:
21:1d:10:2d:55:58:12:8e:63:90:7b:a5:90:48:67:cb:d8:56:
bc:6d:10:d9:f6:e9:3e:18:66:c9:aa:48:97:b3:ad:c6:98:78:
d4:07:ce:b0:da:1f:94:de:52:31:9c:01:ca:41:b4:c4:f6:8c:
6f:c8:6c:42:76:d7:72:48:58:2b:c4:18:c0:a1:9c:1f:78:32:
3f:2f:fb:43:ab:79:af:fa:ce:7b:77:84:70:04:4a:30:8f:82:
13:ef:d2:be:dc:27:85:c1:90:36:82:f3:72:78:cc:f0:14:85:
b6:49:e4:8d:95:17:6e:d6:0a:f0:5c:92:c3:67:f4:37:8b:99:
aa:ea:6d:fe:bc:e2:87:f2:62:e0:1d:e6:41:40:8c:48:f8:0b:
52:a7:42:a8:3c:92:f0:9a:51:dc:93:e8:3f:bb:67:d9:15:ee:
90:a2:e9:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNqqZhKByA3G4Kv78ca1EDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczMTkwMDdhMjhhZGUwNzgxZDMxMmQ4ZDQ5NDcyZGIzNjc2
NzA0MTYwHhcNMjUxMTA0MDcwMDIwWhcNMjUxMTA1MDcwMDIwWjAzMTEwLwYDVQQD
Eyg4OTYyZTU5ZTZhZTI3YmQ1OTBlMTQyOTY5MjJhNGFhY2EyM2U0ZDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0itMivzvyoYzATAdD1ESHawZO6tH
bnyRR+yiVFxmhd0sLNG8FJy/3m9MqDMNhq3LrtrMkgMZ5SI/i9QkeOHBuqmBDVz3
KAfKtjboUSu4r/oTD8iNjMxW2jecYjDKLatsd0thvwYy2J/7vSsWIv3jgYZKonFC
Jk+ZxuEss4D/BHL/akepOh6CaBVdHV5fjQZ8jBCFtuNbbK/aL6MTR29rNlQ/5TsO
h7fOMDYzPZArZWtDeailf4XhzPEqF7R1aAh/RAtd70cW0Z/yJDYPk9GBqqo93wsd
D620xKty41GbgIghW5961fex1vDy/MIU58nqU5TzeS/rNVCNdy0+04ItPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIli5Z5q4nvVkOFClpIqSqyiPk2HMB8GA1UdIwQY
MBaAFHMZAHooreB4HTEtjUlHLbNnZwQWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3hrQWVpaXQ0SGdkTVMyTlNVY3RzMmRuQkJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9mOGM3ZTItMzI4Mi00ZWJiLTg1MDgt
OWY5NDk0OTY2YzU0LzEvY3hrQWVpaXQ0SGdkTVMyTlNVY3RzMmRuQkJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9mOGM3ZTItMzI4Mi00ZWJiLTg1MDgtOWY5NDk0OTY2YzU0
LzEvY3hrQWVpaXQ0SGdkTVMyTlNVY3RzMmRuQkJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcyH1eADl
tD9dtuCJaCu7PNricO8rcZx7BN4492k6BKced904BS0hRr9DNVvYDCwfF8dvdR1y
8ln0jq116aWA+zG6+rpD1XTdFG761MRYSJ1a6ciw+HLZeNKuIR0QLVVYEo5jkHul
kEhny9hWvG0Q2fbpPhhmyapIl7Otxph41AfOsNoflN5SMZwBykG0xPaMb8hsQnbX
ckhYK8QYwKGcH3gyPy/7Q6t5r/rOe3eEcARKMI+CE+/SvtwnhcGQNoLzcnjM8BSF
tknkjZUXbtYK8FySw2f0N4uZqupt/rzih/Ji4B3mQUCMSPgLUqdCqDyS8JpR3JPo
P7tn2RXukKLpcg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:46:59 2025 by rpki-client