Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/4e1bc8-f810-4182-a6e3-721bb4fc8c16/1/CWbgXRUnUN-q3l-veRutOR3G0tQ.mft
File: CWbgXRUnUN-q3l-veRutOR3G0tQ.mft (raw, json)
Hash identifier: Y0NKZGdI6VY0hVemkCKQfPXX1yzT/DyF6/YeC5paQ04=
Subject key identifier: A6:6A:E2:DB:79:2F:BC:9F:96:B7:2C:15:0E:4B:0F:2C:21:87:6A:C4
Authority key identifier: 09:66:E0:5D:15:27:50:DF:AA:DE:5F:AF:79:1B:AD:39:1D:C6:D2:D4
Certificate issuer: /CN=0966e05d152750dfaade5faf791bad391dc6d2d4
Certificate serial: 019A4DE207CACA8B3B25F18C04CAC8028E7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CWbgXRUnUN-q3l-veRutOR3G0tQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/4e1bc8-f810-4182-a6e3-721bb4fc8c16/1/CWbgXRUnUN-q3l-veRutOR3G0tQ.mft
Manifest number: 0F4E
Signing time: Tue 04 Nov 2025 08:00:49 +0000
Manifest this update: Tue 04 Nov 2025 08:00:49 +0000
Manifest next update: Wed 05 Nov 2025 08:00:49 +0000
Files and hashes: 1: 5bzk29WC2HSF9C0WZb2ngqPQ56o.roa (hash: fHgyyYyWXqEUztNgt56ZVo1FPxKD7CyfYBjgqkUt9TI=)
2: CWbgXRUnUN-q3l-veRutOR3G0tQ.crl (hash: ZmlXuR0eC8993gwrDl2CYfYJYvXEPUyEjojonngrTpo=)
3: VYOb-2PB3WKsCUYPT2j-nf80wMs.roa (hash: YpnMPKkA2P+LHKT+FLRfK5zKYPPPwWgoJKnxE9kTcx8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/4e1bc8-f810-4182-a6e3-721bb4fc8c16/1/CWbgXRUnUN-q3l-veRutOR3G0tQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/4e1bc8-f810-4182-a6e3-721bb4fc8c16/1/CWbgXRUnUN-q3l-veRutOR3G0tQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/CWbgXRUnUN-q3l-veRutOR3G0tQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:e2:07:ca:ca:8b:3b:25:f1:8c:04:ca:c8:02:8e:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0966e05d152750dfaade5faf791bad391dc6d2d4
Validity
Not Before: Nov 4 08:00:49 2025 GMT
Not After : Nov 5 08:00:49 2025 GMT
Subject: CN=a66ae2db792fbc9f96b72c150e4b0f2c21876ac4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:61:a2:a1:6b:fa:94:ce:7e:12:e8:6d:6c:bb:
3a:7d:d8:50:7d:5f:89:e8:11:d4:fa:9b:31:06:b3:
b4:14:bf:dc:0f:74:c0:94:f6:9b:24:f1:64:88:88:
40:ed:54:e3:76:e8:37:f6:ab:61:ca:44:96:04:35:
2a:bf:a4:6c:a1:63:bd:21:81:54:4e:e7:06:90:2c:
1a:b3:45:61:1a:13:4e:fa:d8:b1:3b:76:51:b7:df:
20:75:40:57:45:df:e3:65:4d:96:bc:4a:58:39:5c:
a7:71:bc:2a:d7:72:a0:c8:30:06:93:71:c2:85:3c:
76:82:70:5c:af:5f:17:f5:37:84:20:21:a3:26:ec:
72:23:62:3b:48:0c:d9:f7:7d:e4:11:04:ee:bf:53:
a8:fa:a5:f5:b4:a6:68:5e:64:46:fc:73:f8:10:2d:
cd:18:92:d1:06:76:63:34:63:25:b6:0f:a0:52:7a:
5b:29:f7:89:35:0d:e2:e8:00:d4:cc:61:ed:6f:0d:
0e:5e:96:95:bf:9f:51:ce:8d:27:37:e1:58:96:8d:
61:c6:49:6c:93:3d:3b:50:9a:ea:0d:0f:71:db:6d:
94:aa:f4:d2:b7:aa:45:6b:74:9d:72:43:9f:8f:a5:
ae:b6:d4:b1:01:89:01:25:40:cc:74:e6:cc:13:3a:
cc:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:6A:E2:DB:79:2F:BC:9F:96:B7:2C:15:0E:4B:0F:2C:21:87:6A:C4
X509v3 Authority Key Identifier:
keyid:09:66:E0:5D:15:27:50:DF:AA:DE:5F:AF:79:1B:AD:39:1D:C6:D2:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CWbgXRUnUN-q3l-veRutOR3G0tQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/4e1bc8-f810-4182-a6e3-721bb4fc8c16/1/CWbgXRUnUN-q3l-veRutOR3G0tQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/4e1bc8-f810-4182-a6e3-721bb4fc8c16/1/CWbgXRUnUN-q3l-veRutOR3G0tQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
49:20:4d:dc:3e:3f:f4:f0:0d:19:35:62:d3:47:a3:b6:7e:b8:
64:a9:54:9e:2e:9b:c3:d5:28:a9:ae:48:c1:21:69:f4:45:7d:
64:5e:3c:e0:61:92:53:4a:74:5f:5c:8f:1c:11:f5:95:7f:34:
bc:b2:3d:47:e0:34:59:b2:ac:16:85:01:54:c1:b8:67:1e:e4:
df:05:01:cf:6c:18:bb:8d:28:ac:42:09:08:8c:54:f2:c8:01:
92:f4:c4:9d:4b:15:01:8a:f6:5e:12:1c:ae:fd:64:a3:08:3c:
fd:46:2d:d0:f7:17:f9:cc:7e:92:24:cf:a1:0a:65:69:27:14:
3f:8a:71:94:a6:f7:04:6c:dd:30:f7:c5:e5:da:90:b4:d0:c0:
fe:99:ba:c2:d4:64:39:31:2b:91:4e:e6:95:7e:80:e0:42:ad:
79:a3:a1:92:5f:ac:db:29:a3:9b:7c:e6:5c:77:4f:9a:69:7d:
53:cb:62:76:a9:01:bb:3b:62:e6:26:23:bf:4a:c0:c9:84:8f:
18:ee:ad:b0:64:47:27:1d:ea:47:6e:d1:b3:e6:02:32:ba:a6:
63:d9:c4:ae:9c:f1:1c:4c:14:6f:1b:7d:2c:bc:a2:6e:c9:30:
1c:c1:56:42:b7:21:14:60:f9:b8:39:77:18:3f:e4:fc:2b:3b:
f3:2c:ce:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4gfKyos7JfGMBMrIAo5+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NjZlMDVkMTUyNzUwZGZhYWRlNWZhZjc5MWJhZDM5MWRj
NmQyZDQwHhcNMjUxMTA0MDgwMDQ5WhcNMjUxMTA1MDgwMDQ5WjAzMTEwLwYDVQQD
EyhhNjZhZTJkYjc5MmZiYzlmOTZiNzJjMTUwZTRiMGYyYzIxODc2YWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmGioWv6lM5+EuhtbLs6fdhQfV+J
6BHU+psxBrO0FL/cD3TAlPabJPFkiIhA7VTjdug39qthykSWBDUqv6RsoWO9IYFU
TucGkCwas0VhGhNO+tixO3ZRt98gdUBXRd/jZU2WvEpYOVyncbwq13KgyDAGk3HC
hTx2gnBcr18X9TeEICGjJuxyI2I7SAzZ933kEQTuv1Oo+qX1tKZoXmRG/HP4EC3N
GJLRBnZjNGMltg+gUnpbKfeJNQ3i6ADUzGHtbw0OXpaVv59Rzo0nN+FYlo1hxkls
kz07UJrqDQ9x222UqvTSt6pFa3SdckOfj6WuttSxAYkBJUDMdObMEzrMlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKZq4tt5L7yflrcsFQ5LDywhh2rEMB8GA1UdIwQY
MBaAFAlm4F0VJ1Dfqt5fr3kbrTkdxtLUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1diZ1hSVW5VTi1xM2wtdmVSdXRPUjNHMHRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC80ZTFiYzgtZjgxMC00MTgyLWE2ZTMt
NzIxYmI0ZmM4YzE2LzEvQ1diZ1hSVW5VTi1xM2wtdmVSdXRPUjNHMHRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC80ZTFiYzgtZjgxMC00MTgyLWE2ZTMtNzIxYmI0ZmM4YzE2
LzEvQ1diZ1hSVW5VTi1xM2wtdmVSdXRPUjNHMHRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASSBN3D4/
9PANGTVi00ejtn64ZKlUni6bw9Uoqa5IwSFp9EV9ZF484GGSU0p0X1yPHBH1lX80
vLI9R+A0WbKsFoUBVMG4Zx7k3wUBz2wYu40orEIJCIxU8sgBkvTEnUsVAYr2XhIc
rv1kowg8/UYt0PcX+cx+kiTPoQplaScUP4pxlKb3BGzdMPfF5dqQtNDA/pm6wtRk
OTErkU7mlX6A4EKteaOhkl+s2ymjm3zmXHdPmml9U8tidqkBuzti5iYjv0rAyYSP
GO6tsGRHJx3qR27Rs+YCMrqmY9nErpzxHEwUbxt9LLyibskwHMFWQrchFGD5uDl3
GD/k/Cs78yzOEg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:58:06 2025 by rpki-client