Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.mft
File: cnS17iqgd4rxMENYIlrGflUXCog.mft (raw, json)
Hash identifier: U5yDoufR1kCegdkWm5C+rRe9fLnMV7x8rGuaByLI4lc=
Subject key identifier: D5:C7:34:25:AC:A2:BE:8F:C1:FA:1C:2A:41:BE:A3:67:04:7D:3F:E8
Authority key identifier: 72:74:B5:EE:2A:A0:77:8A:F1:30:43:58:22:5A:C6:7E:55:17:0A:88
Certificate issuer: /CN=7274b5ee2aa0778af1304358225ac67e55170a88
Certificate serial: 019A4FD06F4EBE187F45E74215663025BFDF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cnS17iqgd4rxMENYIlrGflUXCog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.mft
Manifest number: 0A39
Signing time: Tue 04 Nov 2025 17:00:51 +0000
Manifest this update: Tue 04 Nov 2025 17:00:51 +0000
Manifest next update: Wed 05 Nov 2025 17:00:51 +0000
Files and hashes: 1: Ck9V105I1WzILyho--HhjxtMhOo.roa (hash: n/nSiTnqvWrHsmL1agIClZLa+JDSNKpvkkGREC8GFbY=)
2: cnS17iqgd4rxMENYIlrGflUXCog.crl (hash: gJATmpsW7fJCV7wNGCnYfZueLtOmBLe1N2F+9RaBKR8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.mft
rsync://rpki.ripe.net/repository/DEFAULT/cnS17iqgd4rxMENYIlrGflUXCog.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 17:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:d0:6f:4e:be:18:7f:45:e7:42:15:66:30:25:bf:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7274b5ee2aa0778af1304358225ac67e55170a88
Validity
Not Before: Nov 4 17:00:51 2025 GMT
Not After : Nov 5 17:00:51 2025 GMT
Subject: CN=d5c73425aca2be8fc1fa1c2a41bea367047d3fe8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:4c:57:fe:1e:49:8c:80:bb:a9:77:55:17:61:
d6:0a:c2:a7:d8:f8:31:e4:21:9a:00:b2:b4:1d:7b:
43:b8:a5:a4:72:10:6f:98:2f:fb:ae:e5:8a:88:f6:
df:ce:7c:66:3d:c1:ec:29:9b:0e:e4:57:45:c3:ea:
0b:05:70:8e:02:6a:9b:18:00:98:46:29:15:c0:ea:
c2:75:91:13:a4:1c:d4:96:08:b8:ad:62:eb:17:6d:
28:4c:ec:7b:71:0f:db:1d:7e:96:e2:44:c1:d1:16:
c7:e8:08:ff:48:e9:dc:56:e6:c8:0d:4a:2f:b2:44:
8a:29:1d:54:7d:72:92:67:0b:4d:8f:93:4b:6d:6e:
21:5a:03:bf:84:39:23:2c:cd:75:17:c6:58:9c:2c:
7d:d5:2f:e5:ec:86:08:df:a9:5d:cd:bb:df:8b:7b:
fa:ba:ee:21:05:6c:96:83:7a:36:67:19:fa:df:d8:
4d:f0:82:f2:96:69:33:0a:27:9d:84:13:8c:68:05:
fc:4b:69:e2:8c:ab:9b:e9:50:01:0c:0b:15:aa:84:
f5:60:98:80:7c:9e:32:c5:e3:2f:07:fa:3d:02:4d:
cd:69:a5:ab:96:e4:2e:f8:a6:18:92:44:e3:68:18:
f8:64:09:22:75:05:fd:dc:94:d1:24:d0:f8:07:a5:
bd:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:C7:34:25:AC:A2:BE:8F:C1:FA:1C:2A:41:BE:A3:67:04:7D:3F:E8
X509v3 Authority Key Identifier:
keyid:72:74:B5:EE:2A:A0:77:8A:F1:30:43:58:22:5A:C6:7E:55:17:0A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cnS17iqgd4rxMENYIlrGflUXCog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
02:76:8a:0a:33:ab:c6:73:f7:c8:2e:70:e1:27:18:e0:aa:c8:
fe:32:98:c0:85:61:72:66:41:1c:af:24:1e:69:51:85:1f:0f:
06:c3:11:3a:14:5f:0f:89:d6:a3:58:bb:5c:25:a0:b6:45:54:
e3:3f:f5:55:7b:1b:6c:fc:85:19:47:ed:3f:64:d3:a3:67:14:
c5:fc:d5:e6:4e:89:d3:62:d8:0d:cf:78:19:7f:2d:57:96:c6:
ea:9c:e9:95:5f:98:46:54:da:61:31:45:c6:41:f6:9f:2d:8a:
92:d1:07:67:b0:28:93:fc:02:0d:bc:56:33:7c:63:0d:7e:4a:
41:40:7d:36:6f:1d:61:39:c0:1c:f1:7a:4a:0c:42:2e:d0:00:
92:b5:e3:27:da:28:0c:86:bd:d3:68:e5:5f:77:81:78:d7:96:
b2:a7:b6:e3:c3:3b:87:6c:f7:97:24:43:dc:5c:e0:ec:fc:7f:
b0:24:b7:88:a1:35:ca:d1:09:7a:33:bc:4c:ac:84:76:5d:44:
81:59:76:e4:d7:2d:cf:50:56:bc:91:2b:72:ff:08:4c:f1:89:
e9:12:24:6d:d4:f8:e9:59:6e:b3:c9:77:16:b0:44:96:fd:27:
98:c6:cc:36:db:c7:a7:94:38:08:7c:eb:a3:4e:41:1a:f8:89:
f7:fa:80:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpP0G9Ovhh/RedCFWYwJb/fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNzRiNWVlMmFhMDc3OGFmMTMwNDM1ODIyNWFjNjdlNTUx
NzBhODgwHhcNMjUxMTA0MTcwMDUxWhcNMjUxMTA1MTcwMDUxWjAzMTEwLwYDVQQD
EyhkNWM3MzQyNWFjYTJiZThmYzFmYTFjMmE0MWJlYTM2NzA0N2QzZmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArExX/h5JjIC7qXdVF2HWCsKn2Pgx
5CGaALK0HXtDuKWkchBvmC/7ruWKiPbfznxmPcHsKZsO5FdFw+oLBXCOAmqbGACY
RikVwOrCdZETpBzUlgi4rWLrF20oTOx7cQ/bHX6W4kTB0RbH6Aj/SOncVubIDUov
skSKKR1UfXKSZwtNj5NLbW4hWgO/hDkjLM11F8ZYnCx91S/l7IYI36ldzbvfi3v6
uu4hBWyWg3o2Zxn639hN8ILylmkzCiedhBOMaAX8S2nijKub6VABDAsVqoT1YJiA
fJ4yxeMvB/o9Ak3NaaWrluQu+KYYkkTjaBj4ZAkidQX93JTRJND4B6W9KwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNXHNCWsor6PwfocKkG+o2cEfT/oMB8GA1UdIwQY
MBaAFHJ0te4qoHeK8TBDWCJaxn5VFwqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY25TMTdpcWdkNHJ4TUVOWUlsckdmbFVYQ29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi84MTA2YzYtOTZlMy00ODU2LThlNTMt
NjllYmVkMTc4MTRhLzEvY25TMTdpcWdkNHJ4TUVOWUlsckdmbFVYQ29nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi84MTA2YzYtOTZlMy00ODU2LThlNTMtNjllYmVkMTc4MTRh
LzEvY25TMTdpcWdkNHJ4TUVOWUlsckdmbFVYQ29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAnaKCjOr
xnP3yC5w4ScY4KrI/jKYwIVhcmZBHK8kHmlRhR8PBsMROhRfD4nWo1i7XCWgtkVU
4z/1VXsbbPyFGUftP2TTo2cUxfzV5k6J02LYDc94GX8tV5bG6pzplV+YRlTaYTFF
xkH2ny2KktEHZ7Aok/wCDbxWM3xjDX5KQUB9Nm8dYTnAHPF6SgxCLtAAkrXjJ9oo
DIa902jlX3eBeNeWsqe248M7h2z3lyRD3Fzg7Px/sCS3iKE1ytEJejO8TKyEdl1E
gVl25Nctz1BWvJErcv8ITPGJ6RIkbdT46Vlus8l3FrBElv0nmMbMNtvHp5Q4CHzr
o05BGviJ9/qAjA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:21:54 2025 by rpki-client