Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/CBG8UM_tnQLlgZaiyByYjjC6EmA.mft
File: CBG8UM_tnQLlgZaiyByYjjC6EmA.mft (raw, json)
Hash identifier: J+OzUDf0BBL5NfZh+eZiRfvYrW5EDzC6Mr2wjPLVRVg=
Subject key identifier: BE:0A:6B:65:66:32:66:3E:63:72:59:41:D6:A2:E6:78:E5:25:D8:7F
Authority key identifier: 08:11:BC:50:CF:ED:9D:02:E5:81:96:A2:C8:1C:98:8E:30:BA:12:60
Certificate issuer: /CN=0811bc50cfed9d02e58196a2c81c988e30ba1260
Certificate serial: 019A4DAB2159FB142ED55F70E4FE278B6AFB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CBG8UM_tnQLlgZaiyByYjjC6EmA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/CBG8UM_tnQLlgZaiyByYjjC6EmA.mft
Manifest number: 170D
Signing time: Tue 04 Nov 2025 07:00:52 +0000
Manifest this update: Tue 04 Nov 2025 07:00:52 +0000
Manifest next update: Wed 05 Nov 2025 07:00:52 +0000
Files and hashes: 1: CBG8UM_tnQLlgZaiyByYjjC6EmA.crl (hash: /qezI5Hz78ZZxmjc8fU0/Q616gtRTF4BcLX8TS93Sc0=)
2: mWwPnP2S4g9JhxWYKKryZjEy1Ao.roa (hash: HyXUe+PYjqIKyOZOZZRdFXR1ckNBvzFOngXjiDgbrBY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/CBG8UM_tnQLlgZaiyByYjjC6EmA.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/CBG8UM_tnQLlgZaiyByYjjC6EmA.mft
rsync://rpki.ripe.net/repository/DEFAULT/CBG8UM_tnQLlgZaiyByYjjC6EmA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 07:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:ab:21:59:fb:14:2e:d5:5f:70:e4:fe:27:8b:6a:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0811bc50cfed9d02e58196a2c81c988e30ba1260
Validity
Not Before: Nov 4 07:00:52 2025 GMT
Not After : Nov 5 07:00:52 2025 GMT
Subject: CN=be0a6b656632663e63725941d6a2e678e525d87f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:bb:f7:38:6c:66:b4:fe:fd:47:ad:3f:35:22:
4a:62:a7:a4:1a:a9:72:89:c2:fc:99:f7:7b:af:fa:
92:b9:14:ca:28:9a:d7:05:8a:60:8e:fe:99:6d:91:
b8:69:d3:3a:39:03:f9:83:ed:66:12:dc:db:b8:62:
3a:60:04:37:7b:f9:d3:f4:64:96:3e:16:c8:4a:64:
8d:c5:9e:7d:d3:dd:99:79:c9:35:f7:4d:7f:28:8e:
f1:8b:e1:c2:64:8a:18:bc:34:64:4b:d7:1e:a3:f1:
37:df:40:29:01:9f:d3:26:b4:3e:3f:9e:84:68:e5:
43:5e:d4:03:2d:fc:d2:12:5d:3f:29:87:63:6c:28:
c3:2e:2d:68:dd:bb:73:6f:5c:34:a5:25:b7:8a:26:
9b:75:f0:dc:41:45:3f:81:f1:62:e3:a0:36:e9:38:
85:c1:62:67:c5:da:58:89:50:be:10:7f:40:13:5e:
85:40:ae:27:3c:55:b3:26:26:e2:92:44:30:c4:c2:
11:c8:14:fa:9e:95:e4:e5:96:1f:1f:1d:1c:ec:4e:
d4:36:38:a9:a8:65:f3:24:da:fa:f1:e8:ee:0f:c1:
66:6f:eb:f6:c7:72:f3:9a:87:f2:74:ed:f3:78:a2:
25:41:d5:11:df:f9:52:b4:8c:c7:be:70:56:0f:53:
f2:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:0A:6B:65:66:32:66:3E:63:72:59:41:D6:A2:E6:78:E5:25:D8:7F
X509v3 Authority Key Identifier:
keyid:08:11:BC:50:CF:ED:9D:02:E5:81:96:A2:C8:1C:98:8E:30:BA:12:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBG8UM_tnQLlgZaiyByYjjC6EmA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/CBG8UM_tnQLlgZaiyByYjjC6EmA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/CBG8UM_tnQLlgZaiyByYjjC6EmA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3e:88:a2:e3:89:0c:f5:da:20:ef:da:89:86:36:8e:d0:5d:22:
82:38:17:a5:e3:1b:c6:99:c1:b8:84:76:7d:37:73:50:8c:6d:
8e:1d:5c:72:4f:6d:32:43:91:60:c6:53:69:ab:ac:11:f2:0d:
b3:67:63:2a:6a:1c:48:5f:7a:d6:82:e4:87:b1:b4:93:88:99:
21:b9:f7:54:ae:4a:bd:47:28:de:ab:38:00:6f:84:d5:fc:fa:
1c:a1:5b:de:cb:12:79:20:e4:0c:df:72:c5:ad:2b:d7:2a:a8:
a7:a9:06:2e:62:48:1d:c4:19:1f:40:1f:21:88:01:33:ca:c2:
b7:29:45:98:21:46:7b:a7:3f:c6:4e:05:ae:16:f4:c3:6b:24:
1c:cf:d5:ae:cc:c1:c2:5a:67:e1:36:56:df:e8:b1:b9:60:5e:
a8:42:db:7d:bd:e4:9b:64:bd:8b:56:2e:f0:b6:fc:65:68:93:
fc:9a:7f:d6:39:dd:4d:ad:32:c5:32:8b:ef:dc:c1:46:b8:ad:
db:2a:74:e3:44:ea:cc:8e:d1:11:a6:77:aa:39:1b:8c:1d:de:
c0:27:72:7a:92:51:7e:88:0e:bb:1b:c5:93:12:e7:86:c5:77:
28:0c:b7:da:00:16:db:88:07:ac:4c:23:76:3c:db:af:7b:8a:
b8:ca:0a:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNqyFZ+xQu1V9w5P4ni2r7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MTFiYzUwY2ZlZDlkMDJlNTgxOTZhMmM4MWM5ODhlMzBi
YTEyNjAwHhcNMjUxMTA0MDcwMDUyWhcNMjUxMTA1MDcwMDUyWjAzMTEwLwYDVQQD
EyhiZTBhNmI2NTY2MzI2NjNlNjM3MjU5NDFkNmEyZTY3OGU1MjVkODdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrv3OGxmtP79R60/NSJKYqekGqly
icL8mfd7r/qSuRTKKJrXBYpgjv6ZbZG4adM6OQP5g+1mEtzbuGI6YAQ3e/nT9GSW
PhbISmSNxZ59092Zeck1901/KI7xi+HCZIoYvDRkS9ceo/E330ApAZ/TJrQ+P56E
aOVDXtQDLfzSEl0/KYdjbCjDLi1o3btzb1w0pSW3iiabdfDcQUU/gfFi46A26TiF
wWJnxdpYiVC+EH9AE16FQK4nPFWzJibikkQwxMIRyBT6npXk5ZYfHx0c7E7UNjip
qGXzJNr68ejuD8Fmb+v2x3LzmofydO3zeKIlQdUR3/lStIzHvnBWD1PyIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL4Ka2VmMmY+Y3JZQdai5njlJdh/MB8GA1UdIwQY
MBaAFAgRvFDP7Z0C5YGWosgcmI4wuhJgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0JHOFVNX3RuUUxsZ1phaXlCeVlqakM2RW1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wYzgxOTQtNzZkMS00NjVlLWE3NDYt
ZWU1YTY3NDNiZTU2LzEvQ0JHOFVNX3RuUUxsZ1phaXlCeVlqakM2RW1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wYzgxOTQtNzZkMS00NjVlLWE3NDYtZWU1YTY3NDNiZTU2
LzEvQ0JHOFVNX3RuUUxsZ1phaXlCeVlqakM2RW1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPoii44kM
9dog79qJhjaO0F0igjgXpeMbxpnBuIR2fTdzUIxtjh1cck9tMkORYMZTaausEfIN
s2djKmocSF961oLkh7G0k4iZIbn3VK5KvUco3qs4AG+E1fz6HKFb3ssSeSDkDN9y
xa0r1yqop6kGLmJIHcQZH0AfIYgBM8rCtylFmCFGe6c/xk4Frhb0w2skHM/VrszB
wlpn4TZW3+ixuWBeqELbfb3km2S9i1Yu8Lb8ZWiT/Jp/1jndTa0yxTKL79zBRrit
2yp040TqzI7REaZ3qjkbjB3ewCdyepJRfogOuxvFkxLnhsV3KAy32gAW24gHrEwj
djzbr3uKuMoKjw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:12:21 2025 by rpki-client