Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/cd5824-2dde-403e-b2c4-d225032d1858/1/cnFQa_q5Ese4FxuWuFoJmxQObNg.mft
File: cnFQa_q5Ese4FxuWuFoJmxQObNg.mft (raw, json)
Hash identifier: O6VMBie0nHxQw+0twWQnOhsax0w4DwtHZ1XgurrCZLo=
Subject key identifier: 48:96:D4:10:99:DC:13:EE:F1:13:56:EC:BB:C0:37:29:22:C8:FE:0A
Authority key identifier: 72:71:50:6B:FA:B9:12:C7:B8:17:1B:96:B8:5A:09:9B:14:0E:6C:D8
Certificate issuer: /CN=7271506bfab912c7b8171b96b85a099b140e6cd8
Certificate serial: 019A4E869E8E0A38D4EA6512C12D4B39E376
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cnFQa_q5Ese4FxuWuFoJmxQObNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/cd5824-2dde-403e-b2c4-d225032d1858/1/cnFQa_q5Ese4FxuWuFoJmxQObNg.mft
Manifest number: 0530
Signing time: Tue 04 Nov 2025 11:00:36 +0000
Manifest this update: Tue 04 Nov 2025 11:00:36 +0000
Manifest next update: Wed 05 Nov 2025 11:00:36 +0000
Files and hashes: 1: 1-t2gcnq_wGKj6Cw9yBTlPkMhqpA.roa (hash: biNGhGH5AKAvuvZqlWI6oNS4u1EhxLRFN8pAccYPS0U=)
2: cnFQa_q5Ese4FxuWuFoJmxQObNg.crl (hash: kpMPHIxL4NKvbkLH+YNeZDHP0tBNyGlfmEEoa8Dzlg4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/cd5824-2dde-403e-b2c4-d225032d1858/1/cnFQa_q5Ese4FxuWuFoJmxQObNg.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/cd5824-2dde-403e-b2c4-d225032d1858/1/cnFQa_q5Ese4FxuWuFoJmxQObNg.mft
rsync://rpki.ripe.net/repository/DEFAULT/cnFQa_q5Ese4FxuWuFoJmxQObNg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:86:9e:8e:0a:38:d4:ea:65:12:c1:2d:4b:39:e3:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7271506bfab912c7b8171b96b85a099b140e6cd8
Validity
Not Before: Nov 4 11:00:36 2025 GMT
Not After : Nov 5 11:00:36 2025 GMT
Subject: CN=4896d41099dc13eef11356ecbbc0372922c8fe0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d0:9d:ec:cc:ba:f3:9b:d9:ef:32:e8:ec:9d:
a1:21:3b:de:cf:c6:fd:72:24:22:be:81:01:df:14:
1e:36:85:c4:26:a4:e0:fc:d6:0e:8d:f3:d5:aa:64:
48:50:a5:4c:ed:f7:76:c4:d0:ec:dc:a1:66:47:98:
2e:b6:95:fa:49:b5:a4:ad:b0:7c:a0:3c:ca:8c:1c:
eb:df:74:6c:2c:72:81:40:e1:91:c9:86:d9:47:b6:
dc:18:59:77:f9:6c:0b:5c:ba:27:4d:d3:68:12:f8:
da:56:14:61:77:9b:3a:1a:f0:3a:de:d3:78:c7:f8:
11:7f:3e:d8:b0:aa:b0:fb:18:40:46:19:0f:49:a5:
6a:97:33:ee:9b:37:84:8a:aa:16:99:b6:66:6e:0f:
ee:ca:f4:4f:75:68:ad:48:9e:18:d0:cf:14:ae:68:
52:8d:b4:9d:a3:95:be:ff:7f:10:fb:5e:bf:35:65:
41:c9:42:4e:6d:3c:b5:13:d9:dc:cd:16:1e:34:f7:
cc:db:85:90:79:ae:ea:6f:f0:fd:a6:1e:fb:07:50:
bc:3e:ec:08:c9:96:2d:ec:08:79:01:f3:ec:49:83:
81:0d:37:73:56:76:1d:b4:50:ea:d4:f4:6b:ae:d2:
35:7f:b3:86:37:6e:96:56:d6:27:31:79:1f:74:2e:
6c:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:96:D4:10:99:DC:13:EE:F1:13:56:EC:BB:C0:37:29:22:C8:FE:0A
X509v3 Authority Key Identifier:
keyid:72:71:50:6B:FA:B9:12:C7:B8:17:1B:96:B8:5A:09:9B:14:0E:6C:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cnFQa_q5Ese4FxuWuFoJmxQObNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/cd5824-2dde-403e-b2c4-d225032d1858/1/cnFQa_q5Ese4FxuWuFoJmxQObNg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/cd5824-2dde-403e-b2c4-d225032d1858/1/cnFQa_q5Ese4FxuWuFoJmxQObNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a0:87:a2:75:58:a9:f7:09:35:60:84:ec:a7:97:10:15:36:40:
48:9f:52:e6:e0:f4:67:3e:8f:8c:30:8b:f1:eb:7a:62:3a:23:
a5:b2:07:7e:2a:02:70:b9:19:c7:bc:a0:4b:c1:5d:06:68:e1:
be:b4:9b:b8:29:45:7d:a7:70:b4:54:9f:00:a7:3d:1a:1e:0a:
72:00:02:76:17:41:3a:33:d4:3d:b3:63:b5:ac:8a:76:ba:89:
79:27:51:03:c9:12:72:d4:7d:88:ba:c0:46:34:8b:93:24:2f:
32:b0:6b:eb:e3:81:c7:a6:7d:ae:3b:66:16:1c:09:e3:19:c6:
e6:01:42:f4:fe:97:3d:99:9a:e4:bf:c4:13:de:6b:06:71:b5:
50:eb:e9:6a:3d:72:d7:66:27:6b:60:ae:b5:36:46:4f:ca:f2:
23:d5:cd:e6:02:9b:ad:67:de:b9:5e:34:ef:f2:27:bc:de:d2:
4f:fa:dc:52:b2:97:de:76:24:a7:e4:66:14:3f:99:a0:b2:8e:
a4:ea:25:b2:b4:5e:09:de:a3:e5:ab:20:47:79:78:c8:fa:ab:
77:30:de:0f:11:84:ae:ac:18:2d:2a:7c:d3:84:7d:d2:78:3b:
ce:61:ad:7c:09:58:0b:e8:a0:5b:22:07:5d:f4:f5:ff:46:08:
61:30:66:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOhp6OCjjU6mUSwS1LOeN2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNzE1MDZiZmFiOTEyYzdiODE3MWI5NmI4NWEwOTliMTQw
ZTZjZDgwHhcNMjUxMTA0MTEwMDM2WhcNMjUxMTA1MTEwMDM2WjAzMTEwLwYDVQQD
Eyg0ODk2ZDQxMDk5ZGMxM2VlZjExMzU2ZWNiYmMwMzcyOTIyYzhmZTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9Cd7My685vZ7zLo7J2hITvez8b9
ciQivoEB3xQeNoXEJqTg/NYOjfPVqmRIUKVM7fd2xNDs3KFmR5gutpX6SbWkrbB8
oDzKjBzr33RsLHKBQOGRyYbZR7bcGFl3+WwLXLonTdNoEvjaVhRhd5s6GvA63tN4
x/gRfz7YsKqw+xhARhkPSaVqlzPumzeEiqoWmbZmbg/uyvRPdWitSJ4Y0M8UrmhS
jbSdo5W+/38Q+16/NWVByUJObTy1E9nczRYeNPfM24WQea7qb/D9ph77B1C8PuwI
yZYt7Ah5AfPsSYOBDTdzVnYdtFDq1PRrrtI1f7OGN26WVtYnMXkfdC5sPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEiW1BCZ3BPu8RNW7LvANykiyP4KMB8GA1UdIwQY
MBaAFHJxUGv6uRLHuBcblrhaCZsUDmzYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY25GUWFfcTVFc2U0Rnh1V3VGb0pteFFPYk5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9jZDU4MjQtMmRkZS00MDNlLWIyYzQt
ZDIyNTAzMmQxODU4LzEvY25GUWFfcTVFc2U0Rnh1V3VGb0pteFFPYk5nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9jZDU4MjQtMmRkZS00MDNlLWIyYzQtZDIyNTAzMmQxODU4
LzEvY25GUWFfcTVFc2U0Rnh1V3VGb0pteFFPYk5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoIeidVip
9wk1YITsp5cQFTZASJ9S5uD0Zz6PjDCL8et6YjojpbIHfioCcLkZx7ygS8FdBmjh
vrSbuClFfadwtFSfAKc9Gh4KcgACdhdBOjPUPbNjtayKdrqJeSdRA8kSctR9iLrA
RjSLkyQvMrBr6+OBx6Z9rjtmFhwJ4xnG5gFC9P6XPZma5L/EE95rBnG1UOvpaj1y
12Yna2CutTZGT8ryI9XN5gKbrWfeuV407/InvN7ST/rcUrKX3nYkp+RmFD+ZoLKO
pOolsrReCd6j5asgR3l4yPqrdzDeDxGErqwYLSp804R90ng7zmGtfAlYC+igWyIH
XfT1/0YIYTBmOA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:31:16 2025 by rpki-client