Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/87e666-7248-4240-b4e4-959559b96f87/1/cbKwT_m3Lr--uRg4UjPgKMjz_fE.mft
File: cbKwT_m3Lr--uRg4UjPgKMjz_fE.mft (raw, json)
Hash identifier: x57dIOa1ta6aCqJxLcNcttza5wE2gkdzwRkPGta8oRc=
Subject key identifier: 7D:FF:53:2D:63:11:DE:88:B6:4E:20:54:70:06:51:04:4F:52:02:FB
Authority key identifier: 71:B2:B0:4F:F9:B7:2E:BF:BE:B9:18:38:52:33:E0:28:C8:F3:FD:F1
Certificate issuer: /CN=71b2b04ff9b72ebfbeb918385233e028c8f3fdf1
Certificate serial: 019A4FD05597532CD79AD7043FCA9CEEB7C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cbKwT_m3Lr--uRg4UjPgKMjz_fE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/87e666-7248-4240-b4e4-959559b96f87/1/cbKwT_m3Lr--uRg4UjPgKMjz_fE.mft
Manifest number: 0851
Signing time: Tue 04 Nov 2025 17:00:44 +0000
Manifest this update: Tue 04 Nov 2025 17:00:44 +0000
Manifest next update: Wed 05 Nov 2025 17:00:44 +0000
Files and hashes: 1: cbKwT_m3Lr--uRg4UjPgKMjz_fE.crl (hash: YVa0kK9U73KQ8yej52KYDFPwprNSXLOdxdZoU1ReSAw=)
2: nA6xks4oQE9N25Xp7uQGkNyo-7Y.roa (hash: F+E2ylwyKz3DO5lKloF7/MKQO4W4GhOJOnJmcBpu/7Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/87e666-7248-4240-b4e4-959559b96f87/1/cbKwT_m3Lr--uRg4UjPgKMjz_fE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/87e666-7248-4240-b4e4-959559b96f87/1/cbKwT_m3Lr--uRg4UjPgKMjz_fE.mft
rsync://rpki.ripe.net/repository/DEFAULT/cbKwT_m3Lr--uRg4UjPgKMjz_fE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:d0:55:97:53:2c:d7:9a:d7:04:3f:ca:9c:ee:b7:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71b2b04ff9b72ebfbeb918385233e028c8f3fdf1
Validity
Not Before: Nov 4 17:00:44 2025 GMT
Not After : Nov 5 17:00:44 2025 GMT
Subject: CN=7dff532d6311de88b64e2054700651044f5202fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7b:46:1c:80:6e:13:b0:e5:dc:5d:b9:ea:7d:
7a:be:b6:40:29:a5:02:04:49:01:5f:dc:a1:3e:35:
63:68:a9:9f:d9:37:27:83:0e:22:80:18:2d:3d:4e:
95:60:93:2c:c1:a9:ca:ca:f6:bf:b0:31:6d:c9:fd:
a0:2c:dc:9e:5f:14:e4:b0:13:d5:0b:25:5f:90:8f:
b7:c4:69:cd:e3:7c:7f:8e:08:e7:e0:62:f2:99:68:
96:27:85:02:db:5e:51:8f:be:0e:d7:b8:b3:ea:40:
3e:11:86:7f:66:a8:fb:1a:d9:7f:f3:1e:44:92:a0:
dd:4b:e0:4f:72:62:e9:1e:eb:50:9b:16:e8:59:80:
85:53:42:62:b3:c7:4e:dc:4c:98:d8:2f:c4:a9:e5:
ea:3e:e5:bb:23:9b:e1:b2:dd:ff:72:54:84:45:46:
1c:3c:cd:a0:85:d1:21:0d:44:78:98:50:2e:61:51:
d7:21:ce:c5:8c:35:70:e2:53:31:41:10:70:9f:5b:
22:5c:63:69:1a:04:cb:b0:87:81:bc:a7:d9:9a:08:
9f:42:1e:10:47:95:97:ab:c8:10:0a:0d:19:b4:2e:
35:89:ba:3f:25:00:a5:a1:86:94:c3:75:13:9b:bf:
97:74:65:8a:1c:6f:23:e8:78:21:b9:0d:0f:0e:44:
6e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:FF:53:2D:63:11:DE:88:B6:4E:20:54:70:06:51:04:4F:52:02:FB
X509v3 Authority Key Identifier:
keyid:71:B2:B0:4F:F9:B7:2E:BF:BE:B9:18:38:52:33:E0:28:C8:F3:FD:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cbKwT_m3Lr--uRg4UjPgKMjz_fE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/87e666-7248-4240-b4e4-959559b96f87/1/cbKwT_m3Lr--uRg4UjPgKMjz_fE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/87e666-7248-4240-b4e4-959559b96f87/1/cbKwT_m3Lr--uRg4UjPgKMjz_fE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
91:45:f5:d2:e7:2b:80:f7:f7:29:b4:1c:b2:a1:23:db:28:6c:
ed:1c:f6:9b:aa:3d:6c:69:b6:a3:65:7d:9a:75:3b:34:10:77:
6f:05:76:ba:c9:59:10:e0:f0:41:d9:ea:51:36:e3:e1:f4:d8:
bc:c4:9b:1a:56:68:68:88:31:a0:52:42:90:42:ba:85:67:a8:
83:7e:15:57:53:68:4a:5b:53:58:3c:9b:f5:81:35:6f:5c:1a:
c4:ed:fb:8b:26:af:13:ad:8d:4a:5c:c2:44:3d:92:e1:a9:35:
27:61:c8:99:e6:ad:8e:dc:21:7a:d0:44:2a:4e:d5:12:63:71:
d6:6a:56:7b:6a:70:2f:a2:89:78:4d:77:0d:d3:e7:5e:6d:4e:
9a:0a:33:ca:07:44:df:0a:e9:01:cf:a5:5c:62:0b:02:8a:e6:
13:91:a5:8d:07:dd:4f:93:72:2a:28:2b:d5:b5:1e:21:eb:fe:
b5:53:d1:59:68:6f:8b:1b:a7:ba:73:12:d3:59:0a:6b:30:7b:
f6:ff:4d:f8:32:f9:0b:13:c3:49:96:48:5d:83:88:3b:94:3e:
d3:6b:e7:b4:00:2a:68:4c:2a:13:cd:02:90:c4:54:49:a8:e6:
34:9c:0a:f7:b5:8c:95:0a:c4:32:27:16:33:17:f5:44:7e:8f:
a0:50:55:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpP0FWXUyzXmtcEP8qc7rfIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYjJiMDRmZjliNzJlYmZiZWI5MTgzODUyMzNlMDI4Yzhm
M2ZkZjEwHhcNMjUxMTA0MTcwMDQ0WhcNMjUxMTA1MTcwMDQ0WjAzMTEwLwYDVQQD
Eyg3ZGZmNTMyZDYzMTFkZTg4YjY0ZTIwNTQ3MDA2NTEwNDRmNTIwMmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHtGHIBuE7Dl3F256n16vrZAKaUC
BEkBX9yhPjVjaKmf2Tcngw4igBgtPU6VYJMswanKyva/sDFtyf2gLNyeXxTksBPV
CyVfkI+3xGnN43x/jgjn4GLymWiWJ4UC215Rj74O17iz6kA+EYZ/Zqj7Gtl/8x5E
kqDdS+BPcmLpHutQmxboWYCFU0Jis8dO3EyY2C/EqeXqPuW7I5vhst3/clSERUYc
PM2ghdEhDUR4mFAuYVHXIc7FjDVw4lMxQRBwn1siXGNpGgTLsIeBvKfZmgifQh4Q
R5WXq8gQCg0ZtC41ibo/JQCloYaUw3UTm7+XdGWKHG8j6HghuQ0PDkRuewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH3/Uy1jEd6Itk4gVHAGUQRPUgL7MB8GA1UdIwQY
MBaAFHGysE/5ty6/vrkYOFIz4CjI8/3xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2JLd1RfbTNMci0tdVJnNFVqUGdLTWp6X2ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC84N2U2NjYtNzI0OC00MjQwLWI0ZTQt
OTU5NTU5Yjk2Zjg3LzEvY2JLd1RfbTNMci0tdVJnNFVqUGdLTWp6X2ZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC84N2U2NjYtNzI0OC00MjQwLWI0ZTQtOTU5NTU5Yjk2Zjg3
LzEvY2JLd1RfbTNMci0tdVJnNFVqUGdLTWp6X2ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkUX10ucr
gPf3KbQcsqEj2yhs7Rz2m6o9bGm2o2V9mnU7NBB3bwV2uslZEODwQdnqUTbj4fTY
vMSbGlZoaIgxoFJCkEK6hWeog34VV1NoSltTWDyb9YE1b1waxO37iyavE62NSlzC
RD2S4ak1J2HImeatjtwhetBEKk7VEmNx1mpWe2pwL6KJeE13DdPnXm1OmgozygdE
3wrpAc+lXGILAormE5GljQfdT5NyKigr1bUeIev+tVPRWWhvixununMS01kKazB7
9v9N+DL5CxPDSZZIXYOIO5Q+02vntAAqaEwqE80CkMRUSajmNJwK97WMlQrEMicW
Mxf1RH6PoFBV2w==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:23:04 2025 by rpki-client