Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/8760ad-62c9-483f-bd2f-dc3b632e9e2b/1/cOKzQXw5wP47u7xNUj7UN7KcWhw.mft
File: cOKzQXw5wP47u7xNUj7UN7KcWhw.mft (raw, json)
Hash identifier: xGyaqy5IB5rRwYRHNBERgX7ToPuS20OCjKHHwgIq9qw=
Subject key identifier: 64:0D:28:A5:58:05:6E:E4:5C:DC:37:27:C6:4F:BE:4E:3E:A3:F4:64
Authority key identifier: 70:E2:B3:41:7C:39:C0:FE:3B:BB:BC:4D:52:3E:D4:37:B2:9C:5A:1C
Certificate issuer: /CN=70e2b3417c39c0fe3bbbbc4d523ed437b29c5a1c
Certificate serial: 019A52D2007031A7AD78866A43F44E49D24E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cOKzQXw5wP47u7xNUj7UN7KcWhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/8760ad-62c9-483f-bd2f-dc3b632e9e2b/1/cOKzQXw5wP47u7xNUj7UN7KcWhw.mft
Manifest number: 16A1
Signing time: Wed 05 Nov 2025 07:01:25 +0000
Manifest this update: Wed 05 Nov 2025 07:01:25 +0000
Manifest next update: Thu 06 Nov 2025 07:01:25 +0000
Files and hashes: 1: cOKzQXw5wP47u7xNUj7UN7KcWhw.crl (hash: YpJMGOjZlJFgYBERoJgJBZA5MmHSXOcwlwRfeooAUeE=)
2: wZl766gEgIlD1PBWErT8JXtbQ6E.roa (hash: GJKy6CeHDJyN+o1oRpRHchOhI0KPIFrY454WKeTW5CM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/8760ad-62c9-483f-bd2f-dc3b632e9e2b/1/cOKzQXw5wP47u7xNUj7UN7KcWhw.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/8760ad-62c9-483f-bd2f-dc3b632e9e2b/1/cOKzQXw5wP47u7xNUj7UN7KcWhw.mft
rsync://rpki.ripe.net/repository/DEFAULT/cOKzQXw5wP47u7xNUj7UN7KcWhw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 07:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:d2:00:70:31:a7:ad:78:86:6a:43:f4:4e:49:d2:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70e2b3417c39c0fe3bbbbc4d523ed437b29c5a1c
Validity
Not Before: Nov 5 07:01:25 2025 GMT
Not After : Nov 6 07:01:25 2025 GMT
Subject: CN=640d28a558056ee45cdc3727c64fbe4e3ea3f464
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:75:f9:73:f4:91:9b:f4:ac:4e:96:10:b1:1f:
ae:30:84:74:c0:9c:55:88:bb:81:17:4f:21:65:8b:
69:97:26:3a:54:a8:0d:14:2a:47:cd:3e:d5:31:1f:
7a:98:6d:55:67:9a:93:bf:c1:a8:a6:c1:51:23:07:
84:e5:90:f1:d2:a6:98:04:05:b9:e3:e9:15:25:2f:
39:6d:76:90:85:13:00:d0:9b:cd:d1:3a:f0:3b:5e:
20:4f:f3:c8:c4:dc:3f:4a:65:d0:cd:7f:06:58:32:
ea:e4:f2:36:dd:c9:2a:ae:fa:f7:db:f5:64:cb:9e:
d9:c1:65:f3:2d:da:c3:17:96:be:b0:6d:82:59:ab:
a8:a6:dd:9e:2f:70:e0:07:44:42:4b:86:74:8d:de:
66:22:ab:79:a0:c9:0d:56:e3:b9:b5:14:6e:5b:ee:
e1:fc:4a:fe:bd:cd:d2:3c:18:54:3b:a2:85:92:f3:
b2:5f:fd:3b:06:53:26:2c:78:cf:b9:c0:de:08:26:
ef:7b:5c:b2:cd:11:a3:95:8e:64:ad:ef:9c:e3:4d:
53:46:d3:86:da:b7:56:4e:5a:e9:1b:79:1e:fd:a3:
ec:36:e2:ff:09:b5:01:f2:66:29:ad:c8:77:32:66:
b6:d2:ec:e5:c1:9b:5d:8b:10:2e:43:97:1b:69:f9:
35:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:0D:28:A5:58:05:6E:E4:5C:DC:37:27:C6:4F:BE:4E:3E:A3:F4:64
X509v3 Authority Key Identifier:
keyid:70:E2:B3:41:7C:39:C0:FE:3B:BB:BC:4D:52:3E:D4:37:B2:9C:5A:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cOKzQXw5wP47u7xNUj7UN7KcWhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8760ad-62c9-483f-bd2f-dc3b632e9e2b/1/cOKzQXw5wP47u7xNUj7UN7KcWhw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8760ad-62c9-483f-bd2f-dc3b632e9e2b/1/cOKzQXw5wP47u7xNUj7UN7KcWhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
51:99:aa:8d:75:4e:3c:16:03:4d:5a:07:78:6a:84:57:1e:37:
a3:1f:95:9c:2c:82:c6:ea:3b:25:32:60:3f:df:03:35:a0:5b:
34:7a:c8:ab:0c:d5:46:e3:a1:f0:6b:d7:c5:79:0a:7f:d1:27:
69:90:45:8e:e4:82:7f:06:fd:44:a2:bc:66:76:ec:73:3c:e1:
83:79:b5:0f:2b:51:e4:8f:12:8c:05:93:0a:58:6c:b8:78:2d:
83:0d:d6:b7:dd:13:28:52:ca:47:86:5f:ba:9b:71:52:77:77:
d9:1e:e1:c7:17:a3:e1:cf:73:46:62:6c:30:95:33:b9:09:07:
f8:43:50:a7:42:df:3b:a5:50:95:8d:36:d3:9c:aa:f7:c5:59:
80:5b:b2:7e:c0:d8:90:84:1b:bd:d9:82:01:25:66:83:bc:b1:
34:65:c4:83:d6:9c:e2:11:9d:97:83:e5:77:65:d0:99:6c:25:
e4:67:51:3c:06:28:dd:70:39:f6:9f:8d:c7:10:bf:af:24:da:
98:60:ff:d4:3d:4e:0c:dc:0d:b5:2b:52:3e:d5:3b:48:cb:2d:
fc:63:86:82:b2:3d:96:7f:43:8c:5d:7e:33:6e:0d:d8:c4:62:
5e:1d:b9:d2:1e:70:c9:f2:3e:0f:f7:eb:d2:3e:fa:ac:81:16:
02:67:f6:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0gBwMaeteIZqQ/ROSdJOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZTJiMzQxN2MzOWMwZmUzYmJiYmM0ZDUyM2VkNDM3YjI5
YzVhMWMwHhcNMjUxMTA1MDcwMTI1WhcNMjUxMTA2MDcwMTI1WjAzMTEwLwYDVQQD
Eyg2NDBkMjhhNTU4MDU2ZWU0NWNkYzM3MjdjNjRmYmU0ZTNlYTNmNDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXX5c/SRm/SsTpYQsR+uMIR0wJxV
iLuBF08hZYtplyY6VKgNFCpHzT7VMR96mG1VZ5qTv8GopsFRIweE5ZDx0qaYBAW5
4+kVJS85bXaQhRMA0JvN0TrwO14gT/PIxNw/SmXQzX8GWDLq5PI23ckqrvr32/Vk
y57ZwWXzLdrDF5a+sG2CWauopt2eL3DgB0RCS4Z0jd5mIqt5oMkNVuO5tRRuW+7h
/Er+vc3SPBhUO6KFkvOyX/07BlMmLHjPucDeCCbve1yyzRGjlY5kre+c401TRtOG
2rdWTlrpG3ke/aPsNuL/CbUB8mYprch3Mma20uzlwZtdixAuQ5cbafk1QQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGQNKKVYBW7kXNw3J8ZPvk4+o/RkMB8GA1UdIwQY
MBaAFHDis0F8OcD+O7u8TVI+1DeynFocMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY09LelFYdzV3UDQ3dTd4TlVqN1VON0tjV2h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC84NzYwYWQtNjJjOS00ODNmLWJkMmYt
ZGMzYjYzMmU5ZTJiLzEvY09LelFYdzV3UDQ3dTd4TlVqN1VON0tjV2h3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC84NzYwYWQtNjJjOS00ODNmLWJkMmYtZGMzYjYzMmU5ZTJi
LzEvY09LelFYdzV3UDQ3dTd4TlVqN1VON0tjV2h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUZmqjXVO
PBYDTVoHeGqEVx43ox+VnCyCxuo7JTJgP98DNaBbNHrIqwzVRuOh8GvXxXkKf9En
aZBFjuSCfwb9RKK8Znbsczzhg3m1DytR5I8SjAWTClhsuHgtgw3Wt90TKFLKR4Zf
uptxUnd32R7hxxej4c9zRmJsMJUzuQkH+ENQp0LfO6VQlY0205yq98VZgFuyfsDY
kIQbvdmCASVmg7yxNGXEg9ac4hGdl4Pld2XQmWwl5GdRPAYo3XA59p+NxxC/ryTa
mGD/1D1ODNwNtStSPtU7SMst/GOGgrI9ln9DjF1+M24N2MRiXh250h5wyfI+D/fr
0j76rIEWAmf21Q==
-----END CERTIFICATE-----
Generated at Wed Nov 5 15:33:25 2025 by rpki-client