Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.mft
File: CWnLIVY-Ju22r7INHZLok6jduB0.mft (raw, json)
Hash identifier: ddWQOC4m+wucFj5OW9vWrtf5dQlCMp7uYhNNY95PRpY=
Subject key identifier: 13:45:89:FC:12:B5:D1:57:31:12:61:B4:5D:28:4C:5F:E9:37:E6:C2
Authority key identifier: 09:69:CB:21:56:3E:26:ED:B6:AF:B2:0D:1D:92:E8:93:A8:DD:B8:1D
Certificate issuer: /CN=0969cb21563e26edb6afb20d1d92e893a8ddb81d
Certificate serial: 019A50E3D04DD1DB8AF6CEEB1C2B8206BDE2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CWnLIVY-Ju22r7INHZLok6jduB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.mft
Manifest number: 02BB
Signing time: Tue 04 Nov 2025 22:01:38 +0000
Manifest this update: Tue 04 Nov 2025 22:01:38 +0000
Manifest next update: Wed 05 Nov 2025 22:01:38 +0000
Files and hashes: 1: CWnLIVY-Ju22r7INHZLok6jduB0.crl (hash: 1rFCkTMGJ7HFFBp6TnchWnbUzhoiFJ3u2mrLCq5jP6c=)
2: DyBY2wfHB6a4dl33U3SXwgLJDGU.roa (hash: WRQJvvPjJahE1qm/vBTCrYOROs7sZwpvslZhT6hCk+s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CWnLIVY-Ju22r7INHZLok6jduB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:01:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:e3:d0:4d:d1:db:8a:f6:ce:eb:1c:2b:82:06:bd:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0969cb21563e26edb6afb20d1d92e893a8ddb81d
Validity
Not Before: Nov 4 22:01:38 2025 GMT
Not After : Nov 5 22:01:38 2025 GMT
Subject: CN=134589fc12b5d157311261b45d284c5fe937e6c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:62:95:5e:f4:20:d8:4a:f4:6f:dd:dd:0c:b7:
c4:ce:91:b1:88:85:b3:db:00:ed:c0:00:63:5e:ed:
07:2d:18:b4:a3:54:92:c6:58:43:47:6f:48:2e:86:
0f:1b:51:f2:29:52:88:c7:f4:34:c2:24:17:04:fd:
22:2e:3e:3b:22:1d:4a:8f:6b:1c:7f:ea:0f:fb:0e:
8d:9b:1b:1e:10:da:2b:d9:73:35:98:ae:ba:34:18:
a9:95:5b:40:f2:1c:81:50:88:d6:a0:de:37:2e:a2:
bb:e2:99:36:53:f3:57:49:df:33:6b:75:bd:b2:c3:
93:89:a2:f2:bc:6c:c3:77:4f:bf:43:9a:6b:19:aa:
e4:01:1a:c0:87:d0:8f:bb:96:b9:5b:d2:db:dc:17:
21:bc:a1:c2:f2:a4:64:9a:d9:8f:7f:d6:09:6a:49:
01:5f:a3:e4:3d:99:fb:ba:4a:bb:e2:2d:d3:37:0c:
73:50:64:c3:bc:cc:24:9c:13:e7:ff:bf:46:b6:1c:
97:8c:4d:1d:6d:62:fd:ed:ff:8c:a8:2c:60:d5:8b:
46:8c:0f:a0:e8:15:60:ca:fa:4d:a6:09:67:ae:d7:
0f:f1:ae:36:25:07:57:11:f6:e5:17:8e:09:6e:1b:
f7:ed:b4:33:ae:6d:e6:8a:b9:7c:eb:bd:62:1d:8e:
7b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:45:89:FC:12:B5:D1:57:31:12:61:B4:5D:28:4C:5F:E9:37:E6:C2
X509v3 Authority Key Identifier:
keyid:09:69:CB:21:56:3E:26:ED:B6:AF:B2:0D:1D:92:E8:93:A8:DD:B8:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CWnLIVY-Ju22r7INHZLok6jduB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9b:f1:53:3d:a7:9a:e8:d7:9f:0d:42:e2:af:08:29:fe:61:6e:
df:ac:2e:d5:83:72:c2:10:93:57:84:10:b7:4f:f0:0d:bc:31:
e2:f1:74:e4:ac:8d:6b:c8:d6:29:0a:79:82:55:07:b7:5b:15:
01:20:45:4b:c1:bf:d2:0d:0f:be:29:b4:27:38:0a:2d:c0:4d:
61:f5:c4:95:4f:83:d9:3a:be:79:0f:53:74:b1:e6:e6:29:62:
bd:2c:cd:09:e4:de:ef:eb:9d:fc:d8:dc:67:3f:ca:f9:44:07:
01:13:c2:28:72:43:36:92:65:2e:fb:b1:64:79:8d:9d:d5:18:
b6:d5:5b:a6:0f:d6:b7:89:57:bc:33:f6:a7:45:74:e3:ad:32:
8c:69:2f:1d:2c:d1:3d:51:a2:99:4d:a4:b7:5c:e5:17:f3:b6:
62:03:58:9c:77:dc:dd:82:4d:81:c0:e3:d0:71:52:7a:b7:ef:
a1:27:d2:17:84:ed:01:2b:7e:69:7e:8e:48:88:1b:1b:a0:2a:
e4:58:3b:09:7d:35:9c:ad:dd:92:c2:9a:0a:7b:cd:8e:2f:a8:
2b:53:6a:8f:47:8f:d1:e3:d6:01:60:c6:88:96:8c:ca:d5:6d:
13:06:9d:ba:b8:ed:74:fa:0b:1e:f7:a6:1b:8f:0f:2a:3d:82:
6b:fb:a4:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ49BN0duK9s7rHCuCBr3iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NjljYjIxNTYzZTI2ZWRiNmFmYjIwZDFkOTJlODkzYThk
ZGI4MWQwHhcNMjUxMTA0MjIwMTM4WhcNMjUxMTA1MjIwMTM4WjAzMTEwLwYDVQQD
EygxMzQ1ODlmYzEyYjVkMTU3MzExMjYxYjQ1ZDI4NGM1ZmU5MzdlNmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWKVXvQg2Er0b93dDLfEzpGxiIWz
2wDtwABjXu0HLRi0o1SSxlhDR29ILoYPG1HyKVKIx/Q0wiQXBP0iLj47Ih1Kj2sc
f+oP+w6NmxseENor2XM1mK66NBiplVtA8hyBUIjWoN43LqK74pk2U/NXSd8za3W9
ssOTiaLyvGzDd0+/Q5prGarkARrAh9CPu5a5W9Lb3BchvKHC8qRkmtmPf9YJakkB
X6PkPZn7ukq74i3TNwxzUGTDvMwknBPn/79GthyXjE0dbWL97f+MqCxg1YtGjA+g
6BVgyvpNpglnrtcP8a42JQdXEfblF44Jbhv37bQzrm3mirl8671iHY57WQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBNFifwStdFXMRJhtF0oTF/pN+bCMB8GA1UdIwQY
MBaAFAlpyyFWPibttq+yDR2S6JOo3bgdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1duTElWWS1KdTIycjdJTkhaTG9rNmpkdUIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy83ZmU4MjMtNmVkNy00Nzg2LTk3YjQt
MzYwMGQwMmE2ZjBlLzEvQ1duTElWWS1KdTIycjdJTkhaTG9rNmpkdUIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy83ZmU4MjMtNmVkNy00Nzg2LTk3YjQtMzYwMGQwMmE2ZjBl
LzEvQ1duTElWWS1KdTIycjdJTkhaTG9rNmpkdUIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm/FTPaea
6NefDULirwgp/mFu36wu1YNywhCTV4QQt0/wDbwx4vF05KyNa8jWKQp5glUHt1sV
ASBFS8G/0g0Pvim0JzgKLcBNYfXElU+D2Tq+eQ9TdLHm5ilivSzNCeTe7+ud/Njc
Zz/K+UQHARPCKHJDNpJlLvuxZHmNndUYttVbpg/Wt4lXvDP2p0V0460yjGkvHSzR
PVGimU2kt1zlF/O2YgNYnHfc3YJNgcDj0HFSerfvoSfSF4TtASt+aX6OSIgbG6Aq
5Fg7CX01nK3dksKaCnvNji+oK1Nqj0eP0ePWAWDGiJaMytVtEwadurjtdPoLHvem
G48PKj2Ca/ukjA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 06:51:45 2025 by rpki-client