Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.mft
File: cBKlLoiwGDLPDuN8zath3s59EsY.mft (raw, json)
Hash identifier: 6LMQT6JvUh5skm7ZKfZfPp22hotX2BdIo1dk6GYGgsc=
Subject key identifier: 2C:81:44:3F:5C:E3:4C:C0:65:15:45:DD:EB:86:6B:FC:80:13:57:06
Authority key identifier: 70:12:A5:2E:88:B0:18:32:CF:0E:E3:7C:CD:AB:61:DE:CE:7D:12:C6
Certificate issuer: /CN=7012a52e88b01832cf0ee37ccdab61dece7d12c6
Certificate serial: 019A5375B2EE06752A53A7B36EABFF8F143C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cBKlLoiwGDLPDuN8zath3s59EsY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.mft
Manifest number: 0B90
Signing time: Wed 05 Nov 2025 10:00:13 +0000
Manifest this update: Wed 05 Nov 2025 10:00:13 +0000
Manifest next update: Thu 06 Nov 2025 10:00:13 +0000
Files and hashes: 1: cBKlLoiwGDLPDuN8zath3s59EsY.crl (hash: Fh6e+vrCXKd7JsEJbAb9Y6z5ntNq3sMF1q1KAYQ0L1I=)
2: muE7z7bw5WUF44PtXee-WtjAnUQ.roa (hash: eOTAuS8cb5e4NeqERvCCoU2l75Ey2kGH2CxTpug1Tes=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.mft
rsync://rpki.ripe.net/repository/DEFAULT/cBKlLoiwGDLPDuN8zath3s59EsY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 10:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:53:75:b2:ee:06:75:2a:53:a7:b3:6e:ab:ff:8f:14:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7012a52e88b01832cf0ee37ccdab61dece7d12c6
Validity
Not Before: Nov 5 10:00:13 2025 GMT
Not After : Nov 6 10:00:13 2025 GMT
Subject: CN=2c81443f5ce34cc0651545ddeb866bfc80135706
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:15:66:ce:fa:8d:8b:d2:2c:72:1b:d6:9c:41:
c5:0b:0e:63:ff:44:70:d2:ff:5d:ba:c2:c5:85:d5:
fe:58:ea:55:fb:b1:d4:93:e1:60:73:b7:1f:dd:95:
8c:cf:36:fd:4b:a2:03:2d:c6:e8:f3:77:6e:51:7c:
89:f9:ce:b0:ab:d0:52:09:79:8f:d5:e5:e2:10:5e:
1b:df:d2:35:c8:b3:fc:6f:1d:0f:22:a9:bd:11:79:
7e:0e:8d:27:f6:c6:96:9b:12:bf:c2:69:f7:14:e5:
19:75:91:94:7e:e0:b1:28:0c:e5:c6:7d:85:1c:bc:
6a:9d:ad:f4:7d:6f:7c:cd:72:f1:01:27:ca:de:c8:
1f:a9:57:ce:15:86:ae:48:38:15:5c:a1:27:b1:9e:
d4:29:68:f8:cf:6d:c7:3a:3d:46:db:f8:05:b6:96:
13:83:2f:71:2a:36:cd:fc:70:fd:ec:aa:fb:48:1a:
7c:bb:70:ee:80:c9:67:6b:14:b7:87:95:cc:82:d9:
04:e0:4f:15:e8:0c:9c:f5:8f:36:b9:d9:bf:ea:7a:
e7:9e:9c:ef:2b:fd:70:82:f1:b9:dc:70:62:ea:95:
bf:f2:65:2f:bc:26:c8:b4:b5:23:47:84:89:5e:0f:
a5:ff:30:e1:fb:44:8f:fc:45:d2:ed:4e:30:05:dd:
92:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:81:44:3F:5C:E3:4C:C0:65:15:45:DD:EB:86:6B:FC:80:13:57:06
X509v3 Authority Key Identifier:
keyid:70:12:A5:2E:88:B0:18:32:CF:0E:E3:7C:CD:AB:61:DE:CE:7D:12:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cBKlLoiwGDLPDuN8zath3s59EsY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
25:3d:ea:3c:e0:b0:33:b0:67:ad:7c:c2:83:47:cd:f3:77:7f:
4c:4e:e5:8a:c7:be:f0:df:13:3d:1c:24:49:61:7a:5d:c6:b0:
b1:ee:2a:48:1d:33:de:50:cf:94:aa:e7:3c:23:00:54:1f:a4:
74:f1:7a:e0:5d:80:61:c2:44:82:d8:bc:e7:d3:cf:e5:f3:4d:
9c:58:8b:3c:a9:1b:26:77:53:bd:73:7a:34:40:7b:52:30:bc:
46:a6:e2:6d:9f:62:34:52:99:e9:55:ec:9e:1f:2c:cc:6a:3f:
9c:cd:86:67:bc:9f:eb:98:2f:f4:64:d0:77:de:f1:4f:a0:8d:
3d:7f:b7:3a:bb:2e:33:c7:61:40:f8:a0:2f:17:f7:43:de:33:
03:d5:40:be:ab:53:34:7e:f8:a8:86:4b:67:e9:66:0f:e7:df:
67:60:aa:b3:cd:0e:49:b6:fc:e6:ee:d3:e6:91:50:22:88:a3:
47:8c:11:08:d7:ff:a7:a5:ec:66:13:19:1d:f6:ee:d4:83:ab:
c0:3c:52:10:74:19:9f:01:37:65:6d:fd:b5:79:e3:fc:d3:f4:
a6:1d:78:80:6f:94:da:37:2d:e9:8e:24:ff:b8:39:cd:b3:a6:
61:b0:13:86:dc:5b:e6:bf:00:a5:d8:38:87:d5:90:ed:8a:5a:
f5:6c:42:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpTdbLuBnUqU6ezbqv/jxQ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMTJhNTJlODhiMDE4MzJjZjBlZTM3Y2NkYWI2MWRlY2U3
ZDEyYzYwHhcNMjUxMTA1MTAwMDEzWhcNMjUxMTA2MTAwMDEzWjAzMTEwLwYDVQQD
EygyYzgxNDQzZjVjZTM0Y2MwNjUxNTQ1ZGRlYjg2NmJmYzgwMTM1NzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxVmzvqNi9IschvWnEHFCw5j/0Rw
0v9dusLFhdX+WOpV+7HUk+Fgc7cf3ZWMzzb9S6IDLcbo83duUXyJ+c6wq9BSCXmP
1eXiEF4b39I1yLP8bx0PIqm9EXl+Do0n9saWmxK/wmn3FOUZdZGUfuCxKAzlxn2F
HLxqna30fW98zXLxASfK3sgfqVfOFYauSDgVXKEnsZ7UKWj4z23HOj1G2/gFtpYT
gy9xKjbN/HD97Kr7SBp8u3DugMlnaxS3h5XMgtkE4E8V6Ayc9Y82udm/6nrnnpzv
K/1wgvG53HBi6pW/8mUvvCbItLUjR4SJXg+l/zDh+0SP/EXS7U4wBd2SowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCyBRD9c40zAZRVF3euGa/yAE1cGMB8GA1UdIwQY
MBaAFHASpS6IsBgyzw7jfM2rYd7OfRLGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0JLbExvaXdHRExQRHVOOHphdGgzczU5RXNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8wZTU0NWItNDQzZi00Y2ZiLThjMjgt
MzIwMWI4N2YxNDkwLzEvY0JLbExvaXdHRExQRHVOOHphdGgzczU5RXNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8wZTU0NWItNDQzZi00Y2ZiLThjMjgtMzIwMWI4N2YxNDkw
LzEvY0JLbExvaXdHRExQRHVOOHphdGgzczU5RXNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJT3qPOCw
M7BnrXzCg0fN83d/TE7lise+8N8TPRwkSWF6Xcawse4qSB0z3lDPlKrnPCMAVB+k
dPF64F2AYcJEgti859PP5fNNnFiLPKkbJndTvXN6NEB7UjC8RqbibZ9iNFKZ6VXs
nh8szGo/nM2GZ7yf65gv9GTQd97xT6CNPX+3OrsuM8dhQPigLxf3Q94zA9VAvqtT
NH74qIZLZ+lmD+ffZ2Cqs80OSbb85u7T5pFQIoijR4wRCNf/p6XsZhMZHfbu1IOr
wDxSEHQZnwE3ZW39tXnj/NP0ph14gG+U2jct6Y4k/7g5zbOmYbAThtxb5r8Apdg4
h9WQ7Ypa9WxCgg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 20:00:59 2025 by rpki-client