Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
File: cHl9sHv21Fl6wtyL40-JKYAI8s0.mft (raw, json)
Hash identifier: efMeWfMBN8H3F71l4mCDStoF5COiSc+WbpBZ5tbvBgQ=
Subject key identifier: A6:89:65:84:00:EE:83:9C:DF:B1:D9:A9:FC:C3:C6:E0:AD:26:C8:DD
Authority key identifier: 70:79:7D:B0:7B:F6:D4:59:7A:C2:DC:8B:E3:4F:89:29:80:08:F2:CD
Certificate issuer: /CN=70797db07bf6d4597ac2dc8be34f89298008f2cd
Certificate serial: 019A4C987A429CECAF58E843FE9BD0A37047
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
Manifest number: 1710
Signing time: Tue 04 Nov 2025 02:00:52 +0000
Manifest this update: Tue 04 Nov 2025 02:00:52 +0000
Manifest next update: Wed 05 Nov 2025 02:00:52 +0000
Files and hashes: 1: aSlfyLBw9tgMgXUQzZob6GMDMuM.roa (hash: DQ6riuAx/+y5wvPOEmkDzdZnToFJiPSBUt3sxo+9O3s=)
2: cHl9sHv21Fl6wtyL40-JKYAI8s0.crl (hash: SbvtJ+UQ8ghzwHZZeaY5G2+Q0dYuGd6V/X5F1BvXsLI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 02:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4c:98:7a:42:9c:ec:af:58:e8:43:fe:9b:d0:a3:70:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70797db07bf6d4597ac2dc8be34f89298008f2cd
Validity
Not Before: Nov 4 02:00:52 2025 GMT
Not After : Nov 5 02:00:52 2025 GMT
Subject: CN=a689658400ee839cdfb1d9a9fcc3c6e0ad26c8dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:88:ff:b4:59:65:6a:3a:48:b7:fc:b2:0a:14:
87:31:da:ee:3e:83:bf:54:41:7d:78:2a:e8:48:65:
8c:a4:6e:f8:7e:85:49:d8:38:db:1e:19:f9:aa:f2:
6c:4b:f3:cf:23:98:e5:0d:eb:28:e5:70:43:cc:4a:
6a:65:38:77:33:1b:ec:95:b3:23:9e:bb:33:64:ad:
d2:e4:1d:e6:67:6b:ad:ec:33:2c:67:06:8b:dd:19:
cb:90:e1:44:ac:65:50:ff:61:bc:27:5c:80:f1:f2:
e3:1c:30:13:b3:3a:7d:d5:18:22:f7:96:a5:25:4a:
2f:f6:4c:10:a9:c6:5c:de:78:f1:47:59:63:45:b4:
2e:81:e9:0f:9d:43:b9:37:d6:f8:2d:b0:ad:b5:76:
60:24:08:bd:79:87:e8:3d:fa:ce:d7:f6:e7:73:f1:
cb:00:97:c1:b7:55:1d:a9:4f:3f:73:d5:b0:55:74:
28:aa:51:51:e2:32:c7:26:19:f3:29:f6:50:ad:89:
47:24:36:8f:63:de:6f:95:c6:75:7e:1d:95:7f:82:
39:5f:89:3b:f9:b0:a5:cd:2d:88:99:f1:33:51:f4:
ad:98:6c:74:fa:44:cc:3a:ff:45:6f:28:a6:7b:21:
f4:4b:cf:30:89:ba:b2:18:68:60:2f:7e:3d:90:09:
c9:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:89:65:84:00:EE:83:9C:DF:B1:D9:A9:FC:C3:C6:E0:AD:26:C8:DD
X509v3 Authority Key Identifier:
keyid:70:79:7D:B0:7B:F6:D4:59:7A:C2:DC:8B:E3:4F:89:29:80:08:F2:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5a:46:70:5b:ac:bb:db:14:bc:11:b9:2e:c1:3b:8a:d6:ae:0a:
71:7a:1d:e5:cc:20:a8:d1:ae:a2:15:78:26:29:d1:5b:83:89:
00:1f:7a:d9:72:f6:dc:ad:2c:ab:44:53:94:4a:90:2d:48:a2:
4c:13:fc:dd:75:cb:4d:f5:d1:2f:94:78:9a:7e:d2:6f:4f:bc:
6d:99:fe:82:2b:6c:b6:a4:fc:2d:2a:0b:ed:f3:2d:c2:bd:62:
85:8d:3e:91:4b:65:01:11:75:6c:78:6b:76:64:ca:82:3d:bf:
2f:36:fa:96:ff:ec:6a:8e:18:2b:85:aa:b0:1c:d4:88:16:61:
fb:75:9c:57:c2:17:ef:97:a4:5c:69:49:a0:e6:49:42:1c:62:
6c:f5:0c:24:6a:5d:48:75:df:f1:04:6b:d3:b0:d7:b6:6a:c4:
0d:a3:d7:2a:ea:fd:00:b5:ce:d1:a3:38:36:f9:54:ef:95:2e:
85:5d:5e:df:70:31:4e:4c:d9:a5:97:9b:65:9d:d3:ea:19:0f:
61:47:95:45:cf:94:0a:d4:64:57:d4:a6:5e:fa:ff:d9:5b:de:
9b:a2:8e:4c:e9:61:0c:27:dc:09:82:fe:2d:e0:32:14:70:63:
0f:f1:3d:09:b1:8c:c7:49:c9:1b:c2:b7:81:0c:8f:f0:6e:ab:
8e:f7:2b:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpMmHpCnOyvWOhD/pvQo3BHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNzk3ZGIwN2JmNmQ0NTk3YWMyZGM4YmUzNGY4OTI5ODAw
OGYyY2QwHhcNMjUxMTA0MDIwMDUyWhcNMjUxMTA1MDIwMDUyWjAzMTEwLwYDVQQD
EyhhNjg5NjU4NDAwZWU4MzljZGZiMWQ5YTlmY2MzYzZlMGFkMjZjOGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Yj/tFllajpIt/yyChSHMdruPoO/
VEF9eCroSGWMpG74foVJ2DjbHhn5qvJsS/PPI5jlDeso5XBDzEpqZTh3MxvslbMj
nrszZK3S5B3mZ2ut7DMsZwaL3RnLkOFErGVQ/2G8J1yA8fLjHDATszp91Rgi95al
JUov9kwQqcZc3njxR1ljRbQugekPnUO5N9b4LbCttXZgJAi9eYfoPfrO1/bnc/HL
AJfBt1UdqU8/c9WwVXQoqlFR4jLHJhnzKfZQrYlHJDaPY95vlcZ1fh2Vf4I5X4k7
+bClzS2ImfEzUfStmGx0+kTMOv9FbyimeyH0S88wibqyGGhgL349kAnJFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKaJZYQA7oOc37HZqfzDxuCtJsjdMB8GA1UdIwQY
MBaAFHB5fbB79tRZesLci+NPiSmACPLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9jMmVlN2EtY2JiNy00NzBlLWI5NjUt
OTA3ZGFhNDY0NjNiLzEvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9jMmVlN2EtY2JiNy00NzBlLWI5NjUtOTA3ZGFhNDY0NjNi
LzEvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWkZwW6y7
2xS8EbkuwTuK1q4KcXod5cwgqNGuohV4JinRW4OJAB962XL23K0sq0RTlEqQLUii
TBP83XXLTfXRL5R4mn7Sb0+8bZn+gitstqT8LSoL7fMtwr1ihY0+kUtlARF1bHhr
dmTKgj2/Lzb6lv/sao4YK4WqsBzUiBZh+3WcV8IX75ekXGlJoOZJQhxibPUMJGpd
SHXf8QRr07DXtmrEDaPXKur9ALXO0aM4NvlU75UuhV1e33AxTkzZpZebZZ3T6hkP
YUeVRc+UCtRkV9SmXvr/2Vvem6KOTOlhDCfcCYL+LeAyFHBjD/E9CbGMx0nJG8K3
gQyP8G6rjvcrdw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 10:44:11 2025 by rpki-client