Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft
File: cvpBoKemgQK1OrMXQtthJC91kIw.mft (raw, json)
Hash identifier: nmgzx5ZVRfhN5JyX2cP+zN3r8UOJZ3LBdGavs7/J8w4=
Subject key identifier: BA:3A:11:A4:13:B3:1C:53:06:29:4F:6D:5E:9D:D8:21:C5:7C:12:BF
Authority key identifier: 72:FA:41:A0:A7:A6:81:02:B5:3A:B3:17:42:DB:61:24:2F:75:90:8C
Certificate issuer: /CN=72fa41a0a7a68102b53ab31742db61242f75908c
Certificate serial: 0198D6CD7C379681A6B761EAC08759FF086D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft
Manifest number: 1494
Signing time: Sat 23 Aug 2025 12:00:47 +0000
Manifest this update: Sat 23 Aug 2025 12:00:47 +0000
Manifest next update: Sun 24 Aug 2025 12:00:47 +0000
Files and hashes: 1: LPL5COduulE_WMolEzZwrGXijT4.roa (hash: H3PvlGhuhwCJd5x48Dt0jme9fPhyxLV/+QRuAD/R+ek=)
2: cvpBoKemgQK1OrMXQtthJC91kIw.crl (hash: lkWTmmfpFTIY8fVnUEn2XkHrHcPQHJF4Bt76WfU4Yv8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft
rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:cd:7c:37:96:81:a6:b7:61:ea:c0:87:59:ff:08:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72fa41a0a7a68102b53ab31742db61242f75908c
Validity
Not Before: Aug 23 12:00:47 2025 GMT
Not After : Aug 24 12:00:47 2025 GMT
Subject: CN=ba3a11a413b31c5306294f6d5e9dd821c57c12bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a2:14:ad:7c:78:c2:5a:a2:f9:c0:52:31:86:
24:a1:20:e8:ae:3f:00:90:7e:7a:9d:48:13:bc:8f:
24:ae:dc:92:c9:13:26:dc:ac:d3:a5:67:1b:e7:71:
c2:6d:90:72:e6:d2:84:9d:b0:b4:95:b4:e3:d8:c2:
f4:ca:8e:8a:82:64:30:41:2e:cd:3d:6c:1f:b5:59:
95:0e:44:74:5c:4c:00:ec:ec:38:6f:8d:57:0c:63:
ee:4e:a1:64:51:07:0b:56:9e:21:98:23:ee:72:8e:
ae:3b:50:9a:aa:7d:93:df:43:b2:ae:79:88:7e:4f:
eb:04:1b:ca:e5:2b:7f:09:5c:15:cc:c7:98:c3:f8:
98:35:df:3c:3c:ef:64:65:e9:51:fb:5d:31:be:6d:
2a:55:9d:97:07:c5:cf:7a:6e:d9:eb:47:b7:86:33:
2f:5b:30:94:c6:b5:10:fd:55:8d:0c:d4:6e:61:c6:
d7:1e:09:fe:25:db:87:62:63:09:f7:b6:c8:f4:30:
0d:f2:61:21:c9:00:18:56:df:6e:91:41:93:d4:86:
00:67:58:93:16:fd:57:58:4f:5f:54:d1:3a:f2:77:
54:6d:09:ed:0f:78:70:a2:a8:dd:f9:34:c5:6d:14:
9c:3c:87:1c:59:35:12:22:c0:95:7e:cd:65:cc:13:
7c:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:3A:11:A4:13:B3:1C:53:06:29:4F:6D:5E:9D:D8:21:C5:7C:12:BF
X509v3 Authority Key Identifier:
keyid:72:FA:41:A0:A7:A6:81:02:B5:3A:B3:17:42:DB:61:24:2F:75:90:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
48:e6:ae:98:b3:e4:91:e9:2a:a5:b7:f9:4e:a9:f9:3f:73:39:
c5:e0:9e:31:23:4c:d6:c5:f4:eb:b8:e9:a0:2c:12:ac:bc:53:
d6:77:7f:f7:db:a0:b4:18:7d:36:e8:fe:e6:86:09:5a:bd:be:
cf:e4:cf:2f:46:1b:c2:cb:35:6f:61:9f:1c:e6:08:82:00:b1:
d8:58:be:d8:e5:6e:3e:4d:62:2c:4f:2b:31:55:57:89:ed:77:
74:a8:a8:a6:95:36:17:94:28:cf:4f:0c:09:09:3c:55:14:bf:
f7:f2:dc:cd:e9:db:b7:fd:26:2b:7c:3e:5b:d2:41:61:47:23:
07:ff:38:9d:d3:cd:fc:04:2a:74:e7:fc:37:60:8c:93:0d:e9:
0c:4f:a4:ff:d2:d9:17:b9:6c:8b:b8:ab:d0:66:3d:57:9e:eb:
1b:cb:7f:1d:91:71:ad:19:b8:f3:1c:9a:f8:48:cf:7f:40:71:
47:b4:19:fe:2c:0f:b3:7f:38:6b:8b:12:0f:07:ce:63:cf:7c:
db:81:16:8c:92:3e:65:9a:f7:b4:8b:e5:c1:c6:af:bd:51:e0:
64:fb:45:3b:cb:9a:f6:a0:28:da:08:5d:e9:08:9b:95:bb:d7:
8a:21:93:02:d6:38:fa:4b:5c:22:b6:0b:a2:2d:c4:eb:96:9c:
80:dc:28:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzXw3loGmt2HqwIdZ/whtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZmE0MWEwYTdhNjgxMDJiNTNhYjMxNzQyZGI2MTI0MmY3
NTkwOGMwHhcNMjUwODIzMTIwMDQ3WhcNMjUwODI0MTIwMDQ3WjAzMTEwLwYDVQQD
EyhiYTNhMTFhNDEzYjMxYzUzMDYyOTRmNmQ1ZTlkZDgyMWM1N2MxMmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0KIUrXx4wlqi+cBSMYYkoSDorj8A
kH56nUgTvI8krtySyRMm3KzTpWcb53HCbZBy5tKEnbC0lbTj2ML0yo6KgmQwQS7N
PWwftVmVDkR0XEwA7Ow4b41XDGPuTqFkUQcLVp4hmCPuco6uO1Caqn2T30OyrnmI
fk/rBBvK5St/CVwVzMeYw/iYNd88PO9kZelR+10xvm0qVZ2XB8XPem7Z60e3hjMv
WzCUxrUQ/VWNDNRuYcbXHgn+JduHYmMJ97bI9DAN8mEhyQAYVt9ukUGT1IYAZ1iT
Fv1XWE9fVNE68ndUbQntD3hwoqjd+TTFbRScPIccWTUSIsCVfs1lzBN8EQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLo6EaQTsxxTBilPbV6d2CHFfBK/MB8GA1UdIwQY
MBaAFHL6QaCnpoECtTqzF0LbYSQvdZCMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3ZwQm9LZW1nUUsxT3JNWFF0dGhKQzkxa0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hOTBkYjEtZDJmMy00OGQxLTkxOGMt
ZmNlYmRjMGRmYzNmLzEvY3ZwQm9LZW1nUUsxT3JNWFF0dGhKQzkxa0l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hOTBkYjEtZDJmMy00OGQxLTkxOGMtZmNlYmRjMGRmYzNm
LzEvY3ZwQm9LZW1nUUsxT3JNWFF0dGhKQzkxa0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASOaumLPk
kekqpbf5Tqn5P3M5xeCeMSNM1sX067jpoCwSrLxT1nd/99ugtBh9Nuj+5oYJWr2+
z+TPL0Ybwss1b2GfHOYIggCx2Fi+2OVuPk1iLE8rMVVXie13dKioppU2F5Qoz08M
CQk8VRS/9/Lczenbt/0mK3w+W9JBYUcjB/84ndPN/AQqdOf8N2CMkw3pDE+k/9LZ
F7lsi7ir0GY9V57rG8t/HZFxrRm48xya+EjPf0BxR7QZ/iwPs384a4sSDwfOY898
24EWjJI+ZZr3tIvlwcavvVHgZPtFO8ua9qAo2ghd6QiblbvXiiGTAtY4+ktcIrYL
oi3E65acgNwodg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:46:07 2025 by rpki-client