Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft
File: cvpBoKemgQK1OrMXQtthJC91kIw.mft (raw, json)
Hash identifier: mn8GvFO5ZgT1bMp0aeTcMH6FhErKujMzgC5C8leZbIU=
Subject key identifier: ED:CD:95:3B:DD:F6:29:D9:E8:8B:02:0E:79:70:D6:41:0F:05:29:ED
Authority key identifier: 72:FA:41:A0:A7:A6:81:02:B5:3A:B3:17:42:DB:61:24:2F:75:90:8C
Certificate issuer: /CN=72fa41a0a7a68102b53ab31742db61242f75908c
Certificate serial: 0199FE472A546BD85AB5F9AD52139AB54478
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft
Manifest number: 152D
Signing time: Sun 19 Oct 2025 21:01:40 +0000
Manifest this update: Sun 19 Oct 2025 21:01:40 +0000
Manifest next update: Mon 20 Oct 2025 21:01:40 +0000
Files and hashes: 1: LPL5COduulE_WMolEzZwrGXijT4.roa (hash: H3PvlGhuhwCJd5x48Dt0jme9fPhyxLV/+QRuAD/R+ek=)
2: cvpBoKemgQK1OrMXQtthJC91kIw.crl (hash: 4Hqhat7JqmDBd2nMDFJkOAHRIY886l5uXPcItk+f+ps=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft
rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fe:47:2a:54:6b:d8:5a:b5:f9:ad:52:13:9a:b5:44:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72fa41a0a7a68102b53ab31742db61242f75908c
Validity
Not Before: Oct 19 21:01:40 2025 GMT
Not After : Oct 20 21:01:40 2025 GMT
Subject: CN=edcd953bddf629d9e88b020e7970d6410f0529ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:9c:a2:ad:6a:5e:2e:c6:08:8b:65:b2:19:2e:
43:b5:b5:02:78:bf:1c:46:90:df:ab:3f:29:e3:e0:
d0:ad:f0:49:d6:67:cc:28:ff:19:d7:e9:a7:64:dd:
b0:7c:a4:33:02:c2:0f:3d:df:e2:3e:6f:d5:d8:3e:
03:1c:ff:fb:06:1b:bc:d7:ff:7e:a1:0d:c3:ed:9d:
ab:cb:66:04:3c:39:c1:3b:0c:3a:15:af:61:2f:e3:
ae:d2:b3:2d:a4:99:9f:c8:29:e0:4c:42:97:02:7e:
3a:72:0a:46:8d:43:a6:2e:f7:56:90:6a:ad:c4:cb:
fd:99:fb:3e:2c:ea:26:c3:12:70:3f:60:db:96:8c:
af:47:55:75:af:c8:8d:c7:dc:04:4c:fd:a0:56:63:
dc:94:bd:1c:24:3a:87:00:ee:85:e3:1c:fb:8e:c0:
a7:d0:6f:5a:8b:53:67:ba:d2:28:c2:b1:10:70:18:
3e:16:45:e5:dd:6a:3a:39:59:d5:76:bf:4f:98:31:
17:da:d5:12:96:a7:67:e2:0a:a2:09:be:aa:12:cd:
fa:8d:7c:0a:c8:a1:8f:b0:3e:60:e8:60:54:c7:b0:
b7:b8:49:0f:7d:09:2b:8b:cf:db:75:be:82:db:36:
d9:2e:de:38:f5:e5:c4:d3:92:96:47:3d:8b:40:49:
95:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:CD:95:3B:DD:F6:29:D9:E8:8B:02:0E:79:70:D6:41:0F:05:29:ED
X509v3 Authority Key Identifier:
keyid:72:FA:41:A0:A7:A6:81:02:B5:3A:B3:17:42:DB:61:24:2F:75:90:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
50:08:4b:b9:84:48:a6:c5:85:3e:17:20:29:f0:2e:07:50:6e:
07:11:35:56:7c:ce:c6:07:57:12:41:aa:f9:4e:ba:52:4a:2a:
e2:0f:39:44:8e:5d:9f:eb:e9:2f:a9:df:4d:e2:cc:60:3e:79:
fd:09:bb:72:f8:a9:96:77:ea:5a:bb:99:ef:d3:5d:93:d6:cc:
0a:09:85:a9:37:79:25:66:f7:12:3a:bb:cf:23:5c:60:53:6b:
9b:62:40:15:fe:04:0d:bc:51:e3:10:03:b4:88:dd:35:94:3e:
b3:ea:80:49:6d:20:a1:9a:f7:4d:a9:99:f2:6c:1e:d4:00:f3:
42:6f:0f:62:23:25:17:ea:c6:4f:aa:26:81:5e:e8:1a:37:b6:
37:e7:ab:3a:f2:a4:b4:8b:f9:b1:2a:ef:ce:26:cc:e0:80:37:
80:08:90:97:08:46:91:fe:9e:15:2f:97:67:13:62:62:b4:c5:
e5:84:a6:10:0a:33:13:7a:c0:d9:9b:27:33:43:3e:63:cb:9f:
b9:9c:d9:5f:0a:40:55:eb:12:bf:4f:09:fe:86:72:0f:cb:4e:
52:f4:98:b2:1a:b5:a3:e2:ca:ce:39:14:f9:a9:7c:30:1e:e7:
4b:ec:fe:7f:09:67:95:6a:d4:a4:e7:c9:89:a6:9e:6f:a1:0b:
27:0d:97:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+RypUa9hatfmtUhOatUR4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZmE0MWEwYTdhNjgxMDJiNTNhYjMxNzQyZGI2MTI0MmY3
NTkwOGMwHhcNMjUxMDE5MjEwMTQwWhcNMjUxMDIwMjEwMTQwWjAzMTEwLwYDVQQD
EyhlZGNkOTUzYmRkZjYyOWQ5ZTg4YjAyMGU3OTcwZDY0MTBmMDUyOWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZyirWpeLsYIi2WyGS5DtbUCeL8c
RpDfqz8p4+DQrfBJ1mfMKP8Z1+mnZN2wfKQzAsIPPd/iPm/V2D4DHP/7Bhu81/9+
oQ3D7Z2ry2YEPDnBOww6Fa9hL+Ou0rMtpJmfyCngTEKXAn46cgpGjUOmLvdWkGqt
xMv9mfs+LOomwxJwP2DbloyvR1V1r8iNx9wETP2gVmPclL0cJDqHAO6F4xz7jsCn
0G9ai1NnutIowrEQcBg+FkXl3Wo6OVnVdr9PmDEX2tUSlqdn4gqiCb6qEs36jXwK
yKGPsD5g6GBUx7C3uEkPfQkri8/bdb6C2zbZLt449eXE05KWRz2LQEmVHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO3NlTvd9inZ6IsCDnlw1kEPBSntMB8GA1UdIwQY
MBaAFHL6QaCnpoECtTqzF0LbYSQvdZCMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3ZwQm9LZW1nUUsxT3JNWFF0dGhKQzkxa0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hOTBkYjEtZDJmMy00OGQxLTkxOGMt
ZmNlYmRjMGRmYzNmLzEvY3ZwQm9LZW1nUUsxT3JNWFF0dGhKQzkxa0l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hOTBkYjEtZDJmMy00OGQxLTkxOGMtZmNlYmRjMGRmYzNm
LzEvY3ZwQm9LZW1nUUsxT3JNWFF0dGhKQzkxa0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUAhLuYRI
psWFPhcgKfAuB1BuBxE1VnzOxgdXEkGq+U66Ukoq4g85RI5dn+vpL6nfTeLMYD55
/Qm7cviplnfqWruZ79Ndk9bMCgmFqTd5JWb3Ejq7zyNcYFNrm2JAFf4EDbxR4xAD
tIjdNZQ+s+qASW0goZr3TamZ8mwe1ADzQm8PYiMlF+rGT6omgV7oGje2N+erOvKk
tIv5sSrvzibM4IA3gAiQlwhGkf6eFS+XZxNiYrTF5YSmEAozE3rA2ZsnM0M+Y8uf
uZzZXwpAVesSv08J/oZyD8tOUvSYshq1o+LKzjkU+al8MB7nS+z+fwlnlWrUpOfJ
iaaeb6ELJw2XCQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:38:47 2025 by rpki-client