Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/b63569-a267-4144-ad30-ec9a7d1bdf5b/1/cOqX0WJrEm9ZHG-zHo7LiTnbQio.mft
File: cOqX0WJrEm9ZHG-zHo7LiTnbQio.mft (raw, json)
Hash identifier: xwEZ9dUPcTGkYwA5tuPINxdxjuTNzzkgY3AXDIRhsBY=
Subject key identifier: F0:F3:C9:41:D6:AC:E7:F9:3D:95:04:B3:64:89:B9:10:92:5A:B2:D1
Authority key identifier: 70:EA:97:D1:62:6B:12:6F:59:1C:6F:B3:1E:8E:CB:89:39:DB:42:2A
Certificate issuer: /CN=70ea97d1626b126f591c6fb31e8ecb8939db422a
Certificate serial: 0199FA6A68005A7238EA0FC9AED0F218C596
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cOqX0WJrEm9ZHG-zHo7LiTnbQio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/b63569-a267-4144-ad30-ec9a7d1bdf5b/1/cOqX0WJrEm9ZHG-zHo7LiTnbQio.mft
Manifest number: 0B
Signing time: Sun 19 Oct 2025 03:01:41 +0000
Manifest this update: Sun 19 Oct 2025 03:01:41 +0000
Manifest next update: Mon 20 Oct 2025 03:01:41 +0000
Files and hashes: 1: cOqX0WJrEm9ZHG-zHo7LiTnbQio.crl (hash: r4jlgy2uPrIG5IFNdrwWqQPQbOzfGocOJxgmMNAm1a8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/b63569-a267-4144-ad30-ec9a7d1bdf5b/1/cOqX0WJrEm9ZHG-zHo7LiTnbQio.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/b63569-a267-4144-ad30-ec9a7d1bdf5b/1/cOqX0WJrEm9ZHG-zHo7LiTnbQio.mft
rsync://rpki.ripe.net/repository/DEFAULT/cOqX0WJrEm9ZHG-zHo7LiTnbQio.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 03:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fa:6a:68:00:5a:72:38:ea:0f:c9:ae:d0:f2:18:c5:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70ea97d1626b126f591c6fb31e8ecb8939db422a
Validity
Not Before: Oct 19 03:01:41 2025 GMT
Not After : Oct 20 03:01:41 2025 GMT
Subject: CN=f0f3c941d6ace7f93d9504b36489b910925ab2d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:2a:69:7d:6c:a3:f0:93:4f:73:43:02:d1:36:
e1:67:6f:0b:a6:78:5e:e3:b0:a2:fb:41:b4:64:d8:
e0:27:b8:17:e5:5e:34:94:bc:c3:9d:58:18:73:61:
6d:66:6e:11:49:6d:10:ed:10:f3:c5:9e:eb:c4:b1:
6e:9e:14:57:88:a9:74:9d:56:1e:30:64:54:91:ba:
53:90:fa:ac:b0:0a:a1:65:fe:e5:a2:8d:75:3c:ee:
4e:b3:87:36:b2:aa:25:b3:7c:c7:24:cc:95:21:87:
1d:2a:4d:e0:25:ea:ad:62:31:72:96:f8:b6:4f:ea:
50:aa:59:de:61:65:ad:2e:e8:6b:63:78:60:33:36:
5d:e6:74:f4:6c:1f:b8:a3:23:13:50:a7:a4:28:f2:
53:85:0c:00:0b:e0:3f:6d:1e:21:e6:85:c6:5a:9f:
bd:85:2b:55:2a:f6:77:1a:90:04:f8:7f:ab:35:cf:
3d:b4:2e:be:9f:5f:23:0d:d8:aa:4d:3f:e3:bb:b7:
17:fb:41:89:69:a8:39:af:88:c5:04:ae:f8:b3:f8:
2c:04:f9:82:66:6f:c3:14:8a:0c:f6:8b:bc:b0:f5:
25:0a:97:02:35:32:cd:18:5a:44:26:32:46:81:df:
c5:d7:32:e1:1c:18:76:aa:7e:23:93:a8:d0:5e:37:
ea:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:F3:C9:41:D6:AC:E7:F9:3D:95:04:B3:64:89:B9:10:92:5A:B2:D1
X509v3 Authority Key Identifier:
keyid:70:EA:97:D1:62:6B:12:6F:59:1C:6F:B3:1E:8E:CB:89:39:DB:42:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cOqX0WJrEm9ZHG-zHo7LiTnbQio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/b63569-a267-4144-ad30-ec9a7d1bdf5b/1/cOqX0WJrEm9ZHG-zHo7LiTnbQio.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/b63569-a267-4144-ad30-ec9a7d1bdf5b/1/cOqX0WJrEm9ZHG-zHo7LiTnbQio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
49:91:51:0f:1b:0c:3a:b1:33:51:b3:49:dc:77:0d:18:f0:47:
9a:21:76:86:2a:2a:73:54:08:98:8e:01:e3:c3:cf:2f:63:14:
d3:03:e7:91:d5:77:10:4b:b7:f2:19:aa:85:e7:eb:30:e5:24:
33:bf:7d:c6:b2:4f:ff:d5:fa:a3:b4:39:69:6d:71:b2:72:59:
0b:58:7a:12:f6:d3:32:91:05:2a:7b:70:12:96:2a:27:f2:8f:
36:05:d0:d4:02:04:a4:a2:76:6a:fe:e9:da:54:af:64:e5:8a:
23:a4:21:0f:db:6f:6c:fc:d6:40:5a:72:c5:d0:cb:87:5b:54:
79:a1:9a:29:9e:dd:72:4b:49:cb:1c:cf:17:64:f5:c9:98:92:
74:c8:a7:74:1d:7a:d7:67:c9:56:cc:3c:dd:29:98:d1:da:12:
3c:4c:74:fb:76:0a:4b:e1:3c:bd:31:49:c7:2e:16:67:2e:8d:
12:90:61:e4:52:30:6e:07:0e:b8:14:72:01:10:f0:f0:54:3b:
90:6c:ea:6d:4d:38:63:23:b9:07:a6:ec:49:b6:43:35:45:be:
11:83:d2:cb:8c:72:b5:54:5d:f3:ff:cc:bd:2b:cb:ef:c1:e2:
aa:e0:17:bd:2f:06:84:53:67:a8:fd:b7:a2:1b:53:4f:df:7e:
6c:46:80:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn6amgAWnI46g/JrtDyGMWWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZWE5N2QxNjI2YjEyNmY1OTFjNmZiMzFlOGVjYjg5Mzlk
YjQyMmEwHhcNMjUxMDE5MDMwMTQxWhcNMjUxMDIwMDMwMTQxWjAzMTEwLwYDVQQD
EyhmMGYzYzk0MWQ2YWNlN2Y5M2Q5NTA0YjM2NDg5YjkxMDkyNWFiMmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSppfWyj8JNPc0MC0TbhZ28Lpnhe
47Ci+0G0ZNjgJ7gX5V40lLzDnVgYc2FtZm4RSW0Q7RDzxZ7rxLFunhRXiKl0nVYe
MGRUkbpTkPqssAqhZf7loo11PO5Os4c2sqols3zHJMyVIYcdKk3gJeqtYjFylvi2
T+pQqlneYWWtLuhrY3hgMzZd5nT0bB+4oyMTUKekKPJThQwAC+A/bR4h5oXGWp+9
hStVKvZ3GpAE+H+rNc89tC6+n18jDdiqTT/ju7cX+0GJaag5r4jFBK74s/gsBPmC
Zm/DFIoM9ou8sPUlCpcCNTLNGFpEJjJGgd/F1zLhHBh2qn4jk6jQXjfqqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPDzyUHWrOf5PZUEs2SJuRCSWrLRMB8GA1UdIwQY
MBaAFHDql9FiaxJvWRxvsx6Oy4k520IqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY09xWDBXSnJFbTlaSEctekhvN0xpVG5iUWlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9iNjM1NjktYTI2Ny00MTQ0LWFkMzAt
ZWM5YTdkMWJkZjViLzEvY09xWDBXSnJFbTlaSEctekhvN0xpVG5iUWlvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9iNjM1NjktYTI2Ny00MTQ0LWFkMzAtZWM5YTdkMWJkZjVi
LzEvY09xWDBXSnJFbTlaSEctekhvN0xpVG5iUWlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASZFRDxsM
OrEzUbNJ3HcNGPBHmiF2hioqc1QImI4B48PPL2MU0wPnkdV3EEu38hmqhefrMOUk
M799xrJP/9X6o7Q5aW1xsnJZC1h6EvbTMpEFKntwEpYqJ/KPNgXQ1AIEpKJ2av7p
2lSvZOWKI6QhD9tvbPzWQFpyxdDLh1tUeaGaKZ7dcktJyxzPF2T1yZiSdMindB16
12fJVsw83SmY0doSPEx0+3YKS+E8vTFJxy4WZy6NEpBh5FIwbgcOuBRyARDw8FQ7
kGzqbU04YyO5B6bsSbZDNUW+EYPSy4xytVRd8//MvSvL78HiquAXvS8GhFNnqP23
ohtTT99+bEaALw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:05:13 2025 by rpki-client