Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/f649e5-a7cb-4218-93e0-43e31800df0c/1/cKC1rKcx6nHybWPSPCLBI7K7Eg8.mft
File: cKC1rKcx6nHybWPSPCLBI7K7Eg8.mft (raw, json)
Hash identifier: zaksF4fzFxaKxBItaN4OMeMc+It3M7eX0MmLh0LKEoA=
Subject key identifier: 23:78:9D:95:BF:D3:32:24:83:37:07:64:CE:8A:6E:3A:A2:93:79:24
Authority key identifier: 70:A0:B5:AC:A7:31:EA:71:F2:6D:63:D2:3C:22:C1:23:B2:BB:12:0F
Certificate issuer: /CN=70a0b5aca731ea71f26d63d23c22c123b2bb120f
Certificate serial: 0199FF59530CD2BFBFC62B165734DB43AFA8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cKC1rKcx6nHybWPSPCLBI7K7Eg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/f649e5-a7cb-4218-93e0-43e31800df0c/1/cKC1rKcx6nHybWPSPCLBI7K7Eg8.mft
Manifest number: 0A1C
Signing time: Mon 20 Oct 2025 02:01:08 +0000
Manifest this update: Mon 20 Oct 2025 02:01:08 +0000
Manifest next update: Tue 21 Oct 2025 02:01:08 +0000
Files and hashes: 1: 5K2zlrIHADlFytOUhc54zx-uCAw.roa (hash: VJ3nEApsPTUcM1XeIb75bGQ+CbjZ/H8pdnWKdP3UYOg=)
2: cKC1rKcx6nHybWPSPCLBI7K7Eg8.crl (hash: wgbTGYawZRPk5Z+kh5nKsVCn9jP7m3WGqLcxSNcKtuc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/f649e5-a7cb-4218-93e0-43e31800df0c/1/cKC1rKcx6nHybWPSPCLBI7K7Eg8.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/f649e5-a7cb-4218-93e0-43e31800df0c/1/cKC1rKcx6nHybWPSPCLBI7K7Eg8.mft
rsync://rpki.ripe.net/repository/DEFAULT/cKC1rKcx6nHybWPSPCLBI7K7Eg8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 02:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:59:53:0c:d2:bf:bf:c6:2b:16:57:34:db:43:af:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70a0b5aca731ea71f26d63d23c22c123b2bb120f
Validity
Not Before: Oct 20 02:01:08 2025 GMT
Not After : Oct 21 02:01:08 2025 GMT
Subject: CN=23789d95bfd3322483370764ce8a6e3aa2937924
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:7c:af:06:ad:2e:bb:a0:db:58:1b:3d:d6:56:
af:2b:00:49:78:5c:ac:43:8b:2a:89:40:88:9a:1e:
16:30:c1:54:19:96:04:09:1e:18:24:8f:d1:0d:6c:
1d:1e:59:a3:d5:e5:9d:6e:e8:cd:77:07:c5:30:e3:
9c:d4:e8:21:c7:03:bb:05:35:8c:1c:fb:dd:fe:2a:
c1:33:93:a1:ce:65:3e:13:56:3c:de:86:39:cf:02:
3a:f0:f2:c0:db:83:6b:1a:b8:0a:3f:d0:fc:fe:81:
a5:4a:72:f9:ba:01:7c:c4:d6:99:9f:99:cb:94:95:
5f:f5:0e:aa:57:2d:0e:1e:28:ed:f6:97:f3:b8:7b:
b9:58:11:ca:f8:16:a2:4e:fe:81:4c:5a:bc:9c:c8:
a7:72:bd:9a:f7:e3:30:fb:b5:53:38:c8:c4:41:9e:
9e:42:66:ea:29:e1:02:e5:4a:d3:16:5f:74:10:f9:
a0:75:ac:d4:dc:57:76:f0:28:ff:e1:a1:79:0e:33:
6c:4f:87:bc:fa:a0:9e:70:c2:02:6a:c2:fd:46:df:
a6:e2:ef:df:22:4e:40:93:30:d6:73:4e:98:77:70:
ea:77:2c:09:6d:95:f6:e0:dc:0b:8d:39:41:37:38:
c8:3a:33:27:0e:04:53:a8:ea:95:55:33:b6:e4:8c:
78:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:78:9D:95:BF:D3:32:24:83:37:07:64:CE:8A:6E:3A:A2:93:79:24
X509v3 Authority Key Identifier:
keyid:70:A0:B5:AC:A7:31:EA:71:F2:6D:63:D2:3C:22:C1:23:B2:BB:12:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cKC1rKcx6nHybWPSPCLBI7K7Eg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f649e5-a7cb-4218-93e0-43e31800df0c/1/cKC1rKcx6nHybWPSPCLBI7K7Eg8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f649e5-a7cb-4218-93e0-43e31800df0c/1/cKC1rKcx6nHybWPSPCLBI7K7Eg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
80:9f:d2:b2:31:e7:7b:7d:a6:b6:17:3f:21:c2:8c:8c:db:bc:
24:ab:50:85:0b:44:61:c3:72:d3:28:c9:73:50:95:36:ac:d2:
c3:e1:90:f4:d5:f7:2b:c1:f8:c5:e7:d9:ff:ee:9a:2a:4d:99:
88:54:da:a0:9d:d3:54:dc:19:bc:a7:f7:4c:85:fb:6b:ad:1f:
f8:4d:28:55:fb:c3:68:bb:ce:5c:ac:f6:b1:20:8a:42:2f:ad:
ea:4e:a6:81:b5:27:b2:4f:18:a2:b8:dd:55:a6:ca:a7:18:98:
15:45:74:f3:38:04:01:26:64:fd:40:d7:82:80:cc:ed:76:cb:
07:76:20:64:d6:61:e2:be:64:0b:38:f7:ac:89:b8:81:93:d5:
fe:d5:50:56:58:10:26:63:4f:b8:e0:2a:09:d1:13:18:78:66:
28:a1:de:5c:b6:d1:ef:f7:dc:54:9b:c2:5d:1b:ae:1b:51:c2:
b4:ed:95:72:d8:da:75:f5:99:b8:d1:87:82:5c:6b:53:dc:36:
97:bd:fc:f3:9b:2d:c8:21:af:79:e4:bd:24:a5:51:35:a2:70:
23:3c:f9:9b:8e:57:07:60:46:16:7a:fd:fe:f0:67:d0:1f:1e:
a8:7a:83:7e:97:bb:19:3a:ba:09:d1:06:43:11:59:ce:40:5a:
95:bd:ff:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/WVMM0r+/xisWVzTbQ6+oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYTBiNWFjYTczMWVhNzFmMjZkNjNkMjNjMjJjMTIzYjJi
YjEyMGYwHhcNMjUxMDIwMDIwMTA4WhcNMjUxMDIxMDIwMTA4WjAzMTEwLwYDVQQD
EygyMzc4OWQ5NWJmZDMzMjI0ODMzNzA3NjRjZThhNmUzYWEyOTM3OTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnyvBq0uu6DbWBs91lavKwBJeFys
Q4sqiUCImh4WMMFUGZYECR4YJI/RDWwdHlmj1eWdbujNdwfFMOOc1OghxwO7BTWM
HPvd/irBM5OhzmU+E1Y83oY5zwI68PLA24NrGrgKP9D8/oGlSnL5ugF8xNaZn5nL
lJVf9Q6qVy0OHijt9pfzuHu5WBHK+BaiTv6BTFq8nMincr2a9+Mw+7VTOMjEQZ6e
QmbqKeEC5UrTFl90EPmgdazU3Fd28Cj/4aF5DjNsT4e8+qCecMICasL9Rt+m4u/f
Ik5AkzDWc06Yd3DqdywJbZX24NwLjTlBNzjIOjMnDgRTqOqVVTO25Ix4YwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCN4nZW/0zIkgzcHZM6Kbjqik3kkMB8GA1UdIwQY
MBaAFHCgtaynMepx8m1j0jwiwSOyuxIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0tDMXJLY3g2bkh5YldQU1BDTEJJN0s3RWc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9mNjQ5ZTUtYTdjYi00MjE4LTkzZTAt
NDNlMzE4MDBkZjBjLzEvY0tDMXJLY3g2bkh5YldQU1BDTEJJN0s3RWc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9mNjQ5ZTUtYTdjYi00MjE4LTkzZTAtNDNlMzE4MDBkZjBj
LzEvY0tDMXJLY3g2bkh5YldQU1BDTEJJN0s3RWc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgJ/SsjHn
e32mthc/IcKMjNu8JKtQhQtEYcNy0yjJc1CVNqzSw+GQ9NX3K8H4xefZ/+6aKk2Z
iFTaoJ3TVNwZvKf3TIX7a60f+E0oVfvDaLvOXKz2sSCKQi+t6k6mgbUnsk8Yorjd
VabKpxiYFUV08zgEASZk/UDXgoDM7XbLB3YgZNZh4r5kCzj3rIm4gZPV/tVQVlgQ
JmNPuOAqCdETGHhmKKHeXLbR7/fcVJvCXRuuG1HCtO2VctjadfWZuNGHglxrU9w2
l73885styCGveeS9JKVRNaJwIzz5m45XB2BGFnr9/vBn0B8eqHqDfpe7GTq6CdEG
QxFZzkBalb3/7A==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:02:38 2025 by rpki-client