Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.mft
File: cxkAeiit4HgdMS2NSUcts2dnBBY.mft (raw, json)
Hash identifier: H1tHeyKNKO8vE85MOYgNcFu2ndx8KGy305Gj8gCdMCo=
Subject key identifier: CD:8E:4A:D4:D2:8B:3E:F2:D9:E7:C4:EC:A5:CD:73:A3:65:2D:BC:39
Authority key identifier: 73:19:00:7A:28:AD:E0:78:1D:31:2D:8D:49:47:2D:B3:67:67:04:16
Certificate issuer: /CN=7319007a28ade0781d312d8d49472db367670416
Certificate serial: 0199FC8FC45CDE529259EC4CD49C8C6EAB7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cxkAeiit4HgdMS2NSUcts2dnBBY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.mft
Manifest number: 095E
Signing time: Sun 19 Oct 2025 13:01:44 +0000
Manifest this update: Sun 19 Oct 2025 13:01:44 +0000
Manifest next update: Mon 20 Oct 2025 13:01:44 +0000
Files and hashes: 1: cxkAeiit4HgdMS2NSUcts2dnBBY.crl (hash: Xsq+dQXFp6i9iSQaAxrN5n4ODSfJvSCa0b9kJYTeYkA=)
2: rOIGMeXF9bxOY5fu4vCOE7NrCP0.roa (hash: 1nU5+mzZGJaibKrLnnLB5qj48GydY1KP7W2pluR6Ujw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.mft
rsync://rpki.ripe.net/repository/DEFAULT/cxkAeiit4HgdMS2NSUcts2dnBBY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:8f:c4:5c:de:52:92:59:ec:4c:d4:9c:8c:6e:ab:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7319007a28ade0781d312d8d49472db367670416
Validity
Not Before: Oct 19 13:01:44 2025 GMT
Not After : Oct 20 13:01:44 2025 GMT
Subject: CN=cd8e4ad4d28b3ef2d9e7c4eca5cd73a3652dbc39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:26:36:2d:f5:22:9b:e3:5c:b4:cc:f2:08:eb:
72:6f:80:23:8d:9d:9b:46:f5:ce:66:44:23:d7:39:
00:a3:dd:d2:fa:e4:63:76:58:7d:96:33:56:91:71:
37:4a:03:59:b4:db:40:1f:19:89:fc:25:4e:91:05:
9f:19:93:16:b1:47:49:2f:4a:a8:dc:9f:af:f0:2d:
a7:79:8d:03:13:d8:c1:e8:38:ac:89:6f:95:4a:10:
74:fe:ae:11:c3:7b:b2:38:b0:c9:72:29:33:ce:ea:
b2:03:4b:46:cb:0a:fd:8d:c1:57:b0:e4:a9:d1:d7:
34:bd:04:36:fb:67:28:85:74:e4:57:21:99:fe:54:
65:74:fe:4f:88:36:78:63:25:da:be:1b:20:06:6c:
ac:75:c7:f0:31:c6:f4:29:76:40:6a:18:6c:16:d7:
5b:2c:e8:63:8d:6e:28:3e:21:c7:15:66:7b:75:35:
02:5d:f2:f4:ed:99:60:db:d4:b1:51:00:52:b3:b7:
3d:ce:69:fe:53:e7:11:e4:ef:31:84:4b:91:c3:08:
99:6b:3d:de:72:7a:96:75:b5:31:95:2a:fa:d3:63:
74:d7:5c:e1:83:c1:3c:17:2c:7b:bb:02:be:68:7b:
82:5c:00:82:5d:82:a0:d4:10:79:ba:50:4d:d3:19:
34:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:8E:4A:D4:D2:8B:3E:F2:D9:E7:C4:EC:A5:CD:73:A3:65:2D:BC:39
X509v3 Authority Key Identifier:
keyid:73:19:00:7A:28:AD:E0:78:1D:31:2D:8D:49:47:2D:B3:67:67:04:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cxkAeiit4HgdMS2NSUcts2dnBBY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:56:ca:6e:77:af:29:f8:17:8a:09:06:ac:59:75:73:ed:dc:
1e:f2:3d:ae:60:8b:df:7e:04:7a:48:34:9a:ae:06:19:a0:3a:
bf:e0:de:aa:34:9c:ac:a6:36:68:4a:24:4a:84:5a:22:2f:14:
c0:c1:d0:0b:60:c2:22:d3:92:01:68:ff:dd:5d:c9:58:31:11:
3d:f5:ee:3c:4b:a9:86:8c:cc:39:00:80:9f:7d:20:49:8b:c2:
80:50:0d:1e:9c:9d:05:04:05:71:e4:88:35:26:3f:e5:0d:fb:
30:42:ec:51:26:ea:50:65:4d:e1:51:60:84:30:b5:e7:26:9c:
01:ab:44:8e:b5:08:71:ba:45:4e:b5:cf:48:fe:68:50:ef:a4:
1e:1a:11:c9:03:b3:f5:d1:91:79:6c:bd:9c:df:d0:9a:db:80:
b8:db:48:bd:a1:96:87:63:01:14:d2:0e:8c:ae:68:ef:8d:48:
cd:29:c4:e5:21:af:c7:ae:bf:57:89:c0:11:94:e9:9b:b7:ba:
c2:02:ed:c1:28:d1:db:e5:9c:9e:22:17:82:f7:99:e9:ba:19:
e0:5b:00:8f:13:53:73:66:3f:b2:04:cc:a0:de:c2:84:d3:06:
0f:66:76:f6:3d:bb:a4:24:b5:c5:31:55:1e:42:83:d0:2b:b3:
e1:d5:e9:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j8Rc3lKSWexM1JyMbqt8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczMTkwMDdhMjhhZGUwNzgxZDMxMmQ4ZDQ5NDcyZGIzNjc2
NzA0MTYwHhcNMjUxMDE5MTMwMTQ0WhcNMjUxMDIwMTMwMTQ0WjAzMTEwLwYDVQQD
EyhjZDhlNGFkNGQyOGIzZWYyZDllN2M0ZWNhNWNkNzNhMzY1MmRiYzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2CY2LfUim+NctMzyCOtyb4AjjZ2b
RvXOZkQj1zkAo93S+uRjdlh9ljNWkXE3SgNZtNtAHxmJ/CVOkQWfGZMWsUdJL0qo
3J+v8C2neY0DE9jB6DisiW+VShB0/q4Rw3uyOLDJcikzzuqyA0tGywr9jcFXsOSp
0dc0vQQ2+2cohXTkVyGZ/lRldP5PiDZ4YyXavhsgBmysdcfwMcb0KXZAahhsFtdb
LOhjjW4oPiHHFWZ7dTUCXfL07Zlg29SxUQBSs7c9zmn+U+cR5O8xhEuRwwiZaz3e
cnqWdbUxlSr602N011zhg8E8Fyx7uwK+aHuCXACCXYKg1BB5ulBN0xk0fwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM2OStTSiz7y2efE7KXNc6NlLbw5MB8GA1UdIwQY
MBaAFHMZAHooreB4HTEtjUlHLbNnZwQWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3hrQWVpaXQ0SGdkTVMyTlNVY3RzMmRuQkJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9mOGM3ZTItMzI4Mi00ZWJiLTg1MDgt
OWY5NDk0OTY2YzU0LzEvY3hrQWVpaXQ0SGdkTVMyTlNVY3RzMmRuQkJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9mOGM3ZTItMzI4Mi00ZWJiLTg1MDgtOWY5NDk0OTY2YzU0
LzEvY3hrQWVpaXQ0SGdkTVMyTlNVY3RzMmRuQkJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZFbKbnev
KfgXigkGrFl1c+3cHvI9rmCL334Eekg0mq4GGaA6v+DeqjScrKY2aEokSoRaIi8U
wMHQC2DCItOSAWj/3V3JWDERPfXuPEuphozMOQCAn30gSYvCgFANHpydBQQFceSI
NSY/5Q37MELsUSbqUGVN4VFghDC15yacAatEjrUIcbpFTrXPSP5oUO+kHhoRyQOz
9dGReWy9nN/QmtuAuNtIvaGWh2MBFNIOjK5o741IzSnE5SGvx66/V4nAEZTpm7e6
wgLtwSjR2+WcniIXgveZ6boZ4FsAjxNTc2Y/sgTMoN7ChNMGD2Z29j27pCS1xTFV
HkKD0Cuz4dXp5Q==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:26:15 2025 by rpki-client