Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
File: CpfAyBiGg3PEAUcVBTra9hrx2h0.mft (raw, json)
Hash identifier: J2ctsFWvcybip6X041aeQpzahbsqHzNYYwfDHVFzCH4=
Subject key identifier: 96:B8:B6:DF:76:FA:00:89:09:46:0A:EC:5E:1F:91:DC:0C:F5:92:64
Authority key identifier: 0A:97:C0:C8:18:86:83:73:C4:01:47:15:05:3A:DA:F6:1A:F1:DA:1D
Certificate issuer: /CN=0a97c0c818868373c4014715053adaf61af1da1d
Certificate serial: 0198D40462C8B8CEAB4BCCFA425158E97C5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CpfAyBiGg3PEAUcVBTra9hrx2h0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
Manifest number: 1649
Signing time: Fri 22 Aug 2025 23:01:53 +0000
Manifest this update: Fri 22 Aug 2025 23:01:53 +0000
Manifest next update: Sat 23 Aug 2025 23:01:53 +0000
Files and hashes: 1: CpfAyBiGg3PEAUcVBTra9hrx2h0.crl (hash: umyfez1WVWmbHkndRFoWdpuVXjKskyI+arzTW8cV3/M=)
2: _qAUmpmDNefd9UH0oGsDdu0Dm10.roa (hash: dhnP4xuQumbVUsoW5XRDL/9RukaAPXCZivf9aCXaQyU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CpfAyBiGg3PEAUcVBTra9hrx2h0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Aug 2025 23:01:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:04:62:c8:b8:ce:ab:4b:cc:fa:42:51:58:e9:7c:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a97c0c818868373c4014715053adaf61af1da1d
Validity
Not Before: Aug 22 23:01:53 2025 GMT
Not After : Aug 23 23:01:53 2025 GMT
Subject: CN=96b8b6df76fa008909460aec5e1f91dc0cf59264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a1:be:4a:f8:06:fc:2a:af:a0:63:9a:0d:9c:
96:d3:a2:51:2f:67:bb:c2:55:f6:62:5e:f2:c1:82:
d3:53:51:4d:56:0c:dd:6e:ec:ad:0e:0a:57:73:50:
04:37:a5:a0:3a:37:ba:f4:7b:d5:26:41:d6:27:c8:
1d:24:f9:76:f5:8d:fa:bc:e4:c9:34:1b:af:1a:19:
5a:14:f5:6d:9e:b6:87:13:9c:6b:58:76:cf:b8:87:
25:03:37:ef:1d:5c:71:41:c2:81:43:c6:d5:b6:b1:
0c:f3:c9:e0:30:3f:4e:ad:2a:e6:1d:6f:26:87:ab:
1d:66:3f:15:13:ab:5a:11:12:68:33:b7:7b:35:4a:
1b:09:01:19:4b:8f:08:31:f4:ad:b2:11:5d:21:7b:
a8:49:fc:a4:8a:ef:3d:e0:1c:36:6e:d3:4b:a6:6c:
f2:ce:4e:f8:2f:17:8e:3a:c0:10:cc:6e:2e:eb:bc:
32:12:2b:ce:f3:23:bd:a2:2c:be:23:db:3e:bc:81:
b4:75:d5:0b:f6:0f:1b:f1:06:b0:b6:9f:45:c4:a7:
b3:86:a3:a1:0e:df:d2:ed:dc:1b:e5:1d:50:83:46:
59:1b:27:33:3b:d4:a6:f5:cc:5d:a7:5b:ed:7f:f3:
21:80:8f:1c:a9:4d:d9:8f:93:97:53:a7:c0:80:19:
72:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:B8:B6:DF:76:FA:00:89:09:46:0A:EC:5E:1F:91:DC:0C:F5:92:64
X509v3 Authority Key Identifier:
keyid:0A:97:C0:C8:18:86:83:73:C4:01:47:15:05:3A:DA:F6:1A:F1:DA:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CpfAyBiGg3PEAUcVBTra9hrx2h0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
29:82:a2:bb:48:09:cb:a6:5c:0b:ee:98:23:6d:69:57:fa:6c:
c8:16:3b:ff:dc:ee:7b:56:6a:00:80:3b:a9:c9:3b:22:ce:1d:
b9:99:53:e1:d9:f8:4d:2f:58:f5:57:68:31:56:cd:eb:37:c8:
fd:e6:a9:b3:8c:ac:b4:0d:d3:02:66:3d:e7:34:70:6a:36:fd:
4d:b0:10:15:f4:10:1b:51:11:07:68:ce:d3:3e:06:d5:28:9d:
74:c0:ec:d1:3d:4c:d1:2c:17:63:01:52:58:14:10:7d:6e:8d:
2c:cc:55:e1:4b:ef:10:cc:fe:5d:9f:a5:c0:79:45:ce:a3:0d:
01:a0:3e:34:c3:d5:8c:40:bf:80:44:40:01:b6:83:2b:4e:48:
1b:23:6b:fd:f1:12:d1:04:d9:6c:b9:5a:95:30:c4:75:96:6f:
2e:a2:75:36:18:76:3d:54:69:ec:26:23:9e:02:d1:e2:2d:ee:
6a:89:28:07:7f:f8:83:0b:6b:51:90:8c:f6:c3:48:13:5c:43:
a6:82:6a:59:05:22:5a:5e:24:35:7f:1b:0c:f4:9c:69:e3:b1:
fe:fc:35:81:f2:db:dc:9f:99:21:38:09:fb:c3:38:2b:e4:af:
f5:5a:7c:18:cd:f2:01:2b:c2:42:86:a1:26:31:d8:05:39:de:
8d:92:d3:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUBGLIuM6rS8z6QlFY6XxcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhOTdjMGM4MTg4NjgzNzNjNDAxNDcxNTA1M2FkYWY2MWFm
MWRhMWQwHhcNMjUwODIyMjMwMTUzWhcNMjUwODIzMjMwMTUzWjAzMTEwLwYDVQQD
Eyg5NmI4YjZkZjc2ZmEwMDg5MDk0NjBhZWM1ZTFmOTFkYzBjZjU5MjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6G+SvgG/CqvoGOaDZyW06JRL2e7
wlX2Yl7ywYLTU1FNVgzdbuytDgpXc1AEN6WgOje69HvVJkHWJ8gdJPl29Y36vOTJ
NBuvGhlaFPVtnraHE5xrWHbPuIclAzfvHVxxQcKBQ8bVtrEM88ngMD9OrSrmHW8m
h6sdZj8VE6taERJoM7d7NUobCQEZS48IMfStshFdIXuoSfykiu894Bw2btNLpmzy
zk74LxeOOsAQzG4u67wyEivO8yO9oiy+I9s+vIG0ddUL9g8b8Qawtp9FxKezhqOh
Dt/S7dwb5R1Qg0ZZGyczO9Sm9cxdp1vtf/MhgI8cqU3Zj5OXU6fAgBlyxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJa4tt92+gCJCUYK7F4fkdwM9ZJkMB8GA1UdIwQY
MBaAFAqXwMgYhoNzxAFHFQU62vYa8dodMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3BmQXlCaUdnM1BFQVVjVkJUcmE5aHJ4MmgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hOTM5OWItZjg2Ny00ODAyLThjNjct
ZGJmMmIzNzY5NDQ1LzEvQ3BmQXlCaUdnM1BFQVVjVkJUcmE5aHJ4MmgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hOTM5OWItZjg2Ny00ODAyLThjNjctZGJmMmIzNzY5NDQ1
LzEvQ3BmQXlCaUdnM1BFQVVjVkJUcmE5aHJ4MmgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKYKiu0gJ
y6ZcC+6YI21pV/psyBY7/9zue1ZqAIA7qck7Is4duZlT4dn4TS9Y9VdoMVbN6zfI
/eaps4ystA3TAmY95zRwajb9TbAQFfQQG1ERB2jO0z4G1SiddMDs0T1M0SwXYwFS
WBQQfW6NLMxV4UvvEMz+XZ+lwHlFzqMNAaA+NMPVjEC/gERAAbaDK05IGyNr/fES
0QTZbLlalTDEdZZvLqJ1Nhh2PVRp7CYjngLR4i3uaokoB3/4gwtrUZCM9sNIE1xD
poJqWQUiWl4kNX8bDPScaeOx/vw1gfLb3J+ZITgJ+8M4K+Sv9Vp8GM3yASvCQoah
JjHYBTnejZLTWQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 09:36:20 2025 by rpki-client