
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
File: CpfAyBiGg3PEAUcVBTra9hrx2h0.mft (raw, json)
Hash identifier: AT5SUgbdJ172+BJL60fu7QNqaEBJrdwsdcj6EFaVaA4=
Subject key identifier: 2A:06:54:60:49:2C:D3:1A:FA:4E:BA:9D:D6:2D:D6:D0:BC:29:7C:1B
Authority key identifier: 0A:97:C0:C8:18:86:83:73:C4:01:47:15:05:3A:DA:F6:1A:F1:DA:1D
Certificate issuer: /CN=0a97c0c818868373c4014715053adaf61af1da1d
Certificate serial: 0199FB7CFE75478321F90756791E534F511B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CpfAyBiGg3PEAUcVBTra9hrx2h0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
Manifest number: 16E2
Signing time: Sun 19 Oct 2025 08:01:36 +0000
Manifest this update: Sun 19 Oct 2025 08:01:36 +0000
Manifest next update: Mon 20 Oct 2025 08:01:36 +0000
Files and hashes: 1: CpfAyBiGg3PEAUcVBTra9hrx2h0.crl (hash: cKJ+viIoNqX6Rf9JAd4KoUZ4+xtkKNFfGfV38+ypVgk=)
2: _qAUmpmDNefd9UH0oGsDdu0Dm10.roa (hash: dhnP4xuQumbVUsoW5XRDL/9RukaAPXCZivf9aCXaQyU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CpfAyBiGg3PEAUcVBTra9hrx2h0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:7c:fe:75:47:83:21:f9:07:56:79:1e:53:4f:51:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a97c0c818868373c4014715053adaf61af1da1d
Validity
Not Before: Oct 19 08:01:36 2025 GMT
Not After : Oct 20 08:01:36 2025 GMT
Subject: CN=2a065460492cd31afa4eba9dd62dd6d0bc297c1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a3:a8:6c:c0:25:12:b4:da:16:a2:14:be:87:
d9:2e:8e:07:72:9d:7c:3b:79:19:39:71:0a:91:ae:
8b:fb:f4:ff:9d:f7:30:78:5b:29:d7:d2:5a:82:29:
9f:cc:d0:c3:48:fe:fc:82:ad:b9:8a:97:cb:83:f6:
0f:62:06:3d:ce:e3:8f:07:03:39:79:58:fd:4b:99:
31:48:b4:50:26:d1:60:0f:8d:50:3c:ce:84:61:14:
a6:53:85:d3:ec:16:af:de:50:ae:3e:8f:58:6f:33:
3f:99:03:4a:24:1e:c2:f7:a6:5a:c9:09:9c:e8:07:
88:24:16:5a:c5:4c:92:ba:6c:95:e4:b6:37:eb:6b:
cb:ec:83:18:ff:5f:df:e2:e9:e4:2e:1b:e9:61:a5:
e3:bf:2d:3e:31:39:92:3d:73:00:87:94:ed:4f:ad:
fa:3f:bb:14:01:39:ed:81:10:21:1f:de:c5:4a:96:
50:5d:27:a1:79:bc:a8:b8:66:fa:9c:e7:6c:68:76:
c7:3e:f7:82:b3:7c:ac:13:f6:e5:54:36:e1:24:ad:
08:cb:76:a2:6d:9e:13:fa:94:f9:d0:aa:4d:51:64:
ec:08:70:2d:b0:4f:07:cf:5a:0c:48:c7:e2:ef:09:
66:ef:29:1c:58:be:40:bd:7d:0d:ae:98:06:82:3a:
93:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:06:54:60:49:2C:D3:1A:FA:4E:BA:9D:D6:2D:D6:D0:BC:29:7C:1B
X509v3 Authority Key Identifier:
keyid:0A:97:C0:C8:18:86:83:73:C4:01:47:15:05:3A:DA:F6:1A:F1:DA:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CpfAyBiGg3PEAUcVBTra9hrx2h0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
12:f8:c4:47:4a:af:67:15:e6:67:91:d8:4b:82:3a:9f:30:cf:
13:2a:e0:03:c3:4e:fb:4c:a7:3c:38:03:63:56:4d:1c:fd:a6:
36:24:2c:47:0a:74:90:ec:2e:ed:20:33:16:d7:0a:e0:29:b4:
d5:15:73:79:6d:5e:14:52:e7:74:74:36:4a:7d:30:89:fd:c5:
27:6c:1a:d7:d8:44:43:35:cd:63:2a:94:ef:71:b6:97:9e:4a:
19:59:39:d7:47:fc:a6:08:91:23:b9:62:e8:e0:13:ad:d7:3c:
49:41:49:24:0a:8e:b5:b2:bf:58:78:3b:d5:e8:3f:6a:09:6b:
b1:a1:61:9f:e8:7d:3e:e9:7f:81:f2:4f:44:9a:52:3c:cf:3e:
ef:5d:67:3b:89:6b:59:e7:40:2a:d8:d9:e3:3d:5b:ea:61:60:
d5:23:95:75:fd:0a:35:61:65:dd:96:0b:f1:2f:0d:c1:d8:cd:
94:38:57:86:65:4d:d5:ac:e8:ed:05:5d:f7:1e:2f:10:1a:ce:
0e:37:6c:a8:3d:62:c9:c9:d0:aa:de:f2:e8:7f:44:ba:a9:2a:
eb:64:bd:9c:26:65:6f:47:cd:31:b0:e9:c7:46:92:9e:3c:f7:
cc:af:ec:77:40:13:18:87:7d:c5:ae:96:b9:89:3c:f9:1d:00:
42:0a:73:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7fP51R4Mh+QdWeR5TT1EbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhOTdjMGM4MTg4NjgzNzNjNDAxNDcxNTA1M2FkYWY2MWFm
MWRhMWQwHhcNMjUxMDE5MDgwMTM2WhcNMjUxMDIwMDgwMTM2WjAzMTEwLwYDVQQD
EygyYTA2NTQ2MDQ5MmNkMzFhZmE0ZWJhOWRkNjJkZDZkMGJjMjk3YzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6OobMAlErTaFqIUvofZLo4Hcp18
O3kZOXEKka6L+/T/nfcweFsp19JagimfzNDDSP78gq25ipfLg/YPYgY9zuOPBwM5
eVj9S5kxSLRQJtFgD41QPM6EYRSmU4XT7Bav3lCuPo9YbzM/mQNKJB7C96ZayQmc
6AeIJBZaxUySumyV5LY362vL7IMY/1/f4unkLhvpYaXjvy0+MTmSPXMAh5TtT636
P7sUATntgRAhH97FSpZQXSehebyouGb6nOdsaHbHPveCs3ysE/blVDbhJK0Iy3ai
bZ4T+pT50KpNUWTsCHAtsE8Hz1oMSMfi7wlm7ykcWL5AvX0NrpgGgjqT6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCoGVGBJLNMa+k66ndYt1tC8KXwbMB8GA1UdIwQY
MBaAFAqXwMgYhoNzxAFHFQU62vYa8dodMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3BmQXlCaUdnM1BFQVVjVkJUcmE5aHJ4MmgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hOTM5OWItZjg2Ny00ODAyLThjNjct
ZGJmMmIzNzY5NDQ1LzEvQ3BmQXlCaUdnM1BFQVVjVkJUcmE5aHJ4MmgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hOTM5OWItZjg2Ny00ODAyLThjNjctZGJmMmIzNzY5NDQ1
LzEvQ3BmQXlCaUdnM1BFQVVjVkJUcmE5aHJ4MmgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEvjER0qv
ZxXmZ5HYS4I6nzDPEyrgA8NO+0ynPDgDY1ZNHP2mNiQsRwp0kOwu7SAzFtcK4Cm0
1RVzeW1eFFLndHQ2Sn0wif3FJ2wa19hEQzXNYyqU73G2l55KGVk510f8pgiRI7li
6OATrdc8SUFJJAqOtbK/WHg71eg/aglrsaFhn+h9Pul/gfJPRJpSPM8+711nO4lr
WedAKtjZ4z1b6mFg1SOVdf0KNWFl3ZYL8S8NwdjNlDhXhmVN1azo7QVd9x4vEBrO
DjdsqD1iycnQqt7y6H9Euqkq62S9nCZlb0fNMbDpx0aSnjz3zK/sd0ATGId9xa6W
uYk8+R0AQgpzkQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:07:03 2025 by rpki-client