Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.mft
File: CIAqhiH4eCf9WXI85my1nDj5HyE.mft (raw, json)
Hash identifier: +TRqDeapHsHYmxt/HF92UTTn4OAeYLGslwuy8g9oB3U=
Subject key identifier: BF:67:C4:F3:B1:62:12:82:24:7D:F2:EB:90:A0:A2:CE:83:F6:8F:59
Authority key identifier: 08:80:2A:86:21:F8:78:27:FD:59:72:3C:E6:6C:B5:9C:38:F9:1F:21
Certificate issuer: /CN=08802a8621f87827fd59723ce66cb59c38f91f21
Certificate serial: 0199FE4764DF18CC0932AA139D46B4171C06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIAqhiH4eCf9WXI85my1nDj5HyE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.mft
Manifest number: 0A3B
Signing time: Sun 19 Oct 2025 21:01:55 +0000
Manifest this update: Sun 19 Oct 2025 21:01:55 +0000
Manifest next update: Mon 20 Oct 2025 21:01:55 +0000
Files and hashes: 1: CIAqhiH4eCf9WXI85my1nDj5HyE.crl (hash: gL+lzEx3ILxGEYz49KicPZvHhfqNUU1/HMUfmfaGKFM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIAqhiH4eCf9WXI85my1nDj5HyE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fe:47:64:df:18:cc:09:32:aa:13:9d:46:b4:17:1c:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08802a8621f87827fd59723ce66cb59c38f91f21
Validity
Not Before: Oct 19 21:01:55 2025 GMT
Not After : Oct 20 21:01:55 2025 GMT
Subject: CN=bf67c4f3b1621282247df2eb90a0a2ce83f68f59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:f0:62:c9:52:87:8d:1d:9e:87:1c:9f:a2:bb:
88:33:dd:69:09:74:1f:4e:49:58:aa:b3:1c:df:e9:
7b:d1:78:fc:58:c4:3d:b0:32:28:93:86:64:a1:16:
ea:60:df:6d:ac:ca:c1:80:17:42:3d:39:65:62:4c:
4f:17:c9:36:3f:1e:79:69:3c:98:0a:53:97:31:5f:
85:c6:81:57:86:22:b1:32:8c:28:8d:dc:aa:db:ec:
69:5b:a5:6e:ba:97:e4:7c:90:66:bc:52:7b:d1:d3:
31:6f:48:63:1a:27:37:72:a7:b1:62:12:1f:dc:68:
0a:b5:19:20:6b:5d:f1:4e:20:6b:f9:fd:a5:bf:1f:
e4:4f:32:8b:3d:94:88:d6:c7:1d:6c:e8:c6:f1:62:
f3:6d:a7:97:b8:1b:b0:2b:94:a6:de:e1:f8:9d:af:
f9:3d:a4:81:d7:fc:b6:a3:94:42:3e:da:45:2f:95:
d0:ed:ad:6d:26:cf:35:ac:8c:e3:fe:23:10:68:32:
0b:26:4a:da:49:3c:99:fc:b4:76:4b:55:75:5c:9a:
7e:a9:49:3f:e8:68:88:6c:b7:3c:2e:76:79:be:0e:
0c:3f:ca:7d:70:5c:6a:40:7a:d1:db:3b:a9:31:c1:
2f:de:68:84:b0:f7:48:8d:bb:b2:9c:72:a1:d5:d6:
61:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:67:C4:F3:B1:62:12:82:24:7D:F2:EB:90:A0:A2:CE:83:F6:8F:59
X509v3 Authority Key Identifier:
keyid:08:80:2A:86:21:F8:78:27:FD:59:72:3C:E6:6C:B5:9C:38:F9:1F:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIAqhiH4eCf9WXI85my1nDj5HyE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
73:85:7c:e6:b5:0a:66:c7:51:f3:bb:02:77:c6:4a:f1:d9:38:
06:69:2a:d3:b1:4e:ef:da:41:f8:70:37:21:cd:29:cf:08:c9:
43:8f:93:39:76:87:37:65:31:5f:9b:7a:52:33:12:26:da:a5:
3c:eb:6d:b7:40:60:9a:00:69:a9:0d:30:93:f7:38:b7:25:3d:
27:b2:be:b9:b1:42:eb:3c:6d:cd:b6:ca:25:6b:5f:4d:05:f8:
71:ae:c0:7c:74:ca:62:27:66:ca:a8:a9:79:93:4a:99:50:b6:
c7:31:9a:8f:36:a1:86:5d:e7:89:4a:d1:2c:19:c5:d6:ab:95:
71:db:12:47:82:17:c4:13:9b:ba:d2:12:dd:68:62:36:cd:89:
25:97:6c:e6:8f:25:ad:70:3c:46:af:49:2f:53:3a:a0:16:cf:
c4:4e:5d:59:21:f5:51:f1:95:86:cc:23:5c:5a:a6:b1:28:e3:
8f:c0:41:d1:2b:18:4c:23:26:f1:c7:98:4e:40:7c:25:50:d0:
4e:ef:19:d9:5f:91:dd:3a:96:d8:2c:d1:dd:00:49:7e:8e:77:
d0:5e:e5:a7:89:aa:38:4a:3e:87:ab:8f:5a:55:47:31:f0:14:
d4:ad:92:11:65:e4:88:46:98:e9:f6:22:be:8b:38:b9:c6:66:
d4:55:19:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+R2TfGMwJMqoTnUa0FxwGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODAyYTg2MjFmODc4MjdmZDU5NzIzY2U2NmNiNTljMzhm
OTFmMjEwHhcNMjUxMDE5MjEwMTU1WhcNMjUxMDIwMjEwMTU1WjAzMTEwLwYDVQQD
EyhiZjY3YzRmM2IxNjIxMjgyMjQ3ZGYyZWI5MGEwYTJjZTgzZjY4ZjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7fBiyVKHjR2ehxyforuIM91pCXQf
TklYqrMc3+l70Xj8WMQ9sDIok4ZkoRbqYN9trMrBgBdCPTllYkxPF8k2Px55aTyY
ClOXMV+FxoFXhiKxMowojdyq2+xpW6VuupfkfJBmvFJ70dMxb0hjGic3cqexYhIf
3GgKtRkga13xTiBr+f2lvx/kTzKLPZSI1scdbOjG8WLzbaeXuBuwK5Sm3uH4na/5
PaSB1/y2o5RCPtpFL5XQ7a1tJs81rIzj/iMQaDILJkraSTyZ/LR2S1V1XJp+qUk/
6GiIbLc8LnZ5vg4MP8p9cFxqQHrR2zupMcEv3miEsPdIjbuynHKh1dZh9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL9nxPOxYhKCJH3y65Cgos6D9o9ZMB8GA1UdIwQY
MBaAFAiAKoYh+Hgn/VlyPOZstZw4+R8hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lBcWhpSDRlQ2Y5V1hJODVteTFuRGo1SHlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC82YmMwZjEtZDFlYS00OTAwLTk4Y2Et
ZjE2Zjk5NGVjZjQzLzEvQ0lBcWhpSDRlQ2Y5V1hJODVteTFuRGo1SHlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC82YmMwZjEtZDFlYS00OTAwLTk4Y2EtZjE2Zjk5NGVjZjQz
LzEvQ0lBcWhpSDRlQ2Y5V1hJODVteTFuRGo1SHlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc4V85rUK
ZsdR87sCd8ZK8dk4Bmkq07FO79pB+HA3Ic0pzwjJQ4+TOXaHN2UxX5t6UjMSJtql
POttt0BgmgBpqQ0wk/c4tyU9J7K+ubFC6zxtzbbKJWtfTQX4ca7AfHTKYidmyqip
eZNKmVC2xzGajzahhl3niUrRLBnF1quVcdsSR4IXxBObutIS3WhiNs2JJZds5o8l
rXA8Rq9JL1M6oBbPxE5dWSH1UfGVhswjXFqmsSjjj8BB0SsYTCMm8ceYTkB8JVDQ
Tu8Z2V+R3TqW2CzR3QBJfo530F7lp4mqOEo+h6uPWlVHMfAU1K2SEWXkiEaY6fYi
vos4ucZm1FUZ1w==
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:57:37 2025 by rpki-client