Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/db9e58-ee42-4a10-8222-8823f111df07/1/CQggTXz1vEqrOP-jnaOmge0he9Q.mft
File: CQggTXz1vEqrOP-jnaOmge0he9Q.mft (raw, json)
Hash identifier: OkrSNa/ka8cngplGcA3LU0HvQGoSe1nQk7Q/Yhk3o+M=
Subject key identifier: 6A:F4:A5:50:69:2C:A0:67:3E:20:29:64:1F:D4:35:FE:AD:12:DA:23
Authority key identifier: 09:08:20:4D:7C:F5:BC:4A:AB:38:FF:A3:9D:A3:A6:81:ED:21:7B:D4
Certificate issuer: /CN=0908204d7cf5bc4aab38ffa39da3a681ed217bd4
Certificate serial: 0199FB4634117CCDAE782568C410007F6F33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CQggTXz1vEqrOP-jnaOmge0he9Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/db9e58-ee42-4a10-8222-8823f111df07/1/CQggTXz1vEqrOP-jnaOmge0he9Q.mft
Manifest number: 16E1
Signing time: Sun 19 Oct 2025 07:01:45 +0000
Manifest this update: Sun 19 Oct 2025 07:01:45 +0000
Manifest next update: Mon 20 Oct 2025 07:01:45 +0000
Files and hashes: 1: CQggTXz1vEqrOP-jnaOmge0he9Q.crl (hash: Ikfp96cHt6CtSWKJHSccKRDNrq1kUAl90l6ZUZQ6bUQ=)
2: sDPpx-mL_-TYo49AUalN83Hb7rw.roa (hash: TLER53MCgePm+J2o6lGDLT56kpvbjUNH4PxF0iwFFXE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/db9e58-ee42-4a10-8222-8823f111df07/1/CQggTXz1vEqrOP-jnaOmge0he9Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/db9e58-ee42-4a10-8222-8823f111df07/1/CQggTXz1vEqrOP-jnaOmge0he9Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/CQggTXz1vEqrOP-jnaOmge0he9Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:46:34:11:7c:cd:ae:78:25:68:c4:10:00:7f:6f:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0908204d7cf5bc4aab38ffa39da3a681ed217bd4
Validity
Not Before: Oct 19 07:01:45 2025 GMT
Not After : Oct 20 07:01:45 2025 GMT
Subject: CN=6af4a550692ca0673e2029641fd435fead12da23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:06:3b:e7:f0:e3:bc:41:6d:e5:ce:ef:2a:e6:
8b:25:29:f9:9a:c3:4b:26:c4:48:c6:b8:17:ac:70:
c8:68:84:6a:42:a3:6d:a8:7a:41:3f:6a:f2:a4:f4:
7b:5d:c8:c4:dd:7a:90:96:0a:fb:28:df:1a:64:3f:
f2:9d:e6:9c:d9:30:42:91:49:cc:5a:d9:36:48:c3:
a0:32:b1:af:23:6e:08:0c:c3:6f:cb:96:46:6d:f7:
92:88:c1:3a:bf:10:71:b7:af:38:99:f6:b9:e5:d2:
cc:cb:71:ea:4e:e7:94:94:81:b6:25:89:cf:78:16:
07:f7:4a:b7:bc:ba:cd:de:10:8d:b9:87:5d:7e:30:
41:f1:73:f7:b6:51:4c:12:2c:15:95:31:99:d5:d8:
14:3b:25:fc:0f:79:31:b9:90:c7:eb:9f:5e:17:76:
a6:12:3b:f6:64:5e:df:8c:3a:71:57:97:2b:4f:5a:
77:df:53:f4:d1:a7:ee:67:fb:eb:28:24:81:6a:be:
4f:4c:09:39:5a:5a:ef:eb:5c:bd:47:47:9c:56:d7:
fb:9d:30:c5:36:84:de:c4:92:dc:65:f2:84:32:29:
56:c8:10:d8:64:20:3d:4d:47:cf:b0:96:71:c0:9f:
f4:73:65:66:c3:d6:54:2f:f6:80:39:c8:37:e4:21:
04:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:F4:A5:50:69:2C:A0:67:3E:20:29:64:1F:D4:35:FE:AD:12:DA:23
X509v3 Authority Key Identifier:
keyid:09:08:20:4D:7C:F5:BC:4A:AB:38:FF:A3:9D:A3:A6:81:ED:21:7B:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CQggTXz1vEqrOP-jnaOmge0he9Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/db9e58-ee42-4a10-8222-8823f111df07/1/CQggTXz1vEqrOP-jnaOmge0he9Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/db9e58-ee42-4a10-8222-8823f111df07/1/CQggTXz1vEqrOP-jnaOmge0he9Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
83:1a:a9:4d:1d:cb:42:66:18:0a:b4:cb:34:db:ce:96:95:a4:
cc:fb:d6:5c:94:21:22:6c:af:8f:4d:9a:c3:82:4e:42:32:fd:
d4:67:58:6e:89:49:fd:b2:3d:39:0e:d7:0e:df:2f:cd:f8:fe:
35:de:db:ce:18:b2:d5:57:79:dc:f7:bd:63:9d:2d:e9:75:54:
f3:46:98:46:10:e9:92:1a:97:8a:54:9c:23:2e:ff:10:83:2c:
b0:40:1b:7f:99:f1:b7:ec:79:90:b3:eb:e1:c2:73:66:46:04:
df:0e:93:09:34:2a:84:da:ef:84:0d:c5:d8:cc:f7:35:3f:b1:
d7:47:38:d0:0b:fd:24:b3:b2:34:1e:82:38:8c:10:a3:ff:b4:
b1:10:29:d9:84:63:03:a2:b4:59:f2:7a:fa:c5:77:3e:e2:b1:
e9:3f:60:02:d0:f5:f9:f6:01:3a:2e:f1:ae:4a:7a:06:32:be:
8e:27:5f:2a:1e:87:08:e6:a8:b7:15:bf:db:79:00:a4:a4:fc:
ce:48:52:63:ac:aa:93:d4:72:24:51:ab:f1:01:25:76:06:31:
78:2f:a8:9b:07:a4:c9:9d:e2:d9:99:27:d9:7e:f0:be:75:13:
bc:1d:d6:34:6a:0e:da:2e:2b:5b:93:92:c0:95:af:28:11:cb:
4d:3c:49:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7RjQRfM2ueCVoxBAAf28zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MDgyMDRkN2NmNWJjNGFhYjM4ZmZhMzlkYTNhNjgxZWQy
MTdiZDQwHhcNMjUxMDE5MDcwMTQ1WhcNMjUxMDIwMDcwMTQ1WjAzMTEwLwYDVQQD
Eyg2YWY0YTU1MDY5MmNhMDY3M2UyMDI5NjQxZmQ0MzVmZWFkMTJkYTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQY75/DjvEFt5c7vKuaLJSn5msNL
JsRIxrgXrHDIaIRqQqNtqHpBP2rypPR7XcjE3XqQlgr7KN8aZD/yneac2TBCkUnM
Wtk2SMOgMrGvI24IDMNvy5ZGbfeSiME6vxBxt684mfa55dLMy3HqTueUlIG2JYnP
eBYH90q3vLrN3hCNuYddfjBB8XP3tlFMEiwVlTGZ1dgUOyX8D3kxuZDH659eF3am
Ejv2ZF7fjDpxV5crT1p331P00afuZ/vrKCSBar5PTAk5Wlrv61y9R0ecVtf7nTDF
NoTexJLcZfKEMilWyBDYZCA9TUfPsJZxwJ/0c2Vmw9ZUL/aAOcg35CEECwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGr0pVBpLKBnPiApZB/UNf6tEtojMB8GA1UdIwQY
MBaAFAkIIE189bxKqzj/o52jpoHtIXvUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1FnZ1RYejF2RXFyT1Atam5hT21nZTBoZTlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9kYjllNTgtZWU0Mi00YTEwLTgyMjIt
ODgyM2YxMTFkZjA3LzEvQ1FnZ1RYejF2RXFyT1Atam5hT21nZTBoZTlRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9kYjllNTgtZWU0Mi00YTEwLTgyMjItODgyM2YxMTFkZjA3
LzEvQ1FnZ1RYejF2RXFyT1Atam5hT21nZTBoZTlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgxqpTR3L
QmYYCrTLNNvOlpWkzPvWXJQhImyvj02aw4JOQjL91GdYbolJ/bI9OQ7XDt8vzfj+
Nd7bzhiy1Vd53Pe9Y50t6XVU80aYRhDpkhqXilScIy7/EIMssEAbf5nxt+x5kLPr
4cJzZkYE3w6TCTQqhNrvhA3F2Mz3NT+x10c40Av9JLOyNB6COIwQo/+0sRAp2YRj
A6K0WfJ6+sV3PuKx6T9gAtD1+fYBOi7xrkp6BjK+jidfKh6HCOaotxW/23kApKT8
zkhSY6yqk9RyJFGr8QEldgYxeC+omwekyZ3i2Zkn2X7wvnUTvB3WNGoO2i4rW5OS
wJWvKBHLTTxJiw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:05:23 2025 by rpki-client