Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.mft
File: CWnLIVY-Ju22r7INHZLok6jduB0.mft (raw, json)
Hash identifier: jpva67cMXSSbMh2bmSE/XIEjvPIIoGscY7VOyMkZ5uk=
Subject key identifier: A7:F4:AB:34:26:DE:CB:A6:C8:20:51:44:76:51:A6:9E:53:B8:86:27
Authority key identifier: 09:69:CB:21:56:3E:26:ED:B6:AF:B2:0D:1D:92:E8:93:A8:DD:B8:1D
Certificate issuer: /CN=0969cb21563e26edb6afb20d1d92e893a8ddb81d
Certificate serial: 0199FBEB46AF3ADD3C9A9161CFBEAA4CF6B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CWnLIVY-Ju22r7INHZLok6jduB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.mft
Manifest number: 028F
Signing time: Sun 19 Oct 2025 10:02:04 +0000
Manifest this update: Sun 19 Oct 2025 10:02:04 +0000
Manifest next update: Mon 20 Oct 2025 10:02:04 +0000
Files and hashes: 1: CWnLIVY-Ju22r7INHZLok6jduB0.crl (hash: MGeR5PNPiqh8MZpje2QpvldCbfJmNHjyummZ7Lfxsck=)
2: DyBY2wfHB6a4dl33U3SXwgLJDGU.roa (hash: WRQJvvPjJahE1qm/vBTCrYOROs7sZwpvslZhT6hCk+s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CWnLIVY-Ju22r7INHZLok6jduB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:eb:46:af:3a:dd:3c:9a:91:61:cf:be:aa:4c:f6:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0969cb21563e26edb6afb20d1d92e893a8ddb81d
Validity
Not Before: Oct 19 10:02:04 2025 GMT
Not After : Oct 20 10:02:04 2025 GMT
Subject: CN=a7f4ab3426decba6c82051447651a69e53b88627
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5f:3b:f5:49:80:f0:52:25:42:b5:cf:71:71:
51:9d:c7:9f:9d:37:08:70:81:93:df:c3:be:3c:6a:
6d:08:4f:97:04:49:bf:cc:69:23:27:82:11:10:d2:
da:43:a8:09:cc:85:ff:40:1b:63:39:01:90:d1:49:
aa:25:3d:21:c4:25:a0:6b:5a:ff:f1:37:9a:96:f2:
14:45:1a:0b:5a:3a:1b:39:a3:5c:c4:2b:fe:11:21:
02:fd:ef:1f:67:6d:7a:84:3f:03:ad:75:71:3c:00:
e4:4f:4b:2a:07:ef:4c:b4:ee:55:0e:ba:4f:a7:9d:
f9:3c:78:bb:3a:64:3d:b6:6f:2e:d4:6d:1e:f4:63:
a4:dd:51:70:1f:23:4e:1d:34:52:d2:80:18:fb:75:
03:4a:12:d3:11:f3:04:73:fd:7d:a2:e2:2f:21:86:
d6:b0:7b:71:c6:d2:23:50:23:1b:2e:f7:a7:e5:d9:
6e:a5:05:ec:50:6a:03:5a:84:45:dc:33:c2:3d:cf:
0c:25:c7:19:93:84:12:37:d1:cb:9d:f7:bf:6e:97:
37:c2:3f:1a:81:ed:b4:b1:30:ea:30:2e:f4:9f:1d:
08:c6:3b:b1:e5:6b:a3:10:90:91:e5:d0:8c:82:89:
ce:f0:24:59:3a:21:09:15:69:f0:0d:0f:65:1f:ce:
5d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:F4:AB:34:26:DE:CB:A6:C8:20:51:44:76:51:A6:9E:53:B8:86:27
X509v3 Authority Key Identifier:
keyid:09:69:CB:21:56:3E:26:ED:B6:AF:B2:0D:1D:92:E8:93:A8:DD:B8:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CWnLIVY-Ju22r7INHZLok6jduB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2c:8f:af:5e:28:b4:ed:4f:9d:a4:b9:27:20:16:24:1b:61:b3:
e8:ba:d4:42:ab:03:37:c7:b8:44:0b:6d:60:bd:5b:16:35:58:
e5:72:1d:02:9b:ff:83:94:56:59:8d:80:a2:b2:a4:68:48:c3:
66:66:4d:c4:14:d6:32:9e:36:82:fe:b1:2a:8c:1e:cf:9f:d8:
8a:83:5e:c4:6f:95:fa:1e:b2:39:21:a0:aa:28:57:f3:b8:78:
9f:3d:6e:2e:dc:b1:2d:6d:a2:2f:f8:1c:8c:11:fd:7c:c6:86:
51:1f:5c:c1:f4:21:3f:3e:44:37:ba:99:48:b5:14:62:b3:e3:
4a:f2:6c:aa:28:42:3a:8b:c5:80:1a:27:31:0f:5a:77:f4:8a:
83:44:41:ca:95:0b:5c:56:91:4f:8e:99:66:83:95:50:73:2f:
74:51:50:21:e0:ee:64:4b:29:59:83:62:0e:53:6d:66:97:89:
a1:d5:cb:94:89:05:14:30:d9:74:0a:56:23:54:2b:54:51:81:
ad:81:c7:bf:51:5a:7b:d9:35:3c:48:d2:3d:a4:20:de:3f:c1:
69:61:07:2f:17:6e:55:50:e6:c5:c3:3e:40:8e:dd:cc:4b:34:
cf:fc:c9:df:51:c7:79:eb:6f:5b:81:30:db:0c:dd:5b:7a:87:
0b:1a:b5:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn760avOt08mpFhz76qTPayMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NjljYjIxNTYzZTI2ZWRiNmFmYjIwZDFkOTJlODkzYThk
ZGI4MWQwHhcNMjUxMDE5MTAwMjA0WhcNMjUxMDIwMTAwMjA0WjAzMTEwLwYDVQQD
EyhhN2Y0YWIzNDI2ZGVjYmE2YzgyMDUxNDQ3NjUxYTY5ZTUzYjg4NjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1879UmA8FIlQrXPcXFRncefnTcI
cIGT38O+PGptCE+XBEm/zGkjJ4IRENLaQ6gJzIX/QBtjOQGQ0UmqJT0hxCWga1r/
8TealvIURRoLWjobOaNcxCv+ESEC/e8fZ216hD8DrXVxPADkT0sqB+9MtO5VDrpP
p535PHi7OmQ9tm8u1G0e9GOk3VFwHyNOHTRS0oAY+3UDShLTEfMEc/19ouIvIYbW
sHtxxtIjUCMbLven5dlupQXsUGoDWoRF3DPCPc8MJccZk4QSN9HLnfe/bpc3wj8a
ge20sTDqMC70nx0Ixjux5WujEJCR5dCMgonO8CRZOiEJFWnwDQ9lH85dDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKf0qzQm3sumyCBRRHZRpp5TuIYnMB8GA1UdIwQY
MBaAFAlpyyFWPibttq+yDR2S6JOo3bgdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1duTElWWS1KdTIycjdJTkhaTG9rNmpkdUIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy83ZmU4MjMtNmVkNy00Nzg2LTk3YjQt
MzYwMGQwMmE2ZjBlLzEvQ1duTElWWS1KdTIycjdJTkhaTG9rNmpkdUIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy83ZmU4MjMtNmVkNy00Nzg2LTk3YjQtMzYwMGQwMmE2ZjBl
LzEvQ1duTElWWS1KdTIycjdJTkhaTG9rNmpkdUIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALI+vXii0
7U+dpLknIBYkG2Gz6LrUQqsDN8e4RAttYL1bFjVY5XIdApv/g5RWWY2AorKkaEjD
ZmZNxBTWMp42gv6xKowez5/YioNexG+V+h6yOSGgqihX87h4nz1uLtyxLW2iL/gc
jBH9fMaGUR9cwfQhPz5EN7qZSLUUYrPjSvJsqihCOovFgBonMQ9ad/SKg0RBypUL
XFaRT46ZZoOVUHMvdFFQIeDuZEspWYNiDlNtZpeJodXLlIkFFDDZdApWI1QrVFGB
rYHHv1Fae9k1PEjSPaQg3j/BaWEHLxduVVDmxcM+QI7dzEs0z/zJ31HHeetvW4Ew
2wzdW3qHCxq1zA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:07:53 2025 by rpki-client