Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/8c3fb8-40df-4d5d-9363-504727a50b8e/1/cdm6oCIZQu3-SzqaVwgpXARBboA.mft
File: cdm6oCIZQu3-SzqaVwgpXARBboA.mft (raw, json)
Hash identifier: LMzLw113bP6/Fhn+a/GzKgf4HPss6Oug4k8hbmvEnkg=
Subject key identifier: AF:78:D6:E0:FB:FB:B4:0D:51:61:83:84:BD:97:76:DB:40:88:D8:A1
Authority key identifier: 71:D9:BA:A0:22:19:42:ED:FE:4B:3A:9A:57:08:29:5C:04:41:6E:80
Certificate issuer: /CN=71d9baa0221942edfe4b3a9a5708295c04416e80
Certificate serial: 0199FBEBE1CF62195AE26A67B59BCFA81808
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdm6oCIZQu3-SzqaVwgpXARBboA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/8c3fb8-40df-4d5d-9363-504727a50b8e/1/cdm6oCIZQu3-SzqaVwgpXARBboA.mft
Manifest number: 16E2
Signing time: Sun 19 Oct 2025 10:02:43 +0000
Manifest this update: Sun 19 Oct 2025 10:02:43 +0000
Manifest next update: Mon 20 Oct 2025 10:02:43 +0000
Files and hashes: 1: Uqk6ZpOTGE36LT5fcwe3jUUK8bs.roa (hash: 3ocr9qZ6ri2OW2BEWPNTcZs9jR00BhDPO+YzVSk3MLY=)
2: cdm6oCIZQu3-SzqaVwgpXARBboA.crl (hash: 3GbQxgR9psMW3ucXlDFrj8z+Wp+vBP/iUc1z55iD21Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/8c3fb8-40df-4d5d-9363-504727a50b8e/1/cdm6oCIZQu3-SzqaVwgpXARBboA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/8c3fb8-40df-4d5d-9363-504727a50b8e/1/cdm6oCIZQu3-SzqaVwgpXARBboA.mft
rsync://rpki.ripe.net/repository/DEFAULT/cdm6oCIZQu3-SzqaVwgpXARBboA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:eb:e1:cf:62:19:5a:e2:6a:67:b5:9b:cf:a8:18:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d9baa0221942edfe4b3a9a5708295c04416e80
Validity
Not Before: Oct 19 10:02:43 2025 GMT
Not After : Oct 20 10:02:43 2025 GMT
Subject: CN=af78d6e0fbfbb40d51618384bd9776db4088d8a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:25:a8:8e:c3:93:e1:b4:03:89:b2:80:02:c9:
b9:f0:a9:2e:60:4a:a3:4c:b8:4b:74:82:45:26:55:
97:91:54:1a:c3:6a:37:54:33:7a:9b:2d:29:aa:bc:
15:2c:2f:39:8a:6a:b4:bc:a6:0a:cf:ee:d4:37:a3:
fe:c6:5e:4c:01:c0:5b:84:d2:d2:fb:28:3f:93:31:
96:3f:fa:75:01:d8:60:35:5f:85:94:00:0d:15:f8:
b3:79:ae:b7:01:58:fb:b1:a2:f9:33:3b:e7:93:83:
aa:c8:58:73:8d:9b:87:83:66:c7:a5:19:ec:ee:b7:
be:42:40:27:97:38:81:01:e8:27:53:a0:4f:43:97:
42:b0:83:8f:62:cd:ea:53:3f:5a:86:6e:f1:d3:1e:
4f:0c:9f:55:f3:fa:f1:c7:ff:f6:7f:ec:de:51:21:
62:5a:f3:dd:65:cd:08:f8:59:19:cc:dd:ce:cb:50:
62:d8:1e:0a:b9:04:f6:83:f7:6b:71:bf:14:0c:62:
a7:7f:d5:96:96:5e:3a:37:f9:e5:97:1d:61:24:7f:
6c:92:a0:5e:82:cc:7b:79:08:27:3d:12:6d:da:03:
87:6b:fc:57:b3:62:60:22:1c:bb:2a:84:d9:d6:48:
ce:0d:f0:2a:eb:9a:5d:b6:2e:11:83:ba:78:ce:c7:
77:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:78:D6:E0:FB:FB:B4:0D:51:61:83:84:BD:97:76:DB:40:88:D8:A1
X509v3 Authority Key Identifier:
keyid:71:D9:BA:A0:22:19:42:ED:FE:4B:3A:9A:57:08:29:5C:04:41:6E:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdm6oCIZQu3-SzqaVwgpXARBboA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/8c3fb8-40df-4d5d-9363-504727a50b8e/1/cdm6oCIZQu3-SzqaVwgpXARBboA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/8c3fb8-40df-4d5d-9363-504727a50b8e/1/cdm6oCIZQu3-SzqaVwgpXARBboA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5c:17:33:de:10:78:a9:33:06:50:02:fa:57:68:dc:aa:ec:af:
e8:88:ab:45:9f:30:0a:82:0c:d9:21:0c:61:65:4d:df:40:e3:
db:91:b9:bf:05:7a:e7:8e:7b:d7:60:e0:ac:3e:86:1b:22:93:
a4:20:92:8c:02:be:68:ec:77:bd:45:35:0f:61:cf:5e:bc:9d:
cd:82:22:32:9e:f1:0b:98:e8:34:19:ac:07:25:9d:36:2c:81:
b7:b0:fd:77:01:47:99:d3:72:07:a5:d7:66:73:0a:2c:c9:6e:
8b:8f:79:d6:8f:91:d4:18:22:b8:85:92:11:9c:56:5b:df:78:
49:87:e3:72:8e:6b:79:ca:32:53:7a:0c:c3:aa:da:2f:de:72:
1e:58:b0:f8:87:6c:bd:06:0a:66:a6:f1:ec:08:3d:58:6b:b8:
d7:7d:6a:00:ef:d3:2a:8a:c0:c3:51:0b:d8:5d:a7:55:c5:a1:
f5:cb:2b:86:b2:7b:a3:b8:37:c0:75:2e:d3:9b:44:75:15:f5:
51:56:ea:81:c8:87:7b:59:8f:47:5a:82:cb:b5:d2:64:3b:00:
e3:e9:1f:fa:eb:6c:9b:a6:5d:19:4f:20:3f:93:98:c0:64:8d:
57:1a:87:2b:8e:59:6b:76:14:58:67:01:0e:75:67:3a:b5:3e:
e6:4c:18:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76+HPYhla4mpntZvPqBgIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxZDliYWEwMjIxOTQyZWRmZTRiM2E5YTU3MDgyOTVjMDQ0
MTZlODAwHhcNMjUxMDE5MTAwMjQzWhcNMjUxMDIwMTAwMjQzWjAzMTEwLwYDVQQD
EyhhZjc4ZDZlMGZiZmJiNDBkNTE2MTgzODRiZDk3NzZkYjQwODhkOGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0yWojsOT4bQDibKAAsm58KkuYEqj
TLhLdIJFJlWXkVQaw2o3VDN6my0pqrwVLC85imq0vKYKz+7UN6P+xl5MAcBbhNLS
+yg/kzGWP/p1AdhgNV+FlAANFfizea63AVj7saL5Mzvnk4OqyFhzjZuHg2bHpRns
7re+QkAnlziBAegnU6BPQ5dCsIOPYs3qUz9ahm7x0x5PDJ9V8/rxx//2f+zeUSFi
WvPdZc0I+FkZzN3Oy1Bi2B4KuQT2g/drcb8UDGKnf9WWll46N/nllx1hJH9skqBe
gsx7eQgnPRJt2gOHa/xXs2JgIhy7KoTZ1kjODfAq65pdti4Rg7p4zsd3vwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK941uD7+7QNUWGDhL2XdttAiNihMB8GA1UdIwQY
MBaAFHHZuqAiGULt/ks6mlcIKVwEQW6AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2RtNm9DSVpRdTMtU3pxYVZ3Z3BYQVJCYm9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS84YzNmYjgtNDBkZi00ZDVkLTkzNjMt
NTA0NzI3YTUwYjhlLzEvY2RtNm9DSVpRdTMtU3pxYVZ3Z3BYQVJCYm9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS84YzNmYjgtNDBkZi00ZDVkLTkzNjMtNTA0NzI3YTUwYjhl
LzEvY2RtNm9DSVpRdTMtU3pxYVZ3Z3BYQVJCYm9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXBcz3hB4
qTMGUAL6V2jcquyv6IirRZ8wCoIM2SEMYWVN30Dj25G5vwV6545712DgrD6GGyKT
pCCSjAK+aOx3vUU1D2HPXrydzYIiMp7xC5joNBmsByWdNiyBt7D9dwFHmdNyB6XX
ZnMKLMlui4951o+R1BgiuIWSEZxWW994SYfjco5recoyU3oMw6raL95yHliw+Ids
vQYKZqbx7Ag9WGu4131qAO/TKorAw1EL2F2nVcWh9csrhrJ7o7g3wHUu05tEdRX1
UVbqgciHe1mPR1qCy7XSZDsA4+kf+utsm6ZdGU8gP5OYwGSNVxqHK45Za3YUWGcB
DnVnOrU+5kwYTQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:07:11 2025 by rpki-client