Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
File: cHl9sHv21Fl6wtyL40-JKYAI8s0.mft (raw, json)
Hash identifier: O+utSwg4uLCkKt0IY1uGnHlMoQZLIuhPL4/a926ErTM=
Subject key identifier: 2B:FC:B9:E5:7F:F4:8B:27:56:7F:48:0E:8F:7B:9A:CB:AC:4B:C9:0F
Authority key identifier: 70:79:7D:B0:7B:F6:D4:59:7A:C2:DC:8B:E3:4F:89:29:80:08:F2:CD
Certificate issuer: /CN=70797db07bf6d4597ac2dc8be34f89298008f2cd
Certificate serial: 0199FF59A663C82FCBCFA15BF3E7E96FACE4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
Manifest number: 16E8
Signing time: Mon 20 Oct 2025 02:01:29 +0000
Manifest this update: Mon 20 Oct 2025 02:01:29 +0000
Manifest next update: Tue 21 Oct 2025 02:01:29 +0000
Files and hashes: 1: aSlfyLBw9tgMgXUQzZob6GMDMuM.roa (hash: DQ6riuAx/+y5wvPOEmkDzdZnToFJiPSBUt3sxo+9O3s=)
2: cHl9sHv21Fl6wtyL40-JKYAI8s0.crl (hash: 9aulkTdh7DBwXhjbObrnRHPCEeqN+oSRQmBc0yIkxFQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:59:a6:63:c8:2f:cb:cf:a1:5b:f3:e7:e9:6f:ac:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70797db07bf6d4597ac2dc8be34f89298008f2cd
Validity
Not Before: Oct 20 02:01:29 2025 GMT
Not After : Oct 21 02:01:29 2025 GMT
Subject: CN=2bfcb9e57ff48b27567f480e8f7b9acbac4bc90f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ab:48:a6:26:19:de:d3:46:bf:01:5d:ad:4c:
72:9c:60:80:26:6b:81:39:10:41:0f:ce:63:ed:fb:
1f:af:5f:0c:f2:fe:26:0a:58:3c:03:ea:c3:fc:ef:
bf:0f:9a:09:cf:0c:4a:74:37:32:33:fa:69:97:fa:
f0:4a:eb:26:22:62:16:8d:32:7a:e0:ad:d9:fa:ce:
e5:21:b4:c4:71:a7:76:41:17:90:f1:93:3f:1f:e3:
a0:2f:79:d6:97:d1:ae:ac:5c:30:c6:4c:43:9d:82:
ac:94:83:47:87:1c:17:38:3a:94:ca:72:28:82:2f:
fd:16:76:6c:4c:85:a0:75:6d:a4:df:a8:67:bc:15:
33:b5:97:94:70:9e:fd:60:ba:9b:0d:d2:5e:7c:6d:
d5:7c:ef:b8:96:91:cb:17:af:d3:82:b3:e8:ac:5b:
82:b7:b6:0a:74:08:f1:98:d7:09:c8:8f:17:99:83:
d5:47:d5:40:ae:bb:a9:22:f6:9d:fb:01:fc:59:67:
12:33:ed:ad:4a:73:50:e9:60:ef:b9:a6:8a:0c:9a:
2e:d8:e4:a0:0a:5e:3a:3a:d8:3c:cf:8f:d0:53:21:
da:6c:4b:d4:33:dc:c0:46:a3:24:a4:0a:3a:82:0f:
cb:a7:03:ab:b2:d4:52:fd:89:67:59:9d:f6:80:71:
7c:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:FC:B9:E5:7F:F4:8B:27:56:7F:48:0E:8F:7B:9A:CB:AC:4B:C9:0F
X509v3 Authority Key Identifier:
keyid:70:79:7D:B0:7B:F6:D4:59:7A:C2:DC:8B:E3:4F:89:29:80:08:F2:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0f:1f:ad:3c:31:a2:57:f1:97:0e:db:0e:2b:f9:9f:94:11:d0:
4c:37:ad:84:b9:86:7c:a5:f5:50:41:b5:93:8d:72:34:98:58:
c5:b6:27:ff:8f:b1:5b:93:db:c4:0a:5c:d0:d9:7d:40:9f:fa:
b8:01:ef:79:8a:82:d6:77:d9:98:4c:fe:43:41:e3:09:4b:af:
b0:17:58:83:56:5f:f6:7e:3e:98:06:f9:46:c5:7b:60:db:7f:
6c:4f:82:eb:27:29:ce:73:5f:dd:91:56:27:da:0b:bd:97:ac:
d2:e6:40:09:aa:54:c7:2e:2e:0e:fe:b4:74:fc:e0:7e:63:a7:
ac:c5:ee:19:fd:0a:00:ce:14:6f:ca:5e:a9:b5:11:1f:27:74:
ec:a8:96:6b:ed:2d:88:7c:2e:9d:0b:2a:f0:65:2b:e1:20:a3:
b3:f9:56:cf:c0:b7:30:b5:07:7a:ad:ac:e7:34:ed:5a:6f:eb:
0d:d3:45:1b:9c:05:b7:1d:66:97:79:78:02:07:dd:79:d5:f3:
a2:09:e6:16:48:fe:f7:16:b9:62:7c:a3:ad:5b:55:c6:7a:58:
5c:ec:fe:90:37:81:ff:ce:dd:ed:f4:8c:a8:a3:45:b3:88:50:
84:d8:b5:8d:ac:ba:2f:0a:9e:90:9d:84:a8:29:e4:51:4d:32:
7f:76:3e:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/WaZjyC/Lz6Fb8+fpb6zkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNzk3ZGIwN2JmNmQ0NTk3YWMyZGM4YmUzNGY4OTI5ODAw
OGYyY2QwHhcNMjUxMDIwMDIwMTI5WhcNMjUxMDIxMDIwMTI5WjAzMTEwLwYDVQQD
EygyYmZjYjllNTdmZjQ4YjI3NTY3ZjQ4MGU4ZjdiOWFjYmFjNGJjOTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6tIpiYZ3tNGvwFdrUxynGCAJmuB
ORBBD85j7fsfr18M8v4mClg8A+rD/O+/D5oJzwxKdDcyM/ppl/rwSusmImIWjTJ6
4K3Z+s7lIbTEcad2QReQ8ZM/H+OgL3nWl9GurFwwxkxDnYKslINHhxwXODqUynIo
gi/9FnZsTIWgdW2k36hnvBUztZeUcJ79YLqbDdJefG3VfO+4lpHLF6/TgrPorFuC
t7YKdAjxmNcJyI8XmYPVR9VArrupIvad+wH8WWcSM+2tSnNQ6WDvuaaKDJou2OSg
Cl46Otg8z4/QUyHabEvUM9zARqMkpAo6gg/LpwOrstRS/YlnWZ32gHF8fQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCv8ueV/9IsnVn9IDo97msusS8kPMB8GA1UdIwQY
MBaAFHB5fbB79tRZesLci+NPiSmACPLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9jMmVlN2EtY2JiNy00NzBlLWI5NjUt
OTA3ZGFhNDY0NjNiLzEvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9jMmVlN2EtY2JiNy00NzBlLWI5NjUtOTA3ZGFhNDY0NjNi
LzEvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADx+tPDGi
V/GXDtsOK/mflBHQTDethLmGfKX1UEG1k41yNJhYxbYn/4+xW5PbxApc0Nl9QJ/6
uAHveYqC1nfZmEz+Q0HjCUuvsBdYg1Zf9n4+mAb5RsV7YNt/bE+C6ycpznNf3ZFW
J9oLvZes0uZACapUxy4uDv60dPzgfmOnrMXuGf0KAM4Ub8peqbURHyd07KiWa+0t
iHwunQsq8GUr4SCjs/lWz8C3MLUHeq2s5zTtWm/rDdNFG5wFtx1ml3l4AgfdedXz
ognmFkj+9xa5YnyjrVtVxnpYXOz+kDeB/87d7fSMqKNFs4hQhNi1jay6LwqekJ2E
qCnkUU0yf3Y+1A==
-----END CERTIFICATE-----
Generated at Mon Oct 20 05:58:52 2025 by rpki-client