Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.mft
File: mK9kDIIO61-8kigcYRRPEae9cH4.mft (raw, json)
Hash identifier: Mg2Yk9DAJAOPLa/pn0RZhqkrOnCPtN8WfXNlH0d+wCY=
Subject key identifier: D9:DF:FC:64:C8:93:91:B1:4A:B3:F7:D6:BB:31:D7:E2:E4:9E:08:DB
Authority key identifier: 98:AF:64:0C:82:0E:EB:5F:BC:92:28:1C:61:14:4F:11:A7:BD:70:7E
Certificate issuer: /CN=98af640c820eeb5fbc92281c61144f11a7bd707e
Certificate serial: 0199FBEBAF74D599B14B4B9B8FC34FBEA68D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mK9kDIIO61-8kigcYRRPEae9cH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.mft
Manifest number: 0439
Signing time: Sun 19 Oct 2025 10:02:31 +0000
Manifest this update: Sun 19 Oct 2025 10:02:31 +0000
Manifest next update: Mon 20 Oct 2025 10:02:31 +0000
Files and hashes: 1: OWXYykmlPDxYaUK6ibOA62-hDng.roa (hash: x4BvE6J+LBS4eTxuz/ILECCYgRYsxbKFwFccG0CtiDI=)
2: mK9kDIIO61-8kigcYRRPEae9cH4.crl (hash: ug0ZIgQQI0wbB3vuGAQUzQ4k6qIVRgJd5ZhK4SyqV8o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/mK9kDIIO61-8kigcYRRPEae9cH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:eb:af:74:d5:99:b1:4b:4b:9b:8f:c3:4f:be:a6:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98af640c820eeb5fbc92281c61144f11a7bd707e
Validity
Not Before: Oct 19 10:02:31 2025 GMT
Not After : Oct 20 10:02:31 2025 GMT
Subject: CN=d9dffc64c89391b14ab3f7d6bb31d7e2e49e08db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:37:0b:73:7f:23:96:e3:df:7c:9e:b8:fc:d9:
4f:a6:af:3c:ce:59:f3:14:f0:67:39:b2:d1:53:14:
e6:2e:66:ba:10:b6:23:15:19:49:db:0a:f6:65:86:
3a:24:f7:5f:a2:6b:b0:08:70:18:70:a4:8f:19:65:
29:56:cd:e0:fe:6d:f0:a9:7b:c9:44:43:7f:ec:47:
0c:d3:50:3c:93:31:91:ba:fa:53:f6:13:2b:4a:0a:
9d:8a:30:eb:ab:3d:85:1c:af:33:4d:a5:76:a4:98:
8a:34:c3:cf:f6:c3:2f:9d:da:9b:72:59:b3:a9:a4:
16:e3:7c:a3:13:85:da:cb:fc:3d:3c:bb:60:2f:7d:
f7:f7:ad:c4:81:fc:63:74:82:ec:55:35:63:77:20:
f6:63:64:98:de:b9:d8:1d:53:71:84:2c:d7:53:ac:
52:cf:c5:4a:04:b2:f2:3f:13:d3:d2:e1:8f:04:e8:
8c:a0:ef:1b:42:fd:e4:04:6e:5a:e4:43:e5:d6:9f:
c9:4c:27:06:2f:ec:51:86:9a:ef:30:ba:78:8c:9c:
c9:41:b7:0d:fd:93:ef:3b:55:64:c0:a5:a1:90:e9:
50:86:84:a5:32:4d:b4:f1:cc:d1:02:38:b3:15:c4:
5b:b2:b5:d5:16:85:e2:bb:24:14:c7:62:bd:b4:4a:
4a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:DF:FC:64:C8:93:91:B1:4A:B3:F7:D6:BB:31:D7:E2:E4:9E:08:DB
X509v3 Authority Key Identifier:
keyid:98:AF:64:0C:82:0E:EB:5F:BC:92:28:1C:61:14:4F:11:A7:BD:70:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mK9kDIIO61-8kigcYRRPEae9cH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:df:38:68:fd:aa:b5:bd:9a:32:5d:57:55:61:68:61:da:39:
4e:15:a7:0f:28:5a:14:91:ae:63:08:52:dc:a3:d6:a4:4e:c7:
bf:9b:ed:ab:81:2c:4c:ac:f4:fd:7d:26:10:d6:66:0d:9f:3b:
4c:1e:6b:ba:e9:81:d9:09:ac:0a:79:8f:79:6f:f2:c6:d4:a4:
bd:c7:33:24:b3:c4:81:b5:59:75:d5:0d:0f:27:19:31:5c:56:
61:fc:9c:e4:8e:9b:a5:e5:62:7e:dc:41:7c:9a:68:db:0b:1d:
0f:05:2a:92:38:6d:fa:31:b9:a9:09:a1:75:82:68:a5:35:bd:
2e:13:04:e2:96:ee:8b:c4:99:06:c1:49:c7:6f:16:83:c1:7f:
d5:48:90:b2:ff:4c:46:c3:70:d6:81:1b:0e:64:9d:de:b0:e6:
bf:8e:d1:52:7b:90:84:a4:e8:ba:51:b4:f0:23:24:3c:5e:3d:
f8:96:82:6e:15:5a:67:bf:5e:0e:ed:77:52:fa:7b:c3:9d:a6:
41:f8:06:5e:59:9b:24:33:09:45:82:a3:ba:41:dd:bb:af:bc:
9e:f1:f1:78:54:b8:3c:41:15:b0:29:f2:9a:e2:85:69:98:85:
34:90:f4:2b:0d:37:19:c5:0b:29:a4:af:18:c7:5a:28:94:c8:
2f:9f:17:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn766901ZmxS0ubj8NPvqaNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4YWY2NDBjODIwZWViNWZiYzkyMjgxYzYxMTQ0ZjExYTdi
ZDcwN2UwHhcNMjUxMDE5MTAwMjMxWhcNMjUxMDIwMTAwMjMxWjAzMTEwLwYDVQQD
EyhkOWRmZmM2NGM4OTM5MWIxNGFiM2Y3ZDZiYjMxZDdlMmU0OWUwOGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzcLc38jluPffJ64/NlPpq88zlnz
FPBnObLRUxTmLma6ELYjFRlJ2wr2ZYY6JPdfomuwCHAYcKSPGWUpVs3g/m3wqXvJ
REN/7EcM01A8kzGRuvpT9hMrSgqdijDrqz2FHK8zTaV2pJiKNMPP9sMvndqbclmz
qaQW43yjE4Xay/w9PLtgL333963EgfxjdILsVTVjdyD2Y2SY3rnYHVNxhCzXU6xS
z8VKBLLyPxPT0uGPBOiMoO8bQv3kBG5a5EPl1p/JTCcGL+xRhprvMLp4jJzJQbcN
/ZPvO1VkwKWhkOlQhoSlMk208czRAjizFcRbsrXVFoXiuyQUx2K9tEpKHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNnf/GTIk5GxSrP31rsx1+LkngjbMB8GA1UdIwQY
MBaAFJivZAyCDutfvJIoHGEUTxGnvXB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUs5a0RJSU82MS04a2lnY1lSUlBFYWU5Y0g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8xMjJmZjQtYzRhNy00Njk4LTg3OWYt
ZWNhYjcwZWYzMmRhLzEvbUs5a0RJSU82MS04a2lnY1lSUlBFYWU5Y0g0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8xMjJmZjQtYzRhNy00Njk4LTg3OWYtZWNhYjcwZWYzMmRh
LzEvbUs5a0RJSU82MS04a2lnY1lSUlBFYWU5Y0g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG984aP2q
tb2aMl1XVWFoYdo5ThWnDyhaFJGuYwhS3KPWpE7Hv5vtq4EsTKz0/X0mENZmDZ87
TB5ruumB2QmsCnmPeW/yxtSkvcczJLPEgbVZddUNDycZMVxWYfyc5I6bpeViftxB
fJpo2wsdDwUqkjht+jG5qQmhdYJopTW9LhME4pbui8SZBsFJx28Wg8F/1UiQsv9M
RsNw1oEbDmSd3rDmv47RUnuQhKToulG08CMkPF49+JaCbhVaZ79eDu13Uvp7w52m
QfgGXlmbJDMJRYKjukHdu6+8nvHxeFS4PEEVsCnymuKFaZiFNJD0Kw03GcULKaSv
GMdaKJTIL58XPA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:37:29 2025 by rpki-client