Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/6ec943-70e2-4335-84fe-c79d4eeb5ad6/1/4kCgJeDmGkTZPkqAHjiIsm570kE.mft
File: 4kCgJeDmGkTZPkqAHjiIsm570kE.mft (raw, json)
Hash identifier: os9AhxfAhy+rNW6JA/c8vocUXVQHo9I4akMHJ9RU380=
Subject key identifier: A0:F7:80:D3:B6:1A:CD:6E:A5:C8:A4:C5:09:8B:98:3E:36:9F:02:C5
Authority key identifier: E2:40:A0:25:E0:E6:1A:44:D9:3E:4A:80:1E:38:88:B2:6E:7B:D2:41
Certificate issuer: /CN=e240a025e0e61a44d93e4a801e3888b26e7bd241
Certificate serial: 0199FF22BA1755EE81120A23E8B34733FBB6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4kCgJeDmGkTZPkqAHjiIsm570kE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/6ec943-70e2-4335-84fe-c79d4eeb5ad6/1/4kCgJeDmGkTZPkqAHjiIsm570kE.mft
Manifest number: 16E6
Signing time: Mon 20 Oct 2025 01:01:29 +0000
Manifest this update: Mon 20 Oct 2025 01:01:29 +0000
Manifest next update: Tue 21 Oct 2025 01:01:29 +0000
Files and hashes: 1: 4kCgJeDmGkTZPkqAHjiIsm570kE.crl (hash: r07SPBERTfRfBYSsiC1AZ3otS1LBGfmG5v+nYeXVskg=)
2: K7SH4zYCXr-cp1q6N2Mp-Gdj1PU.roa (hash: fOTEXpl4gYkXzMjvkhlooQdp3U8U0Z9lMps20TcryK0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/6ec943-70e2-4335-84fe-c79d4eeb5ad6/1/4kCgJeDmGkTZPkqAHjiIsm570kE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/6ec943-70e2-4335-84fe-c79d4eeb5ad6/1/4kCgJeDmGkTZPkqAHjiIsm570kE.mft
rsync://rpki.ripe.net/repository/DEFAULT/4kCgJeDmGkTZPkqAHjiIsm570kE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:22:ba:17:55:ee:81:12:0a:23:e8:b3:47:33:fb:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e240a025e0e61a44d93e4a801e3888b26e7bd241
Validity
Not Before: Oct 20 01:01:29 2025 GMT
Not After : Oct 21 01:01:29 2025 GMT
Subject: CN=a0f780d3b61acd6ea5c8a4c5098b983e369f02c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:66:c2:98:17:0a:76:0a:57:bf:5a:b7:6b:62:
69:e0:85:2d:ab:9b:a1:fd:c1:d0:08:44:e9:cc:57:
cc:09:2e:b6:d4:d6:d2:7e:c6:42:4e:20:fc:e6:17:
b6:ae:c5:12:e2:3e:db:1d:78:5d:08:b7:b4:60:80:
de:04:35:a6:b3:3e:a4:d6:59:4c:e7:41:8f:25:2b:
dd:1f:50:c5:7b:7c:f1:04:33:72:a6:f8:80:d5:2b:
80:1e:96:c4:51:0b:b0:c7:75:78:16:bf:65:2d:e3:
bf:3f:a6:a0:d0:ec:13:3e:35:87:79:c5:1e:92:99:
90:7e:e0:fa:f5:7d:ed:34:3f:63:fb:37:db:1a:bb:
db:d8:79:72:c4:7e:10:07:d8:97:22:e1:ee:bf:93:
1a:91:93:5d:44:6e:7e:0d:3d:06:f9:1f:37:4d:a0:
86:c6:04:18:34:91:6a:fd:2a:c8:54:a8:0b:c5:52:
d4:b9:fe:5f:e3:c5:b6:4d:a1:b1:be:da:27:4f:1d:
65:95:f8:44:07:44:2b:c6:c6:68:81:eb:72:b9:42:
be:ac:4c:d0:56:e2:c2:b6:00:f6:65:92:ad:b9:64:
26:4b:14:09:bb:ba:ca:44:e4:4c:04:fb:b6:06:3f:
51:87:93:83:0d:b0:a9:f0:81:59:6d:8c:69:0d:1b:
77:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:F7:80:D3:B6:1A:CD:6E:A5:C8:A4:C5:09:8B:98:3E:36:9F:02:C5
X509v3 Authority Key Identifier:
keyid:E2:40:A0:25:E0:E6:1A:44:D9:3E:4A:80:1E:38:88:B2:6E:7B:D2:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4kCgJeDmGkTZPkqAHjiIsm570kE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/6ec943-70e2-4335-84fe-c79d4eeb5ad6/1/4kCgJeDmGkTZPkqAHjiIsm570kE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/6ec943-70e2-4335-84fe-c79d4eeb5ad6/1/4kCgJeDmGkTZPkqAHjiIsm570kE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:b1:2f:44:f3:ce:8f:b6:6f:ea:87:fc:76:69:52:9e:b4:98:
e2:2e:3a:5c:93:85:4b:32:40:7f:a1:37:f8:43:d2:1b:b3:d5:
50:a2:b8:39:8f:a5:9c:3d:c7:98:47:7e:1d:53:79:2e:9b:22:
d8:68:91:d2:f6:bf:ad:c3:c5:0e:69:db:fc:3b:a4:c5:93:09:
08:3d:ab:02:82:d6:21:20:dd:6b:cf:b8:68:c2:41:48:3d:04:
3a:9b:5c:72:de:37:c0:21:21:64:f5:89:32:1d:4c:85:61:57:
2a:a4:3d:02:c3:8d:2c:07:df:bc:86:01:bb:74:fc:41:fd:86:
b4:af:19:a0:de:c4:66:ef:01:7f:04:cc:9a:98:32:08:3b:e5:
e0:94:be:45:da:9f:9b:a7:45:9a:d1:c6:f6:c4:4b:d9:06:62:
92:86:f9:2b:30:99:bd:7e:ca:89:cf:5e:d1:8b:f4:8b:1f:72:
e0:bb:8c:6e:97:c1:27:cf:c1:fa:08:53:6a:41:3d:59:42:dd:
f0:0e:a3:ca:87:7a:e9:aa:f8:9e:10:41:7e:d9:0c:7e:0c:33:
94:28:9e:e5:37:e7:67:a0:f5:e1:57:7f:7a:00:7b:f9:9a:8d:
8b:a2:41:2e:08:fd:36:2b:80:3c:e0:f8:da:ef:e2:27:65:79:
c4:f6:0a:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/IroXVe6BEgoj6LNHM/u2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyNDBhMDI1ZTBlNjFhNDRkOTNlNGE4MDFlMzg4OGIyNmU3
YmQyNDEwHhcNMjUxMDIwMDEwMTI5WhcNMjUxMDIxMDEwMTI5WjAzMTEwLwYDVQQD
EyhhMGY3ODBkM2I2MWFjZDZlYTVjOGE0YzUwOThiOTgzZTM2OWYwMmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA12bCmBcKdgpXv1q3a2Jp4IUtq5uh
/cHQCETpzFfMCS621NbSfsZCTiD85he2rsUS4j7bHXhdCLe0YIDeBDWmsz6k1llM
50GPJSvdH1DFe3zxBDNypviA1SuAHpbEUQuwx3V4Fr9lLeO/P6ag0OwTPjWHecUe
kpmQfuD69X3tND9j+zfbGrvb2HlyxH4QB9iXIuHuv5MakZNdRG5+DT0G+R83TaCG
xgQYNJFq/SrIVKgLxVLUuf5f48W2TaGxvtonTx1llfhEB0QrxsZogetyuUK+rEzQ
VuLCtgD2ZZKtuWQmSxQJu7rKRORMBPu2Bj9Rh5ODDbCp8IFZbYxpDRt3fQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKD3gNO2Gs1upcikxQmLmD42nwLFMB8GA1UdIwQY
MBaAFOJAoCXg5hpE2T5KgB44iLJue9JBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGtDZ0plRG1Ha1RaUGtxQUhqaUlzbTU3MGtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS82ZWM5NDMtNzBlMi00MzM1LTg0ZmUt
Yzc5ZDRlZWI1YWQ2LzEvNGtDZ0plRG1Ha1RaUGtxQUhqaUlzbTU3MGtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS82ZWM5NDMtNzBlMi00MzM1LTg0ZmUtYzc5ZDRlZWI1YWQ2
LzEvNGtDZ0plRG1Ha1RaUGtxQUhqaUlzbTU3MGtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADrEvRPPO
j7Zv6of8dmlSnrSY4i46XJOFSzJAf6E3+EPSG7PVUKK4OY+lnD3HmEd+HVN5Lpsi
2GiR0va/rcPFDmnb/DukxZMJCD2rAoLWISDda8+4aMJBSD0EOptcct43wCEhZPWJ
Mh1MhWFXKqQ9AsONLAffvIYBu3T8Qf2GtK8ZoN7EZu8BfwTMmpgyCDvl4JS+Rdqf
m6dFmtHG9sRL2QZikob5KzCZvX7Kic9e0Yv0ix9y4LuMbpfBJ8/B+ghTakE9WULd
8A6jyod66ar4nhBBftkMfgwzlCie5TfnZ6D14Vd/egB7+ZqNi6JBLgj9NiuAPOD4
2u/iJ2V5xPYKYg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:11:55 2025 by rpki-client