Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.mft
File: rKKhlS5xiUSkBDSg6-__2iv-7V8.mft (raw, json)
Hash identifier: h8iQtaN0fj0uBVeFwh50WkCXdbKmpuvqbgPNtJlFScA=
Subject key identifier: 07:D9:6D:75:64:DE:77:15:B8:A9:AF:40:2E:A7:20:FA:91:57:29:CC
Authority key identifier: AC:A2:A1:95:2E:71:89:44:A4:04:34:A0:EB:EF:FF:DA:2B:FE:ED:5F
Certificate issuer: /CN=aca2a1952e718944a40434a0ebefffda2bfeed5f
Certificate serial: 0199FEEB7B4E44467D49794D045CD9BCF8C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKKhlS5xiUSkBDSg6-__2iv-7V8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.mft
Manifest number: 13A0
Signing time: Mon 20 Oct 2025 00:01:09 +0000
Manifest this update: Mon 20 Oct 2025 00:01:09 +0000
Manifest next update: Tue 21 Oct 2025 00:01:09 +0000
Files and hashes: 1: mN-Gq3CnQOseJQb6vbylzDVdWSg.roa (hash: fOE9ILnEXk1PyxS5P7XqjGQMPFnkivt3IHprv8lvkaM=)
2: rKKhlS5xiUSkBDSg6-__2iv-7V8.crl (hash: Hr0LKPqQtFMQM+hOZ+FZawGyzTxQz+B4MYXaV/kswJQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKKhlS5xiUSkBDSg6-__2iv-7V8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fe:eb:7b:4e:44:46:7d:49:79:4d:04:5c:d9:bc:f8:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca2a1952e718944a40434a0ebefffda2bfeed5f
Validity
Not Before: Oct 20 00:01:09 2025 GMT
Not After : Oct 21 00:01:09 2025 GMT
Subject: CN=07d96d7564de7715b8a9af402ea720fa915729cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:01:d2:ae:80:0b:7a:26:fb:f7:de:06:a2:3d:
8d:d3:59:58:d8:16:06:27:19:50:06:8b:b8:60:92:
d1:bd:a5:96:80:6a:c3:f2:91:24:41:85:65:18:f8:
08:04:54:e0:aa:d4:5b:27:d5:31:54:c9:0e:cf:8e:
d4:f2:5e:b3:ba:67:4c:e4:7e:72:17:a5:90:a2:bd:
f5:be:03:85:bb:b0:6a:51:e8:09:26:97:33:8d:df:
3a:af:68:82:64:69:49:b5:b0:00:b9:f8:58:3f:59:
17:85:b6:47:ed:6b:e5:a1:93:b2:f9:46:c9:80:54:
ac:26:74:62:ec:08:d7:93:8e:55:be:2d:89:a7:f1:
2d:11:1c:3a:cc:72:af:fa:86:00:ae:1d:56:6c:07:
1e:b6:10:4f:48:5e:af:50:81:9d:e4:74:6d:8c:d0:
7d:0a:85:7e:d3:48:ca:0b:41:b9:fd:ad:1d:af:f1:
56:0e:d3:ef:39:98:1e:35:88:9c:de:38:44:82:20:
2c:ad:5a:7d:9f:75:38:4c:3f:a1:cc:0b:8d:da:d8:
9f:7f:fc:89:ca:62:4f:a9:b0:27:75:15:2d:7a:f0:
61:ec:84:3d:7d:9c:f2:c2:2f:43:51:a6:1e:36:12:
d3:73:d6:36:e6:51:4f:01:dd:44:9d:5b:af:77:f8:
ab:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:D9:6D:75:64:DE:77:15:B8:A9:AF:40:2E:A7:20:FA:91:57:29:CC
X509v3 Authority Key Identifier:
keyid:AC:A2:A1:95:2E:71:89:44:A4:04:34:A0:EB:EF:FF:DA:2B:FE:ED:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKKhlS5xiUSkBDSg6-__2iv-7V8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
d3:2b:e8:5c:1c:ad:a6:43:30:bf:8d:f2:2e:66:b6:93:0f:32:
f6:26:27:ff:b4:05:1f:2f:3b:a7:45:a1:92:0a:7e:70:aa:28:
23:ea:35:12:26:99:c1:2e:a5:3a:1a:cb:30:55:14:5c:d8:0c:
07:2f:17:d3:3a:d4:4a:5d:4d:e9:e0:d0:79:18:d4:5b:cd:19:
f3:7e:d9:ac:1f:09:da:59:b5:d1:d4:21:be:9a:62:62:d3:61:
43:da:75:e5:f7:b1:6c:86:5d:7b:e1:45:c9:4b:68:3e:4b:25:
fa:68:ed:2a:2a:e3:21:b9:dc:bd:55:82:41:d1:9b:59:20:8f:
54:a5:31:9a:2f:dd:57:5c:9a:d0:52:41:4c:6b:00:b5:ab:91:
6b:2b:a1:ab:30:42:31:e3:20:4e:f4:ae:d3:f1:df:19:e3:6c:
f6:15:81:0f:3c:cb:86:9e:d5:43:f1:cd:cd:da:d6:c3:a2:46:
ad:50:3a:b1:5a:f0:62:d6:c0:f6:73:d6:e9:6f:9c:03:72:42:
ca:67:6b:fc:07:12:03:17:9e:6d:d2:48:a7:44:56:3b:b9:02:
0b:14:7a:81:e1:f4:d3:e4:92:8b:1a:f4:58:c8:7f:6e:5c:e2:
7e:9c:02:31:e3:ff:85:01:21:37:58:0c:cc:2b:d9:98:cf:3c:
c6:c4:19:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+63tOREZ9SXlNBFzZvPjJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTJhMTk1MmU3MTg5NDRhNDA0MzRhMGViZWZmZmRhMmJm
ZWVkNWYwHhcNMjUxMDIwMDAwMTA5WhcNMjUxMDIxMDAwMTA5WjAzMTEwLwYDVQQD
EygwN2Q5NmQ3NTY0ZGU3NzE1YjhhOWFmNDAyZWE3MjBmYTkxNTcyOWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAHSroALeib7994Goj2N01lY2BYG
JxlQBou4YJLRvaWWgGrD8pEkQYVlGPgIBFTgqtRbJ9UxVMkOz47U8l6zumdM5H5y
F6WQor31vgOFu7BqUegJJpczjd86r2iCZGlJtbAAufhYP1kXhbZH7WvloZOy+UbJ
gFSsJnRi7AjXk45Vvi2Jp/EtERw6zHKv+oYArh1WbAcethBPSF6vUIGd5HRtjNB9
CoV+00jKC0G5/a0dr/FWDtPvOZgeNYic3jhEgiAsrVp9n3U4TD+hzAuN2tiff/yJ
ymJPqbAndRUtevBh7IQ9fZzywi9DUaYeNhLTc9Y25lFPAd1EnVuvd/irJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAfZbXVk3ncVuKmvQC6nIPqRVynMMB8GA1UdIwQY
MBaAFKyioZUucYlEpAQ0oOvv/9or/u1fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktLaGxTNXhpVVNrQkRTZzYtX18yaXYtN1Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9hMjY0YTgtYTY2Ni00Yzg3LTg1MWMt
YWRhMjRlZjMxMGNhLzEvcktLaGxTNXhpVVNrQkRTZzYtX18yaXYtN1Y4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9hMjY0YTgtYTY2Ni00Yzg3LTg1MWMtYWRhMjRlZjMxMGNh
LzEvcktLaGxTNXhpVVNrQkRTZzYtX18yaXYtN1Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0yvoXByt
pkMwv43yLma2kw8y9iYn/7QFHy87p0Whkgp+cKooI+o1EiaZwS6lOhrLMFUUXNgM
By8X0zrUSl1N6eDQeRjUW80Z837ZrB8J2lm10dQhvppiYtNhQ9p15fexbIZde+FF
yUtoPksl+mjtKirjIbncvVWCQdGbWSCPVKUxmi/dV1ya0FJBTGsAtauRayuhqzBC
MeMgTvSu0/HfGeNs9hWBDzzLhp7VQ/HNzdrWw6JGrVA6sVrwYtbA9nPW6W+cA3JC
ymdr/AcSAxeebdJIp0RWO7kCCxR6geH00+SSixr0WMh/blzifpwCMeP/hQEhN1gM
zCvZmM88xsQZ2g==
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:33:13 2025 by rpki-client