Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/5f153d-71d9-470a-ba27-971139514bb1/1/CKKX-M-hzm0_4sUmkRxGippjGNA.mft
File: CKKX-M-hzm0_4sUmkRxGippjGNA.mft (raw, json)
Hash identifier: YhaOKsRQBpDVaCKSHYfPkBsicWQG7F8EeEmwpD8a0YE=
Subject key identifier: FE:BD:5D:A9:A2:66:10:6A:32:F8:3F:09:F5:56:A2:DF:17:08:5A:06
Authority key identifier: 08:A2:97:F8:CF:A1:CE:6D:3F:E2:C5:26:91:1C:46:8A:9A:63:18:D0
Certificate issuer: /CN=08a297f8cfa1ce6d3fe2c526911c468a9a6318d0
Certificate serial: 0199FDD9C9DDE586D30D63F4BBB6F5649B16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKKX-M-hzm0_4sUmkRxGippjGNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/5f153d-71d9-470a-ba27-971139514bb1/1/CKKX-M-hzm0_4sUmkRxGippjGNA.mft
Manifest number: 16E5
Signing time: Sun 19 Oct 2025 19:02:12 +0000
Manifest this update: Sun 19 Oct 2025 19:02:12 +0000
Manifest next update: Mon 20 Oct 2025 19:02:12 +0000
Files and hashes: 1: 5MRhSgchnAtf4S3HQR8A2P9G7a4.roa (hash: zhfGWwF8FWGDVI625aodd4CNBRsAZhPphxbbSuJ9Gk4=)
2: CKKX-M-hzm0_4sUmkRxGippjGNA.crl (hash: 7uUti8XIfLMuairbTjwPfDYie/ghOP7wyStFXOXHgyk=)
3: KBS5ODGVPgLIrn_lzCZVpLCuM_o.roa (hash: tuJiuTZZDp+7DpYOFgzygNPFPeRHjujTGVj2/4ZqQWE=)
4: lf4o5O9cdWZQhb3j1ES-63-ld0k.roa (hash: MkYv77LnNtclc+nDDwEnxwywSZw8C8g7xWpLHjYSnn8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/5f153d-71d9-470a-ba27-971139514bb1/1/CKKX-M-hzm0_4sUmkRxGippjGNA.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/5f153d-71d9-470a-ba27-971139514bb1/1/CKKX-M-hzm0_4sUmkRxGippjGNA.mft
rsync://rpki.ripe.net/repository/DEFAULT/CKKX-M-hzm0_4sUmkRxGippjGNA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 19:02:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:d9:c9:dd:e5:86:d3:0d:63:f4:bb:b6:f5:64:9b:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08a297f8cfa1ce6d3fe2c526911c468a9a6318d0
Validity
Not Before: Oct 19 19:02:12 2025 GMT
Not After : Oct 20 19:02:12 2025 GMT
Subject: CN=febd5da9a266106a32f83f09f556a2df17085a06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:67:5f:cb:32:2e:9f:6d:27:99:3d:cc:02:5d:
f6:83:14:6d:c2:8c:1f:7f:4b:d3:cf:76:21:62:45:
68:c6:53:82:5b:47:b0:23:09:f5:45:9b:51:84:7d:
00:76:d9:49:1e:60:cd:52:af:e6:86:c9:44:2f:d8:
a9:8b:fa:d6:53:e3:50:64:1d:11:71:32:59:10:d5:
c0:42:21:84:4e:51:0a:54:87:3a:04:e8:8e:bd:fc:
f1:be:b5:e6:13:fb:5b:7e:25:bb:4f:9d:5a:b5:e7:
d0:38:94:e8:4b:a4:a1:84:22:0b:76:92:0e:5b:f8:
82:cd:a7:6c:5b:6b:46:6b:8f:42:15:32:b6:38:88:
2d:ba:37:fe:eb:4e:a9:53:d1:6e:06:92:86:d8:79:
7f:ee:eb:57:25:bc:ad:89:41:18:77:6c:59:23:a0:
4f:53:42:55:9d:b1:9e:e8:da:f5:fe:af:41:b9:8a:
18:63:9d:4e:7d:12:2e:03:bd:18:16:07:4a:ac:16:
94:8f:d3:9d:09:69:35:2b:22:ce:34:d8:ff:66:72:
3f:5e:2d:d0:2b:fa:93:3d:74:cf:70:d5:6b:d6:66:
05:7c:03:2d:22:a8:b3:81:88:09:4e:3d:66:65:d9:
a3:40:04:e7:3b:28:fb:a1:a8:32:9f:db:23:51:e4:
94:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:BD:5D:A9:A2:66:10:6A:32:F8:3F:09:F5:56:A2:DF:17:08:5A:06
X509v3 Authority Key Identifier:
keyid:08:A2:97:F8:CF:A1:CE:6D:3F:E2:C5:26:91:1C:46:8A:9A:63:18:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKKX-M-hzm0_4sUmkRxGippjGNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/5f153d-71d9-470a-ba27-971139514bb1/1/CKKX-M-hzm0_4sUmkRxGippjGNA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/5f153d-71d9-470a-ba27-971139514bb1/1/CKKX-M-hzm0_4sUmkRxGippjGNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
26:35:22:92:44:e5:fd:c3:20:b3:68:13:f3:d0:7e:88:94:67:
a1:a4:6b:2b:bb:af:5c:b9:83:77:37:1d:11:d6:a2:3e:24:fb:
c4:a9:88:75:da:62:f7:46:e9:be:93:ba:2a:3c:e5:9f:a1:89:
22:f9:fa:6c:eb:84:f1:73:f6:31:b9:14:85:47:fd:06:93:1c:
00:54:a9:98:8d:de:b1:3e:44:0f:04:c2:17:83:48:b5:d2:7c:
d0:bf:b9:84:da:fa:e6:fa:ff:b2:ba:89:16:44:dd:59:bc:d8:
df:8e:83:dd:d2:d4:2f:e3:39:dd:56:74:ab:0d:b0:d0:73:3b:
20:4d:b8:a7:64:c7:ab:50:a1:bc:de:01:19:a6:31:dc:ef:80:
02:20:c1:62:0e:7c:27:4d:8b:6a:1a:8e:69:3d:35:37:f6:c8:
b2:f2:0d:8a:59:c8:7f:da:d2:49:0d:a6:0c:f7:f0:f8:83:44:
37:ae:61:72:b7:22:b7:a1:4a:18:bf:dc:7c:e5:67:5a:e8:20:
c9:7c:79:2b:c6:96:98:32:70:4c:99:89:89:b2:14:7a:69:b6:
35:2c:0f:bd:ed:96:ac:50:6d:1a:c3:d8:cf:cb:74:51:29:fb:
65:32:e2:4b:9d:ff:94:14:62:68:22:ef:86:63:04:b4:ac:ab:
b6:78:5a:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92cnd5YbTDWP0u7b1ZJsWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YTI5N2Y4Y2ZhMWNlNmQzZmUyYzUyNjkxMWM0NjhhOWE2
MzE4ZDAwHhcNMjUxMDE5MTkwMjEyWhcNMjUxMDIwMTkwMjEyWjAzMTEwLwYDVQQD
EyhmZWJkNWRhOWEyNjYxMDZhMzJmODNmMDlmNTU2YTJkZjE3MDg1YTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmdfyzIun20nmT3MAl32gxRtwowf
f0vTz3YhYkVoxlOCW0ewIwn1RZtRhH0AdtlJHmDNUq/mhslEL9ipi/rWU+NQZB0R
cTJZENXAQiGETlEKVIc6BOiOvfzxvrXmE/tbfiW7T51atefQOJToS6ShhCILdpIO
W/iCzadsW2tGa49CFTK2OIgtujf+606pU9FuBpKG2Hl/7utXJbytiUEYd2xZI6BP
U0JVnbGe6Nr1/q9BuYoYY51OfRIuA70YFgdKrBaUj9OdCWk1KyLONNj/ZnI/Xi3Q
K/qTPXTPcNVr1mYFfAMtIqizgYgJTj1mZdmjQATnOyj7oagyn9sjUeSUYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP69XamiZhBqMvg/CfVWot8XCFoGMB8GA1UdIwQY
MBaAFAiil/jPoc5tP+LFJpEcRoqaYxjQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0tLWC1NLWh6bTBfNHNVbWtSeEdpcHBqR05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS81ZjE1M2QtNzFkOS00NzBhLWJhMjct
OTcxMTM5NTE0YmIxLzEvQ0tLWC1NLWh6bTBfNHNVbWtSeEdpcHBqR05BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS81ZjE1M2QtNzFkOS00NzBhLWJhMjctOTcxMTM5NTE0YmIx
LzEvQ0tLWC1NLWh6bTBfNHNVbWtSeEdpcHBqR05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJjUikkTl
/cMgs2gT89B+iJRnoaRrK7uvXLmDdzcdEdaiPiT7xKmIddpi90bpvpO6Kjzln6GJ
Ivn6bOuE8XP2MbkUhUf9BpMcAFSpmI3esT5EDwTCF4NItdJ80L+5hNr65vr/srqJ
FkTdWbzY346D3dLUL+M53VZ0qw2w0HM7IE24p2THq1ChvN4BGaYx3O+AAiDBYg58
J02LahqOaT01N/bIsvINilnIf9rSSQ2mDPfw+INEN65hcrcit6FKGL/cfOVnWugg
yXx5K8aWmDJwTJmJibIUemm2NSwPve2WrFBtGsPYz8t0USn7ZTLiS53/lBRiaCLv
hmMEtKyrtnha1g==
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:45:40 2025 by rpki-client