Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/0c9d80-43a5-453a-ad25-4ee92ee1e0cd/1/knEFydH7BpBVSXH0ZMoh9KRcEGo.mft
File: knEFydH7BpBVSXH0ZMoh9KRcEGo.mft (raw, json)
Hash identifier: 3M2l782S+flONKqS3a7xcLqLHe0Lz4ApBV9uX5KspYU=
Subject key identifier: 32:3F:49:C9:12:CE:95:B2:F5:8E:04:6C:D3:E7:CD:AE:A9:C9:B3:52
Authority key identifier: 92:71:05:C9:D1:FB:06:90:55:49:71:F4:64:CA:21:F4:A4:5C:10:6A
Certificate issuer: /CN=927105c9d1fb0690554971f464ca21f4a45c106a
Certificate serial: 0199FF22D259E7370D555EB1BCAD56EE389A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/knEFydH7BpBVSXH0ZMoh9KRcEGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/0c9d80-43a5-453a-ad25-4ee92ee1e0cd/1/knEFydH7BpBVSXH0ZMoh9KRcEGo.mft
Manifest number: 0DBA
Signing time: Mon 20 Oct 2025 01:01:36 +0000
Manifest this update: Mon 20 Oct 2025 01:01:36 +0000
Manifest next update: Tue 21 Oct 2025 01:01:36 +0000
Files and hashes: 1: ipQ4XqSuTpQi-re2ZW_sK3VHNnQ.roa (hash: poFgPveu8J3ZCztPp1XhAex84n6Kit4aGgJE9uzT+QM=)
2: knEFydH7BpBVSXH0ZMoh9KRcEGo.crl (hash: 0zNBJGcHrAaWhzSsD+D+lNDNOXP5uIA4Iex5s1fJEQM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/0c9d80-43a5-453a-ad25-4ee92ee1e0cd/1/knEFydH7BpBVSXH0ZMoh9KRcEGo.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/0c9d80-43a5-453a-ad25-4ee92ee1e0cd/1/knEFydH7BpBVSXH0ZMoh9KRcEGo.mft
rsync://rpki.ripe.net/repository/DEFAULT/knEFydH7BpBVSXH0ZMoh9KRcEGo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:22:d2:59:e7:37:0d:55:5e:b1:bc:ad:56:ee:38:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=927105c9d1fb0690554971f464ca21f4a45c106a
Validity
Not Before: Oct 20 01:01:36 2025 GMT
Not After : Oct 21 01:01:36 2025 GMT
Subject: CN=323f49c912ce95b2f58e046cd3e7cdaea9c9b352
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:4c:7d:0e:69:f4:17:86:a5:a4:e1:9d:c1:c4:
3d:d9:a9:6a:2e:f0:2f:2f:43:9a:db:ec:44:b0:a3:
60:f5:1d:7a:58:7c:83:27:a5:31:7f:4f:77:fe:c4:
60:7b:d3:60:c5:a8:31:e8:0a:ec:c9:c1:8e:5b:4f:
08:f4:35:90:e9:f2:25:f8:c8:61:ce:3e:e9:a4:88:
bb:b4:ed:b8:d0:0c:77:9c:88:43:2c:cc:ff:02:75:
32:3e:82:a5:01:68:48:8b:07:c8:9d:5b:fa:62:1c:
75:b6:36:b2:19:09:96:54:ea:e5:4f:d7:48:75:24:
94:b4:31:8b:e3:3c:d0:2e:16:ee:a6:cb:14:50:a9:
a0:30:35:93:ac:7c:46:f5:6b:fa:8f:ed:0f:4a:29:
bb:21:a2:4c:6f:c4:cf:dc:cb:64:f6:d3:78:e9:32:
95:0d:49:f4:69:66:eb:66:9a:71:21:1e:f9:d0:7f:
12:5c:c4:4e:6a:ef:54:26:55:83:33:31:35:26:ee:
d3:a3:26:93:fc:d3:c2:8a:f6:d5:2d:9c:85:ca:4e:
89:dd:19:fe:ee:b5:f1:74:61:ca:02:f7:45:22:d7:
50:fb:a6:7b:01:88:3d:34:94:d4:92:95:cb:f2:8c:
0d:18:9a:6e:57:92:cc:16:a7:1f:3d:b3:7c:65:cb:
19:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:3F:49:C9:12:CE:95:B2:F5:8E:04:6C:D3:E7:CD:AE:A9:C9:B3:52
X509v3 Authority Key Identifier:
keyid:92:71:05:C9:D1:FB:06:90:55:49:71:F4:64:CA:21:F4:A4:5C:10:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/knEFydH7BpBVSXH0ZMoh9KRcEGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/0c9d80-43a5-453a-ad25-4ee92ee1e0cd/1/knEFydH7BpBVSXH0ZMoh9KRcEGo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/0c9d80-43a5-453a-ad25-4ee92ee1e0cd/1/knEFydH7BpBVSXH0ZMoh9KRcEGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
67:ec:bd:fa:08:8a:bd:e3:ac:5e:63:74:33:c5:03:35:70:89:
8f:aa:1f:6b:66:a5:0b:e2:de:ae:1a:60:75:e8:40:d4:61:56:
59:03:ea:79:c2:55:a9:7c:e7:c2:0a:55:38:d2:9e:a1:75:12:
4f:a9:68:84:b7:e2:5e:e3:85:d3:21:52:4a:cd:74:cc:d1:42:
1a:07:21:62:c8:f5:71:1d:79:af:eb:86:5a:59:25:c0:8c:65:
ba:3c:cd:bd:2d:7d:16:10:cd:3a:8d:d7:3e:7c:23:e3:bb:f4:
27:b3:ea:4c:13:d9:c3:d2:e0:78:38:b5:f0:a1:c3:d1:7a:3d:
ae:38:20:e4:a8:7a:f7:9a:0a:2c:0b:2c:d9:b5:39:43:3f:e8:
80:c6:d3:f1:b5:33:3d:2d:35:b9:c5:c5:a2:51:a9:20:5b:53:
e1:47:a8:a1:a9:2c:c7:86:90:4b:9d:f5:36:0d:e7:2e:f4:6a:
6a:25:cb:98:4f:ea:80:da:fc:5b:3a:13:a5:aa:55:7f:ab:fb:
b1:58:69:75:a8:7d:22:89:b1:3c:f4:37:ef:8e:0c:68:31:2f:
cf:88:cb:3b:63:61:38:69:20:ad:a9:f4:a3:12:7e:d3:61:09:
72:41:42:63:fe:b0:f9:6b:56:77:9d:37:cc:03:f0:d7:1d:87:
9f:df:61:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/ItJZ5zcNVV6xvK1W7jiaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNzEwNWM5ZDFmYjA2OTA1NTQ5NzFmNDY0Y2EyMWY0YTQ1
YzEwNmEwHhcNMjUxMDIwMDEwMTM2WhcNMjUxMDIxMDEwMTM2WjAzMTEwLwYDVQQD
EygzMjNmNDljOTEyY2U5NWIyZjU4ZTA0NmNkM2U3Y2RhZWE5YzliMzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzUx9Dmn0F4alpOGdwcQ92alqLvAv
L0Oa2+xEsKNg9R16WHyDJ6Uxf093/sRge9Ngxagx6ArsycGOW08I9DWQ6fIl+Mhh
zj7ppIi7tO240Ax3nIhDLMz/AnUyPoKlAWhIiwfInVv6Yhx1tjayGQmWVOrlT9dI
dSSUtDGL4zzQLhbupssUUKmgMDWTrHxG9Wv6j+0PSim7IaJMb8TP3Mtk9tN46TKV
DUn0aWbrZppxIR750H8SXMROau9UJlWDMzE1Ju7ToyaT/NPCivbVLZyFyk6J3Rn+
7rXxdGHKAvdFItdQ+6Z7AYg9NJTUkpXL8owNGJpuV5LMFqcfPbN8ZcsZPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDI/SckSzpWy9Y4EbNPnza6pybNSMB8GA1UdIwQY
MBaAFJJxBcnR+waQVUlx9GTKIfSkXBBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva25FRnlkSDdCcEJWU1hIMFpNb2g5S1JjRUdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8wYzlkODAtNDNhNS00NTNhLWFkMjUt
NGVlOTJlZTFlMGNkLzEva25FRnlkSDdCcEJWU1hIMFpNb2g5S1JjRUdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8wYzlkODAtNDNhNS00NTNhLWFkMjUtNGVlOTJlZTFlMGNk
LzEva25FRnlkSDdCcEJWU1hIMFpNb2g5S1JjRUdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ+y9+giK
veOsXmN0M8UDNXCJj6ofa2alC+LerhpgdehA1GFWWQPqecJVqXznwgpVONKeoXUS
T6lohLfiXuOF0yFSSs10zNFCGgchYsj1cR15r+uGWlklwIxlujzNvS19FhDNOo3X
Pnwj47v0J7PqTBPZw9LgeDi18KHD0Xo9rjgg5Kh695oKLAss2bU5Qz/ogMbT8bUz
PS01ucXFolGpIFtT4Ueooaksx4aQS531Ng3nLvRqaiXLmE/qgNr8WzoTpapVf6v7
sVhpdah9IomxPPQ3744MaDEvz4jLO2NhOGkgran0oxJ+02EJckFCY/6w+WtWd503
zAPw1x2Hn99hRg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 06:55:47 2025 by rpki-client