Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/0c9d80-43a5-453a-ad25-4ee92ee1e0cd/1/knEFydH7BpBVSXH0ZMoh9KRcEGo.mft
File: knEFydH7BpBVSXH0ZMoh9KRcEGo.mft (raw, json)
Hash identifier: sCgXu18ISPBl2syq8P5uAX9gqVHzeps7CYCJULL+k9k=
Subject key identifier: 67:8E:7E:4A:DE:E5:E3:03:A8:B0:4D:C2:B4:11:5F:96:BE:29:C1:4D
Authority key identifier: 92:71:05:C9:D1:FB:06:90:55:49:71:F4:64:CA:21:F4:A4:5C:10:6A
Certificate issuer: /CN=927105c9d1fb0690554971f464ca21f4a45c106a
Certificate serial: 0198D7A92286856F334E3FB19EA2CEC10E6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/knEFydH7BpBVSXH0ZMoh9KRcEGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/0c9d80-43a5-453a-ad25-4ee92ee1e0cd/1/knEFydH7BpBVSXH0ZMoh9KRcEGo.mft
Manifest number: 0D21
Signing time: Sat 23 Aug 2025 16:00:42 +0000
Manifest this update: Sat 23 Aug 2025 16:00:42 +0000
Manifest next update: Sun 24 Aug 2025 16:00:42 +0000
Files and hashes: 1: ipQ4XqSuTpQi-re2ZW_sK3VHNnQ.roa (hash: poFgPveu8J3ZCztPp1XhAex84n6Kit4aGgJE9uzT+QM=)
2: knEFydH7BpBVSXH0ZMoh9KRcEGo.crl (hash: vp2nRclZBS5OrGEDMaYelkhb8hoaAiV/tkZ1hRfO9DM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/0c9d80-43a5-453a-ad25-4ee92ee1e0cd/1/knEFydH7BpBVSXH0ZMoh9KRcEGo.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/0c9d80-43a5-453a-ad25-4ee92ee1e0cd/1/knEFydH7BpBVSXH0ZMoh9KRcEGo.mft
rsync://rpki.ripe.net/repository/DEFAULT/knEFydH7BpBVSXH0ZMoh9KRcEGo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d7:a9:22:86:85:6f:33:4e:3f:b1:9e:a2:ce:c1:0e:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=927105c9d1fb0690554971f464ca21f4a45c106a
Validity
Not Before: Aug 23 16:00:42 2025 GMT
Not After : Aug 24 16:00:42 2025 GMT
Subject: CN=678e7e4adee5e303a8b04dc2b4115f96be29c14d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:c5:fc:03:08:cd:ee:bc:91:1f:4f:30:8c:5a:
5d:7f:32:e4:67:71:3b:99:32:c0:cd:b1:bb:8d:f7:
fc:f4:ad:d4:a4:41:e9:7d:0d:93:2e:16:d0:41:9c:
53:26:0a:f5:ec:8f:6c:07:81:fa:23:90:3a:2d:b2:
48:38:bf:ce:a9:c2:d9:a6:ba:b0:6d:6c:06:3b:d5:
b2:29:be:7b:87:89:b7:75:13:86:a3:b7:6d:d8:2a:
7c:1b:b8:0b:2a:2a:c2:3e:e6:37:23:59:38:31:49:
2d:84:82:ab:97:91:10:b5:f5:07:88:87:90:24:39:
67:2b:4a:c8:2b:5b:46:d0:45:b4:d3:12:bb:cc:3e:
fb:0c:ab:25:4b:60:17:e4:9d:9e:b6:c3:5c:af:17:
0e:1c:75:02:40:e3:44:63:84:ba:6f:7f:55:56:cf:
de:c1:c2:98:50:46:06:1d:a7:60:13:31:71:3a:d1:
89:20:bc:2d:5e:d6:01:f9:19:17:1b:c1:c3:dd:9b:
fc:bc:d0:cc:47:a6:b5:d3:0c:48:d8:f0:33:5c:84:
6f:07:f3:b0:af:fa:90:0a:9a:97:99:3c:2c:1f:d7:
07:37:ae:c3:5f:09:94:56:a7:1e:54:b2:d9:f5:a5:
75:b5:08:d6:bd:61:62:d4:69:d7:ad:b9:31:30:73:
25:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:8E:7E:4A:DE:E5:E3:03:A8:B0:4D:C2:B4:11:5F:96:BE:29:C1:4D
X509v3 Authority Key Identifier:
keyid:92:71:05:C9:D1:FB:06:90:55:49:71:F4:64:CA:21:F4:A4:5C:10:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/knEFydH7BpBVSXH0ZMoh9KRcEGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/0c9d80-43a5-453a-ad25-4ee92ee1e0cd/1/knEFydH7BpBVSXH0ZMoh9KRcEGo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/0c9d80-43a5-453a-ad25-4ee92ee1e0cd/1/knEFydH7BpBVSXH0ZMoh9KRcEGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
40:bc:d0:f9:f0:54:7a:1b:04:27:07:6a:07:84:b8:7a:9e:64:
ea:9f:bf:00:ec:cc:ba:93:6f:49:92:5d:89:67:fc:1c:43:18:
20:e8:43:bf:63:25:79:05:d1:a8:08:a9:a8:b8:33:f4:49:47:
76:8d:e7:37:94:d2:1d:70:56:25:39:db:65:2a:97:40:d0:34:
7a:73:da:62:10:92:58:32:42:f5:f8:9a:66:ff:0e:8d:51:de:
17:4f:8f:be:d8:9f:1b:82:97:56:7a:8c:89:d8:bc:44:43:76:
f3:9c:df:5b:fb:55:82:62:68:2f:76:40:21:d8:5a:e1:44:62:
69:f5:8b:03:fa:48:ab:0c:5d:8e:7d:eb:1e:52:04:2f:0c:2f:
d2:fd:fe:55:84:63:2f:3f:29:33:45:77:31:64:dd:7f:24:01:
b0:1d:a4:d8:dd:6b:2e:5c:a8:c1:d7:8a:83:f9:0c:07:2d:fc:
c8:09:69:97:2a:81:ee:d3:24:52:2c:47:ab:b0:33:76:e4:3c:
10:00:9e:d9:1c:97:b4:a7:7d:e0:b7:83:9a:9b:aa:3e:32:93:
7d:0e:da:7f:4f:07:eb:b2:5c:7c:47:96:1a:a1:50:c0:97:fe:
dc:4c:ec:ea:f1:0e:00:5b:18:d3:bb:5d:fe:45:8c:ea:af:28:
2e:2f:52:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXqSKGhW8zTj+xnqLOwQ5qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNzEwNWM5ZDFmYjA2OTA1NTQ5NzFmNDY0Y2EyMWY0YTQ1
YzEwNmEwHhcNMjUwODIzMTYwMDQyWhcNMjUwODI0MTYwMDQyWjAzMTEwLwYDVQQD
Eyg2NzhlN2U0YWRlZTVlMzAzYThiMDRkYzJiNDExNWY5NmJlMjljMTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4MX8AwjN7ryRH08wjFpdfzLkZ3E7
mTLAzbG7jff89K3UpEHpfQ2TLhbQQZxTJgr17I9sB4H6I5A6LbJIOL/OqcLZprqw
bWwGO9WyKb57h4m3dROGo7dt2Cp8G7gLKirCPuY3I1k4MUkthIKrl5EQtfUHiIeQ
JDlnK0rIK1tG0EW00xK7zD77DKslS2AX5J2etsNcrxcOHHUCQONEY4S6b39VVs/e
wcKYUEYGHadgEzFxOtGJILwtXtYB+RkXG8HD3Zv8vNDMR6a10wxI2PAzXIRvB/Ow
r/qQCpqXmTwsH9cHN67DXwmUVqceVLLZ9aV1tQjWvWFi1GnXrbkxMHMliwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGeOfkre5eMDqLBNwrQRX5a+KcFNMB8GA1UdIwQY
MBaAFJJxBcnR+waQVUlx9GTKIfSkXBBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva25FRnlkSDdCcEJWU1hIMFpNb2g5S1JjRUdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8wYzlkODAtNDNhNS00NTNhLWFkMjUt
NGVlOTJlZTFlMGNkLzEva25FRnlkSDdCcEJWU1hIMFpNb2g5S1JjRUdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8wYzlkODAtNDNhNS00NTNhLWFkMjUtNGVlOTJlZTFlMGNk
LzEva25FRnlkSDdCcEJWU1hIMFpNb2g5S1JjRUdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQLzQ+fBU
ehsEJwdqB4S4ep5k6p+/AOzMupNvSZJdiWf8HEMYIOhDv2MleQXRqAipqLgz9ElH
do3nN5TSHXBWJTnbZSqXQNA0enPaYhCSWDJC9fiaZv8OjVHeF0+PvtifG4KXVnqM
idi8REN285zfW/tVgmJoL3ZAIdha4URiafWLA/pIqwxdjn3rHlIELwwv0v3+VYRj
Lz8pM0V3MWTdfyQBsB2k2N1rLlyowdeKg/kMBy38yAlplyqB7tMkUixHq7AzduQ8
EACe2RyXtKd94LeDmpuqPjKTfQ7af08H67JcfEeWGqFQwJf+3Ezs6vEOAFsY07td
/kWM6q8oLi9SuA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:59:15 2025 by rpki-client