Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b587e9-33a9-4a86-8cd9-e57cc81f5233/1/1kgpREOu0W0GuGrxT1pfClCDd0o.mft
File: 1kgpREOu0W0GuGrxT1pfClCDd0o.mft (raw, json)
Hash identifier: YL4LUU17iGS+RQ2zlmA1R7qhi9mEGWixyKgLbRsdSks=
Subject key identifier: FA:C4:14:A1:67:93:7D:5F:A3:A9:72:14:16:24:2B:A5:FC:EA:CC:97
Authority key identifier: D6:48:29:44:43:AE:D1:6D:06:B8:6A:F1:4F:5A:5F:0A:50:83:77:4A
Certificate issuer: /CN=d648294443aed16d06b86af14f5a5f0a5083774a
Certificate serial: 019A00354FB6AA8C8D2A3511F1040F9EA3AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1kgpREOu0W0GuGrxT1pfClCDd0o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b587e9-33a9-4a86-8cd9-e57cc81f5233/1/1kgpREOu0W0GuGrxT1pfClCDd0o.mft
Manifest number: 16E3
Signing time: Mon 20 Oct 2025 06:01:25 +0000
Manifest this update: Mon 20 Oct 2025 06:01:25 +0000
Manifest next update: Tue 21 Oct 2025 06:01:25 +0000
Files and hashes: 1: 1kgpREOu0W0GuGrxT1pfClCDd0o.crl (hash: 2Q/vaCP6hxvFLetGx9LSiKHaZQpTyOaK41Gm4bRj7mI=)
2: HUiYQLYoRn-P8-AKIUmGnSk_fUQ.roa (hash: ozdi5qHnRcow/nH1EVH0214AE7vAhAxmdAJcuT+IzE4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/b587e9-33a9-4a86-8cd9-e57cc81f5233/1/1kgpREOu0W0GuGrxT1pfClCDd0o.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/b587e9-33a9-4a86-8cd9-e57cc81f5233/1/1kgpREOu0W0GuGrxT1pfClCDd0o.mft
rsync://rpki.ripe.net/repository/DEFAULT/1kgpREOu0W0GuGrxT1pfClCDd0o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:00:35:4f:b6:aa:8c:8d:2a:35:11:f1:04:0f:9e:a3:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d648294443aed16d06b86af14f5a5f0a5083774a
Validity
Not Before: Oct 20 06:01:25 2025 GMT
Not After : Oct 21 06:01:25 2025 GMT
Subject: CN=fac414a167937d5fa3a9721416242ba5fceacc97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:5e:78:2f:f9:ee:53:c3:3c:2f:ad:0e:21:b4:
ba:e2:b1:ba:16:14:b7:84:b0:c8:5b:d0:04:f9:18:
19:cf:7c:23:ba:e5:66:a7:13:cc:77:95:4f:34:66:
6b:05:7a:e9:d9:ce:24:9a:17:3f:9f:cb:ea:ca:96:
1a:57:9c:49:23:7d:34:23:d1:24:a6:8f:97:65:71:
03:db:c0:f3:91:1b:3b:13:0e:22:ad:e5:b0:97:65:
7e:43:7e:cd:c4:5d:f3:7a:32:fc:2c:9a:92:7b:dd:
d1:0c:4e:1f:2d:b7:e4:8c:55:42:4f:42:54:a7:1f:
4c:8d:ca:d1:68:e0:a3:f1:df:83:f6:f2:a1:27:c1:
28:2c:5d:ad:49:62:3f:b7:5d:79:61:37:b2:c5:7c:
d0:7f:01:eb:88:aa:61:3f:0f:65:29:d1:ab:a1:93:
bb:44:57:71:a3:f5:40:1b:70:b1:62:a2:ad:39:cd:
f3:5f:e6:72:6f:e2:00:2b:f8:24:e5:65:ea:99:6c:
2f:41:8f:d0:40:80:24:e8:9e:34:29:a5:f6:90:8c:
e3:67:a2:a6:2b:f5:3a:27:e5:29:18:38:6f:c2:c5:
54:60:37:6a:3d:a7:79:4e:64:de:60:4a:51:35:56:
2a:4f:0b:c6:91:3b:c6:99:72:13:1f:5d:3c:34:4c:
be:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:C4:14:A1:67:93:7D:5F:A3:A9:72:14:16:24:2B:A5:FC:EA:CC:97
X509v3 Authority Key Identifier:
keyid:D6:48:29:44:43:AE:D1:6D:06:B8:6A:F1:4F:5A:5F:0A:50:83:77:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1kgpREOu0W0GuGrxT1pfClCDd0o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b587e9-33a9-4a86-8cd9-e57cc81f5233/1/1kgpREOu0W0GuGrxT1pfClCDd0o.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b587e9-33a9-4a86-8cd9-e57cc81f5233/1/1kgpREOu0W0GuGrxT1pfClCDd0o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
d3:19:f2:f5:70:86:ac:15:34:9d:4c:3a:91:2f:f7:a3:a8:ed:
32:42:19:7a:e0:ed:c9:9c:2a:81:4b:aa:a9:90:b0:b4:0c:2f:
05:0a:fb:26:08:82:cd:1f:b1:4d:f1:77:21:45:b4:ce:6d:97:
12:ce:08:f1:85:d5:b2:ab:2f:2f:d0:3a:0e:46:5e:13:89:88:
16:a6:78:e7:b3:71:39:5c:32:30:d0:d4:4c:6a:9b:91:73:01:
8f:10:a8:e5:8e:36:08:61:c9:9d:93:60:04:14:63:a7:8a:02:
d6:38:25:d1:d6:88:71:76:bc:72:b2:cb:2c:33:a3:52:a3:f9:
ed:5e:cb:d5:14:53:6f:50:b7:81:fc:ff:bb:cc:60:55:3d:29:
79:1d:c7:eb:23:42:3f:45:fe:f4:b3:15:78:3d:c5:84:25:6a:
05:84:3f:ce:03:a9:fe:20:e7:a7:38:fa:0a:56:d8:5a:aa:1b:
fb:c4:70:df:fa:bf:6c:3f:78:b4:d8:a4:c4:83:37:47:37:d2:
0d:10:66:7b:77:1e:e0:dd:92:c4:f1:af:92:25:48:4c:b9:e9:
43:80:3d:68:f0:bc:0b:1e:8e:4e:40:2f:56:e9:bd:97:64:ed:
92:4f:13:57:ab:8d:d9:a2:e7:d3:15:b5:a0:6b:be:f7:a9:03:
c0:60:22:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoANU+2qoyNKjUR8QQPnqOtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NDgyOTQ0NDNhZWQxNmQwNmI4NmFmMTRmNWE1ZjBhNTA4
Mzc3NGEwHhcNMjUxMDIwMDYwMTI1WhcNMjUxMDIxMDYwMTI1WjAzMTEwLwYDVQQD
EyhmYWM0MTRhMTY3OTM3ZDVmYTNhOTcyMTQxNjI0MmJhNWZjZWFjYzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4V54L/nuU8M8L60OIbS64rG6FhS3
hLDIW9AE+RgZz3wjuuVmpxPMd5VPNGZrBXrp2c4kmhc/n8vqypYaV5xJI300I9Ek
po+XZXED28DzkRs7Ew4ireWwl2V+Q37NxF3zejL8LJqSe93RDE4fLbfkjFVCT0JU
px9MjcrRaOCj8d+D9vKhJ8EoLF2tSWI/t115YTeyxXzQfwHriKphPw9lKdGroZO7
RFdxo/VAG3CxYqKtOc3zX+Zyb+IAK/gk5WXqmWwvQY/QQIAk6J40KaX2kIzjZ6Km
K/U6J+UpGDhvwsVUYDdqPad5TmTeYEpRNVYqTwvGkTvGmXITH108NEy+MwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPrEFKFnk31fo6lyFBYkK6X86syXMB8GA1UdIwQY
MBaAFNZIKURDrtFtBrhq8U9aXwpQg3dKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWtncFJFT3UwVzBHdUdyeFQxcGZDbENEZDBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNTg3ZTktMzNhOS00YTg2LThjZDkt
ZTU3Y2M4MWY1MjMzLzEvMWtncFJFT3UwVzBHdUdyeFQxcGZDbENEZDBvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iNTg3ZTktMzNhOS00YTg2LThjZDktZTU3Y2M4MWY1MjMz
LzEvMWtncFJFT3UwVzBHdUdyeFQxcGZDbENEZDBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0xny9XCG
rBU0nUw6kS/3o6jtMkIZeuDtyZwqgUuqqZCwtAwvBQr7JgiCzR+xTfF3IUW0zm2X
Es4I8YXVsqsvL9A6DkZeE4mIFqZ457NxOVwyMNDUTGqbkXMBjxCo5Y42CGHJnZNg
BBRjp4oC1jgl0daIcXa8crLLLDOjUqP57V7L1RRTb1C3gfz/u8xgVT0peR3H6yNC
P0X+9LMVeD3FhCVqBYQ/zgOp/iDnpzj6ClbYWqob+8Rw3/q/bD94tNikxIM3RzfS
DRBme3ce4N2SxPGvkiVITLnpQ4A9aPC8Cx6OTkAvVum9l2Ttkk8TV6uN2aLn0xW1
oGu+96kDwGAiMg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:33:35 2025 by rpki-client