Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.mft
File: gKkhQIQztm6lCkAAqs4Q0q3QaoU.mft (raw, json)
Hash identifier: 1VtUxUPFx0QGVCcz3dAylvIxEmEvelJLj1pCmWErJ1A=
Subject key identifier: 4E:41:03:14:89:06:86:3B:1B:36:80:41:00:45:D0:2B:61:3B:1C:04
Authority key identifier: 80:A9:21:40:84:33:B6:6E:A5:0A:40:00:AA:CE:10:D2:AD:D0:6A:85
Certificate issuer: /CN=80a921408433b66ea50a4000aace10d2add06a85
Certificate serial: 0198D4E03D0BE738C33FC1A0BAB3AA773A32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gKkhQIQztm6lCkAAqs4Q0q3QaoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.mft
Manifest number: 04A1
Signing time: Sat 23 Aug 2025 03:02:02 +0000
Manifest this update: Sat 23 Aug 2025 03:02:02 +0000
Manifest next update: Sun 24 Aug 2025 03:02:02 +0000
Files and hashes: 1: gKkhQIQztm6lCkAAqs4Q0q3QaoU.crl (hash: nSldIZoPM75eM0VYForXUydk/YmDl51pkXUJI9y7c3A=)
2: knOts_9A8gA0IVqYk7a99kaTuRI.roa (hash: kCE50cAQS4imaI4wXAlSfVZnkYJchZQUkd+tGc4tAWc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.mft
rsync://rpki.ripe.net/repository/DEFAULT/gKkhQIQztm6lCkAAqs4Q0q3QaoU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:e0:3d:0b:e7:38:c3:3f:c1:a0:ba:b3:aa:77:3a:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80a921408433b66ea50a4000aace10d2add06a85
Validity
Not Before: Aug 23 03:02:02 2025 GMT
Not After : Aug 24 03:02:02 2025 GMT
Subject: CN=4e4103148906863b1b3680410045d02b613b1c04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1f:83:c3:90:f9:11:ee:a9:af:14:b7:72:1e:
e7:02:ca:7d:66:bd:82:e0:c8:2d:8f:1c:f1:76:cc:
ff:94:e2:53:97:79:82:8a:56:86:c9:dd:0f:58:6e:
93:82:1f:20:76:8c:75:84:72:7e:d1:bd:91:d4:01:
2e:a0:49:41:6b:0c:42:58:8e:33:24:f7:cd:6f:9c:
f6:ce:03:0e:ff:31:2d:84:eb:d5:e7:45:71:06:01:
08:69:ea:4e:7f:43:ca:74:1b:c0:1f:b0:92:10:ae:
ff:3b:d6:b0:62:2c:11:1d:5f:99:d2:59:dd:bb:27:
d7:27:eb:0d:a2:57:8c:4d:f9:f6:19:a6:56:48:74:
09:4b:db:51:74:91:88:c4:00:57:54:12:48:17:0c:
94:f6:cf:8e:9f:4d:6a:e1:6c:01:8e:5c:c3:86:dd:
a2:bf:fb:65:f6:9d:63:b1:cc:35:ab:4c:1e:e0:ad:
b8:63:78:ab:22:1c:4c:9d:f0:da:d5:d6:6a:e5:0c:
2f:40:f2:2c:fb:dc:f5:44:f2:10:7c:48:fa:33:2a:
13:bc:09:df:18:cd:4d:2e:81:15:ba:eb:76:f5:88:
b0:4f:6b:7f:79:8c:38:76:68:30:b8:ec:50:c6:69:
c7:18:df:bc:69:10:5e:78:fe:b0:21:c3:89:01:b3:
ac:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:41:03:14:89:06:86:3B:1B:36:80:41:00:45:D0:2B:61:3B:1C:04
X509v3 Authority Key Identifier:
keyid:80:A9:21:40:84:33:B6:6E:A5:0A:40:00:AA:CE:10:D2:AD:D0:6A:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gKkhQIQztm6lCkAAqs4Q0q3QaoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3c:26:6f:f5:7b:5b:e4:60:d9:ed:1b:b4:b2:0a:d0:20:8c:81:
2d:ba:30:5c:50:51:c4:bb:f8:87:ab:9b:24:9e:4f:f9:6f:26:
b2:8a:23:61:6a:03:ac:3b:d1:a7:2c:20:31:80:ea:e0:d6:03:
df:59:6c:e5:66:da:63:77:9d:8a:98:df:53:b5:c8:45:16:a2:
23:7b:96:1e:86:1b:71:f0:cb:08:80:32:25:fe:c8:a9:2c:4d:
6c:ac:18:d1:22:76:d1:ac:46:9f:90:da:df:7c:6e:68:b3:99:
4b:96:4d:04:47:f3:50:67:2a:38:50:f0:d8:a5:bc:f8:92:47:
76:14:cd:f2:27:c4:84:4f:25:71:1d:d4:2a:0c:5b:97:f7:e2:
24:28:2f:3e:e3:a7:81:e2:9d:8f:6d:dc:1f:5d:c4:9b:36:ad:
9e:5c:a2:18:a0:e3:d6:2a:a4:f8:23:0a:d7:d8:f4:09:77:a1:
cf:eb:d1:c9:2d:77:23:b0:36:0b:27:4f:61:95:38:65:09:0b:
cb:46:c8:d7:d6:ef:8e:ed:65:dc:ad:a9:6b:e9:b0:2e:4b:b9:
e8:5f:fa:23:4c:c3:4c:d1:59:92:9c:55:a7:05:7b:f8:10:7f:
8c:1f:a9:94:02:32:7c:ee:09:27:39:c8:0b:42:4f:50:9a:09:
cb:99:25:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4D0L5zjDP8GgurOqdzoyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwYTkyMTQwODQzM2I2NmVhNTBhNDAwMGFhY2UxMGQyYWRk
MDZhODUwHhcNMjUwODIzMDMwMjAyWhcNMjUwODI0MDMwMjAyWjAzMTEwLwYDVQQD
Eyg0ZTQxMDMxNDg5MDY4NjNiMWIzNjgwNDEwMDQ1ZDAyYjYxM2IxYzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApR+Dw5D5Ee6prxS3ch7nAsp9Zr2C
4Mgtjxzxdsz/lOJTl3mCilaGyd0PWG6Tgh8gdox1hHJ+0b2R1AEuoElBawxCWI4z
JPfNb5z2zgMO/zEthOvV50VxBgEIaepOf0PKdBvAH7CSEK7/O9awYiwRHV+Z0lnd
uyfXJ+sNoleMTfn2GaZWSHQJS9tRdJGIxABXVBJIFwyU9s+On01q4WwBjlzDht2i
v/tl9p1jscw1q0we4K24Y3irIhxMnfDa1dZq5QwvQPIs+9z1RPIQfEj6MyoTvAnf
GM1NLoEVuut29YiwT2t/eYw4dmgwuOxQxmnHGN+8aRBeeP6wIcOJAbOsEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE5BAxSJBoY7GzaAQQBF0CthOxwEMB8GA1UdIwQY
MBaAFICpIUCEM7ZupQpAAKrOENKt0GqFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0traFFJUXp0bTZsQ2tBQXFzNFEwcTNRYW9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9kODA5YjEtZmFmNy00MGMyLTk0YmEt
ZjE4MTVhNDFhMDMzLzEvZ0traFFJUXp0bTZsQ2tBQXFzNFEwcTNRYW9VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9kODA5YjEtZmFmNy00MGMyLTk0YmEtZjE4MTVhNDFhMDMz
LzEvZ0traFFJUXp0bTZsQ2tBQXFzNFEwcTNRYW9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPCZv9Xtb
5GDZ7Ru0sgrQIIyBLbowXFBRxLv4h6ubJJ5P+W8msoojYWoDrDvRpywgMYDq4NYD
31ls5WbaY3edipjfU7XIRRaiI3uWHoYbcfDLCIAyJf7IqSxNbKwY0SJ20axGn5Da
33xuaLOZS5ZNBEfzUGcqOFDw2KW8+JJHdhTN8ifEhE8lcR3UKgxbl/fiJCgvPuOn
geKdj23cH13EmzatnlyiGKDj1iqk+CMK19j0CXehz+vRyS13I7A2CydPYZU4ZQkL
y0bI19bvju1l3K2pa+mwLku56F/6I0zDTNFZkpxVpwV7+BB/jB+plAIyfO4JJznI
C0JPUJoJy5klFg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:23:06 2025 by rpki-client