Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/da66c0-b9f8-4094-a935-580d876885a1/1/fKWYMippkFpcbgKVoMoftVZmwUs.mft
File: fKWYMippkFpcbgKVoMoftVZmwUs.mft (raw, json)
Hash identifier: yh8l+4BON3Epa3zLYVe3Xg382HHAr1IyGLgZJLK1Kj0=
Subject key identifier: 5F:75:F4:31:7D:C3:A1:BD:E5:94:DA:42:F3:32:58:D4:A0:BB:66:EA
Authority key identifier: 7C:A5:98:32:2A:69:90:5A:5C:6E:02:95:A0:CA:1F:B5:56:66:C1:4B
Certificate issuer: /CN=7ca598322a69905a5c6e0295a0ca1fb55666c14b
Certificate serial: 0199FBB36AA4065432CBD0F4681404828213
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fKWYMippkFpcbgKVoMoftVZmwUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/da66c0-b9f8-4094-a935-580d876885a1/1/fKWYMippkFpcbgKVoMoftVZmwUs.mft
Manifest number: 0687
Signing time: Sun 19 Oct 2025 09:01:03 +0000
Manifest this update: Sun 19 Oct 2025 09:01:03 +0000
Manifest next update: Mon 20 Oct 2025 09:01:03 +0000
Files and hashes: 1: fKWYMippkFpcbgKVoMoftVZmwUs.crl (hash: 0+CrRSShK81Wk0538UF9RPYMMSMWNpBtyFtkxG4Lcms=)
2: yLICF7LxPJqKW0bXadmbwJKdAUs.roa (hash: N1HQgyFphv945BF0xwHybuVM2LsGQ66M8rtUi6w9zMc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/da66c0-b9f8-4094-a935-580d876885a1/1/fKWYMippkFpcbgKVoMoftVZmwUs.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/da66c0-b9f8-4094-a935-580d876885a1/1/fKWYMippkFpcbgKVoMoftVZmwUs.mft
rsync://rpki.ripe.net/repository/DEFAULT/fKWYMippkFpcbgKVoMoftVZmwUs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:b3:6a:a4:06:54:32:cb:d0:f4:68:14:04:82:82:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ca598322a69905a5c6e0295a0ca1fb55666c14b
Validity
Not Before: Oct 19 09:01:03 2025 GMT
Not After : Oct 20 09:01:03 2025 GMT
Subject: CN=5f75f4317dc3a1bde594da42f33258d4a0bb66ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7b:57:85:a4:fc:2d:e9:65:0a:38:ec:d7:55:
08:39:e0:99:ac:37:43:cf:c7:05:a6:df:50:f8:ae:
20:0b:ff:9f:ed:63:3d:4b:9d:71:9c:5d:ef:b5:90:
8a:b8:7a:c1:41:fd:cd:bf:9a:8f:2d:28:cd:4a:ef:
88:e7:b7:93:bd:ed:38:f2:7c:67:82:98:ce:4e:b0:
d8:3f:74:21:8e:5d:92:57:1b:f7:22:de:ae:c6:98:
2b:cf:04:2d:b4:77:ce:15:25:21:7a:92:df:7f:df:
9a:21:66:2e:00:5d:c4:1e:b4:cb:34:56:b5:b5:61:
09:7c:48:5c:6d:44:7d:ce:01:be:c4:1b:bc:45:88:
e8:ad:c1:f0:29:34:9c:5f:65:06:c8:50:b1:a0:82:
b0:34:49:fd:a7:2a:6a:7b:b4:1a:c1:a8:fe:b9:ad:
b4:e1:1f:6a:32:66:3d:1f:65:c5:95:9d:04:00:42:
e6:99:b3:b3:02:c4:bc:f5:4c:43:1f:fa:45:b8:9b:
6b:3a:3d:0a:fa:68:b5:6b:2f:95:db:1b:bc:b1:98:
70:c2:ba:af:90:9c:8b:f4:cd:bd:68:a9:b0:f2:94:
00:f9:76:a7:51:e8:28:10:d5:d0:07:a3:f3:c0:ee:
7b:68:ff:dd:e5:bf:ed:87:6d:93:83:27:a8:bd:f8:
94:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:75:F4:31:7D:C3:A1:BD:E5:94:DA:42:F3:32:58:D4:A0:BB:66:EA
X509v3 Authority Key Identifier:
keyid:7C:A5:98:32:2A:69:90:5A:5C:6E:02:95:A0:CA:1F:B5:56:66:C1:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fKWYMippkFpcbgKVoMoftVZmwUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/da66c0-b9f8-4094-a935-580d876885a1/1/fKWYMippkFpcbgKVoMoftVZmwUs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/da66c0-b9f8-4094-a935-580d876885a1/1/fKWYMippkFpcbgKVoMoftVZmwUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8f:ac:25:52:80:17:c5:99:d0:f7:ff:92:91:ed:26:bb:29:cb:
06:f6:ae:04:90:16:37:f5:d5:8f:14:00:b1:63:41:24:7a:7c:
9d:ef:d4:19:5d:1b:e7:15:07:43:33:c2:46:6b:ea:1d:77:f9:
6f:3f:31:f3:f8:8f:06:48:19:2b:c1:97:33:47:f9:36:d5:a0:
ee:9a:48:71:99:ac:ff:f2:84:bc:2d:92:d1:0b:92:0d:bd:95:
23:64:9f:fa:64:b4:f1:a7:4d:d5:23:19:eb:ca:e3:f2:7a:cd:
70:fb:5e:bb:8f:8a:d3:8a:11:45:7d:b7:5a:cc:e0:47:4c:ac:
06:d1:d3:62:5f:54:80:38:62:67:e9:c8:a7:04:fb:7a:a2:66:
d1:85:f1:7e:93:b8:da:82:7a:3d:0a:f5:b9:50:43:ad:51:85:
40:33:a4:57:a1:75:ad:fc:96:b3:0d:86:c8:08:c6:36:81:72:
ba:84:a3:af:65:a2:79:fb:10:2a:6f:b7:6f:42:3c:f3:54:94:
18:db:47:8a:9e:29:73:7d:eb:28:41:7d:06:91:70:18:21:63:
ad:75:ca:76:3b:d1:f2:64:65:cd:9f:48:63:f9:1c:4b:0e:cb:
6f:c9:83:f8:88:9c:f6:68:2d:f5:0a:f0:1f:a2:20:ea:25:66:
bb:ae:5c:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7s2qkBlQyy9D0aBQEgoITMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjYTU5ODMyMmE2OTkwNWE1YzZlMDI5NWEwY2ExZmI1NTY2
NmMxNGIwHhcNMjUxMDE5MDkwMTAzWhcNMjUxMDIwMDkwMTAzWjAzMTEwLwYDVQQD
Eyg1Zjc1ZjQzMTdkYzNhMWJkZTU5NGRhNDJmMzMyNThkNGEwYmI2NmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHtXhaT8LellCjjs11UIOeCZrDdD
z8cFpt9Q+K4gC/+f7WM9S51xnF3vtZCKuHrBQf3Nv5qPLSjNSu+I57eTve048nxn
gpjOTrDYP3Qhjl2SVxv3It6uxpgrzwQttHfOFSUhepLff9+aIWYuAF3EHrTLNFa1
tWEJfEhcbUR9zgG+xBu8RYjorcHwKTScX2UGyFCxoIKwNEn9pypqe7Qawaj+ua20
4R9qMmY9H2XFlZ0EAELmmbOzAsS89UxDH/pFuJtrOj0K+mi1ay+V2xu8sZhwwrqv
kJyL9M29aKmw8pQA+XanUegoENXQB6PzwO57aP/d5b/th22TgyeovfiU4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF919DF9w6G95ZTaQvMyWNSgu2bqMB8GA1UdIwQY
MBaAFHylmDIqaZBaXG4ClaDKH7VWZsFLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZktXWU1pcHBrRnBjYmdLVm9Nb2Z0Vlptd1VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9kYTY2YzAtYjlmOC00MDk0LWE5MzUt
NTgwZDg3Njg4NWExLzEvZktXWU1pcHBrRnBjYmdLVm9Nb2Z0Vlptd1VzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9kYTY2YzAtYjlmOC00MDk0LWE5MzUtNTgwZDg3Njg4NWEx
LzEvZktXWU1pcHBrRnBjYmdLVm9Nb2Z0Vlptd1VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj6wlUoAX
xZnQ9/+Ske0muynLBvauBJAWN/XVjxQAsWNBJHp8ne/UGV0b5xUHQzPCRmvqHXf5
bz8x8/iPBkgZK8GXM0f5NtWg7ppIcZms//KEvC2S0QuSDb2VI2Sf+mS08adN1SMZ
68rj8nrNcPteu4+K04oRRX23WszgR0ysBtHTYl9UgDhiZ+nIpwT7eqJm0YXxfpO4
2oJ6PQr1uVBDrVGFQDOkV6F1rfyWsw2GyAjGNoFyuoSjr2WiefsQKm+3b0I881SU
GNtHip4pc33rKEF9BpFwGCFjrXXKdjvR8mRlzZ9IY/kcSw7Lb8mD+Iic9mgt9Qrw
H6Ig6iVmu65cCQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:07:58 2025 by rpki-client