Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/kGQm9IPDaqzahzIySriK1YAMmi0.mft
File: kGQm9IPDaqzahzIySriK1YAMmi0.mft (raw, json)
Hash identifier: FCRWQTDZ7l7YRyD2Pci9ubi9w/wEOqXim83re+x/bgE=
Subject key identifier: 9C:6F:1B:DA:A3:8B:87:25:7F:F5:23:81:AE:D9:AF:E7:1F:4F:CC:B2
Authority key identifier: 90:64:26:F4:83:C3:6A:AC:DA:87:32:32:4A:B8:8A:D5:80:0C:9A:2D
Certificate issuer: /CN=906426f483c36aacda8732324ab88ad5800c9a2d
Certificate serial: 019A7225F9967ADAFACF82B29A8AAE59CF4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kGQm9IPDaqzahzIySriK1YAMmi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/kGQm9IPDaqzahzIySriK1YAMmi0.mft
Manifest number: 0C42
Signing time: Tue 11 Nov 2025 09:01:22 +0000
Manifest this update: Tue 11 Nov 2025 09:01:22 +0000
Manifest next update: Wed 12 Nov 2025 09:01:22 +0000
Files and hashes: 1: gLZLrbhpO6mWtu79cX_I9beQtfY.roa (hash: FKC1b4NqDGusVuG1PsHV/OorcR6VfmcWdy6GLsbONNI=)
2: kGQm9IPDaqzahzIySriK1YAMmi0.crl (hash: 3D8kIWpQwEAIe8hYbjcMXeO2glKHLMBK9/rz7hyqmqk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/kGQm9IPDaqzahzIySriK1YAMmi0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/kGQm9IPDaqzahzIySriK1YAMmi0.mft
rsync://rpki.ripe.net/repository/DEFAULT/kGQm9IPDaqzahzIySriK1YAMmi0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:f9:96:7a:da:fa:cf:82:b2:9a:8a:ae:59:cf:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=906426f483c36aacda8732324ab88ad5800c9a2d
Validity
Not Before: Nov 11 09:01:22 2025 GMT
Not After : Nov 12 09:01:22 2025 GMT
Subject: CN=9c6f1bdaa38b87257ff52381aed9afe71f4fccb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f0:8d:75:4a:a3:74:83:77:4a:a8:5f:19:7c:
ed:6c:78:db:f0:c1:49:6d:e4:69:10:58:1a:31:80:
21:fe:b5:93:f8:ae:27:b6:38:34:cb:73:53:39:42:
3c:5f:55:41:dc:a7:6b:6a:ec:18:37:d2:50:f8:34:
5c:d8:f8:2d:df:b7:5a:a3:6d:0e:05:6b:5c:51:b3:
b0:2d:62:ff:62:df:30:38:9a:67:de:47:cd:7f:55:
5f:1f:2d:54:87:97:d2:b8:cd:5b:0a:15:6c:fa:33:
43:1d:0a:48:0f:39:e9:87:05:dc:dc:32:87:b7:7c:
1b:d1:d3:b3:93:83:92:9b:8f:f8:9e:cf:5e:4b:7f:
4e:f9:1d:db:e0:53:52:43:2f:dd:a3:7a:99:3d:c6:
10:2b:96:40:35:36:bf:02:b3:24:c9:6e:9d:f0:2d:
bf:45:bd:df:f6:0e:48:1d:f0:d2:8a:29:63:1f:d4:
fd:f0:d3:e1:6a:d1:99:1c:c0:df:ea:db:6d:be:0e:
5c:6c:b1:74:1b:e1:03:40:64:09:b9:08:d7:8f:54:
6e:5a:00:a2:9d:2b:ac:7c:ae:d0:7a:e8:8b:61:ac:
29:b8:14:d7:2e:76:85:47:36:f3:9f:db:a0:0a:ae:
66:0d:18:f2:05:fe:78:05:d1:c9:e6:f4:d6:c5:8a:
e4:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:6F:1B:DA:A3:8B:87:25:7F:F5:23:81:AE:D9:AF:E7:1F:4F:CC:B2
X509v3 Authority Key Identifier:
keyid:90:64:26:F4:83:C3:6A:AC:DA:87:32:32:4A:B8:8A:D5:80:0C:9A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kGQm9IPDaqzahzIySriK1YAMmi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/kGQm9IPDaqzahzIySriK1YAMmi0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/kGQm9IPDaqzahzIySriK1YAMmi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
10:3e:b1:88:71:b9:85:16:67:1b:19:9b:c6:1f:c0:65:c0:6b:
b3:d4:5b:d2:a7:c0:44:73:32:7c:ef:a8:2a:d9:43:26:c7:82:
cd:0f:22:d7:f2:1e:46:7c:0b:fd:e3:18:9b:ba:c9:a1:86:fb:
b1:13:bc:7c:2c:98:36:a3:22:7b:f2:a3:41:c8:2a:70:07:56:
fe:7d:92:43:a4:70:51:2e:72:0a:4e:fa:87:12:84:fc:79:e4:
59:2b:65:09:23:54:c3:0d:ad:02:08:5a:62:67:15:d5:c8:96:
aa:63:38:24:e4:15:0f:b0:ea:3a:8f:fb:e9:4a:24:ae:ad:ae:
a0:08:40:14:e9:9c:d1:bb:5b:78:dc:6b:fa:2d:d6:d2:2b:3c:
b9:3d:4e:2d:8c:91:cf:bc:0a:76:86:d0:70:33:a9:29:ad:65:
9d:46:0a:27:84:98:a3:17:1c:d2:0e:0a:a4:50:84:dc:12:2a:
cf:6d:39:74:61:0c:97:77:14:31:1d:95:64:0b:a6:d0:14:f5:
99:ef:10:7d:10:d8:c0:0a:45:6a:48:e1:58:45:27:f6:3d:40:
07:1c:e9:83:2a:e8:2b:fe:f9:39:83:1a:f1:67:eb:32:88:2c:
61:0e:0f:1b:e8:cb:63:f5:53:24:bb:0e:ab:e4:8d:8d:9c:8c:
ec:00:9e:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJfmWetr6z4KymoquWc9PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNjQyNmY0ODNjMzZhYWNkYTg3MzIzMjRhYjg4YWQ1ODAw
YzlhMmQwHhcNMjUxMTExMDkwMTIyWhcNMjUxMTEyMDkwMTIyWjAzMTEwLwYDVQQD
Eyg5YzZmMWJkYWEzOGI4NzI1N2ZmNTIzODFhZWQ5YWZlNzFmNGZjY2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfCNdUqjdIN3SqhfGXztbHjb8MFJ
beRpEFgaMYAh/rWT+K4ntjg0y3NTOUI8X1VB3KdrauwYN9JQ+DRc2Pgt37dao20O
BWtcUbOwLWL/Yt8wOJpn3kfNf1VfHy1Uh5fSuM1bChVs+jNDHQpIDznphwXc3DKH
t3wb0dOzk4OSm4/4ns9eS39O+R3b4FNSQy/do3qZPcYQK5ZANTa/ArMkyW6d8C2/
Rb3f9g5IHfDSiiljH9T98NPhatGZHMDf6tttvg5cbLF0G+EDQGQJuQjXj1RuWgCi
nSusfK7QeuiLYawpuBTXLnaFRzbzn9ugCq5mDRjyBf54BdHJ5vTWxYrksQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJxvG9qji4clf/Ujga7Zr+cfT8yyMB8GA1UdIwQY
MBaAFJBkJvSDw2qs2ocyMkq4itWADJotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0dRbTlJUERhcXphaHpJeVNyaUsxWUFNbWkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85NGQ0NDEtZDk4Ny00MDYyLTg5YzEt
OTRjNWFkMTdhN2EwLzEva0dRbTlJUERhcXphaHpJeVNyaUsxWUFNbWkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85NGQ0NDEtZDk4Ny00MDYyLTg5YzEtOTRjNWFkMTdhN2Ew
LzEva0dRbTlJUERhcXphaHpJeVNyaUsxWUFNbWkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAED6xiHG5
hRZnGxmbxh/AZcBrs9Rb0qfARHMyfO+oKtlDJseCzQ8i1/IeRnwL/eMYm7rJoYb7
sRO8fCyYNqMie/KjQcgqcAdW/n2SQ6RwUS5yCk76hxKE/HnkWStlCSNUww2tAgha
YmcV1ciWqmM4JOQVD7DqOo/76Uokrq2uoAhAFOmc0btbeNxr+i3W0is8uT1OLYyR
z7wKdobQcDOpKa1lnUYKJ4SYoxcc0g4KpFCE3BIqz205dGEMl3cUMR2VZAum0BT1
me8QfRDYwApFakjhWEUn9j1ABxzpgyroK/75OYMa8WfrMogsYQ4PG+jLY/VTJLsO
q+SNjZyM7ACeBg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 17:19:16 2025 by rpki-client