Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/540c5f-a2a2-44e4-9287-41b54500fdcf/1/4koD-A9i2oZjUuGZCZfx1GzrL7A.mft
File: 4koD-A9i2oZjUuGZCZfx1GzrL7A.mft (raw, json)
Hash identifier: YNrZ5mE0hnAYqDj/Npr5f/VhrLM1PgqnmT3bb67jpp8=
Subject key identifier: A7:D8:98:89:02:58:FB:9E:B0:80:A5:84:F8:2E:44:AC:0F:B6:67:B2
Authority key identifier: E2:4A:03:F8:0F:62:DA:86:63:52:E1:99:09:97:F1:D4:6C:EB:2F:B0
Certificate issuer: /CN=e24a03f80f62da866352e1990997f1d46ceb2fb0
Certificate serial: 019A7293A8A99892B2CB7648EC15626F7400
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4koD-A9i2oZjUuGZCZfx1GzrL7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/540c5f-a2a2-44e4-9287-41b54500fdcf/1/4koD-A9i2oZjUuGZCZfx1GzrL7A.mft
Manifest number: 13DC
Signing time: Tue 11 Nov 2025 11:01:10 +0000
Manifest this update: Tue 11 Nov 2025 11:01:10 +0000
Manifest next update: Wed 12 Nov 2025 11:01:10 +0000
Files and hashes: 1: 4koD-A9i2oZjUuGZCZfx1GzrL7A.crl (hash: R2sJqpySCfd20am1GJWY1owlkrPxy3dXhJjkRQ7ynfc=)
2: _SDGNnpAJAI5c9TTproSlcDE1Ew.roa (hash: FWM2UQvUNqFuHmMAV7nZEdUtqbqVwiTq2Q2yh+QWjTY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/540c5f-a2a2-44e4-9287-41b54500fdcf/1/4koD-A9i2oZjUuGZCZfx1GzrL7A.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/540c5f-a2a2-44e4-9287-41b54500fdcf/1/4koD-A9i2oZjUuGZCZfx1GzrL7A.mft
rsync://rpki.ripe.net/repository/DEFAULT/4koD-A9i2oZjUuGZCZfx1GzrL7A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:a8:a9:98:92:b2:cb:76:48:ec:15:62:6f:74:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e24a03f80f62da866352e1990997f1d46ceb2fb0
Validity
Not Before: Nov 11 11:01:10 2025 GMT
Not After : Nov 12 11:01:10 2025 GMT
Subject: CN=a7d898890258fb9eb080a584f82e44ac0fb667b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:af:4e:7f:c0:a9:e2:2a:4f:53:03:e2:55:80:
83:22:7c:31:53:3a:42:09:69:1a:ad:3b:fc:c3:e8:
d3:d8:e8:ad:fe:1e:76:56:6b:95:75:7e:e7:52:dc:
7e:52:88:1d:99:8c:80:05:e7:22:99:e4:fc:94:b7:
2c:36:7d:ad:c2:4d:fc:e1:1e:ee:cf:a2:39:03:87:
bc:65:bc:32:ac:0c:a8:29:c3:cf:1c:0b:02:0a:09:
45:f3:e4:3c:1c:4e:5c:66:7e:e5:73:c4:10:5a:86:
30:f8:76:24:36:66:fb:13:68:1b:c5:5e:59:9f:9f:
97:84:43:0f:3a:3e:0e:17:7e:46:8f:69:a8:d0:cb:
d3:de:e9:7c:5d:b2:bc:bb:e6:c9:3f:92:53:a1:54:
50:96:9d:6c:82:fe:77:2c:8b:e0:0d:80:07:93:52:
4f:b5:d5:01:5d:cc:61:55:06:a5:d3:b1:6c:a3:8b:
8e:e8:2c:33:4f:8a:d2:e7:7e:ba:36:a9:f1:fe:cd:
da:e8:af:58:28:c4:85:29:c2:ea:f0:f8:d3:a2:3f:
ab:85:9a:68:19:0a:72:ed:ad:86:b3:7a:22:ee:51:
d5:09:03:79:86:94:17:47:87:0e:b9:84:22:75:7f:
11:c4:37:d7:18:b5:3d:e5:f4:d4:cf:12:a8:ca:41:
ef:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:D8:98:89:02:58:FB:9E:B0:80:A5:84:F8:2E:44:AC:0F:B6:67:B2
X509v3 Authority Key Identifier:
keyid:E2:4A:03:F8:0F:62:DA:86:63:52:E1:99:09:97:F1:D4:6C:EB:2F:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4koD-A9i2oZjUuGZCZfx1GzrL7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/540c5f-a2a2-44e4-9287-41b54500fdcf/1/4koD-A9i2oZjUuGZCZfx1GzrL7A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/540c5f-a2a2-44e4-9287-41b54500fdcf/1/4koD-A9i2oZjUuGZCZfx1GzrL7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bb:4e:21:e5:50:f7:58:02:d5:8d:db:37:c1:c0:d1:48:9c:80:
f3:b5:c6:21:b3:ee:f3:18:dd:a0:c2:dd:d7:16:d2:88:37:eb:
fe:e8:3f:5e:ca:c9:5e:06:ca:21:f3:f9:05:91:8c:24:e8:b3:
a1:aa:84:8f:5a:28:89:8b:5e:57:7e:6a:32:2d:a1:91:19:08:
b3:4f:cc:1f:3b:6f:88:ec:46:b3:17:78:81:e0:15:74:69:30:
3b:ba:94:97:46:a0:70:83:6d:88:7c:5d:01:a8:97:8a:e1:bc:
3a:a2:6d:ad:82:4f:bf:a6:e1:75:f6:b0:57:0c:dc:e5:59:ea:
9b:75:4f:8a:cc:b4:90:a5:aa:01:79:4e:24:6d:43:4e:5a:12:
13:88:12:da:7c:e9:25:cf:36:80:57:cd:82:eb:97:04:38:49:
db:f8:85:da:e5:55:6c:85:f9:f3:f0:17:76:77:1c:eb:46:da:
59:6f:64:ad:85:3a:c5:67:d0:3e:79:41:b3:2c:79:23:ee:4e:
61:b0:1b:e5:1a:29:80:df:36:ad:95:32:b2:39:60:6f:bd:df:
fd:87:ab:87:c1:03:6a:a4:cb:2d:f9:a5:6f:e2:60:3f:84:4a:
ae:c1:2b:78:ce:9c:1c:01:ea:b6:57:8e:ed:b1:bb:0b:a3:91:
46:44:66:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk6ipmJKyy3ZI7BVib3QAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyNGEwM2Y4MGY2MmRhODY2MzUyZTE5OTA5OTdmMWQ0NmNl
YjJmYjAwHhcNMjUxMTExMTEwMTEwWhcNMjUxMTEyMTEwMTEwWjAzMTEwLwYDVQQD
EyhhN2Q4OTg4OTAyNThmYjllYjA4MGE1ODRmODJlNDRhYzBmYjY2N2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoa9Of8Cp4ipPUwPiVYCDInwxUzpC
CWkarTv8w+jT2Oit/h52VmuVdX7nUtx+UogdmYyABecimeT8lLcsNn2twk384R7u
z6I5A4e8ZbwyrAyoKcPPHAsCCglF8+Q8HE5cZn7lc8QQWoYw+HYkNmb7E2gbxV5Z
n5+XhEMPOj4OF35Gj2mo0MvT3ul8XbK8u+bJP5JToVRQlp1sgv53LIvgDYAHk1JP
tdUBXcxhVQal07Fso4uO6CwzT4rS5366Nqnx/s3a6K9YKMSFKcLq8PjToj+rhZpo
GQpy7a2Gs3oi7lHVCQN5hpQXR4cOuYQidX8RxDfXGLU95fTUzxKoykHvNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKfYmIkCWPuesIClhPguRKwPtmeyMB8GA1UdIwQY
MBaAFOJKA/gPYtqGY1LhmQmX8dRs6y+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGtvRC1BOWkyb1pqVXVHWkNaZngxR3pyTDdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC81NDBjNWYtYTJhMi00NGU0LTkyODct
NDFiNTQ1MDBmZGNmLzEvNGtvRC1BOWkyb1pqVXVHWkNaZngxR3pyTDdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC81NDBjNWYtYTJhMi00NGU0LTkyODctNDFiNTQ1MDBmZGNm
LzEvNGtvRC1BOWkyb1pqVXVHWkNaZngxR3pyTDdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu04h5VD3
WALVjds3wcDRSJyA87XGIbPu8xjdoMLd1xbSiDfr/ug/XsrJXgbKIfP5BZGMJOiz
oaqEj1ooiYteV35qMi2hkRkIs0/MHztviOxGsxd4geAVdGkwO7qUl0agcINtiHxd
AaiXiuG8OqJtrYJPv6bhdfawVwzc5Vnqm3VPisy0kKWqAXlOJG1DTloSE4gS2nzp
Jc82gFfNguuXBDhJ2/iF2uVVbIX58/AXdncc60baWW9krYU6xWfQPnlBsyx5I+5O
YbAb5RopgN82rZUysjlgb73f/Yerh8EDaqTLLfmlb+JgP4RKrsEreM6cHAHqtleO
7bG7C6ORRkRmQg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:17:04 2025 by rpki-client