Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/59da50-aedb-4906-af19-090fe3da2433/1/koDT5GcpaPhuiVXbYgy3ZdudcUI.mft
File: koDT5GcpaPhuiVXbYgy3ZdudcUI.mft (raw, json)
Hash identifier: qTXlpLNetvZYmLKbo7op9nwH1viFFEz+qntz+H9Yciw=
Subject key identifier: 99:8A:D2:B9:D8:A2:EE:2C:01:A2:BC:28:70:4B:EE:A5:70:71:FF:81
Authority key identifier: 92:80:D3:E4:67:29:68:F8:6E:89:55:DB:62:0C:B7:65:DB:9D:71:42
Certificate issuer: /CN=9280d3e4672968f86e8955db620cb765db9d7142
Certificate serial: 019A1CF572182BE5530E3D8121F3E8FDB80A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/koDT5GcpaPhuiVXbYgy3ZdudcUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/59da50-aedb-4906-af19-090fe3da2433/1/koDT5GcpaPhuiVXbYgy3ZdudcUI.mft
Manifest number: 0B22
Signing time: Sat 25 Oct 2025 20:00:38 +0000
Manifest this update: Sat 25 Oct 2025 20:00:38 +0000
Manifest next update: Sun 26 Oct 2025 20:00:38 +0000
Files and hashes: 1: HJG2LfZbcdQILd5mjrG6JouJjB8.roa (hash: AJsKTbmetLnV+AkJjtEMj7IQPl7myVO7TWx6kpWmD6s=)
2: koDT5GcpaPhuiVXbYgy3ZdudcUI.crl (hash: oDCUhrTD2JVDQi2zCx/4MSP21Pufy1OjC+OpnKKyxms=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/59da50-aedb-4906-af19-090fe3da2433/1/koDT5GcpaPhuiVXbYgy3ZdudcUI.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/59da50-aedb-4906-af19-090fe3da2433/1/koDT5GcpaPhuiVXbYgy3ZdudcUI.mft
rsync://rpki.ripe.net/repository/DEFAULT/koDT5GcpaPhuiVXbYgy3ZdudcUI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 Oct 2025 19:59:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:1c:f5:72:18:2b:e5:53:0e:3d:81:21:f3:e8:fd:b8:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9280d3e4672968f86e8955db620cb765db9d7142
Validity
Not Before: Oct 25 20:00:38 2025 GMT
Not After : Oct 26 20:00:38 2025 GMT
Subject: CN=998ad2b9d8a2ee2c01a2bc28704beea57071ff81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a2:3a:f2:34:d3:7c:f3:ca:ac:18:a7:a5:22:
0f:e3:9f:c8:89:5f:71:73:28:af:94:02:e3:05:81:
05:62:ed:43:7d:4f:bf:cc:39:89:b3:35:69:33:2a:
7f:14:39:70:9b:d7:7a:e0:b0:20:be:f7:51:51:66:
65:59:32:6f:a1:b6:48:5f:ea:8f:fd:a6:40:86:a0:
ce:45:b4:ba:c1:77:9a:26:93:33:57:ec:92:0b:37:
70:42:d9:57:0d:31:7f:eb:33:65:c5:89:c9:b5:68:
aa:ad:6e:3f:ce:a9:52:23:00:d1:85:90:00:7c:03:
ce:13:81:c4:01:6f:70:14:56:b9:17:ba:e3:45:f4:
cd:12:ac:29:72:72:39:df:ca:18:40:6f:88:f3:33:
40:30:f5:9e:80:4e:e4:e6:36:99:97:a6:10:2e:85:
ac:05:2e:45:87:19:5a:75:be:26:4a:a1:e7:d0:6a:
ad:61:e3:80:23:46:43:15:fe:35:ad:7e:8d:ad:75:
db:73:b3:7f:07:ea:c7:b9:80:f6:26:21:f4:e1:4b:
0f:ff:49:41:93:31:16:0a:6a:d3:73:59:e9:79:52:
bc:c3:25:35:d1:fe:9c:55:ac:7e:39:d8:63:47:da:
38:3a:14:7f:9f:02:2d:e2:8e:4e:3c:6e:21:32:1e:
7c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:8A:D2:B9:D8:A2:EE:2C:01:A2:BC:28:70:4B:EE:A5:70:71:FF:81
X509v3 Authority Key Identifier:
keyid:92:80:D3:E4:67:29:68:F8:6E:89:55:DB:62:0C:B7:65:DB:9D:71:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/koDT5GcpaPhuiVXbYgy3ZdudcUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/59da50-aedb-4906-af19-090fe3da2433/1/koDT5GcpaPhuiVXbYgy3ZdudcUI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/59da50-aedb-4906-af19-090fe3da2433/1/koDT5GcpaPhuiVXbYgy3ZdudcUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4f:27:59:7f:27:82:5a:4d:70:19:b3:a8:d5:2b:79:65:78:cc:
82:fc:ed:f1:7c:22:27:17:3d:9a:b5:60:8c:61:a1:01:ea:6c:
b2:bd:db:f0:16:82:7c:20:1e:77:7c:c1:24:2f:a0:a6:83:0c:
bd:35:97:d2:f1:bd:d3:9e:60:12:35:ab:4d:d4:b4:36:71:c2:
2b:28:8e:fd:f4:a5:a6:9f:d1:9d:ff:18:81:c3:7a:dc:b2:9e:
2c:a0:cc:c8:95:70:ff:e8:a9:88:2a:6e:95:73:5e:77:20:1f:
f8:b3:d5:17:20:05:e1:b5:e0:84:b9:2e:e4:b5:f3:e7:f0:db:
89:ed:19:ab:d8:b9:82:89:1b:6f:2c:87:4e:5f:7c:fb:00:73:
bd:e5:d2:17:ef:b7:89:ad:38:3b:1e:12:82:60:a8:4b:ba:f2:
5c:f6:94:58:fa:42:af:1b:dd:50:56:fa:3d:9d:c4:0e:ae:0a:
28:91:c2:64:43:34:df:ce:3c:c8:30:86:85:bb:67:77:45:f6:
3f:11:78:ba:2e:5a:80:24:4e:00:84:6f:33:ce:10:39:97:5c:
00:b8:6b:17:51:7e:d6:a6:52:b4:54:8b:54:07:ed:90:b9:63:
78:30:f6:9f:34:24:7f:6e:e4:72:9d:92:9e:7b:cd:8a:20:5b:
4e:60:7f:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoc9XIYK+VTDj2BIfPo/bgKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyODBkM2U0NjcyOTY4Zjg2ZTg5NTVkYjYyMGNiNzY1ZGI5
ZDcxNDIwHhcNMjUxMDI1MjAwMDM4WhcNMjUxMDI2MjAwMDM4WjAzMTEwLwYDVQQD
Eyg5OThhZDJiOWQ4YTJlZTJjMDFhMmJjMjg3MDRiZWVhNTcwNzFmZjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaI68jTTfPPKrBinpSIP45/IiV9x
cyivlALjBYEFYu1DfU+/zDmJszVpMyp/FDlwm9d64LAgvvdRUWZlWTJvobZIX+qP
/aZAhqDORbS6wXeaJpMzV+ySCzdwQtlXDTF/6zNlxYnJtWiqrW4/zqlSIwDRhZAA
fAPOE4HEAW9wFFa5F7rjRfTNEqwpcnI538oYQG+I8zNAMPWegE7k5jaZl6YQLoWs
BS5Fhxladb4mSqHn0GqtYeOAI0ZDFf41rX6NrXXbc7N/B+rHuYD2JiH04UsP/0lB
kzEWCmrTc1npeVK8wyU10f6cVax+OdhjR9o4OhR/nwIt4o5OPG4hMh581QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJmK0rnYou4sAaK8KHBL7qVwcf+BMB8GA1UdIwQY
MBaAFJKA0+RnKWj4bolV22IMt2XbnXFCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva29EVDVHY3BhUGh1aVZYYllneTNaZHVkY1VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81OWRhNTAtYWVkYi00OTA2LWFmMTkt
MDkwZmUzZGEyNDMzLzEva29EVDVHY3BhUGh1aVZYYllneTNaZHVkY1VJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81OWRhNTAtYWVkYi00OTA2LWFmMTktMDkwZmUzZGEyNDMz
LzEva29EVDVHY3BhUGh1aVZYYllneTNaZHVkY1VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATydZfyeC
Wk1wGbOo1St5ZXjMgvzt8XwiJxc9mrVgjGGhAepssr3b8BaCfCAed3zBJC+gpoMM
vTWX0vG9055gEjWrTdS0NnHCKyiO/fSlpp/Rnf8YgcN63LKeLKDMyJVw/+ipiCpu
lXNedyAf+LPVFyAF4bXghLku5LXz5/Dbie0Zq9i5gokbbyyHTl98+wBzveXSF++3
ia04Ox4SgmCoS7ryXPaUWPpCrxvdUFb6PZ3EDq4KKJHCZEM03848yDCGhbtnd0X2
PxF4ui5agCROAIRvM84QOZdcALhrF1F+1qZStFSLVAftkLljeDD2nzQkf27kcp2S
nnvNiiBbTmB/Dw==
-----END CERTIFICATE-----
Generated at Sun Oct 26 03:12:22 2025 by rpki-client