Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/8bfec4-bd6f-4650-a4d8-ad1c30c11e5a/1/1-mkv2gGWh9WNcb8ywJCNEuRrTKU.mft
File: 1-mkv2gGWh9WNcb8ywJCNEuRrTKU.mft (raw, json)
Hash identifier: XCDJ5gOYdIlWO4fjfjH1smBSar1HpdaEKvxKoVSsp/M=
Subject key identifier: 1F:39:FB:23:F3:5E:94:43:33:A1:28:B1:78:AF:D2:69:CE:A2:6C:F3
Authority key identifier: FA:69:2F:DA:01:96:87:D5:8D:71:BF:32:C0:90:8D:12:E4:6B:4C:A5
Certificate issuer: /CN=fa692fda019687d58d71bf32c0908d12e46b4ca5
Certificate serial: 019A722612BE5391E85E2358397EA37EA6CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-mkv2gGWh9WNcb8ywJCNEuRrTKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/8bfec4-bd6f-4650-a4d8-ad1c30c11e5a/1/1-mkv2gGWh9WNcb8ywJCNEuRrTKU.mft
Manifest number: 1327
Signing time: Tue 11 Nov 2025 09:01:28 +0000
Manifest this update: Tue 11 Nov 2025 09:01:28 +0000
Manifest next update: Wed 12 Nov 2025 09:01:28 +0000
Files and hashes: 1: 1-mkv2gGWh9WNcb8ywJCNEuRrTKU.crl (hash: 0iH5aHsJSVQAVkohZLho2vAYgrmRyuB2KMGyj7Kz5XQ=)
2: torroLihTDOA3iF3dz35198q-Ig.roa (hash: vvwQ1xlARrMA7/miZ5paV8AjRUiaiipi3ehp/RAKIwA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/8bfec4-bd6f-4650-a4d8-ad1c30c11e5a/1/1-mkv2gGWh9WNcb8ywJCNEuRrTKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/8bfec4-bd6f-4650-a4d8-ad1c30c11e5a/1/1-mkv2gGWh9WNcb8ywJCNEuRrTKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-mkv2gGWh9WNcb8ywJCNEuRrTKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:12:be:53:91:e8:5e:23:58:39:7e:a3:7e:a6:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa692fda019687d58d71bf32c0908d12e46b4ca5
Validity
Not Before: Nov 11 09:01:28 2025 GMT
Not After : Nov 12 09:01:28 2025 GMT
Subject: CN=1f39fb23f35e944333a128b178afd269cea26cf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:12:e1:b6:f1:f6:59:6b:7b:ed:e9:58:1f:e0:
a4:a1:f5:09:e9:de:12:de:e5:d7:0d:7b:74:d9:ab:
f6:99:2a:11:8e:a3:a2:3e:08:f3:44:f5:ef:73:80:
e8:86:d0:e2:97:78:97:14:d2:0b:a7:4a:82:bf:49:
e1:81:fa:f2:1a:3a:f9:2a:e9:79:1e:c5:1e:d7:e0:
2b:c2:3f:ea:3c:2a:9f:da:04:be:fe:bc:7b:22:fc:
b8:5b:9a:f3:36:1d:ed:5c:60:8f:bb:81:54:1f:b3:
cc:eb:dc:b6:2e:97:4a:99:fd:b1:47:70:2b:2a:77:
e4:e9:f9:8f:05:e3:38:c2:61:68:9b:5d:70:87:3f:
58:81:58:17:2e:10:0e:b7:05:59:d9:01:55:2a:a5:
d0:8f:91:26:da:79:95:6d:08:91:b5:a8:3e:0e:e4:
4a:36:1e:47:6d:0e:34:92:81:88:03:31:3d:20:47:
28:d4:00:71:6d:52:94:98:23:60:d3:2e:7f:c6:4c:
1f:4e:41:ac:b9:e4:0f:21:e4:d2:b6:66:3b:c3:72:
16:da:a9:a0:93:21:7e:b4:2e:af:d2:93:fb:d7:09:
f4:a7:b8:9f:48:95:b1:8d:0e:56:49:02:08:5c:14:
f6:66:b8:ea:36:9e:08:5d:53:81:0f:01:0b:3a:d5:
52:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:39:FB:23:F3:5E:94:43:33:A1:28:B1:78:AF:D2:69:CE:A2:6C:F3
X509v3 Authority Key Identifier:
keyid:FA:69:2F:DA:01:96:87:D5:8D:71:BF:32:C0:90:8D:12:E4:6B:4C:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-mkv2gGWh9WNcb8ywJCNEuRrTKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/8bfec4-bd6f-4650-a4d8-ad1c30c11e5a/1/1-mkv2gGWh9WNcb8ywJCNEuRrTKU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/8bfec4-bd6f-4650-a4d8-ad1c30c11e5a/1/1-mkv2gGWh9WNcb8ywJCNEuRrTKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bd:a5:2c:95:c5:03:cb:3a:7d:3d:ae:a4:5c:dc:9a:32:8b:20:
6b:34:8d:32:b0:a0:2f:ff:25:f7:23:ab:f5:d4:d6:41:e7:49:
5d:6e:83:83:d3:e5:72:7a:14:03:4b:a9:f8:1f:f9:89:c7:f3:
18:ff:70:7d:02:a5:7d:31:63:52:48:4f:cb:c5:85:b3:35:4e:
64:ee:b5:e5:72:27:d5:4e:ad:f2:30:12:fb:9e:b3:aa:dc:b8:
f8:b9:82:3a:a2:bf:32:7f:bb:9c:af:e4:99:88:51:cd:02:e5:
45:09:1d:37:17:1d:9d:30:2f:09:12:f1:02:16:65:4f:42:59:
0c:07:17:06:f9:36:9d:ca:ca:1d:16:28:1e:6a:63:81:77:53:
18:99:92:29:16:73:03:f1:ac:55:f0:56:fc:36:6e:55:7b:91:
42:1d:5c:08:88:84:28:bb:7f:5b:d4:08:4e:a6:7b:56:14:da:
91:ba:16:ac:a2:a4:18:43:1a:34:4f:6d:3d:b3:b6:aa:dd:e5:
1d:8d:4b:dd:e0:3d:81:2e:31:56:48:d9:d3:3d:12:8f:b0:b1:
1a:90:af:40:0c:97:b9:87:f9:85:a4:9a:e2:13:6a:0b:d4:5d:
38:17:c6:8e:04:63:b5:d6:22:34:7a:aa:2c:f2:60:70:c4:a8:
70:28:c1:95
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZpyJhK+U5HoXiNYOX6jfqbNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhNjkyZmRhMDE5Njg3ZDU4ZDcxYmYzMmMwOTA4ZDEyZTQ2
YjRjYTUwHhcNMjUxMTExMDkwMTI4WhcNMjUxMTEyMDkwMTI4WjAzMTEwLwYDVQQD
EygxZjM5ZmIyM2YzNWU5NDQzMzNhMTI4YjE3OGFmZDI2OWNlYTI2Y2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhLhtvH2WWt77elYH+CkofUJ6d4S
3uXXDXt02av2mSoRjqOiPgjzRPXvc4DohtDil3iXFNILp0qCv0nhgfryGjr5Kul5
HsUe1+Arwj/qPCqf2gS+/rx7Ivy4W5rzNh3tXGCPu4FUH7PM69y2LpdKmf2xR3Ar
Knfk6fmPBeM4wmFom11whz9YgVgXLhAOtwVZ2QFVKqXQj5Em2nmVbQiRtag+DuRK
Nh5HbQ40koGIAzE9IEco1ABxbVKUmCNg0y5/xkwfTkGsueQPIeTStmY7w3IW2qmg
kyF+tC6v0pP71wn0p7ifSJWxjQ5WSQIIXBT2ZrjqNp4IXVOBDwELOtVSqwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFB85+yPzXpRDM6EosXiv0mnOomzzMB8GA1UdIwQY
MBaAFPppL9oBlofVjXG/MsCQjRLka0ylMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1ta3YyZ0dXaDlXTmNiOHl3SkNORXVSclRLVS5jZXIw
gY4GCCsGAQUFBwELBIGBMH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTEvOGJmZWM0LWJkNmYtNDY1MC1hNGQ4
LWFkMWMzMGMxMWU1YS8xLzEtbWt2MmdHV2g5V05jYjh5d0pDTkV1UnJUS1UubWZ0
MIGCBgNVHR8EezB5MHegdaBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3Np
dG9yeS9ERUZBVUxULzExLzhiZmVjNC1iZDZmLTQ2NTAtYTRkOC1hZDFjMzBjMTFl
NWEvMS8xLW1rdjJnR1doOVdOY2I4eXdKQ05FdVJyVEtVLmNybDAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgAC
BQAwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvaUs
lcUDyzp9Pa6kXNyaMosgazSNMrCgL/8l9yOr9dTWQedJXW6Dg9PlcnoUA0up+B/5
icfzGP9wfQKlfTFjUkhPy8WFszVOZO615XIn1U6t8jAS+56zqty4+LmCOqK/Mn+7
nK/kmYhRzQLlRQkdNxcdnTAvCRLxAhZlT0JZDAcXBvk2ncrKHRYoHmpjgXdTGJmS
KRZzA/GsVfBW/DZuVXuRQh1cCIiEKLt/W9QITqZ7VhTakboWrKKkGEMaNE9tPbO2
qt3lHY1L3eA9gS4xVkjZ0z0Sj7CxGpCvQAyXuYf5haSa4hNqC9RdOBfGjgRjtdYi
NHqqLPJgcMSocCjBlQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:23:50 2025 by rpki-client