Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/c80896-c36e-4627-8353-341c3fa45b43/1/Kq8k6REaiJ202uCH5ICeEIbjP4I.mft
File: Kq8k6REaiJ202uCH5ICeEIbjP4I.mft (raw, json)
Hash identifier: t7lhbDeUubrvutT9YPS1yknyaWhAeZuJ3mKShgE7ikw=
Subject key identifier: 1C:25:A6:2A:DD:D5:2E:AE:9B:DD:BF:E0:E5:F5:26:80:AA:19:36:45
Authority key identifier: 2A:AF:24:E9:11:1A:88:9D:B4:DA:E0:87:E4:80:9E:10:86:E3:3F:82
Certificate issuer: /CN=2aaf24e9111a889db4dae087e4809e1086e33f82
Certificate serial: 019A725CE3C2792D4E2C00F938CF746C262F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kq8k6REaiJ202uCH5ICeEIbjP4I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/c80896-c36e-4627-8353-341c3fa45b43/1/Kq8k6REaiJ202uCH5ICeEIbjP4I.mft
Manifest number: 167B
Signing time: Tue 11 Nov 2025 10:01:21 +0000
Manifest this update: Tue 11 Nov 2025 10:01:21 +0000
Manifest next update: Wed 12 Nov 2025 10:01:21 +0000
Files and hashes: 1: 5sMxgmIczAQ4fn8JJ0_j3DrMjS0.roa (hash: VTfvZnzv8Q2Rd2Q6njhUyXmObqB+4ygm6Iue4TDP3ic=)
2: Kq8k6REaiJ202uCH5ICeEIbjP4I.crl (hash: b4oPuyfumhsa+21bU+B8OJHOaH4o4HkT0YITLtcWBXM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/c80896-c36e-4627-8353-341c3fa45b43/1/Kq8k6REaiJ202uCH5ICeEIbjP4I.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/c80896-c36e-4627-8353-341c3fa45b43/1/Kq8k6REaiJ202uCH5ICeEIbjP4I.mft
rsync://rpki.ripe.net/repository/DEFAULT/Kq8k6REaiJ202uCH5ICeEIbjP4I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:e3:c2:79:2d:4e:2c:00:f9:38:cf:74:6c:26:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2aaf24e9111a889db4dae087e4809e1086e33f82
Validity
Not Before: Nov 11 10:01:21 2025 GMT
Not After : Nov 12 10:01:21 2025 GMT
Subject: CN=1c25a62addd52eae9bddbfe0e5f52680aa193645
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c4:e1:62:25:80:a6:7e:00:e8:01:c0:fe:0a:
fd:e9:2f:f6:d1:47:64:6b:de:a7:d4:0e:f1:0d:8c:
24:5b:2f:ff:8f:b5:54:07:13:bf:1a:92:fc:0f:8d:
c8:72:df:db:04:09:10:d7:e7:05:03:7b:48:b3:ec:
1e:fc:8e:6d:24:6a:71:ed:e9:88:2e:f0:50:70:7d:
e3:b3:28:e3:87:40:9e:11:90:5f:58:80:c1:95:32:
1a:10:e5:51:af:30:94:ff:48:0c:f2:c1:be:10:a9:
56:59:80:ba:7c:02:96:d5:99:cd:10:d3:58:3c:af:
f0:09:6d:3b:b9:9f:cb:64:ea:1d:97:e9:31:18:81:
de:a5:ea:31:b3:2e:40:87:6f:9e:a9:5b:3c:1f:29:
04:07:b8:a7:8c:73:3f:77:10:63:33:be:1e:3a:76:
fd:30:45:02:08:5c:98:2b:79:d8:8c:55:dc:8e:98:
9c:27:17:15:9d:0e:42:9f:0b:5a:ac:cb:48:38:5e:
0a:cc:0a:82:ba:c1:02:ef:1e:e6:f1:aa:c3:fe:cf:
f5:a2:a8:b1:92:19:9c:bd:16:8d:d9:9d:20:9f:7e:
9d:b7:db:70:98:29:f0:f4:a4:c4:e0:d6:eb:b2:47:
21:7b:b4:d6:a7:3e:bf:02:c7:06:09:75:76:c3:e6:
1c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:25:A6:2A:DD:D5:2E:AE:9B:DD:BF:E0:E5:F5:26:80:AA:19:36:45
X509v3 Authority Key Identifier:
keyid:2A:AF:24:E9:11:1A:88:9D:B4:DA:E0:87:E4:80:9E:10:86:E3:3F:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kq8k6REaiJ202uCH5ICeEIbjP4I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/c80896-c36e-4627-8353-341c3fa45b43/1/Kq8k6REaiJ202uCH5ICeEIbjP4I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/c80896-c36e-4627-8353-341c3fa45b43/1/Kq8k6REaiJ202uCH5ICeEIbjP4I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8a:87:ec:39:bc:0d:d1:9e:20:a0:96:e0:1b:26:53:db:95:dc:
a9:2b:12:6e:86:f0:1d:57:c4:fb:18:65:fe:87:ba:88:ba:67:
b0:7c:a4:54:05:07:8d:e4:cd:b0:66:2f:ee:9e:c0:3a:69:7f:
d0:05:f7:dc:f9:0e:d4:49:16:a9:86:32:95:44:22:ca:dd:90:
d2:25:fe:a6:af:62:2d:42:18:6b:35:ef:1b:c4:e3:00:e3:86:
46:8f:87:7d:f3:1d:8e:bf:dc:a1:6f:84:b2:32:fb:2d:e9:d5:
18:4b:12:2d:a0:b6:e5:21:41:0e:d3:87:5d:ec:ce:6a:0e:61:
94:50:ec:86:56:3d:cd:c1:00:f1:36:c0:96:52:ac:5d:db:40:
20:b9:a8:32:b2:cc:a1:fc:23:f5:ae:a3:0e:3c:a2:97:03:fa:
53:81:dd:2d:2d:e4:8a:8c:79:6d:72:42:12:1a:82:2f:e9:56:
72:1c:96:e9:2b:fc:01:16:8e:ea:62:66:e7:9c:79:2e:10:c5:
e6:23:a9:88:d4:19:15:2a:6e:bf:61:05:96:d7:66:12:bd:17:
d3:c9:54:88:64:e9:2a:5c:dd:63:c6:8a:6d:7d:7d:35:4b:79:
16:c5:90:e1:ff:5b:b7:7d:db:b6:3b:ca:47:b1:53:ea:1a:cd:
de:af:02:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXOPCeS1OLAD5OM90bCYvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYWYyNGU5MTExYTg4OWRiNGRhZTA4N2U0ODA5ZTEwODZl
MzNmODIwHhcNMjUxMTExMTAwMTIxWhcNMjUxMTEyMTAwMTIxWjAzMTEwLwYDVQQD
EygxYzI1YTYyYWRkZDUyZWFlOWJkZGJmZTBlNWY1MjY4MGFhMTkzNjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcThYiWApn4A6AHA/gr96S/20Udk
a96n1A7xDYwkWy//j7VUBxO/GpL8D43Ict/bBAkQ1+cFA3tIs+we/I5tJGpx7emI
LvBQcH3jsyjjh0CeEZBfWIDBlTIaEOVRrzCU/0gM8sG+EKlWWYC6fAKW1ZnNENNY
PK/wCW07uZ/LZOodl+kxGIHepeoxsy5Ah2+eqVs8HykEB7injHM/dxBjM74eOnb9
MEUCCFyYK3nYjFXcjpicJxcVnQ5CnwtarMtIOF4KzAqCusEC7x7m8arD/s/1oqix
khmcvRaN2Z0gn36dt9twmCnw9KTE4Nbrskche7TWpz6/AscGCXV2w+YcGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBwlpird1S6um92/4OX1JoCqGTZFMB8GA1UdIwQY
MBaAFCqvJOkRGoidtNrgh+SAnhCG4z+CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3E4azZSRWFpSjIwMnVDSDVJQ2VFSWJqUDRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9jODA4OTYtYzM2ZS00NjI3LTgzNTMt
MzQxYzNmYTQ1YjQzLzEvS3E4azZSRWFpSjIwMnVDSDVJQ2VFSWJqUDRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9jODA4OTYtYzM2ZS00NjI3LTgzNTMtMzQxYzNmYTQ1YjQz
LzEvS3E4azZSRWFpSjIwMnVDSDVJQ2VFSWJqUDRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiofsObwN
0Z4goJbgGyZT25XcqSsSbobwHVfE+xhl/oe6iLpnsHykVAUHjeTNsGYv7p7AOml/
0AX33PkO1EkWqYYylUQiyt2Q0iX+pq9iLUIYazXvG8TjAOOGRo+HffMdjr/coW+E
sjL7LenVGEsSLaC25SFBDtOHXezOag5hlFDshlY9zcEA8TbAllKsXdtAILmoMrLM
ofwj9a6jDjyilwP6U4HdLS3kiox5bXJCEhqCL+lWchyW6Sv8ARaO6mJm55x5LhDF
5iOpiNQZFSpuv2EFltdmEr0X08lUiGTpKlzdY8aKbX19NUt5FsWQ4f9bt33btjvK
R7FT6hrN3q8CUQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:46:33 2025 by rpki-client