Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/db5101-015c-40c5-905b-657b3a7d9676/1/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.mft
File: MPkNJSCtYZrDBgs5-9LCBOKaKhQ.mft (raw, json)
Hash identifier: ItGZpU++YKYBZj68lFfVkxKK3zXp15pfpIcV1NsS8ms=
Subject key identifier: 42:F6:70:EE:F7:EE:93:AD:35:D3:09:5B:7D:D3:78:4E:61:37:85:A0
Authority key identifier: 30:F9:0D:25:20:AD:61:9A:C3:06:0B:39:FB:D2:C2:04:E2:9A:2A:14
Certificate issuer: /CN=30f90d2520ad619ac3060b39fbd2c204e29a2a14
Certificate serial: 019A71B8FD2F359132965C679FDDDAEB85AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/db5101-015c-40c5-905b-657b3a7d9676/1/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 07:02:20 +0000
Manifest this update: Tue 11 Nov 2025 07:02:20 +0000
Manifest next update: Wed 12 Nov 2025 07:02:20 +0000
Files and hashes: 1: 9iuKUiRNNk0yJqP9x1MG2I_7d9s.roa (hash: OJC+CIaFp/mpbSmO0wI1lGEv8Ek7U6QE2MP4Wm3PDaM=)
2: MPkNJSCtYZrDBgs5-9LCBOKaKhQ.crl (hash: 49hXJuFzCdqyX92Co6zC2uy8wFE6xsj1gpW4kX2qvaU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/db5101-015c-40c5-905b-657b3a7d9676/1/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/db5101-015c-40c5-905b-657b3a7d9676/1/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:fd:2f:35:91:32:96:5c:67:9f:dd:da:eb:85:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30f90d2520ad619ac3060b39fbd2c204e29a2a14
Validity
Not Before: Nov 11 07:02:20 2025 GMT
Not After : Nov 12 07:02:20 2025 GMT
Subject: CN=42f670eef7ee93ad35d3095b7dd3784e613785a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:d6:bc:55:af:54:a3:e4:e8:5d:3b:f0:ba:1d:
4f:e7:c3:ac:3a:d9:f5:6a:61:8d:f3:25:de:cf:c7:
3c:6d:b9:18:04:05:6a:61:d9:8e:29:ea:28:4d:5f:
76:9a:53:88:57:09:b8:84:0a:ae:52:d5:84:82:8a:
15:c4:cb:b3:b4:73:72:b3:25:df:bc:4a:6b:2f:be:
a9:b3:94:c6:06:1d:86:9e:9d:c0:73:ac:7c:64:75:
d9:04:87:6f:19:8d:96:a7:f4:a5:e7:b1:52:62:28:
3e:19:d2:81:43:04:c4:04:bb:1f:12:16:6a:53:2c:
4f:ea:1d:65:77:a0:0b:c1:9b:5f:ed:40:8c:9c:fc:
96:65:e0:9e:25:5a:ef:23:4d:da:ed:ce:05:a7:37:
3d:54:50:94:2b:73:df:80:92:5a:ee:9c:4d:31:34:
2e:08:4b:55:90:26:83:73:cb:59:69:bc:d7:17:65:
a5:0d:07:1c:c1:ac:61:61:f5:68:23:8e:38:bd:46:
d2:2e:29:8a:5c:3a:a7:80:1b:21:f5:88:25:b3:af:
e5:c1:b1:aa:a2:d5:ca:6c:23:da:48:6e:e5:67:67:
b8:74:1b:5e:21:85:1a:39:55:ab:18:8d:b2:ef:33:
e2:99:5b:6f:c1:0a:b6:24:e3:41:06:9e:ae:66:98:
4d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:F6:70:EE:F7:EE:93:AD:35:D3:09:5B:7D:D3:78:4E:61:37:85:A0
X509v3 Authority Key Identifier:
keyid:30:F9:0D:25:20:AD:61:9A:C3:06:0B:39:FB:D2:C2:04:E2:9A:2A:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/db5101-015c-40c5-905b-657b3a7d9676/1/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/db5101-015c-40c5-905b-657b3a7d9676/1/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b6:6a:33:dc:77:73:11:58:84:68:57:79:a0:47:3d:06:46:f3:
70:52:67:46:9d:94:e7:97:05:05:ef:8a:36:49:dd:5b:df:25:
69:ad:8b:b6:c9:d8:6c:83:12:5c:f5:82:af:d5:03:57:a0:26:
d7:48:64:13:18:86:c0:aa:08:dd:4c:1f:9a:33:68:92:da:9d:
65:a0:ca:53:68:bf:e6:aa:01:53:d2:27:11:30:d1:b5:bd:ed:
a8:b2:b2:99:9b:e0:5e:c7:23:f2:34:01:de:4a:53:27:36:b3:
80:dc:1d:e5:c1:19:c6:3e:92:bc:f3:f0:94:0e:1f:21:07:d1:
56:95:8a:42:6a:8a:d4:81:2f:2c:d6:e2:ad:66:a2:4b:35:de:
b7:46:41:e0:a0:bb:eb:a5:f6:2f:87:3d:b2:28:24:34:92:6e:
73:9c:3c:ee:2c:a1:06:e8:52:cc:39:b7:c3:e9:3c:d5:27:db:
1d:f8:96:dc:26:49:76:12:43:07:ce:d4:ff:ea:83:18:00:f7:
9f:a6:19:a1:b2:f7:7a:e7:c2:f6:5d:1f:3c:6b:f1:f2:d9:39:
51:85:df:26:7c:94:0f:4f:69:91:cb:14:66:d6:c8:09:cf:7f:
2b:eb:76:c5:46:d3:09:fc:7f:e3:8b:bc:40:0f:ad:c2:ab:76:
b5:4f:e9:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuP0vNZEyllxnn93a64WqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZjkwZDI1MjBhZDYxOWFjMzA2MGIzOWZiZDJjMjA0ZTI5
YTJhMTQwHhcNMjUxMTExMDcwMjIwWhcNMjUxMTEyMDcwMjIwWjAzMTEwLwYDVQQD
Eyg0MmY2NzBlZWY3ZWU5M2FkMzVkMzA5NWI3ZGQzNzg0ZTYxMzc4NWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5da8Va9Uo+ToXTvwuh1P58OsOtn1
amGN8yXez8c8bbkYBAVqYdmOKeooTV92mlOIVwm4hAquUtWEgooVxMuztHNysyXf
vEprL76ps5TGBh2Gnp3Ac6x8ZHXZBIdvGY2Wp/Sl57FSYig+GdKBQwTEBLsfEhZq
UyxP6h1ld6ALwZtf7UCMnPyWZeCeJVrvI03a7c4Fpzc9VFCUK3PfgJJa7pxNMTQu
CEtVkCaDc8tZabzXF2WlDQccwaxhYfVoI444vUbSLimKXDqngBsh9Ygls6/lwbGq
otXKbCPaSG7lZ2e4dBteIYUaOVWrGI2y7zPimVtvwQq2JONBBp6uZphNwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEL2cO737pOtNdMJW33TeE5hN4WgMB8GA1UdIwQY
MBaAFDD5DSUgrWGawwYLOfvSwgTimioUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVBrTkpTQ3RZWnJEQmdzNS05TENCT0thS2hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9kYjUxMDEtMDE1Yy00MGM1LTkwNWIt
NjU3YjNhN2Q5Njc2LzEvTVBrTkpTQ3RZWnJEQmdzNS05TENCT0thS2hRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9kYjUxMDEtMDE1Yy00MGM1LTkwNWItNjU3YjNhN2Q5Njc2
LzEvTVBrTkpTQ3RZWnJEQmdzNS05TENCT0thS2hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtmoz3Hdz
EViEaFd5oEc9BkbzcFJnRp2U55cFBe+KNkndW98laa2LtsnYbIMSXPWCr9UDV6Am
10hkExiGwKoI3UwfmjNoktqdZaDKU2i/5qoBU9InETDRtb3tqLKymZvgXscj8jQB
3kpTJzazgNwd5cEZxj6SvPPwlA4fIQfRVpWKQmqK1IEvLNbirWaiSzXet0ZB4KC7
66X2L4c9sigkNJJuc5w87iyhBuhSzDm3w+k81SfbHfiW3CZJdhJDB87U/+qDGAD3
n6YZobL3eufC9l0fPGvx8tk5UYXfJnyUD09pkcsUZtbICc9/K+t2xUbTCfx/44u8
QA+twqt2tU/pDA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:45:21 2025 by rpki-client