Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.mft
File: mK9kDIIO61-8kigcYRRPEae9cH4.mft (raw, json)
Hash identifier: r/FEvXimL1VLqFwgdAo4vveIsAMMm2pXwF5nQzKYFzA=
Subject key identifier: FC:E9:0E:4F:5E:ED:C1:A2:8F:C4:49:52:07:FC:69:B8:32:23:BD:86
Authority key identifier: 98:AF:64:0C:82:0E:EB:5F:BC:92:28:1C:61:14:4F:11:A7:BD:70:7E
Certificate issuer: /CN=98af640c820eeb5fbc92281c61144f11a7bd707e
Certificate serial: 019A07802B63F2C6DC86AE3C6F0E6379BAFD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mK9kDIIO61-8kigcYRRPEae9cH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.mft
Manifest number: 043F
Signing time: Tue 21 Oct 2025 16:00:31 +0000
Manifest this update: Tue 21 Oct 2025 16:00:31 +0000
Manifest next update: Wed 22 Oct 2025 16:00:31 +0000
Files and hashes: 1: OWXYykmlPDxYaUK6ibOA62-hDng.roa (hash: x4BvE6J+LBS4eTxuz/ILECCYgRYsxbKFwFccG0CtiDI=)
2: mK9kDIIO61-8kigcYRRPEae9cH4.crl (hash: XFIb0lNZht4K9eYUEp/w6L4I7pMbWgxvS1qOd8zPFH0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/mK9kDIIO61-8kigcYRRPEae9cH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Oct 2025 16:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:07:80:2b:63:f2:c6:dc:86:ae:3c:6f:0e:63:79:ba:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98af640c820eeb5fbc92281c61144f11a7bd707e
Validity
Not Before: Oct 21 16:00:31 2025 GMT
Not After : Oct 22 16:00:31 2025 GMT
Subject: CN=fce90e4f5eedc1a28fc4495207fc69b83223bd86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:38:f3:ec:5e:1c:b7:eb:71:7f:93:f7:3f:af:
c0:60:bd:df:86:2b:98:68:2d:52:4d:0e:6e:72:5d:
12:66:f0:5f:6b:2a:18:aa:3b:74:26:0d:c7:a7:32:
5a:a7:90:53:5c:6c:76:ed:a2:26:73:0a:c6:ac:a8:
16:81:27:17:8c:09:a3:ff:9f:2b:22:6a:4d:47:3e:
66:f4:f3:0e:1a:7f:0c:9c:83:b3:b5:0c:49:96:2b:
da:64:e9:e0:ec:3c:b8:6a:e2:9a:c6:45:16:40:b4:
e4:57:67:76:3e:36:d5:fd:c2:78:7b:8a:4d:79:15:
51:7c:51:2a:1e:44:fe:c1:8e:b2:bf:a9:1e:e4:85:
03:aa:3f:e8:94:49:51:2c:4e:02:45:42:d7:e4:57:
7f:dd:60:f6:9b:f0:0a:56:6f:10:0d:7d:a7:62:7d:
91:9f:45:eb:34:8c:62:a2:38:7b:f6:c9:7f:81:77:
b0:ec:18:59:c6:11:10:47:9a:2b:8a:07:d8:99:13:
84:75:68:1d:e0:fc:8a:05:60:e8:7d:bb:49:15:70:
0c:67:bd:07:be:f4:07:fa:f5:95:6b:13:d3:ff:4a:
8c:fc:d1:58:62:ad:fb:1b:1e:32:de:08:c4:9b:13:
48:85:77:e1:7e:5b:75:da:d8:ef:f8:23:75:13:f0:
ee:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:E9:0E:4F:5E:ED:C1:A2:8F:C4:49:52:07:FC:69:B8:32:23:BD:86
X509v3 Authority Key Identifier:
keyid:98:AF:64:0C:82:0E:EB:5F:BC:92:28:1C:61:14:4F:11:A7:BD:70:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mK9kDIIO61-8kigcYRRPEae9cH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3a:f4:ed:f0:54:20:31:d6:81:ea:4e:1a:67:69:ad:ec:b9:ca:
fa:64:fd:01:40:b9:07:d2:5e:40:39:0c:cf:4c:e9:62:15:ee:
fd:9b:e3:8f:8a:f3:46:77:87:da:41:b0:c6:93:dc:9d:0d:52:
c5:27:76:35:b0:25:cb:f4:e7:0b:40:ca:e7:83:7e:46:4d:07:
ed:88:c5:71:12:10:16:ba:69:61:f8:63:24:fc:05:f5:87:38:
88:fa:cb:b7:57:be:45:9c:ea:9a:aa:51:56:a8:b8:c6:30:9c:
38:15:aa:0b:e3:c5:6f:d5:ad:46:d9:63:52:85:06:4b:13:39:
bd:c3:18:50:90:ba:d0:5e:3e:58:6d:4e:6b:48:f0:ae:7a:cc:
48:fc:02:82:5b:c1:ae:32:3d:3d:3e:07:2a:f7:c1:a1:83:3c:
8d:01:40:6d:b1:ca:64:9f:6a:ba:26:58:63:d1:50:1f:36:78:
74:f6:4e:7c:42:2f:a7:7a:52:03:e8:72:f7:15:32:5b:af:e3:
b0:90:00:07:8d:cb:ef:22:8d:30:5f:bc:12:08:17:eb:c7:6a:
ad:fb:bb:e6:00:82:f2:25:19:e1:65:8f:1d:ad:07:dd:5b:80:
f5:bc:7f:70:6e:2f:02:70:07:fb:de:f9:8d:dd:95:8a:c9:9f:
a3:7c:5c:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoHgCtj8sbchq48bw5jebr9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4YWY2NDBjODIwZWViNWZiYzkyMjgxYzYxMTQ0ZjExYTdi
ZDcwN2UwHhcNMjUxMDIxMTYwMDMxWhcNMjUxMDIyMTYwMDMxWjAzMTEwLwYDVQQD
EyhmY2U5MGU0ZjVlZWRjMWEyOGZjNDQ5NTIwN2ZjNjliODMyMjNiZDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTjz7F4ct+txf5P3P6/AYL3fhiuY
aC1STQ5ucl0SZvBfayoYqjt0Jg3HpzJap5BTXGx27aImcwrGrKgWgScXjAmj/58r
ImpNRz5m9PMOGn8MnIOztQxJlivaZOng7Dy4auKaxkUWQLTkV2d2PjbV/cJ4e4pN
eRVRfFEqHkT+wY6yv6ke5IUDqj/olElRLE4CRULX5Fd/3WD2m/AKVm8QDX2nYn2R
n0XrNIxiojh79sl/gXew7BhZxhEQR5origfYmROEdWgd4PyKBWDofbtJFXAMZ70H
vvQH+vWVaxPT/0qM/NFYYq37Gx4y3gjEmxNIhXfhflt12tjv+CN1E/DuvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPzpDk9e7cGij8RJUgf8abgyI72GMB8GA1UdIwQY
MBaAFJivZAyCDutfvJIoHGEUTxGnvXB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUs5a0RJSU82MS04a2lnY1lSUlBFYWU5Y0g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8xMjJmZjQtYzRhNy00Njk4LTg3OWYt
ZWNhYjcwZWYzMmRhLzEvbUs5a0RJSU82MS04a2lnY1lSUlBFYWU5Y0g0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8xMjJmZjQtYzRhNy00Njk4LTg3OWYtZWNhYjcwZWYzMmRh
LzEvbUs5a0RJSU82MS04a2lnY1lSUlBFYWU5Y0g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOvTt8FQg
MdaB6k4aZ2mt7LnK+mT9AUC5B9JeQDkMz0zpYhXu/Zvjj4rzRneH2kGwxpPcnQ1S
xSd2NbAly/TnC0DK54N+Rk0H7YjFcRIQFrppYfhjJPwF9Yc4iPrLt1e+RZzqmqpR
Vqi4xjCcOBWqC+PFb9WtRtljUoUGSxM5vcMYUJC60F4+WG1Oa0jwrnrMSPwCglvB
rjI9PT4HKvfBoYM8jQFAbbHKZJ9quiZYY9FQHzZ4dPZOfEIvp3pSA+hy9xUyW6/j
sJAAB43L7yKNMF+8EggX68dqrfu75gCC8iUZ4WWPHa0H3VuA9bx/cG4vAnAH+975
jd2Vismfo3xcmQ==
-----END CERTIFICATE-----
Generated at Wed Oct 22 01:01:48 2025 by rpki-client