Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/869f62-7a2e-4175-9202-b2a2b8b847b9/1/kHpcTqRTtGyByxNtkrkwmxRsPkU.mft
File: kHpcTqRTtGyByxNtkrkwmxRsPkU.mft (raw, json)
Hash identifier: l3s8rPJyuDt15T35sm4Ka2jiKFXz5Je/HU4Duyvj5LQ=
Subject key identifier: 71:01:F2:C3:27:22:CB:07:0A:B3:DE:D8:83:2F:60:7C:95:CB:FE:4B
Authority key identifier: 90:7A:5C:4E:A4:53:B4:6C:81:CB:13:6D:92:B9:30:9B:14:6C:3E:45
Certificate issuer: /CN=907a5c4ea453b46c81cb136d92b9309b146c3e45
Certificate serial: 019A71B8BABA231C0DDE08E07D77400CC6CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kHpcTqRTtGyByxNtkrkwmxRsPkU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/869f62-7a2e-4175-9202-b2a2b8b847b9/1/kHpcTqRTtGyByxNtkrkwmxRsPkU.mft
Manifest number: 0A2A
Signing time: Tue 11 Nov 2025 07:02:03 +0000
Manifest this update: Tue 11 Nov 2025 07:02:03 +0000
Manifest next update: Wed 12 Nov 2025 07:02:03 +0000
Files and hashes: 1: kHpcTqRTtGyByxNtkrkwmxRsPkU.crl (hash: rohaMzYe0h09F3i20T3H6BTAvaML9VSoc69/S7cvH8U=)
2: y00kCOm4x0sTFaBDOqD5L5fES6Y.roa (hash: G4M+BrvsrjKhmQGsYy0izNdpM9hsyiGzIDC7Si8ke98=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/869f62-7a2e-4175-9202-b2a2b8b847b9/1/kHpcTqRTtGyByxNtkrkwmxRsPkU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/869f62-7a2e-4175-9202-b2a2b8b847b9/1/kHpcTqRTtGyByxNtkrkwmxRsPkU.mft
rsync://rpki.ripe.net/repository/DEFAULT/kHpcTqRTtGyByxNtkrkwmxRsPkU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:ba:ba:23:1c:0d:de:08:e0:7d:77:40:0c:c6:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=907a5c4ea453b46c81cb136d92b9309b146c3e45
Validity
Not Before: Nov 11 07:02:03 2025 GMT
Not After : Nov 12 07:02:03 2025 GMT
Subject: CN=7101f2c32722cb070ab3ded8832f607c95cbfe4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:5a:13:11:7f:03:46:ec:2e:fd:d2:c5:8e:ec:
4b:54:66:13:ba:dc:31:ee:4c:3f:cd:11:a6:a6:e1:
c8:7e:6c:f1:4f:63:3c:3b:33:ae:da:00:53:6f:f7:
90:3c:da:a6:1d:6b:c7:6e:1f:e7:85:8b:38:b0:16:
d1:59:94:ac:51:0c:ac:b8:a7:68:00:a7:05:4f:9e:
e6:cd:9c:4c:83:93:28:32:8e:ba:16:a1:ba:7e:26:
ce:9c:7f:08:bc:45:0e:9d:0e:ab:49:4c:d9:b7:51:
b3:97:51:a0:c5:9b:14:5c:15:2e:a3:2d:0b:34:a1:
70:f7:ad:59:b2:96:e7:dc:a1:b4:68:c1:19:f6:72:
fb:fc:4b:1a:7e:d1:a0:2c:fe:a6:c1:25:59:e5:c7:
c7:41:b8:b0:d3:9e:e2:54:6c:dc:02:bf:69:28:2b:
29:c5:3c:2c:c2:ab:cf:2c:69:fc:37:63:df:e6:f7:
28:4c:97:3c:5c:e6:d5:d0:77:67:75:be:d2:2c:2e:
22:2e:34:a2:8f:d9:62:76:81:bf:db:aa:5d:bc:55:
5a:02:3c:22:02:0b:97:04:be:68:85:e1:e8:9a:67:
64:9e:f0:af:51:3a:0c:93:17:b5:de:e6:9f:5f:95:
21:a4:e0:c0:e0:29:79:bc:6f:56:ee:aa:94:62:be:
7d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:01:F2:C3:27:22:CB:07:0A:B3:DE:D8:83:2F:60:7C:95:CB:FE:4B
X509v3 Authority Key Identifier:
keyid:90:7A:5C:4E:A4:53:B4:6C:81:CB:13:6D:92:B9:30:9B:14:6C:3E:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kHpcTqRTtGyByxNtkrkwmxRsPkU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/869f62-7a2e-4175-9202-b2a2b8b847b9/1/kHpcTqRTtGyByxNtkrkwmxRsPkU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/869f62-7a2e-4175-9202-b2a2b8b847b9/1/kHpcTqRTtGyByxNtkrkwmxRsPkU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a3:da:74:62:f1:40:e3:fa:58:08:2d:c2:4e:6c:97:dc:4f:93:
2c:fb:3d:38:ce:35:27:11:b9:b1:dc:96:ca:a3:05:16:74:df:
ba:ca:ef:71:42:95:0b:1c:bc:03:78:58:5f:f0:a4:62:62:b0:
c4:b6:c9:ee:7b:9c:ca:16:76:59:97:f0:0d:50:7c:82:7e:c6:
1f:fe:d0:d3:9f:a5:4d:03:e0:71:60:f8:c2:a6:bc:95:83:a3:
e6:b4:5b:09:13:5d:45:99:5e:a7:b7:75:23:83:fc:d0:6a:f8:
46:da:3f:24:d5:31:99:42:0b:94:07:4e:5f:d3:c5:ba:58:0e:
d7:ec:6b:51:44:39:66:95:33:b5:26:08:b3:77:34:b0:25:5a:
1d:c0:60:69:f8:fd:13:a8:d8:71:c8:b5:fd:88:36:14:cf:34:
f5:a9:dc:2b:03:a1:93:e0:73:9e:31:20:69:84:06:e3:a5:af:
ea:13:61:e5:d7:0a:42:4e:d3:38:78:11:59:b7:24:bc:35:3d:
c2:c7:1f:84:fe:53:2c:bc:ea:cd:c1:5d:36:56:54:ba:fd:8c:
27:5c:28:77:d0:14:20:50:1c:2c:ef:20:b4:8e:fb:86:3e:a9:
bc:60:dd:b7:ca:d3:6d:42:9a:ca:90:96:4c:ab:7d:c4:c6:2b:
d1:f3:28:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuLq6IxwN3gjgfXdADMbLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwN2E1YzRlYTQ1M2I0NmM4MWNiMTM2ZDkyYjkzMDliMTQ2
YzNlNDUwHhcNMjUxMTExMDcwMjAzWhcNMjUxMTEyMDcwMjAzWjAzMTEwLwYDVQQD
Eyg3MTAxZjJjMzI3MjJjYjA3MGFiM2RlZDg4MzJmNjA3Yzk1Y2JmZTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6FoTEX8DRuwu/dLFjuxLVGYTutwx
7kw/zRGmpuHIfmzxT2M8OzOu2gBTb/eQPNqmHWvHbh/nhYs4sBbRWZSsUQysuKdo
AKcFT57mzZxMg5MoMo66FqG6fibOnH8IvEUOnQ6rSUzZt1Gzl1GgxZsUXBUuoy0L
NKFw961Zspbn3KG0aMEZ9nL7/EsaftGgLP6mwSVZ5cfHQbiw057iVGzcAr9pKCsp
xTwswqvPLGn8N2Pf5vcoTJc8XObV0Hdndb7SLC4iLjSij9lidoG/26pdvFVaAjwi
AguXBL5oheHommdknvCvUToMkxe13uafX5UhpODA4Cl5vG9W7qqUYr59jwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHEB8sMnIssHCrPe2IMvYHyVy/5LMB8GA1UdIwQY
MBaAFJB6XE6kU7RsgcsTbZK5MJsUbD5FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0hwY1RxUlR0R3lCeXhOdGtya3dteFJzUGtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84NjlmNjItN2EyZS00MTc1LTkyMDIt
YjJhMmI4Yjg0N2I5LzEva0hwY1RxUlR0R3lCeXhOdGtya3dteFJzUGtVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS84NjlmNjItN2EyZS00MTc1LTkyMDItYjJhMmI4Yjg0N2I5
LzEva0hwY1RxUlR0R3lCeXhOdGtya3dteFJzUGtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo9p0YvFA
4/pYCC3CTmyX3E+TLPs9OM41JxG5sdyWyqMFFnTfusrvcUKVCxy8A3hYX/CkYmKw
xLbJ7nucyhZ2WZfwDVB8gn7GH/7Q05+lTQPgcWD4wqa8lYOj5rRbCRNdRZlep7d1
I4P80Gr4Rto/JNUxmUILlAdOX9PFulgO1+xrUUQ5ZpUztSYIs3c0sCVaHcBgafj9
E6jYcci1/Yg2FM809ancKwOhk+BznjEgaYQG46Wv6hNh5dcKQk7TOHgRWbckvDU9
wscfhP5TLLzqzcFdNlZUuv2MJ1wod9AUIFAcLO8gtI77hj6pvGDdt8rTbUKaypCW
TKt9xMYr0fMogA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:53:31 2025 by rpki-client