Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft
File: 0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft (raw, json)
Hash identifier: OqtsfBnSXoZO+P+ZDkhjkKDEHVeDyfZfcZmmk8m1z2Y=
Subject key identifier: BF:F9:DE:31:87:27:13:79:A0:08:39:FC:9B:2C:62:70:53:B7:12:0B
Authority key identifier: D2:48:18:59:56:E4:43:B5:5B:06:22:00:F9:64:53:7B:C1:0B:C1:30
Certificate issuer: /CN=d248185956e443b55b062200f964537bc10bc130
Certificate serial: 019A71EEE497A0160C13139B9D2B771EA33D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft
Manifest number: 038E
Signing time: Tue 11 Nov 2025 08:01:12 +0000
Manifest this update: Tue 11 Nov 2025 08:01:12 +0000
Manifest next update: Wed 12 Nov 2025 08:01:12 +0000
Files and hashes: 1: 0kgYWVbkQ7VbBiIA-WRTe8ELwTA.crl (hash: rLUifBECPiy7SmjVkoI5Of5aR02XtDc8PCko0gRA1w0=)
2: _O0LKSVD2FWQH20B8h-W2BSyf7E.roa (hash: /osVaD1xwsZSvzrjM1Npx7gTyOHOWobbSsuEq9U9lZY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft
rsync://rpki.ripe.net/repository/DEFAULT/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:e4:97:a0:16:0c:13:13:9b:9d:2b:77:1e:a3:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d248185956e443b55b062200f964537bc10bc130
Validity
Not Before: Nov 11 08:01:12 2025 GMT
Not After : Nov 12 08:01:12 2025 GMT
Subject: CN=bff9de3187271379a00839fc9b2c627053b7120b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:2b:63:f8:62:a9:b6:3f:7c:ac:6a:16:80:53:
40:82:dd:d4:e2:48:9b:ca:b9:dd:9c:bf:27:c0:2f:
aa:c6:17:f2:a3:6a:a3:74:88:e3:f7:2d:49:5d:1a:
fd:15:00:7e:fa:60:c9:5a:b0:de:b0:19:19:24:b9:
1b:be:44:4a:42:f5:49:5f:37:31:2e:2a:2b:10:3a:
22:87:1d:c6:8b:49:df:ee:63:f5:1a:3a:fa:f2:e8:
39:57:d3:9f:c6:6b:c1:ff:1a:a2:7d:16:73:16:ea:
09:c8:b2:ee:da:b5:77:b8:09:1c:d6:93:2a:87:25:
80:88:1c:fc:a8:0c:2a:bf:51:da:74:b4:a3:b2:98:
75:2c:d9:ea:da:32:66:20:be:6c:4f:25:4c:fe:fe:
67:e0:20:1f:e7:f9:b5:b8:03:70:1a:d7:de:e1:c5:
05:c5:2f:20:d4:f6:a8:10:47:18:c7:4d:74:18:63:
26:11:99:6a:41:ca:a9:0b:bf:78:75:32:51:e4:aa:
6e:03:64:81:94:68:59:1c:38:17:d0:fb:87:f3:31:
41:90:58:0f:50:56:87:0a:1c:08:87:55:e1:01:10:
c2:78:8d:6d:d4:d1:5c:61:e8:9c:b2:d7:59:f4:3b:
35:84:52:83:50:37:be:b0:1c:02:1d:a3:3f:2e:2f:
e6:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:F9:DE:31:87:27:13:79:A0:08:39:FC:9B:2C:62:70:53:B7:12:0B
X509v3 Authority Key Identifier:
keyid:D2:48:18:59:56:E4:43:B5:5B:06:22:00:F9:64:53:7B:C1:0B:C1:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:e3:15:11:b6:c2:ee:85:11:d3:82:90:9c:37:34:e5:86:e7:
40:07:f1:69:64:0b:79:d4:e8:4c:81:da:74:1a:2e:7f:73:7f:
71:42:55:e4:3d:56:c0:77:6e:48:1d:6d:0e:b0:31:db:59:45:
0e:c6:67:5a:49:fd:dc:64:46:49:b2:e3:c8:9b:09:91:e9:7c:
23:e9:f4:22:85:2f:8d:bf:32:26:36:8e:1d:cb:21:b8:74:3c:
f0:34:7e:55:55:96:04:ec:b9:8e:de:fa:10:35:94:77:d4:bc:
2c:94:cc:00:2e:15:15:f1:4d:35:18:be:a9:ed:5e:d4:cb:a9:
98:88:ff:6e:f4:ab:ba:e0:bf:6d:0c:69:b5:72:7d:3f:54:ad:
30:53:30:7a:71:b0:f8:d4:81:38:9b:af:ea:2e:fc:fd:9c:02:
e3:3d:91:d3:30:cc:da:1b:b5:54:b2:7f:c6:4d:90:0c:68:5e:
55:b8:1e:4d:6d:34:45:da:6c:cc:dd:09:40:20:5e:08:a1:c0:
92:48:a4:e9:3c:b4:84:21:48:55:db:37:17:2e:88:52:96:f0:
dc:1a:f6:15:4a:55:63:d2:c4:ff:c2:0d:66:e3:3e:b1:a8:73:
8f:45:d7:f6:bc:0d:d6:bb:e8:56:e4:91:01:e2:bc:d0:93:26:
6b:b5:b2:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7uSXoBYMExObnSt3HqM9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNDgxODU5NTZlNDQzYjU1YjA2MjIwMGY5NjQ1MzdiYzEw
YmMxMzAwHhcNMjUxMTExMDgwMTEyWhcNMjUxMTEyMDgwMTEyWjAzMTEwLwYDVQQD
EyhiZmY5ZGUzMTg3MjcxMzc5YTAwODM5ZmM5YjJjNjI3MDUzYjcxMjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Ctj+GKptj98rGoWgFNAgt3U4kib
yrndnL8nwC+qxhfyo2qjdIjj9y1JXRr9FQB++mDJWrDesBkZJLkbvkRKQvVJXzcx
LiorEDoihx3Gi0nf7mP1Gjr68ug5V9OfxmvB/xqifRZzFuoJyLLu2rV3uAkc1pMq
hyWAiBz8qAwqv1HadLSjsph1LNnq2jJmIL5sTyVM/v5n4CAf5/m1uANwGtfe4cUF
xS8g1PaoEEcYx010GGMmEZlqQcqpC794dTJR5KpuA2SBlGhZHDgX0PuH8zFBkFgP
UFaHChwIh1XhARDCeI1t1NFcYeicstdZ9Ds1hFKDUDe+sBwCHaM/Li/mkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL/53jGHJxN5oAg5/JssYnBTtxILMB8GA1UdIwQY
MBaAFNJIGFlW5EO1WwYiAPlkU3vBC8EwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGtnWVdWYmtRN1ZiQmlJQS1XUlRlOEVMd1RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZTg3NWEtMDU3Ni00YTE1LWJlMjMt
YWVhMDU0Y2Y0M2JiLzEvMGtnWVdWYmtRN1ZiQmlJQS1XUlRlOEVMd1RBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZTg3NWEtMDU3Ni00YTE1LWJlMjMtYWVhMDU0Y2Y0M2Ji
LzEvMGtnWVdWYmtRN1ZiQmlJQS1XUlRlOEVMd1RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC+MVEbbC
7oUR04KQnDc05YbnQAfxaWQLedToTIHadBouf3N/cUJV5D1WwHduSB1tDrAx21lF
DsZnWkn93GRGSbLjyJsJkel8I+n0IoUvjb8yJjaOHcshuHQ88DR+VVWWBOy5jt76
EDWUd9S8LJTMAC4VFfFNNRi+qe1e1MupmIj/bvSruuC/bQxptXJ9P1StMFMwenGw
+NSBOJuv6i78/ZwC4z2R0zDM2hu1VLJ/xk2QDGheVbgeTW00RdpszN0JQCBeCKHA
kkik6Ty0hCFIVds3Fy6IUpbw3Br2FUpVY9LE/8INZuM+sahzj0XX9rwN1rvoVuSR
AeK80JMma7WyhQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:40:18 2025 by rpki-client