Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/17a88d-236d-4fad-9035-7599b441cd1c/1/RMKVym7oyucAa1d69U43ZiPfd5k.mft
File: RMKVym7oyucAa1d69U43ZiPfd5k.mft (raw, json)
Hash identifier: RXqS7+rmM/4Wc7TIN+BePQ67jsT1g5PsTDO9Ygvq9Rg=
Subject key identifier: F9:9E:15:28:35:8F:17:EF:22:73:C3:D1:4D:E7:63:80:DC:79:01:C0
Authority key identifier: 44:C2:95:CA:6E:E8:CA:E7:00:6B:57:7A:F5:4E:37:66:23:DF:77:99
Certificate issuer: /CN=44c295ca6ee8cae7006b577af54e376623df7799
Certificate serial: 019A72264E4FE380BC4A68404A9258DDF236
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RMKVym7oyucAa1d69U43ZiPfd5k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/17a88d-236d-4fad-9035-7599b441cd1c/1/RMKVym7oyucAa1d69U43ZiPfd5k.mft
Manifest number: 14EE
Signing time: Tue 11 Nov 2025 09:01:44 +0000
Manifest this update: Tue 11 Nov 2025 09:01:44 +0000
Manifest next update: Wed 12 Nov 2025 09:01:44 +0000
Files and hashes: 1: 1-a4x5OOX4iisCDf6ed1yjE-GXUQ.roa (hash: sw8ry0bOHDndmxXW/2FyYZ7exmAZ4VvNy12eeZpqa3o=)
2: RMKVym7oyucAa1d69U43ZiPfd5k.crl (hash: mRUDm4AAfhcjdnaUh81io4pDEE4RhNuTARdbxGI8YZc=)
3: UTTLqXMtJUxFPASsyV3j9mlbrsU.roa (hash: 2XJm8gYnzGZQLzDIfSf2GHQMXAHNk+qtN5YEcj0V9ws=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/17a88d-236d-4fad-9035-7599b441cd1c/1/RMKVym7oyucAa1d69U43ZiPfd5k.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/17a88d-236d-4fad-9035-7599b441cd1c/1/RMKVym7oyucAa1d69U43ZiPfd5k.mft
rsync://rpki.ripe.net/repository/DEFAULT/RMKVym7oyucAa1d69U43ZiPfd5k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:4e:4f:e3:80:bc:4a:68:40:4a:92:58:dd:f2:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44c295ca6ee8cae7006b577af54e376623df7799
Validity
Not Before: Nov 11 09:01:44 2025 GMT
Not After : Nov 12 09:01:44 2025 GMT
Subject: CN=f99e1528358f17ef2273c3d14de76380dc7901c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:df:08:7d:6c:cf:9a:e3:8c:62:41:c3:f6:09:
aa:bf:d0:2c:db:49:d7:ae:e8:4e:97:e6:4b:29:80:
22:36:7e:ff:db:80:d8:01:b6:2f:83:c6:81:0c:95:
57:ec:4e:fb:77:c5:cf:e7:62:16:f1:75:b7:87:fc:
46:1a:86:15:44:ed:1e:8f:12:47:51:94:70:70:96:
23:de:d1:11:5c:32:2f:02:5d:90:d7:18:9c:34:7b:
87:d7:88:26:3e:be:09:e3:b6:ca:53:d5:a7:ae:11:
7c:8c:68:44:34:1f:47:84:6e:e6:49:e6:32:51:53:
66:6c:a9:0b:c2:a9:84:35:22:6a:e4:83:d7:83:3d:
24:a4:39:32:08:f9:15:12:b4:f7:33:0e:80:ab:e0:
3d:21:eb:d1:e2:83:ec:83:ae:c0:0a:c8:95:a5:45:
6c:ab:40:00:47:7b:ff:4f:04:ec:e3:a8:f9:4b:95:
00:ce:98:64:75:bb:bf:6a:bc:62:36:36:b5:0e:0f:
71:68:8f:2d:4e:74:97:f5:11:4f:e8:ca:b3:94:aa:
70:15:44:5e:63:84:62:04:f9:fd:e7:c2:a3:b5:75:
67:61:dd:05:be:75:d5:5a:55:09:a5:56:72:e8:a0:
e5:dd:a9:d3:66:c5:29:81:37:7b:ff:fe:ac:3c:c4:
bb:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:9E:15:28:35:8F:17:EF:22:73:C3:D1:4D:E7:63:80:DC:79:01:C0
X509v3 Authority Key Identifier:
keyid:44:C2:95:CA:6E:E8:CA:E7:00:6B:57:7A:F5:4E:37:66:23:DF:77:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RMKVym7oyucAa1d69U43ZiPfd5k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/17a88d-236d-4fad-9035-7599b441cd1c/1/RMKVym7oyucAa1d69U43ZiPfd5k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/17a88d-236d-4fad-9035-7599b441cd1c/1/RMKVym7oyucAa1d69U43ZiPfd5k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:33:bb:b0:11:21:28:df:87:ad:83:1d:b8:1f:c1:81:68:db:
6e:ff:95:74:af:b4:d0:f9:c1:3a:35:e6:d0:b5:d4:18:f7:c4:
27:00:3d:d9:c3:76:a3:9e:c4:02:88:a8:4a:e3:c8:79:ad:58:
5f:5a:65:21:60:41:6d:e7:ab:d3:78:95:06:10:09:50:a6:c3:
2d:cd:7e:83:ac:3d:aa:26:b7:51:db:f4:52:54:0e:41:0a:d4:
1b:82:f3:82:86:f0:eb:a9:c8:b7:88:c8:46:4b:a5:f6:84:02:
b3:c7:1e:1a:91:ee:34:70:d3:d6:f6:68:c4:7d:c1:bc:7f:8a:
74:e9:42:3d:8c:de:35:8a:d8:72:34:ac:17:c9:f6:3a:a3:7d:
b0:7d:c4:85:05:87:88:13:da:c8:61:c6:d3:a8:25:b6:84:b7:
45:13:3d:8e:c9:25:3f:2b:ca:cc:16:42:f9:5f:07:0a:f4:a3:
b0:8f:50:89:8c:5c:c9:ad:45:41:63:a6:a6:52:ce:d2:b7:91:
2d:cb:91:d2:41:47:04:12:36:79:c0:be:98:da:e1:75:c3:25:
96:6e:52:72:f5:c5:37:28:48:8a:49:fb:81:a5:ac:a8:64:47:
25:85:5c:c2:27:15:21:65:1f:c8:40:01:27:7f:90:12:78:4a:
ec:dd:4e:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJk5P44C8SmhASpJY3fI2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YzI5NWNhNmVlOGNhZTcwMDZiNTc3YWY1NGUzNzY2MjNk
Zjc3OTkwHhcNMjUxMTExMDkwMTQ0WhcNMjUxMTEyMDkwMTQ0WjAzMTEwLwYDVQQD
EyhmOTllMTUyODM1OGYxN2VmMjI3M2MzZDE0ZGU3NjM4MGRjNzkwMWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt98IfWzPmuOMYkHD9gmqv9As20nX
ruhOl+ZLKYAiNn7/24DYAbYvg8aBDJVX7E77d8XP52IW8XW3h/xGGoYVRO0ejxJH
UZRwcJYj3tERXDIvAl2Q1xicNHuH14gmPr4J47bKU9WnrhF8jGhENB9HhG7mSeYy
UVNmbKkLwqmENSJq5IPXgz0kpDkyCPkVErT3Mw6Aq+A9IevR4oPsg67ACsiVpUVs
q0AAR3v/TwTs46j5S5UAzphkdbu/arxiNja1Dg9xaI8tTnSX9RFP6MqzlKpwFURe
Y4RiBPn958KjtXVnYd0FvnXVWlUJpVZy6KDl3anTZsUpgTd7//6sPMS7DQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPmeFSg1jxfvInPD0U3nY4DceQHAMB8GA1UdIwQY
MBaAFETClcpu6MrnAGtXevVON2Yj33eZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk1LVnltN295dWNBYTFkNjlVNDNaaVBmZDVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8xN2E4OGQtMjM2ZC00ZmFkLTkwMzUt
NzU5OWI0NDFjZDFjLzEvUk1LVnltN295dWNBYTFkNjlVNDNaaVBmZDVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8xN2E4OGQtMjM2ZC00ZmFkLTkwMzUtNzU5OWI0NDFjZDFj
LzEvUk1LVnltN295dWNBYTFkNjlVNDNaaVBmZDVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAITO7sBEh
KN+HrYMduB/BgWjbbv+VdK+00PnBOjXm0LXUGPfEJwA92cN2o57EAoioSuPIea1Y
X1plIWBBbeer03iVBhAJUKbDLc1+g6w9qia3Udv0UlQOQQrUG4Lzgobw66nIt4jI
Rkul9oQCs8ceGpHuNHDT1vZoxH3BvH+KdOlCPYzeNYrYcjSsF8n2OqN9sH3EhQWH
iBPayGHG06gltoS3RRM9jsklPyvKzBZC+V8HCvSjsI9QiYxcya1FQWOmplLO0reR
LcuR0kFHBBI2ecC+mNrhdcMllm5ScvXFNyhIikn7gaWsqGRHJYVcwicVIWUfyEAB
J3+QEnhK7N1Oig==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:43:06 2025 by rpki-client