Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/17a88d-236d-4fad-9035-7599b441cd1c/1/RMKVym7oyucAa1d69U43ZiPfd5k.mft
File: RMKVym7oyucAa1d69U43ZiPfd5k.mft (raw, json)
Hash identifier: +WPskRciV1znlBEdiLy2cVDR5g7kiG9oHRFiOuopU1g=
Subject key identifier: B5:49:6C:60:F7:B4:99:24:C8:0A:6A:8E:8F:19:19:84:E8:20:D1:B8
Authority key identifier: 44:C2:95:CA:6E:E8:CA:E7:00:6B:57:7A:F5:4E:37:66:23:DF:77:99
Certificate issuer: /CN=44c295ca6ee8cae7006b577af54e376623df7799
Certificate serial: 01992DB502FFACA0E78D3082E24B4216D6E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RMKVym7oyucAa1d69U43ZiPfd5k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/17a88d-236d-4fad-9035-7599b441cd1c/1/RMKVym7oyucAa1d69U43ZiPfd5k.mft
Manifest number: 1446
Signing time: Tue 09 Sep 2025 09:01:01 +0000
Manifest this update: Tue 09 Sep 2025 09:01:01 +0000
Manifest next update: Wed 10 Sep 2025 09:01:01 +0000
Files and hashes: 1: 1-a4x5OOX4iisCDf6ed1yjE-GXUQ.roa (hash: sw8ry0bOHDndmxXW/2FyYZ7exmAZ4VvNy12eeZpqa3o=)
2: RMKVym7oyucAa1d69U43ZiPfd5k.crl (hash: N0B5utaKFFRcgSc6LRVwk1BnBFrO60LVT8xd+9uqg/Q=)
3: UTTLqXMtJUxFPASsyV3j9mlbrsU.roa (hash: 2XJm8gYnzGZQLzDIfSf2GHQMXAHNk+qtN5YEcj0V9ws=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/17a88d-236d-4fad-9035-7599b441cd1c/1/RMKVym7oyucAa1d69U43ZiPfd5k.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/17a88d-236d-4fad-9035-7599b441cd1c/1/RMKVym7oyucAa1d69U43ZiPfd5k.mft
rsync://rpki.ripe.net/repository/DEFAULT/RMKVym7oyucAa1d69U43ZiPfd5k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 08:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2d:b5:02:ff:ac:a0:e7:8d:30:82:e2:4b:42:16:d6:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44c295ca6ee8cae7006b577af54e376623df7799
Validity
Not Before: Sep 9 09:01:01 2025 GMT
Not After : Sep 10 09:01:01 2025 GMT
Subject: CN=b5496c60f7b49924c80a6a8e8f191984e820d1b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ef:54:65:80:0c:77:1f:c2:cd:23:8d:88:ad:
fa:1d:e4:f1:e2:77:ed:be:84:2b:19:7f:3d:dd:12:
e0:49:25:22:97:60:40:66:56:e5:99:ea:c4:c2:4e:
72:53:2a:fa:66:2b:17:f4:ad:20:19:8f:fd:c7:86:
e5:65:e2:6f:41:e6:93:21:33:fc:f9:9f:9b:b5:2e:
10:4a:97:ff:b8:cd:a8:47:c8:b4:8c:82:69:b3:c3:
ec:2d:f0:c8:51:18:db:87:9f:4e:df:7b:2f:e1:2c:
65:51:98:0c:40:a6:92:50:90:58:38:3b:a4:ae:f1:
c2:ac:33:fb:5e:d1:64:0f:20:ec:0c:12:a0:b2:e7:
22:91:64:3b:97:49:3a:92:62:73:1d:0f:8f:57:6b:
b3:49:d9:5f:f5:62:53:65:74:64:a8:6e:0c:56:80:
b6:61:26:2c:55:ae:99:e7:93:e4:c5:76:35:d6:a5:
cc:c9:f3:f3:09:52:4d:dc:ea:e5:fd:08:2c:a7:57:
31:26:96:d5:9f:09:b0:aa:9c:6a:44:6a:c8:ee:da:
a9:54:f8:d8:80:50:ea:c7:e5:fe:b6:17:03:47:fc:
56:e5:3b:85:29:50:e4:54:32:77:32:59:9d:12:b6:
f0:e0:24:e8:a4:63:87:a3:aa:90:d0:70:49:e7:bc:
24:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:49:6C:60:F7:B4:99:24:C8:0A:6A:8E:8F:19:19:84:E8:20:D1:B8
X509v3 Authority Key Identifier:
keyid:44:C2:95:CA:6E:E8:CA:E7:00:6B:57:7A:F5:4E:37:66:23:DF:77:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RMKVym7oyucAa1d69U43ZiPfd5k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/17a88d-236d-4fad-9035-7599b441cd1c/1/RMKVym7oyucAa1d69U43ZiPfd5k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/17a88d-236d-4fad-9035-7599b441cd1c/1/RMKVym7oyucAa1d69U43ZiPfd5k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
90:4d:39:86:2d:ab:55:cf:46:d5:18:3f:d3:89:bc:f5:db:4c:
96:04:3f:65:36:af:06:29:26:ae:dc:9d:e0:d2:f6:31:ad:a0:
ed:cc:75:f6:4f:3a:19:b6:3d:5e:a6:6f:e1:ac:6b:8c:36:b2:
16:e7:67:e5:3f:c3:19:c4:26:69:0b:d0:f2:9a:c0:41:8e:d4:
0a:66:33:28:58:83:bf:c4:69:4b:95:8b:ee:f5:61:b8:48:0a:
54:b5:2e:f1:3d:d4:a9:16:57:08:4f:4e:bb:52:98:d1:f4:eb:
da:7c:ed:38:8f:13:d7:c9:00:56:5b:93:25:88:38:5b:82:9a:
26:97:84:0b:0c:c1:9d:17:74:6e:1a:84:26:07:30:f2:e4:6d:
18:04:ef:a3:e7:ad:49:08:96:33:e4:92:d9:ae:1b:aa:41:ca:
b9:47:c0:b3:a7:14:31:67:9d:f6:2d:a9:58:bd:18:b1:59:17:
b4:89:6c:a8:cb:da:f3:69:0a:cd:36:a4:5b:8e:c5:ac:84:76:
cb:c8:ed:81:7a:2c:ec:c5:0e:a9:32:84:d8:9c:b0:75:9e:ac:
08:22:ce:fa:88:6d:81:2d:9a:2e:e5:69:71:ec:e4:48:c7:c1:
26:e1:d5:3c:ed:e4:8f:26:b4:a4:03:85:92:bf:f7:cd:d2:1b:
94:8b:5d:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkttQL/rKDnjTCC4ktCFtbhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YzI5NWNhNmVlOGNhZTcwMDZiNTc3YWY1NGUzNzY2MjNk
Zjc3OTkwHhcNMjUwOTA5MDkwMTAxWhcNMjUwOTEwMDkwMTAxWjAzMTEwLwYDVQQD
EyhiNTQ5NmM2MGY3YjQ5OTI0YzgwYTZhOGU4ZjE5MTk4NGU4MjBkMWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqO9UZYAMdx/CzSONiK36HeTx4nft
voQrGX893RLgSSUil2BAZlblmerEwk5yUyr6ZisX9K0gGY/9x4blZeJvQeaTITP8
+Z+btS4QSpf/uM2oR8i0jIJps8PsLfDIURjbh59O33sv4SxlUZgMQKaSUJBYODuk
rvHCrDP7XtFkDyDsDBKgsucikWQ7l0k6kmJzHQ+PV2uzSdlf9WJTZXRkqG4MVoC2
YSYsVa6Z55PkxXY11qXMyfPzCVJN3Orl/Qgsp1cxJpbVnwmwqpxqRGrI7tqpVPjY
gFDqx+X+thcDR/xW5TuFKVDkVDJ3MlmdErbw4CTopGOHo6qQ0HBJ57wkRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLVJbGD3tJkkyApqjo8ZGYToING4MB8GA1UdIwQY
MBaAFETClcpu6MrnAGtXevVON2Yj33eZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk1LVnltN295dWNBYTFkNjlVNDNaaVBmZDVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8xN2E4OGQtMjM2ZC00ZmFkLTkwMzUt
NzU5OWI0NDFjZDFjLzEvUk1LVnltN295dWNBYTFkNjlVNDNaaVBmZDVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8xN2E4OGQtMjM2ZC00ZmFkLTkwMzUtNzU5OWI0NDFjZDFj
LzEvUk1LVnltN295dWNBYTFkNjlVNDNaaVBmZDVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkE05hi2r
Vc9G1Rg/04m89dtMlgQ/ZTavBikmrtyd4NL2Ma2g7cx19k86GbY9XqZv4axrjDay
Fudn5T/DGcQmaQvQ8prAQY7UCmYzKFiDv8RpS5WL7vVhuEgKVLUu8T3UqRZXCE9O
u1KY0fTr2nztOI8T18kAVluTJYg4W4KaJpeECwzBnRd0bhqEJgcw8uRtGATvo+et
SQiWM+SS2a4bqkHKuUfAs6cUMWed9i2pWL0YsVkXtIlsqMva82kKzTakW47FrIR2
y8jtgXos7MUOqTKE2JywdZ6sCCLO+ohtgS2aLuVpcezkSMfBJuHVPO3kjya0pAOF
kr/3zdIblItdjA==
-----END CERTIFICATE-----
Generated at Tue Sep 9 10:25:21 2025 by rpki-client