Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/ff00c4-b728-44a0-962d-973db9ce68b5/1/MsK-SD_ye7jw3AnOD3HyqI6vfgc.mft
File: MsK-SD_ye7jw3AnOD3HyqI6vfgc.mft (raw, json)
Hash identifier: 7p1YEaeV7Q1oKEVfM96jWvtBuzUTS6Qy7BG7QyCCAiY=
Subject key identifier: 5E:BB:24:81:F4:8F:59:6D:19:5C:E2:CA:A5:1E:38:D2:9D:87:2C:32
Authority key identifier: 32:C2:BE:48:3F:F2:7B:B8:F0:DC:09:CE:0F:71:F2:A8:8E:AF:7E:07
Certificate issuer: /CN=32c2be483ff27bb8f0dc09ce0f71f2a88eaf7e07
Certificate serial: 019A70DC6B88F5FCD188A09E02EB70123488
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MsK-SD_ye7jw3AnOD3HyqI6vfgc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/ff00c4-b728-44a0-962d-973db9ce68b5/1/MsK-SD_ye7jw3AnOD3HyqI6vfgc.mft
Manifest number: 1721
Signing time: Tue 11 Nov 2025 03:01:24 +0000
Manifest this update: Tue 11 Nov 2025 03:01:24 +0000
Manifest next update: Wed 12 Nov 2025 03:01:24 +0000
Files and hashes: 1: 3Ld3_xMK0PlfZFY-qBwXca5iVGM.roa (hash: CjU6hi/Jh6Zo5sGQ2UDjZfEn9Czpv8lCLYgvh/6NOKs=)
2: MsK-SD_ye7jw3AnOD3HyqI6vfgc.crl (hash: /1C723S9BzDw/Gr9BHBQR0EswlzYYupEDwxoz4E5id4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/ff00c4-b728-44a0-962d-973db9ce68b5/1/MsK-SD_ye7jw3AnOD3HyqI6vfgc.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/ff00c4-b728-44a0-962d-973db9ce68b5/1/MsK-SD_ye7jw3AnOD3HyqI6vfgc.mft
rsync://rpki.ripe.net/repository/DEFAULT/MsK-SD_ye7jw3AnOD3HyqI6vfgc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:dc:6b:88:f5:fc:d1:88:a0:9e:02:eb:70:12:34:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32c2be483ff27bb8f0dc09ce0f71f2a88eaf7e07
Validity
Not Before: Nov 11 03:01:24 2025 GMT
Not After : Nov 12 03:01:24 2025 GMT
Subject: CN=5ebb2481f48f596d195ce2caa51e38d29d872c32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e5:43:55:8f:8b:eb:45:20:9a:65:03:6c:4e:
8a:58:9a:09:a3:d0:92:96:0a:02:e3:72:30:d3:d7:
d5:48:34:37:10:05:46:71:7b:21:23:f2:6e:f7:ed:
47:f0:5b:b4:08:ae:37:8a:e7:5a:e3:de:9c:3e:a5:
32:0f:0f:6b:ed:a1:bb:74:71:65:8d:cf:98:6b:c9:
9d:2f:33:23:67:2c:34:b4:d0:96:43:ec:74:d2:93:
ce:73:ce:b9:0e:08:ed:54:1b:f1:b1:3c:fd:6f:39:
56:23:87:0a:da:ed:f7:51:6f:57:0c:16:6c:28:a9:
93:4e:27:04:0f:24:52:a1:23:ba:4b:cf:8d:c7:f9:
99:36:97:a4:71:9b:66:2e:46:bc:09:ee:bb:06:b8:
e1:7d:30:57:de:79:59:af:d5:cc:90:1b:eb:77:2a:
ed:f2:2c:41:5e:d1:07:50:58:2d:b6:c2:79:36:43:
f6:98:8d:34:cc:25:e4:b5:e7:6d:2d:2e:16:5a:5c:
98:37:a4:44:d5:a8:24:a1:0f:25:4b:d3:2f:1a:13:
ac:1d:eb:b5:11:6a:de:66:7e:97:1b:10:bd:18:f7:
02:6c:37:cd:fe:76:c2:4a:b1:cc:5a:48:10:6b:14:
70:d2:46:8a:e0:26:c6:20:5f:23:2c:30:bd:c9:2a:
ba:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:BB:24:81:F4:8F:59:6D:19:5C:E2:CA:A5:1E:38:D2:9D:87:2C:32
X509v3 Authority Key Identifier:
keyid:32:C2:BE:48:3F:F2:7B:B8:F0:DC:09:CE:0F:71:F2:A8:8E:AF:7E:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MsK-SD_ye7jw3AnOD3HyqI6vfgc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/ff00c4-b728-44a0-962d-973db9ce68b5/1/MsK-SD_ye7jw3AnOD3HyqI6vfgc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/ff00c4-b728-44a0-962d-973db9ce68b5/1/MsK-SD_ye7jw3AnOD3HyqI6vfgc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
70:7a:d9:51:55:23:a7:7e:7c:47:3b:d9:15:34:c5:1a:76:f4:
01:c2:83:af:f3:4d:38:ed:38:a7:fa:e0:cf:38:03:07:2e:f2:
5f:ab:32:2c:49:b0:aa:23:db:d4:ee:ce:49:a2:84:05:eb:c8:
7e:c2:e4:46:26:c2:d7:77:c5:13:d4:47:b1:e6:72:33:33:e7:
04:db:d1:c5:e0:3e:9f:57:d2:1c:41:f6:59:03:04:2a:a8:89:
a1:f1:32:e5:0b:41:58:ac:2d:b9:f9:ae:dc:fa:08:e3:6f:9c:
a8:84:f4:8a:3c:24:28:1d:5c:21:3c:da:8b:93:c1:97:3f:8a:
0e:63:91:d6:0b:15:fc:f8:ab:2b:c6:fc:bd:85:64:69:17:77:
97:18:71:cc:b7:13:56:4b:da:03:cb:53:a1:06:6f:c5:fb:a9:
16:cb:c8:d1:50:29:32:9a:42:f7:bc:08:13:4a:cd:d5:d0:98:
47:07:37:e9:23:5e:f7:3d:a9:d2:ff:77:e7:31:c1:93:8c:98:
5a:df:64:8d:4b:37:7e:9f:3e:72:a0:2d:ec:4f:b9:5f:1c:3b:
c2:82:ac:be:9e:9a:8f:c1:2f:e7:8c:fe:54:13:5c:c9:10:db:
3c:2f:2f:15:88:59:fa:e6:99:c7:20:f4:de:c9:34:58:43:65:
f8:01:99:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3GuI9fzRiKCeAutwEjSIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyYzJiZTQ4M2ZmMjdiYjhmMGRjMDljZTBmNzFmMmE4OGVh
ZjdlMDcwHhcNMjUxMTExMDMwMTI0WhcNMjUxMTEyMDMwMTI0WjAzMTEwLwYDVQQD
Eyg1ZWJiMjQ4MWY0OGY1OTZkMTk1Y2UyY2FhNTFlMzhkMjlkODcyYzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzeVDVY+L60UgmmUDbE6KWJoJo9CS
lgoC43Iw09fVSDQ3EAVGcXshI/Ju9+1H8Fu0CK43iuda496cPqUyDw9r7aG7dHFl
jc+Ya8mdLzMjZyw0tNCWQ+x00pPOc865DgjtVBvxsTz9bzlWI4cK2u33UW9XDBZs
KKmTTicEDyRSoSO6S8+Nx/mZNpekcZtmLka8Ce67BrjhfTBX3nlZr9XMkBvrdyrt
8ixBXtEHUFgttsJ5NkP2mI00zCXktedtLS4WWlyYN6RE1agkoQ8lS9MvGhOsHeu1
EWreZn6XGxC9GPcCbDfN/nbCSrHMWkgQaxRw0kaK4CbGIF8jLDC9ySq6sQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF67JIH0j1ltGVziyqUeONKdhywyMB8GA1UdIwQY
MBaAFDLCvkg/8nu48NwJzg9x8qiOr34HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXNLLVNEX3llN2p3M0FuT0QzSHlxSTZ2ZmdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9mZjAwYzQtYjcyOC00NGEwLTk2MmQt
OTczZGI5Y2U2OGI1LzEvTXNLLVNEX3llN2p3M0FuT0QzSHlxSTZ2ZmdjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9mZjAwYzQtYjcyOC00NGEwLTk2MmQtOTczZGI5Y2U2OGI1
LzEvTXNLLVNEX3llN2p3M0FuT0QzSHlxSTZ2ZmdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcHrZUVUj
p358RzvZFTTFGnb0AcKDr/NNOO04p/rgzzgDBy7yX6syLEmwqiPb1O7OSaKEBevI
fsLkRibC13fFE9RHseZyMzPnBNvRxeA+n1fSHEH2WQMEKqiJofEy5QtBWKwtufmu
3PoI42+cqIT0ijwkKB1cITzai5PBlz+KDmOR1gsV/PirK8b8vYVkaRd3lxhxzLcT
VkvaA8tToQZvxfupFsvI0VApMppC97wIE0rN1dCYRwc36SNe9z2p0v935zHBk4yY
Wt9kjUs3fp8+cqAt7E+5Xxw7woKsvp6aj8Ev54z+VBNcyRDbPC8vFYhZ+uaZxyD0
3sk0WENl+AGZsg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:46:14 2025 by rpki-client