Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/K5didVR7dd8rBMT5spHAcQxQd0A.mft
File: K5didVR7dd8rBMT5spHAcQxQd0A.mft (raw, json)
Hash identifier: rTfFm/GC49Q0Lnnu7DJ8symGe+KuSUQ+cpscZwhHhJY=
Subject key identifier: AD:05:F7:C3:3C:00:B4:62:F8:B7:4C:FB:1B:CC:66:19:78:91:39:2F
Authority key identifier: 2B:97:62:75:54:7B:75:DF:2B:04:C4:F9:B2:91:C0:71:0C:50:77:40
Certificate issuer: /CN=2b976275547b75df2b04c4f9b291c0710c507740
Certificate serial: 01992F3505AA2EF8F623E1CB3BA8605DF041
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K5didVR7dd8rBMT5spHAcQxQd0A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/K5didVR7dd8rBMT5spHAcQxQd0A.mft
Manifest number: 167A
Signing time: Tue 09 Sep 2025 16:00:27 +0000
Manifest this update: Tue 09 Sep 2025 16:00:27 +0000
Manifest next update: Wed 10 Sep 2025 16:00:27 +0000
Files and hashes: 1: K5didVR7dd8rBMT5spHAcQxQd0A.crl (hash: n9xBMAoNLqMpKudVQ/RDV1gfx3czvWwWve9Ug+cS9eY=)
2: LM4PEm0ffK75EUFTgpXPbuoAKZ8.roa (hash: d7gyd2tIHJ6HJ/7vl5EHNlkX+eVBttxlbWWHGFZ3xxQ=)
3: _w36PBooYvePauBkPOTldD_qNZc.roa (hash: hpJoX8luKbQz9GDhdRpg1rk5Zn+lxQz5UWYQbVjTs1Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/K5didVR7dd8rBMT5spHAcQxQd0A.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/K5didVR7dd8rBMT5spHAcQxQd0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/K5didVR7dd8rBMT5spHAcQxQd0A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 15:12:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2f:35:05:aa:2e:f8:f6:23:e1:cb:3b:a8:60:5d:f0:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b976275547b75df2b04c4f9b291c0710c507740
Validity
Not Before: Sep 9 16:00:27 2025 GMT
Not After : Sep 10 16:00:27 2025 GMT
Subject: CN=ad05f7c33c00b462f8b74cfb1bcc66197891392f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b7:d5:69:ed:a9:e9:5f:d7:db:2d:f4:27:06:
e6:24:7e:7a:52:d3:d6:6e:7c:e9:50:00:53:e7:96:
19:71:9c:0e:a6:6f:e0:ef:92:5a:c2:07:4b:57:17:
5e:32:ce:d8:51:f8:cf:d1:7d:fb:73:c3:f1:f0:37:
c4:63:e5:ae:78:2d:37:11:13:3d:c0:e9:a8:3d:32:
b1:42:6f:ae:0e:b7:0b:21:c8:d0:a2:25:d4:98:53:
78:b1:73:53:05:09:63:55:fd:f7:6f:9c:8b:8f:88:
56:25:fb:5b:7d:a1:31:54:15:aa:eb:a4:8c:88:a7:
b4:47:f0:da:ad:6f:9e:da:99:42:c3:1b:e6:c4:c1:
52:fd:ed:47:61:00:83:88:d5:fb:e6:86:7d:5a:a8:
eb:9c:51:ca:ed:90:ac:d9:62:28:47:a4:7a:d7:62:
7e:40:fc:06:ab:43:91:90:a7:5c:5a:42:ca:b1:d4:
05:77:0f:b5:41:25:dd:50:b8:d2:c6:35:88:6d:e3:
5a:ff:9c:25:45:2b:f9:3f:96:4f:7f:8f:09:09:a8:
59:41:92:27:0b:6d:47:37:9a:e9:43:52:7d:86:2c:
21:8c:7b:44:ca:65:59:1a:77:e4:4f:79:4e:37:03:
16:b4:98:1f:f2:a7:cd:4f:78:be:1b:bb:84:ce:c3:
79:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:05:F7:C3:3C:00:B4:62:F8:B7:4C:FB:1B:CC:66:19:78:91:39:2F
X509v3 Authority Key Identifier:
keyid:2B:97:62:75:54:7B:75:DF:2B:04:C4:F9:B2:91:C0:71:0C:50:77:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5didVR7dd8rBMT5spHAcQxQd0A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/K5didVR7dd8rBMT5spHAcQxQd0A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/K5didVR7dd8rBMT5spHAcQxQd0A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2d:e6:02:65:33:88:e1:90:e5:fc:a7:e0:df:18:08:be:c5:3a:
67:4c:7f:a1:77:86:ce:a7:fe:9f:91:85:54:cf:22:46:25:c3:
6c:b6:36:9d:32:3c:35:2d:18:18:a8:b2:e3:87:6d:e2:ae:d3:
05:c4:ab:4e:c0:6a:e6:19:f9:a1:75:6a:81:5d:b2:88:34:4f:
d1:ab:15:71:17:ae:e3:4f:c3:50:0a:14:77:9f:74:6f:9e:70:
4b:f4:a5:18:d5:26:98:6b:2c:a8:52:83:d4:5c:bc:00:3a:e2:
63:90:6e:88:94:02:f9:81:21:f5:dd:58:94:2e:4d:44:54:71:
a4:a6:67:e3:fe:f5:7c:2b:78:18:c2:b5:2f:b2:96:1d:43:89:
26:19:8f:df:90:94:aa:7d:dc:c5:b6:f2:f0:1c:63:fc:dd:af:
62:64:de:45:be:f4:0a:1b:19:e5:a0:73:40:a0:ea:66:c0:f6:
3d:23:d8:1b:4c:f4:20:5e:7e:8e:65:e9:d3:08:eb:2e:ef:a9:
f5:24:37:3c:30:7a:2a:b7:67:1d:b1:d5:f6:a3:59:b7:6e:af:
f6:dc:df:90:e8:27:b2:82:cb:c6:28:bb:db:97:4e:f9:95:b9:
08:f5:4b:6c:b5:06:91:a1:79:95:5b:9c:4b:a1:b3:11:97:13:
fa:03:0a:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkvNQWqLvj2I+HLO6hgXfBBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTc2Mjc1NTQ3Yjc1ZGYyYjA0YzRmOWIyOTFjMDcxMGM1
MDc3NDAwHhcNMjUwOTA5MTYwMDI3WhcNMjUwOTEwMTYwMDI3WjAzMTEwLwYDVQQD
EyhhZDA1ZjdjMzNjMDBiNDYyZjhiNzRjZmIxYmNjNjYxOTc4OTEzOTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrfVae2p6V/X2y30JwbmJH56UtPW
bnzpUABT55YZcZwOpm/g75JawgdLVxdeMs7YUfjP0X37c8Px8DfEY+WueC03ERM9
wOmoPTKxQm+uDrcLIcjQoiXUmFN4sXNTBQljVf33b5yLj4hWJftbfaExVBWq66SM
iKe0R/DarW+e2plCwxvmxMFS/e1HYQCDiNX75oZ9WqjrnFHK7ZCs2WIoR6R612J+
QPwGq0ORkKdcWkLKsdQFdw+1QSXdULjSxjWIbeNa/5wlRSv5P5ZPf48JCahZQZIn
C21HN5rpQ1J9hiwhjHtEymVZGnfkT3lONwMWtJgf8qfNT3i+G7uEzsN5awIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK0F98M8ALRi+LdM+xvMZhl4kTkvMB8GA1UdIwQY
MBaAFCuXYnVUe3XfKwTE+bKRwHEMUHdAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVkaWRWUjdkZDhyQk1UNXNwSEFjUXhRZDBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81OGY0NWYtOGIwNy00ZTZhLTk1NDgt
ZDViMGY5MWQ5N2MyLzEvSzVkaWRWUjdkZDhyQk1UNXNwSEFjUXhRZDBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81OGY0NWYtOGIwNy00ZTZhLTk1NDgtZDViMGY5MWQ5N2My
LzEvSzVkaWRWUjdkZDhyQk1UNXNwSEFjUXhRZDBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALeYCZTOI
4ZDl/Kfg3xgIvsU6Z0x/oXeGzqf+n5GFVM8iRiXDbLY2nTI8NS0YGKiy44dt4q7T
BcSrTsBq5hn5oXVqgV2yiDRP0asVcReu40/DUAoUd590b55wS/SlGNUmmGssqFKD
1Fy8ADriY5BuiJQC+YEh9d1YlC5NRFRxpKZn4/71fCt4GMK1L7KWHUOJJhmP35CU
qn3cxbby8Bxj/N2vYmTeRb70ChsZ5aBzQKDqZsD2PSPYG0z0IF5+jmXp0wjrLu+p
9SQ3PDB6KrdnHbHV9qNZt26v9tzfkOgnsoLLxii725dO+ZW5CPVLbLUGkaF5lVuc
S6GzEZcT+gMKsQ==
-----END CERTIFICATE-----
Generated at Tue Sep 9 18:48:41 2025 by rpki-client