Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/6a5394-0b05-4538-b0cd-9f6890f92e60/1/mKUzMIdAu70he_adzpCz9UEghFc.mft
File: mKUzMIdAu70he_adzpCz9UEghFc.mft (raw, json)
Hash identifier: ZthPtnu6qywI9rdKv0kh6sCBgrOrx/AztbnneaXOsn4=
Subject key identifier: 8E:68:20:A6:D7:07:4D:18:10:D0:1F:27:92:B4:98:53:9A:6B:1C:6F
Authority key identifier: 98:A5:33:30:87:40:BB:BD:21:7B:F6:9D:CE:90:B3:F5:41:20:84:57
Certificate issuer: /CN=98a533308740bbbd217bf69dce90b3f541208457
Certificate serial: 01994E896999743CC90516FE9A15662A57D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKUzMIdAu70he_adzpCz9UEghFc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/6a5394-0b05-4538-b0cd-9f6890f92e60/1/mKUzMIdAu70he_adzpCz9UEghFc.mft
Manifest number: 168B
Signing time: Mon 15 Sep 2025 18:00:52 +0000
Manifest this update: Mon 15 Sep 2025 18:00:52 +0000
Manifest next update: Tue 16 Sep 2025 18:00:52 +0000
Files and hashes: 1: 4hnUUt9Ys_eQWvU2fA6JemX65dw.roa (hash: ntUnKbzWvKshnrPe1olGFJu/nCj9Xb/2m4Wf2hJLEss=)
2: mKUzMIdAu70he_adzpCz9UEghFc.crl (hash: 1eN0BWnvkSWnsEVKpbO9YIb0wN5dXMritUCjYhwAucM=)
3: sfQ3GEtYzhBBWxqpfOQ0GcKpsbY.roa (hash: wrk4xF0OxGaC9MkY6FPvwbKzU+JxYtuzUOz5b0tcuxA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/6a5394-0b05-4538-b0cd-9f6890f92e60/1/mKUzMIdAu70he_adzpCz9UEghFc.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/6a5394-0b05-4538-b0cd-9f6890f92e60/1/mKUzMIdAu70he_adzpCz9UEghFc.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKUzMIdAu70he_adzpCz9UEghFc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Sep 2025 13:46:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:4e:89:69:99:74:3c:c9:05:16:fe:9a:15:66:2a:57:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a533308740bbbd217bf69dce90b3f541208457
Validity
Not Before: Sep 15 18:00:52 2025 GMT
Not After : Sep 16 18:00:52 2025 GMT
Subject: CN=8e6820a6d7074d1810d01f2792b498539a6b1c6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:99:c0:4d:aa:1a:66:bb:9e:1a:6b:81:b4:26:
d4:eb:0f:66:a5:f1:cd:08:ec:9b:9c:55:ad:27:73:
0e:22:61:f2:4c:3c:2b:8a:46:f6:1c:49:00:e1:2b:
97:7e:22:9d:5e:44:9c:82:d0:08:be:28:95:ff:53:
1a:91:5e:30:be:89:27:7f:19:b8:79:44:c2:29:bb:
ff:5a:ec:28:95:cb:57:69:50:50:3b:2f:68:65:49:
ee:c6:f9:97:65:5f:49:67:6f:a5:3c:02:29:bd:49:
fa:41:38:18:94:fa:48:6d:dd:23:c7:c6:83:71:2c:
d0:f0:80:a5:d3:59:38:82:ac:e8:54:e2:c8:46:bb:
ea:6a:87:c6:ae:04:6c:63:63:c6:7d:ef:77:65:fb:
d4:bc:13:48:e2:f0:1a:f0:ba:0a:fe:5b:d9:66:34:
f0:bf:53:da:c6:cd:0a:1f:d4:b1:c7:74:a3:cc:bf:
60:37:96:03:11:d0:86:c1:99:3b:68:d4:4f:26:b8:
ec:b7:e7:b4:de:26:d7:46:ef:29:86:50:36:fd:a5:
82:37:9d:f6:13:e8:94:1e:7b:ba:df:bd:5f:b4:0f:
ef:1b:19:3b:aa:c9:c4:6e:ee:ab:fa:d2:f6:c2:28:
a2:e7:5a:16:94:82:ef:4c:07:8c:b2:63:b9:e8:3b:
dd:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:68:20:A6:D7:07:4D:18:10:D0:1F:27:92:B4:98:53:9A:6B:1C:6F
X509v3 Authority Key Identifier:
keyid:98:A5:33:30:87:40:BB:BD:21:7B:F6:9D:CE:90:B3:F5:41:20:84:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKUzMIdAu70he_adzpCz9UEghFc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/6a5394-0b05-4538-b0cd-9f6890f92e60/1/mKUzMIdAu70he_adzpCz9UEghFc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/6a5394-0b05-4538-b0cd-9f6890f92e60/1/mKUzMIdAu70he_adzpCz9UEghFc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bf:cd:fc:34:5c:df:26:0e:4d:79:01:21:22:5a:8f:b8:a3:94:
1e:b4:b7:ca:52:93:a1:7c:59:e4:e2:17:07:53:5e:b3:fe:00:
f0:d3:b4:80:d5:4f:84:6c:ee:0f:20:bd:db:45:3b:04:ee:ff:
a9:a3:63:06:e5:ab:c4:44:75:3a:60:b0:aa:0f:b6:fa:08:80:
73:0f:b4:af:64:89:da:75:12:83:54:65:bb:94:b7:8b:a9:1b:
54:fe:10:d5:51:76:6f:a3:61:a8:6e:bc:9d:42:bc:0a:19:e5:
87:81:e3:80:02:df:43:ac:6a:e5:4d:3f:a5:9b:07:bb:8f:3d:
e9:06:8f:75:ae:78:46:43:66:71:b8:25:4a:eb:09:9a:64:30:
f9:93:43:b2:7a:47:b2:17:e8:1f:55:70:73:43:ef:66:a0:56:
02:99:bb:2a:bc:c1:ea:89:21:0b:bf:80:c8:f4:4b:91:b3:ff:
f1:bd:c7:3a:40:2a:d2:6b:d1:38:59:60:49:bf:02:34:59:36:
bd:d5:53:ed:d3:df:de:07:20:79:09:54:e9:a6:5d:63:78:bb:
91:07:a4:6a:9e:a0:5b:e5:d8:dc:27:bc:2b:ba:53:a2:bf:39:
15:fc:3e:fb:e6:cd:4f:8e:27:a8:c3:1a:dc:d1:e5:5b:bd:4a:
19:ed:43:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZlOiWmZdDzJBRb+mhVmKlfRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4YTUzMzMwODc0MGJiYmQyMTdiZjY5ZGNlOTBiM2Y1NDEy
MDg0NTcwHhcNMjUwOTE1MTgwMDUyWhcNMjUwOTE2MTgwMDUyWjAzMTEwLwYDVQQD
Eyg4ZTY4MjBhNmQ3MDc0ZDE4MTBkMDFmMjc5MmI0OTg1MzlhNmIxYzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5nATaoaZrueGmuBtCbU6w9mpfHN
COybnFWtJ3MOImHyTDwrikb2HEkA4SuXfiKdXkScgtAIviiV/1MakV4wvoknfxm4
eUTCKbv/WuwolctXaVBQOy9oZUnuxvmXZV9JZ2+lPAIpvUn6QTgYlPpIbd0jx8aD
cSzQ8ICl01k4gqzoVOLIRrvqaofGrgRsY2PGfe93ZfvUvBNI4vAa8LoK/lvZZjTw
v1Paxs0KH9Sxx3SjzL9gN5YDEdCGwZk7aNRPJrjst+e03ibXRu8phlA2/aWCN532
E+iUHnu6371ftA/vGxk7qsnEbu6r+tL2wiii51oWlILvTAeMsmO56DvdOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI5oIKbXB00YENAfJ5K0mFOaaxxvMB8GA1UdIwQY
MBaAFJilMzCHQLu9IXv2nc6Qs/VBIIRXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUtVek1JZEF1NzBoZV9hZHpwQ3o5VUVnaEZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi82YTUzOTQtMGIwNS00NTM4LWIwY2Qt
OWY2ODkwZjkyZTYwLzEvbUtVek1JZEF1NzBoZV9hZHpwQ3o5VUVnaEZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi82YTUzOTQtMGIwNS00NTM4LWIwY2QtOWY2ODkwZjkyZTYw
LzEvbUtVek1JZEF1NzBoZV9hZHpwQ3o5VUVnaEZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAv838NFzf
Jg5NeQEhIlqPuKOUHrS3ylKToXxZ5OIXB1Nes/4A8NO0gNVPhGzuDyC920U7BO7/
qaNjBuWrxER1OmCwqg+2+giAcw+0r2SJ2nUSg1Rlu5S3i6kbVP4Q1VF2b6NhqG68
nUK8Chnlh4HjgALfQ6xq5U0/pZsHu4896QaPda54RkNmcbglSusJmmQw+ZNDsnpH
shfoH1Vwc0PvZqBWApm7KrzB6okhC7+AyPRLkbP/8b3HOkAq0mvROFlgSb8CNFk2
vdVT7dPf3gcgeQlU6aZdY3i7kQekap6gW+XY3Ce8K7pTor85Ffw+++bNT44nqMMa
3NHlW71KGe1DaA==
-----END CERTIFICATE-----
Generated at Mon Sep 15 19:07:10 2025 by rpki-client