Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft
File: 001KO3R_ynAQOxfz29xQRcrOMt8.mft (raw, json)
Hash identifier: Erk6nvNEsXI9dYPYqBTK0ZAvHNpvkzhikZ6Cg9lSbCY=
Subject key identifier: 0C:CD:10:C8:8B:5A:70:C4:BF:56:79:1D:C9:53:98:F9:61:9F:AC:EF
Authority key identifier: D3:4D:4A:3B:74:7F:CA:70:10:3B:17:F3:DB:DC:50:45:CA:CE:32:DF
Certificate issuer: /CN=d34d4a3b747fca70103b17f3dbdc5045cace32df
Certificate serial: 019A714A1A47A30B06D3BFA6A106797864FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/001KO3R_ynAQOxfz29xQRcrOMt8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 05:01:12 +0000
Manifest this update: Tue 11 Nov 2025 05:01:12 +0000
Manifest next update: Wed 12 Nov 2025 05:01:12 +0000
Files and hashes: 1: 001KO3R_ynAQOxfz29xQRcrOMt8.crl (hash: Hhnk4+Wlg6dkQTo/kC/Pg88QSW3uzMs1dUfuOwRLH58=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft
rsync://rpki.ripe.net/repository/DEFAULT/001KO3R_ynAQOxfz29xQRcrOMt8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:4a:1a:47:a3:0b:06:d3:bf:a6:a1:06:79:78:64:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d34d4a3b747fca70103b17f3dbdc5045cace32df
Validity
Not Before: Nov 11 05:01:12 2025 GMT
Not After : Nov 12 05:01:12 2025 GMT
Subject: CN=0ccd10c88b5a70c4bf56791dc95398f9619facef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1a:a0:0e:b4:1c:49:18:64:52:da:01:48:b9:
75:6c:ce:1c:9c:5d:ac:0c:b5:dd:1f:92:9a:67:39:
2a:71:71:07:55:39:51:4c:97:3a:f9:0d:c9:88:d9:
9f:fe:22:06:be:89:3e:68:b2:e9:b4:8d:2f:be:2d:
09:a1:45:02:71:a2:f6:31:91:67:83:69:0a:13:b4:
59:95:52:7f:98:7a:f6:dd:6d:c4:77:06:54:9f:50:
fc:22:99:c8:0e:f9:64:d4:35:f5:9a:a2:04:57:03:
2d:1e:03:d6:69:0b:f4:d3:39:f1:d4:b7:e5:2a:f3:
e0:18:f0:0c:e7:c7:bb:10:1a:f0:a9:33:44:36:43:
3c:79:48:63:ac:44:81:c3:56:89:f2:b9:a4:10:4a:
d9:04:74:ef:00:5f:ad:3f:31:77:cb:51:d2:80:fb:
b1:41:54:db:5e:b9:94:56:ed:e2:95:08:1a:46:47:
3a:0f:b6:46:8c:f5:56:f9:ed:2d:96:7d:10:9c:68:
5b:d9:81:14:20:bc:20:86:32:dd:8a:37:60:1c:ec:
9b:70:43:ef:3d:77:58:85:54:50:a8:ce:57:57:70:
e2:48:02:8f:30:7f:9e:58:e9:61:89:50:22:bc:6e:
a5:32:50:cd:f2:d1:6c:c2:a8:65:a7:6e:56:5a:cc:
8d:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:CD:10:C8:8B:5A:70:C4:BF:56:79:1D:C9:53:98:F9:61:9F:AC:EF
X509v3 Authority Key Identifier:
keyid:D3:4D:4A:3B:74:7F:CA:70:10:3B:17:F3:DB:DC:50:45:CA:CE:32:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/001KO3R_ynAQOxfz29xQRcrOMt8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a7:95:ed:a6:f9:5a:ec:c2:40:21:c8:38:b3:90:4b:3c:15:e3:
b2:91:97:6e:5a:50:7a:96:e6:c8:ff:8b:fb:b2:23:14:30:c8:
b7:ba:ec:4c:74:ca:0e:bb:96:8d:93:be:b0:74:a9:65:2f:39:
af:52:3f:6f:f5:f0:b0:6a:b6:5d:5e:53:f2:ef:41:12:54:9a:
cc:56:2b:65:f7:3a:c2:6a:d0:b3:cf:a8:ac:2d:73:ed:44:93:
af:36:09:1f:ef:bc:1e:cd:0e:af:c1:4d:7a:e4:ac:1f:c0:b6:
21:5d:4a:eb:86:71:14:77:4b:22:00:8d:43:9a:2f:0e:8d:7c:
e9:d9:3e:d4:e8:d3:de:0e:58:1c:6b:18:8c:19:dd:cc:4f:0c:
cf:43:7f:38:69:d7:ed:21:a7:f0:6a:d4:0b:5e:a1:0b:2f:98:
a8:2c:8e:99:18:6d:c1:39:ed:0f:a1:a4:b8:7d:03:41:5e:09:
d0:13:46:6e:36:87:51:10:bc:ff:fe:3b:c0:36:c6:da:df:5a:
e1:42:f3:e9:83:85:87:60:79:b8:e2:46:5b:34:21:75:bf:a6:
d0:59:73:df:f3:1e:ca:6b:bc:c2:f8:33:76:7e:47:cf:2a:eb:
7d:07:cb:d5:4b:ff:86:5c:9c:ae:29:b6:1a:00:7a:e2:37:95:
84:9e:4e:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxShpHowsG07+moQZ5eGT/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNGQ0YTNiNzQ3ZmNhNzAxMDNiMTdmM2RiZGM1MDQ1Y2Fj
ZTMyZGYwHhcNMjUxMTExMDUwMTEyWhcNMjUxMTEyMDUwMTEyWjAzMTEwLwYDVQQD
EygwY2NkMTBjODhiNWE3MGM0YmY1Njc5MWRjOTUzOThmOTYxOWZhY2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBqgDrQcSRhkUtoBSLl1bM4cnF2s
DLXdH5KaZzkqcXEHVTlRTJc6+Q3JiNmf/iIGvok+aLLptI0vvi0JoUUCcaL2MZFn
g2kKE7RZlVJ/mHr23W3EdwZUn1D8IpnIDvlk1DX1mqIEVwMtHgPWaQv00znx1Lfl
KvPgGPAM58e7EBrwqTNENkM8eUhjrESBw1aJ8rmkEErZBHTvAF+tPzF3y1HSgPux
QVTbXrmUVu3ilQgaRkc6D7ZGjPVW+e0tln0QnGhb2YEUILwghjLdijdgHOybcEPv
PXdYhVRQqM5XV3DiSAKPMH+eWOlhiVAivG6lMlDN8tFswqhlp25WWsyNRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAzNEMiLWnDEv1Z5HclTmPlhn6zvMB8GA1UdIwQY
MBaAFNNNSjt0f8pwEDsX89vcUEXKzjLfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDAxS08zUl95bkFRT3hmejI5eFFSY3JPTXQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi84ZDgzNzItZTA3OS00ODMxLWFmZDIt
NDM3OTM0YzU4NDUzLzEvMDAxS08zUl95bkFRT3hmejI5eFFSY3JPTXQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi84ZDgzNzItZTA3OS00ODMxLWFmZDItNDM3OTM0YzU4NDUz
LzEvMDAxS08zUl95bkFRT3hmejI5eFFSY3JPTXQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp5Xtpvla
7MJAIcg4s5BLPBXjspGXblpQepbmyP+L+7IjFDDIt7rsTHTKDruWjZO+sHSpZS85
r1I/b/XwsGq2XV5T8u9BElSazFYrZfc6wmrQs8+orC1z7USTrzYJH++8Hs0Or8FN
euSsH8C2IV1K64ZxFHdLIgCNQ5ovDo186dk+1OjT3g5YHGsYjBndzE8Mz0N/OGnX
7SGn8GrUC16hCy+YqCyOmRhtwTntD6GkuH0DQV4J0BNGbjaHURC8//47wDbG2t9a
4ULz6YOFh2B5uOJGWzQhdb+m0Flz3/Meymu8wvgzdn5HzyrrfQfL1Uv/hlycrim2
GgB64jeVhJ5OZQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:19:12 2025 by rpki-client