Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/a86dfb-1204-47e3-ad76-ae7727949445/1/RKMb41sydPLLhX5a81aLaFqJEn0.mft
File: RKMb41sydPLLhX5a81aLaFqJEn0.mft (raw, json)
Hash identifier: IKTQkHyRBbyX6blWt9O+EzUui6lxVHaJJp9Z3QrcgiU=
Subject key identifier: 05:FB:DA:04:F5:A6:1F:D0:56:6F:7A:8E:E2:2F:62:74:AA:C3:80:49
Authority key identifier: 44:A3:1B:E3:5B:32:74:F2:CB:85:7E:5A:F3:56:8B:68:5A:89:12:7D
Certificate issuer: /CN=44a31be35b3274f2cb857e5af3568b685a89127d
Certificate serial: 019A733872A70546E8DEBA2548CBB9CF6740
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RKMb41sydPLLhX5a81aLaFqJEn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/a86dfb-1204-47e3-ad76-ae7727949445/1/RKMb41sydPLLhX5a81aLaFqJEn0.mft
Manifest number: 01D4
Signing time: Tue 11 Nov 2025 14:01:10 +0000
Manifest this update: Tue 11 Nov 2025 14:01:10 +0000
Manifest next update: Wed 12 Nov 2025 14:01:10 +0000
Files and hashes: 1: RKMb41sydPLLhX5a81aLaFqJEn0.crl (hash: Q06ST5QVR8JtTGWYb2EX5Lt8+tHvHj0b3tzIsk0vFA0=)
2: YFJicIZOsKffrZlgqGfXDM6-Vko.roa (hash: clBAf9+wIJJTmEssFM2b37Ghk44VkYVJfz08MTSBlTw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/a86dfb-1204-47e3-ad76-ae7727949445/1/RKMb41sydPLLhX5a81aLaFqJEn0.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/a86dfb-1204-47e3-ad76-ae7727949445/1/RKMb41sydPLLhX5a81aLaFqJEn0.mft
rsync://rpki.ripe.net/repository/DEFAULT/RKMb41sydPLLhX5a81aLaFqJEn0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:38:72:a7:05:46:e8:de:ba:25:48:cb:b9:cf:67:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44a31be35b3274f2cb857e5af3568b685a89127d
Validity
Not Before: Nov 11 14:01:10 2025 GMT
Not After : Nov 12 14:01:10 2025 GMT
Subject: CN=05fbda04f5a61fd0566f7a8ee22f6274aac38049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b0:52:64:b3:b4:4f:05:3e:65:1f:55:2d:84:
e2:81:32:92:22:fc:d7:9d:95:d1:75:a0:eb:48:a1:
4b:23:2e:83:95:1f:c0:e4:d7:a3:0e:84:c6:72:a1:
c2:9a:92:16:30:b1:ff:79:bf:b1:67:9d:60:d2:39:
fe:21:4d:9f:a1:6f:49:ec:b8:11:5c:9d:52:18:05:
ac:af:d1:20:d6:55:c9:0f:10:f3:5d:e6:51:18:27:
35:41:95:c7:2c:68:a0:59:5e:ae:5f:2f:ba:d4:07:
d1:2e:2c:cc:57:03:a0:98:28:9c:0c:58:e9:5d:97:
61:66:03:2d:db:49:03:e3:b6:a2:d9:c4:90:3f:53:
19:e1:16:c2:7e:20:36:fb:7b:82:5a:78:d2:4c:ab:
45:54:92:b2:ff:3c:3c:fa:8f:b3:bc:54:01:6f:63:
f0:1f:0f:06:06:b1:d3:a9:a0:71:dd:15:83:c3:39:
25:7e:43:69:47:ae:51:fb:e6:01:f7:e3:2f:98:94:
45:f5:cb:f3:51:57:35:84:67:a4:a7:00:7d:4f:7b:
b1:4b:f0:24:19:0b:0d:bb:14:c5:84:95:82:8c:70:
b0:5f:cc:69:08:9a:00:df:51:67:92:07:b0:1d:da:
73:ad:84:ad:f4:59:bb:a7:69:a8:1f:6d:c6:ba:0a:
12:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:FB:DA:04:F5:A6:1F:D0:56:6F:7A:8E:E2:2F:62:74:AA:C3:80:49
X509v3 Authority Key Identifier:
keyid:44:A3:1B:E3:5B:32:74:F2:CB:85:7E:5A:F3:56:8B:68:5A:89:12:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RKMb41sydPLLhX5a81aLaFqJEn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a86dfb-1204-47e3-ad76-ae7727949445/1/RKMb41sydPLLhX5a81aLaFqJEn0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a86dfb-1204-47e3-ad76-ae7727949445/1/RKMb41sydPLLhX5a81aLaFqJEn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:43:92:1a:da:c1:dd:1e:b5:f3:bf:11:a8:cb:11:63:89:c7:
62:2c:b0:e3:2a:5d:e3:e4:c9:16:ab:39:9f:f5:6e:36:b2:8b:
4d:3e:6f:ef:dc:3d:26:b3:b7:01:0b:1d:8e:df:d3:79:c5:02:
6d:0b:fe:43:36:db:59:dd:08:e7:6d:2b:d7:0b:f3:37:fb:58:
23:44:95:3c:5f:21:8b:a0:e5:67:f7:2c:be:b5:34:a2:31:00:
b6:26:f9:f5:6f:d4:37:b3:12:55:76:8d:f8:cb:b4:22:a1:4c:
3d:f3:f8:65:e9:a0:58:6d:c5:99:75:a0:6b:a7:bd:03:9b:9d:
8f:ad:02:19:ca:d0:6f:1a:34:8b:11:c4:a5:a9:f9:76:a0:50:
60:23:1d:0a:81:d9:7c:4d:00:92:4f:fd:45:4b:2c:f4:dd:9d:
b6:2d:c0:07:df:14:8c:52:19:43:65:78:55:55:b2:4c:71:75:
de:1c:d4:aa:73:99:52:c4:e0:9c:e2:c8:4b:48:d6:d3:3e:f9:
e0:b5:e6:b6:6c:28:61:e7:75:24:f3:6b:ca:5a:52:1d:ca:05:
7f:97:00:67:6a:92:70:f5:2e:3e:95:3a:c9:6d:e9:5f:31:e2:
0c:f6:71:37:c6:8f:f8:1a:f8:96:4b:dc:70:27:4b:8b:a7:de:
4b:0e:ee:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzOHKnBUbo3rolSMu5z2dAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YTMxYmUzNWIzMjc0ZjJjYjg1N2U1YWYzNTY4YjY4NWE4
OTEyN2QwHhcNMjUxMTExMTQwMTEwWhcNMjUxMTEyMTQwMTEwWjAzMTEwLwYDVQQD
EygwNWZiZGEwNGY1YTYxZmQwNTY2ZjdhOGVlMjJmNjI3NGFhYzM4MDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7BSZLO0TwU+ZR9VLYTigTKSIvzX
nZXRdaDrSKFLIy6DlR/A5NejDoTGcqHCmpIWMLH/eb+xZ51g0jn+IU2foW9J7LgR
XJ1SGAWsr9Eg1lXJDxDzXeZRGCc1QZXHLGigWV6uXy+61AfRLizMVwOgmCicDFjp
XZdhZgMt20kD47ai2cSQP1MZ4RbCfiA2+3uCWnjSTKtFVJKy/zw8+o+zvFQBb2Pw
Hw8GBrHTqaBx3RWDwzklfkNpR65R++YB9+MvmJRF9cvzUVc1hGekpwB9T3uxS/Ak
GQsNuxTFhJWCjHCwX8xpCJoA31FnkgewHdpzrYSt9Fm7p2moH23GugoSwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAX72gT1ph/QVm96juIvYnSqw4BJMB8GA1UdIwQY
MBaAFESjG+NbMnTyy4V+WvNWi2haiRJ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUktNYjQxc3lkUExMaFg1YTgxYUxhRnFKRW4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9hODZkZmItMTIwNC00N2UzLWFkNzYt
YWU3NzI3OTQ5NDQ1LzEvUktNYjQxc3lkUExMaFg1YTgxYUxhRnFKRW4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9hODZkZmItMTIwNC00N2UzLWFkNzYtYWU3NzI3OTQ5NDQ1
LzEvUktNYjQxc3lkUExMaFg1YTgxYUxhRnFKRW4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIUOSGtrB
3R61878RqMsRY4nHYiyw4ypd4+TJFqs5n/VuNrKLTT5v79w9JrO3AQsdjt/TecUC
bQv+QzbbWd0I520r1wvzN/tYI0SVPF8hi6DlZ/csvrU0ojEAtib59W/UN7MSVXaN
+Mu0IqFMPfP4ZemgWG3FmXWga6e9A5udj60CGcrQbxo0ixHEpan5dqBQYCMdCoHZ
fE0Akk/9RUss9N2dti3AB98UjFIZQ2V4VVWyTHF13hzUqnOZUsTgnOLIS0jW0z75
4LXmtmwoYed1JPNrylpSHcoFf5cAZ2qScPUuPpU6yW3pXzHiDPZxN8aP+Br4lkvc
cCdLi6feSw7uGA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 16:51:32 2025 by rpki-client