Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/cd4624-620a-4cb2-a416-6be92b1aa8b3/1/mk2qT2rA5rwQK2iECirGu1QbQPw.mft
File: mk2qT2rA5rwQK2iECirGu1QbQPw.mft (raw, json)
Hash identifier: 8/p4/aDPhnoSJINV+jzKv0ia6adR2ypX/pAFpb2zn5I=
Subject key identifier: 6B:70:B9:A5:27:DA:10:4D:EF:06:26:CD:20:D9:A3:CA:52:79:DD:6D
Authority key identifier: 9A:4D:AA:4F:6A:C0:E6:BC:10:2B:68:84:0A:2A:C6:BB:54:1B:40:FC
Certificate issuer: /CN=9a4daa4f6ac0e6bc102b68840a2ac6bb541b40fc
Certificate serial: 019A71B7E0ECD9A731BE0B7341A620DD7739
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mk2qT2rA5rwQK2iECirGu1QbQPw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/cd4624-620a-4cb2-a416-6be92b1aa8b3/1/mk2qT2rA5rwQK2iECirGu1QbQPw.mft
Manifest number: 0715
Signing time: Tue 11 Nov 2025 07:01:07 +0000
Manifest this update: Tue 11 Nov 2025 07:01:07 +0000
Manifest next update: Wed 12 Nov 2025 07:01:07 +0000
Files and hashes: 1: j0Asbb5ngsOWlyvv7kth_3yoBYM.roa (hash: O/JfF/netiv5OyRHt3hhhICYzLbMzCW+fJQdQl7HVfM=)
2: mk2qT2rA5rwQK2iECirGu1QbQPw.crl (hash: 4zTDJ833nLWq72UTGCurb9q+XIxy/EFjtAQoIA7GpHc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/cd4624-620a-4cb2-a416-6be92b1aa8b3/1/mk2qT2rA5rwQK2iECirGu1QbQPw.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/cd4624-620a-4cb2-a416-6be92b1aa8b3/1/mk2qT2rA5rwQK2iECirGu1QbQPw.mft
rsync://rpki.ripe.net/repository/DEFAULT/mk2qT2rA5rwQK2iECirGu1QbQPw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:e0:ec:d9:a7:31:be:0b:73:41:a6:20:dd:77:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a4daa4f6ac0e6bc102b68840a2ac6bb541b40fc
Validity
Not Before: Nov 11 07:01:07 2025 GMT
Not After : Nov 12 07:01:07 2025 GMT
Subject: CN=6b70b9a527da104def0626cd20d9a3ca5279dd6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:20:bf:47:dd:ee:f1:6e:75:ab:4e:9f:68:4a:
d0:51:db:81:d7:49:f9:3c:50:7c:c1:0e:80:74:2d:
b2:9e:bd:00:38:1a:62:23:ec:81:f7:23:f6:9a:9e:
25:7f:4b:b9:ef:a0:c0:0c:25:79:ce:31:da:4c:d6:
d3:1a:7e:a4:e1:20:8f:98:91:64:ba:a9:c8:45:71:
01:1e:83:51:2d:17:e6:72:d7:92:fd:b8:f2:76:96:
ee:d6:ef:44:6a:2b:54:3e:40:e2:86:ee:c3:5f:03:
12:cd:eb:07:e5:1c:fd:b3:24:23:91:58:90:4f:2f:
5c:14:3f:c1:b9:39:c2:91:0b:ea:bc:af:34:52:a8:
fc:ce:1a:50:a1:82:ca:e6:f4:0a:69:3b:ee:f4:37:
59:99:2f:c7:5c:e8:dd:e2:49:1c:95:81:d7:44:55:
20:34:93:e8:5d:fe:56:23:b3:00:48:d1:d7:fb:0f:
6f:f7:78:de:c7:3d:90:3a:d1:6d:cc:33:9a:19:ef:
dc:d5:ff:a7:68:87:3a:42:1b:10:46:1b:f6:45:8d:
1b:1c:13:99:35:ac:c6:34:13:77:b8:a0:7a:1f:b8:
3a:a5:53:c9:a7:a0:9a:d1:7c:54:cf:04:31:49:9c:
ea:aa:7b:d6:fd:f0:84:ae:c7:70:df:d3:ab:b1:df:
ee:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:70:B9:A5:27:DA:10:4D:EF:06:26:CD:20:D9:A3:CA:52:79:DD:6D
X509v3 Authority Key Identifier:
keyid:9A:4D:AA:4F:6A:C0:E6:BC:10:2B:68:84:0A:2A:C6:BB:54:1B:40:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mk2qT2rA5rwQK2iECirGu1QbQPw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/cd4624-620a-4cb2-a416-6be92b1aa8b3/1/mk2qT2rA5rwQK2iECirGu1QbQPw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/cd4624-620a-4cb2-a416-6be92b1aa8b3/1/mk2qT2rA5rwQK2iECirGu1QbQPw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4c:4e:c0:91:a6:db:64:66:4e:a1:37:91:6a:19:82:84:a7:fa:
a1:46:5d:98:00:55:f0:82:09:82:b9:ae:90:6d:58:c3:33:3f:
1d:c3:a4:6b:6b:04:4c:d8:74:db:67:bf:ee:73:65:bc:7e:46:
c5:27:8e:3f:55:b0:ca:89:17:5f:56:56:9c:9f:6c:0e:d3:e7:
79:d3:db:74:42:ad:7e:a5:88:4d:76:24:e0:41:f1:8c:3d:31:
d3:5b:57:bb:69:39:50:e5:c9:5e:7a:84:e1:74:aa:78:e0:27:
07:42:b7:4f:9d:7b:9b:a3:e4:90:73:ab:87:8a:43:d0:87:fa:
27:23:15:e7:c3:4a:03:2b:8b:52:7c:e5:fb:d9:d6:3f:0d:31:
b6:20:21:79:c2:4b:b2:15:ef:4d:4a:c6:4e:88:88:91:b6:89:
31:a2:03:2e:39:e5:6e:47:b4:48:36:69:ef:37:37:ee:12:fa:
e3:64:55:2a:bc:68:7c:a9:8d:d9:20:68:eb:c5:c3:17:9a:10:
d6:51:96:ea:c1:ce:d8:a9:5f:22:07:ec:0e:16:2e:39:94:5e:
55:cd:52:5a:c3:35:71:ef:fb:ee:e4:e5:89:a1:02:86:1d:c1:
a7:27:3b:e9:ad:9f:d4:f8:48:06:72:3b:30:9c:09:23:6a:41:
bf:f8:ed:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt+Ds2acxvgtzQaYg3Xc5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNGRhYTRmNmFjMGU2YmMxMDJiNjg4NDBhMmFjNmJiNTQx
YjQwZmMwHhcNMjUxMTExMDcwMTA3WhcNMjUxMTEyMDcwMTA3WjAzMTEwLwYDVQQD
Eyg2YjcwYjlhNTI3ZGExMDRkZWYwNjI2Y2QyMGQ5YTNjYTUyNzlkZDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSC/R93u8W51q06faErQUduB10n5
PFB8wQ6AdC2ynr0AOBpiI+yB9yP2mp4lf0u576DADCV5zjHaTNbTGn6k4SCPmJFk
uqnIRXEBHoNRLRfmcteS/bjydpbu1u9EaitUPkDihu7DXwMSzesH5Rz9syQjkViQ
Ty9cFD/BuTnCkQvqvK80Uqj8zhpQoYLK5vQKaTvu9DdZmS/HXOjd4kkclYHXRFUg
NJPoXf5WI7MASNHX+w9v93jexz2QOtFtzDOaGe/c1f+naIc6QhsQRhv2RY0bHBOZ
NazGNBN3uKB6H7g6pVPJp6Ca0XxUzwQxSZzqqnvW/fCErsdw39Orsd/u+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGtwuaUn2hBN7wYmzSDZo8pSed1tMB8GA1UdIwQY
MBaAFJpNqk9qwOa8ECtohAoqxrtUG0D8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWsycVQyckE1cndRSzJpRUNpckd1MVFiUVB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9jZDQ2MjQtNjIwYS00Y2IyLWE0MTYt
NmJlOTJiMWFhOGIzLzEvbWsycVQyckE1cndRSzJpRUNpckd1MVFiUVB3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9jZDQ2MjQtNjIwYS00Y2IyLWE0MTYtNmJlOTJiMWFhOGIz
LzEvbWsycVQyckE1cndRSzJpRUNpckd1MVFiUVB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATE7Akabb
ZGZOoTeRahmChKf6oUZdmABV8IIJgrmukG1YwzM/HcOka2sETNh022e/7nNlvH5G
xSeOP1WwyokXX1ZWnJ9sDtPnedPbdEKtfqWITXYk4EHxjD0x01tXu2k5UOXJXnqE
4XSqeOAnB0K3T517m6PkkHOrh4pD0If6JyMV58NKAyuLUnzl+9nWPw0xtiAhecJL
shXvTUrGToiIkbaJMaIDLjnlbke0SDZp7zc37hL642RVKrxofKmN2SBo68XDF5oQ
1lGW6sHO2KlfIgfsDhYuOZReVc1SWsM1ce/77uTliaEChh3Bpyc76a2f1PhIBnI7
MJwJI2pBv/jtjQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:46:53 2025 by rpki-client