Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/2c7ac3-eedf-455b-9e94-472f02450ec3/1/kR2gx6mUBcRrqthMudk-g0WZyOE.mft
File: kR2gx6mUBcRrqthMudk-g0WZyOE.mft (raw, json)
Hash identifier: XJBNo/UPuFbnzAL4wVY9bOCZhk6yLbFKRVlcwp0uP9Y=
Subject key identifier: FB:31:3F:26:B4:1F:D7:7F:02:CB:60:A3:69:71:2B:4C:5B:5A:DB:B5
Authority key identifier: 91:1D:A0:C7:A9:94:05:C4:6B:AA:D8:4C:B9:D9:3E:83:45:99:C8:E1
Certificate issuer: /CN=911da0c7a99405c46baad84cb9d93e834599c8e1
Certificate serial: 019A2930169C2064BB8D8929A1A3B87475D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kR2gx6mUBcRrqthMudk-g0WZyOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/2c7ac3-eedf-455b-9e94-472f02450ec3/1/kR2gx6mUBcRrqthMudk-g0WZyOE.mft
Manifest number: 16FB
Signing time: Tue 28 Oct 2025 05:00:08 +0000
Manifest this update: Tue 28 Oct 2025 05:00:08 +0000
Manifest next update: Wed 29 Oct 2025 05:00:08 +0000
Files and hashes: 1: EpBy5lEF1BDLVRWSQ7QWoN5zbUU.roa (hash: 1y3tSjFaZERbPwiKrhlP5/eJ5GlotVuhhvMAWtoaIrk=)
2: kR2gx6mUBcRrqthMudk-g0WZyOE.crl (hash: MP5bKejahMQO8IlzlmFPT1u2VW5bzziaYsHzlVX7i34=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/2c7ac3-eedf-455b-9e94-472f02450ec3/1/kR2gx6mUBcRrqthMudk-g0WZyOE.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/2c7ac3-eedf-455b-9e94-472f02450ec3/1/kR2gx6mUBcRrqthMudk-g0WZyOE.mft
rsync://rpki.ripe.net/repository/DEFAULT/kR2gx6mUBcRrqthMudk-g0WZyOE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:29:30:16:9c:20:64:bb:8d:89:29:a1:a3:b8:74:75:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=911da0c7a99405c46baad84cb9d93e834599c8e1
Validity
Not Before: Oct 28 05:00:08 2025 GMT
Not After : Oct 29 05:00:08 2025 GMT
Subject: CN=fb313f26b41fd77f02cb60a369712b4c5b5adbb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:97:1e:ac:e0:35:89:dc:a5:67:b6:f6:a3:ce:
78:69:cb:0d:b9:34:90:8b:07:95:7a:90:55:62:ff:
4d:9c:f3:fd:bc:8e:f4:24:27:8c:38:87:90:66:c1:
c2:9f:18:1c:00:35:4e:d4:eb:9a:d6:22:de:81:df:
ef:51:6b:e2:05:9e:41:51:0d:0f:7e:1a:b0:0f:85:
45:8e:49:eb:12:a2:32:3d:a5:49:0a:94:ea:e0:bf:
8a:33:c0:e1:f5:3a:a4:de:11:fa:5d:f8:56:13:32:
c3:ee:a8:61:72:8a:70:6e:8d:9d:e8:b7:0c:7a:b7:
12:61:f7:9a:00:f4:8b:7d:e8:b5:31:bc:d4:78:fc:
b2:2c:33:b5:10:76:9c:75:db:18:da:cf:97:c8:c5:
14:1e:f4:59:b5:15:bd:24:75:cc:4b:9b:d2:52:90:
a6:78:2f:2e:ff:b8:69:a7:59:fb:be:46:ff:16:4d:
c7:9f:fd:eb:10:13:e8:4c:93:31:f7:18:9d:c9:8d:
7a:f2:d8:74:8d:8a:71:93:f1:c1:6b:a6:8d:97:f7:
31:7f:4c:c3:0d:ee:a1:d4:d3:a5:48:61:4b:07:2e:
38:e9:1e:25:fc:7b:c0:86:49:ad:63:3d:8c:e4:85:
83:f4:d8:f9:91:39:ca:dc:50:6f:d7:4f:c7:83:26:
85:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:31:3F:26:B4:1F:D7:7F:02:CB:60:A3:69:71:2B:4C:5B:5A:DB:B5
X509v3 Authority Key Identifier:
keyid:91:1D:A0:C7:A9:94:05:C4:6B:AA:D8:4C:B9:D9:3E:83:45:99:C8:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kR2gx6mUBcRrqthMudk-g0WZyOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/2c7ac3-eedf-455b-9e94-472f02450ec3/1/kR2gx6mUBcRrqthMudk-g0WZyOE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/2c7ac3-eedf-455b-9e94-472f02450ec3/1/kR2gx6mUBcRrqthMudk-g0WZyOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8a:87:af:67:a7:00:a4:d3:56:71:2b:cc:25:6e:3e:ab:0b:cc:
7c:58:78:e9:1d:49:9b:b5:54:75:4c:9b:78:41:85:93:ae:c6:
4e:e5:63:37:84:06:ef:4d:bd:e6:23:76:c9:6b:a9:9b:14:38:
dc:d7:d8:c4:7a:46:9c:0c:55:00:b3:83:d9:d3:7a:76:00:56:
57:0b:ba:0d:17:37:16:1b:bb:b0:1b:3e:8c:62:03:29:d3:ef:
44:85:0f:1a:5a:be:07:92:09:d7:a5:10:3a:9d:ea:a1:a6:dc:
a4:5c:a6:c8:2c:af:ec:54:ad:af:c3:17:b4:f1:29:cd:6a:79:
ca:f0:e1:94:e9:49:61:b8:28:0a:78:30:44:d9:54:26:64:14:
01:19:f5:d0:5f:dd:a8:56:95:ad:2d:68:21:8b:fe:b4:d7:03:
73:5d:7e:12:7a:7e:0e:c3:8e:47:c4:6f:d6:75:0a:be:b4:4a:
4d:02:36:1d:c0:60:83:c0:b3:bc:2f:0d:ea:5e:90:75:32:67:
8f:cd:1a:e4:18:bc:75:d9:05:6f:7d:60:a8:9d:f1:8b:dd:34:
99:3a:b9:93:3b:52:43:2d:49:71:fb:e9:6a:59:08:c5:b0:1c:
62:09:56:ca:e5:66:6a:85:ec:d0:b3:bb:eb:1b:83:ac:e3:ca:
15:67:82:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZopMBacIGS7jYkpoaO4dHXQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMWRhMGM3YTk5NDA1YzQ2YmFhZDg0Y2I5ZDkzZTgzNDU5
OWM4ZTEwHhcNMjUxMDI4MDUwMDA4WhcNMjUxMDI5MDUwMDA4WjAzMTEwLwYDVQQD
EyhmYjMxM2YyNmI0MWZkNzdmMDJjYjYwYTM2OTcxMmI0YzViNWFkYmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpcerOA1idylZ7b2o854acsNuTSQ
iweVepBVYv9NnPP9vI70JCeMOIeQZsHCnxgcADVO1Oua1iLegd/vUWviBZ5BUQ0P
fhqwD4VFjknrEqIyPaVJCpTq4L+KM8Dh9Tqk3hH6XfhWEzLD7qhhcopwbo2d6LcM
ercSYfeaAPSLfei1MbzUePyyLDO1EHacddsY2s+XyMUUHvRZtRW9JHXMS5vSUpCm
eC8u/7hpp1n7vkb/Fk3Hn/3rEBPoTJMx9xidyY168th0jYpxk/HBa6aNl/cxf0zD
De6h1NOlSGFLBy446R4l/HvAhkmtYz2M5IWD9Nj5kTnK3FBv10/HgyaFwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPsxPya0H9d/Astgo2lxK0xbWtu1MB8GA1UdIwQY
MBaAFJEdoMeplAXEa6rYTLnZPoNFmcjhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1IyZ3g2bVVCY1JycXRoTXVkay1nMFdaeU9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8yYzdhYzMtZWVkZi00NTViLTllOTQt
NDcyZjAyNDUwZWMzLzEva1IyZ3g2bVVCY1JycXRoTXVkay1nMFdaeU9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8yYzdhYzMtZWVkZi00NTViLTllOTQtNDcyZjAyNDUwZWMz
LzEva1IyZ3g2bVVCY1JycXRoTXVkay1nMFdaeU9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAioevZ6cA
pNNWcSvMJW4+qwvMfFh46R1Jm7VUdUybeEGFk67GTuVjN4QG70295iN2yWupmxQ4
3NfYxHpGnAxVALOD2dN6dgBWVwu6DRc3Fhu7sBs+jGIDKdPvRIUPGlq+B5IJ16UQ
Op3qoabcpFymyCyv7FStr8MXtPEpzWp5yvDhlOlJYbgoCngwRNlUJmQUARn10F/d
qFaVrS1oIYv+tNcDc11+Enp+DsOOR8Rv1nUKvrRKTQI2HcBgg8CzvC8N6l6QdTJn
j80a5Bi8ddkFb31gqJ3xi900mTq5kztSQy1JcfvpalkIxbAcYglWyuVmaoXs0LO7
6xuDrOPKFWeCyQ==
-----END CERTIFICATE-----
Generated at Tue Oct 28 09:22:03 2025 by rpki-client