Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
File: kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft (raw, json)
Hash identifier: EfgLy5sxrlVjnW+5lGvROFSbLnuCGj6hxmgy1yQNcSk=
Subject key identifier: 54:04:23:F1:D1:0B:C1:C2:FA:EF:6F:A1:50:6A:19:E8:E2:B6:7B:A9
Authority key identifier: 91:DD:0E:48:D9:01:1A:DF:37:66:65:AD:4D:62:CF:31:CE:63:05:8C
Certificate issuer: /CN=91dd0e48d9011adf376665ad4d62cf31ce63058c
Certificate serial: 019A123A79B2F92FA5FEE9AD15CE18365238
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
Manifest number: 0E0D
Signing time: Thu 23 Oct 2025 18:00:13 +0000
Manifest this update: Thu 23 Oct 2025 18:00:13 +0000
Manifest next update: Fri 24 Oct 2025 18:00:13 +0000
Files and hashes: 1: O0T2HbDDLXToVBgQvakFVm0WBM8.roa (hash: j4M5mhMKjocJHlnRMyKx/Jo55Alu9WqNqQzzA+GKZ+8=)
2: WPrYk3ZFYryhbXNF2_g_QVCy5G0.roa (hash: 1/VFn2v02knd9dSenNmn42s5XXg6Yfw+0bFY3ogbnpY=)
3: kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl (hash: FtdPpuRLXNoC7tm+4Vqyo63lOCPqtBhAHHVru2qdkXY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 24 Oct 2025 14:12:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:12:3a:79:b2:f9:2f:a5:fe:e9:ad:15:ce:18:36:52:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91dd0e48d9011adf376665ad4d62cf31ce63058c
Validity
Not Before: Oct 23 18:00:13 2025 GMT
Not After : Oct 24 18:00:13 2025 GMT
Subject: CN=540423f1d10bc1c2faef6fa1506a19e8e2b67ba9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:c6:f3:39:b8:b7:2b:93:3e:b7:78:0c:a0:8d:
f0:ab:5d:70:f9:b5:b7:e4:c3:d5:65:90:79:a0:c1:
62:90:e0:39:97:e7:13:94:d7:92:e8:b4:9e:f2:22:
5a:0d:2f:c1:e8:f3:e2:ab:3e:f4:9d:7f:40:37:14:
11:66:64:ea:aa:48:b0:e1:a4:07:5f:e0:0e:02:f6:
04:a0:22:91:a9:cc:3d:74:2e:f1:83:4e:4f:73:1a:
aa:6d:17:8a:76:57:8d:75:5c:68:e8:e7:a4:d1:ca:
7e:dd:d6:dd:00:42:1b:ec:e2:c2:3a:ac:29:26:7f:
a4:54:75:a2:c3:ac:61:d0:f2:b1:8e:64:c7:dc:15:
d1:77:0a:46:18:3d:62:2a:6a:52:b3:16:12:49:f5:
fa:63:40:ad:2c:28:c6:28:2f:73:c9:f7:cf:a7:79:
db:78:75:19:9e:0c:d2:db:17:70:ea:3d:06:44:8e:
e9:52:62:22:45:5e:c1:88:d4:a5:03:cc:2c:44:5b:
74:4d:df:82:6a:5b:d8:25:de:0e:20:ad:a5:07:5a:
64:f1:d9:f5:d0:a3:bc:be:63:55:82:48:d4:ea:41:
fb:c0:01:0f:48:43:76:79:cf:da:2b:0e:53:d1:17:
f0:64:38:14:1a:c4:3e:97:27:b1:e2:61:4c:52:5d:
9a:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:04:23:F1:D1:0B:C1:C2:FA:EF:6F:A1:50:6A:19:E8:E2:B6:7B:A9
X509v3 Authority Key Identifier:
keyid:91:DD:0E:48:D9:01:1A:DF:37:66:65:AD:4D:62:CF:31:CE:63:05:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8a:03:fa:97:69:66:f7:75:a7:4a:b7:3f:03:38:4a:3b:4f:d7:
f7:78:88:45:c8:2f:df:68:b6:c3:40:8b:ec:25:a4:f2:53:42:
3a:77:2f:2f:87:a7:7a:2c:c7:b6:8c:65:d9:81:92:af:00:8d:
d4:31:97:61:36:91:a4:9a:1b:bc:fa:e2:83:90:78:24:4b:04:
08:af:16:43:04:d3:4f:07:32:5c:17:2d:67:6b:ad:e4:d5:8e:
65:18:6e:d5:b6:90:17:90:5f:34:e0:88:bb:31:9b:b9:d4:e8:
09:89:fc:48:ca:02:c0:9b:71:d9:53:5e:b1:72:28:fb:74:54:
f1:d2:e8:83:ea:a6:54:5b:d3:d9:31:6c:3f:13:93:c6:ce:d3:
26:9c:a5:67:65:9f:a1:14:9e:88:48:62:b7:33:e5:38:5c:9f:
0d:4d:89:dd:6e:ed:7e:2b:d3:1e:52:cd:c0:32:f1:0e:f0:6f:
2a:02:04:c8:80:7c:28:25:cf:62:bd:7c:63:e2:04:56:53:2d:
bf:09:50:53:65:be:24:89:53:c3:8f:53:b4:2a:39:2f:a1:ba:
56:00:c4:fa:70:ad:1e:38:31:3a:ee:73:24:9c:a0:7b:a9:7b:
bc:2d:09:11:14:04:46:5e:67:8a:55:71:a5:d4:b4:00:a2:ed:
d0:f0:af:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoSOnmy+S+l/umtFc4YNlI4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZGQwZTQ4ZDkwMTFhZGYzNzY2NjVhZDRkNjJjZjMxY2U2
MzA1OGMwHhcNMjUxMDIzMTgwMDEzWhcNMjUxMDI0MTgwMDEzWjAzMTEwLwYDVQQD
Eyg1NDA0MjNmMWQxMGJjMWMyZmFlZjZmYTE1MDZhMTllOGUyYjY3YmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA38bzObi3K5M+t3gMoI3wq11w+bW3
5MPVZZB5oMFikOA5l+cTlNeS6LSe8iJaDS/B6PPiqz70nX9ANxQRZmTqqkiw4aQH
X+AOAvYEoCKRqcw9dC7xg05PcxqqbReKdleNdVxo6Oek0cp+3dbdAEIb7OLCOqwp
Jn+kVHWiw6xh0PKxjmTH3BXRdwpGGD1iKmpSsxYSSfX6Y0CtLCjGKC9zyffPp3nb
eHUZngzS2xdw6j0GRI7pUmIiRV7BiNSlA8wsRFt0Td+CalvYJd4OIK2lB1pk8dn1
0KO8vmNVgkjU6kH7wAEPSEN2ec/aKw5T0RfwZDgUGsQ+lyex4mFMUl2aUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFQEI/HRC8HC+u9voVBqGejitnupMB8GA1UdIwQY
MBaAFJHdDkjZARrfN2ZlrU1izzHOYwWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8xZTlkMDQtZDk0Zi00ZjEzLWJlM2Mt
MTBmMzRmNTU4MzYzLzEva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8xZTlkMDQtZDk0Zi00ZjEzLWJlM2MtMTBmMzRmNTU4MzYz
LzEva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAigP6l2lm
93WnSrc/AzhKO0/X93iIRcgv32i2w0CL7CWk8lNCOncvL4eneizHtoxl2YGSrwCN
1DGXYTaRpJobvPrig5B4JEsECK8WQwTTTwcyXBctZ2ut5NWOZRhu1baQF5BfNOCI
uzGbudToCYn8SMoCwJtx2VNesXIo+3RU8dLog+qmVFvT2TFsPxOTxs7TJpylZ2Wf
oRSeiEhitzPlOFyfDU2J3W7tfivTHlLNwDLxDvBvKgIEyIB8KCXPYr18Y+IEVlMt
vwlQU2W+JIlTw49TtCo5L6G6VgDE+nCtHjgxOu5zJJyge6l7vC0JERQERl5nilVx
pdS0AKLt0PCvYg==
-----END CERTIFICATE-----
Generated at Thu Oct 23 22:22:22 2025 by rpki-client