Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.mft
File: MkxxBGxUn7PH1OvEz5UZ0ALnbfE.mft (raw, json)
Hash identifier: UdIuOqL1lODaVbku2b8ybFIZC+e2fnzVk4nJZyXlywo=
Subject key identifier: BB:BF:D0:28:5F:40:1A:59:28:0C:D9:4F:83:4A:39:E0:70:58:54:E7
Authority key identifier: 32:4C:71:04:6C:54:9F:B3:C7:D4:EB:C4:CF:95:19:D0:02:E7:6D:F1
Certificate issuer: /CN=324c71046c549fb3c7d4ebc4cf9519d002e76df1
Certificate serial: 019A7149A5A1DD5FFAFB3B318A1B746139F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.mft
Manifest number: 0BE7
Signing time: Tue 11 Nov 2025 05:00:43 +0000
Manifest this update: Tue 11 Nov 2025 05:00:43 +0000
Manifest next update: Wed 12 Nov 2025 05:00:43 +0000
Files and hashes: 1: 2W4Y0bQNlvS93LoW6fNHPM7BKLQ.roa (hash: I9C4k+xseXfObTJ4huNUkRHHI0jQTaqLFqDJffjcwOE=)
2: MkxxBGxUn7PH1OvEz5UZ0ALnbfE.crl (hash: o7ODTIrUHhVeRVlPgmocBidPU6YoxxKqQ0QYkdkwY5o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.mft
rsync://rpki.ripe.net/repository/DEFAULT/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:a5:a1:dd:5f:fa:fb:3b:31:8a:1b:74:61:39:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=324c71046c549fb3c7d4ebc4cf9519d002e76df1
Validity
Not Before: Nov 11 05:00:43 2025 GMT
Not After : Nov 12 05:00:43 2025 GMT
Subject: CN=bbbfd0285f401a59280cd94f834a39e0705854e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:77:5b:65:91:0a:74:f3:75:51:7a:e4:43:3f:
ba:e5:d3:4a:87:be:ce:4c:61:15:8a:42:9e:53:19:
f5:71:c6:d5:f4:f6:02:ce:d5:9b:7d:6f:4a:dd:6d:
17:39:7d:0e:4d:9d:54:f1:fa:0a:84:64:8a:b3:69:
c9:31:a1:fc:34:ae:01:78:86:32:ff:f2:16:c5:32:
b8:45:0b:d6:6f:f4:cc:59:14:14:ff:8e:cf:77:44:
00:7f:17:68:7e:89:8c:7f:2b:74:aa:eb:26:e4:5d:
8a:7f:ff:10:75:47:ac:f6:44:a9:84:04:94:0f:88:
de:83:72:81:c7:91:13:ed:18:2a:1a:4a:58:23:86:
6f:55:df:f5:03:99:86:d8:89:1c:39:f4:d7:81:46:
44:22:88:95:6e:65:55:0b:c0:b2:06:ad:e4:a1:1f:
bf:52:4b:a5:ed:4f:3b:39:c9:33:5b:71:2a:85:fd:
1e:c0:64:e7:a6:82:a1:b7:5b:80:96:09:7e:ac:37:
7d:ed:56:74:84:1e:db:81:44:f1:44:82:a5:05:e5:
6f:36:88:d6:55:1f:ca:44:1d:77:72:5d:db:58:b3:
eb:4a:01:e4:a5:97:9d:5a:1d:9e:14:6b:6a:5c:a4:
c1:e7:d1:99:11:8a:21:63:a1:6b:67:9f:cf:24:26:
3d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:BF:D0:28:5F:40:1A:59:28:0C:D9:4F:83:4A:39:E0:70:58:54:E7
X509v3 Authority Key Identifier:
keyid:32:4C:71:04:6C:54:9F:B3:C7:D4:EB:C4:CF:95:19:D0:02:E7:6D:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9f:1d:8c:a2:c8:58:50:a4:4d:4e:05:4a:76:e4:c0:f6:07:21:
30:5e:f0:07:f6:bc:e4:69:6c:8c:e8:91:8a:e9:35:29:9a:cb:
f1:72:73:1b:dd:dc:31:7e:52:1a:7f:d3:9f:25:89:9a:7b:b4:
21:e8:90:d9:53:fc:c2:6b:53:97:d9:82:f8:a9:80:94:6a:8f:
2f:f8:61:8c:a9:71:f6:7b:a7:9d:58:41:94:02:f7:b7:04:1a:
9e:8b:e5:69:4f:0d:ee:ef:bc:54:6c:0d:bf:9e:c2:f3:9f:93:
4b:82:31:1b:6a:86:c5:78:0d:53:c5:2a:91:a4:7b:af:d7:6c:
31:15:13:e5:f3:5f:6e:95:2e:a1:fd:67:a8:78:f8:6b:51:d3:
5b:ff:db:4b:83:8a:e0:15:2d:49:55:19:e5:e9:93:16:80:6a:
aa:4a:e9:4f:8c:54:05:8a:02:24:19:92:c3:c7:18:6c:d9:69:
cb:00:92:9b:04:26:29:dd:38:89:1e:c9:12:a8:0d:5f:d2:35:
15:82:86:e4:23:95:d5:04:0f:48:18:e2:fc:db:48:11:f4:29:
58:22:fc:9c:c4:e5:32:cb:7c:3c:a5:58:72:0c:eb:7c:d8:e6:
dc:b5:02:b3:c5:ca:fd:54:5b:8a:ed:61:fd:1d:43:cb:ad:19:
a9:c5:ff:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSaWh3V/6+zsxiht0YTnzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNGM3MTA0NmM1NDlmYjNjN2Q0ZWJjNGNmOTUxOWQwMDJl
NzZkZjEwHhcNMjUxMTExMDUwMDQzWhcNMjUxMTEyMDUwMDQzWjAzMTEwLwYDVQQD
EyhiYmJmZDAyODVmNDAxYTU5MjgwY2Q5NGY4MzRhMzllMDcwNTg1NGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXdbZZEKdPN1UXrkQz+65dNKh77O
TGEVikKeUxn1ccbV9PYCztWbfW9K3W0XOX0OTZ1U8foKhGSKs2nJMaH8NK4BeIYy
//IWxTK4RQvWb/TMWRQU/47Pd0QAfxdofomMfyt0qusm5F2Kf/8QdUes9kSphASU
D4jeg3KBx5ET7RgqGkpYI4ZvVd/1A5mG2IkcOfTXgUZEIoiVbmVVC8CyBq3koR+/
Ukul7U87OckzW3Eqhf0ewGTnpoKht1uAlgl+rDd97VZ0hB7bgUTxRIKlBeVvNojW
VR/KRB13cl3bWLPrSgHkpZedWh2eFGtqXKTB59GZEYohY6FrZ5/PJCY9QwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLu/0ChfQBpZKAzZT4NKOeBwWFTnMB8GA1UdIwQY
MBaAFDJMcQRsVJ+zx9TrxM+VGdAC523xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWt4eEJHeFVuN1BIMU92RXo1VVowQUxuYmZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8xMjViOWQtMmExZi00NjNhLTk2NWUt
N2NmZWFmMDg2ZTE0LzEvTWt4eEJHeFVuN1BIMU92RXo1VVowQUxuYmZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8xMjViOWQtMmExZi00NjNhLTk2NWUtN2NmZWFmMDg2ZTE0
LzEvTWt4eEJHeFVuN1BIMU92RXo1VVowQUxuYmZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnx2MoshY
UKRNTgVKduTA9gchMF7wB/a85GlsjOiRiuk1KZrL8XJzG93cMX5SGn/TnyWJmnu0
IeiQ2VP8wmtTl9mC+KmAlGqPL/hhjKlx9nunnVhBlAL3twQanovlaU8N7u+8VGwN
v57C85+TS4IxG2qGxXgNU8UqkaR7r9dsMRUT5fNfbpUuof1nqHj4a1HTW//bS4OK
4BUtSVUZ5emTFoBqqkrpT4xUBYoCJBmSw8cYbNlpywCSmwQmKd04iR7JEqgNX9I1
FYKG5COV1QQPSBji/NtIEfQpWCL8nMTlMst8PKVYcgzrfNjm3LUCs8XK/VRbiu1h
/R1Dy60ZqcX/hg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:14:17 2025 by rpki-client