Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.mft
File: rKKhlS5xiUSkBDSg6-__2iv-7V8.mft (raw, json)
Hash identifier: 67A+6Rxsk8nhY7wt+mb8Iu5Xhs8RS07XLJkvdNFnnEY=
Subject key identifier: 81:BE:02:0A:3B:96:A7:79:C6:17:64:A8:F7:C3:29:4E:13:08:D5:B6
Authority key identifier: AC:A2:A1:95:2E:71:89:44:A4:04:34:A0:EB:EF:FF:DA:2B:FE:ED:5F
Certificate issuer: /CN=aca2a1952e718944a40434a0ebefffda2bfeed5f
Certificate serial: 019A70DC5E9FB9DB7B55DB52FFC407BD3DA7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKKhlS5xiUSkBDSg6-__2iv-7V8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.mft
Manifest number: 13DB
Signing time: Tue 11 Nov 2025 03:01:21 +0000
Manifest this update: Tue 11 Nov 2025 03:01:21 +0000
Manifest next update: Wed 12 Nov 2025 03:01:21 +0000
Files and hashes: 1: mN-Gq3CnQOseJQb6vbylzDVdWSg.roa (hash: fOE9ILnEXk1PyxS5P7XqjGQMPFnkivt3IHprv8lvkaM=)
2: rKKhlS5xiUSkBDSg6-__2iv-7V8.crl (hash: 69fzKvy7Ue81vIENDuwqDJ8QSg4BbqIPZAZ4UnZtNmU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKKhlS5xiUSkBDSg6-__2iv-7V8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:dc:5e:9f:b9:db:7b:55:db:52:ff:c4:07:bd:3d:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca2a1952e718944a40434a0ebefffda2bfeed5f
Validity
Not Before: Nov 11 03:01:21 2025 GMT
Not After : Nov 12 03:01:21 2025 GMT
Subject: CN=81be020a3b96a779c61764a8f7c3294e1308d5b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b8:09:2d:fd:0f:4f:99:46:eb:f7:5a:ba:ae:
85:79:1b:27:76:d9:b7:7e:44:3e:28:58:0a:78:0e:
1f:60:02:9a:f5:a4:35:0f:e6:96:cb:10:26:13:76:
aa:e6:46:3d:9f:ab:fa:c8:7a:96:67:bf:e8:96:fb:
b7:4f:7c:d1:19:18:e3:56:23:9d:7d:34:b5:d2:6a:
eb:e4:23:04:a9:b9:73:e3:32:94:97:34:5b:4a:f2:
dd:9b:36:43:a8:27:3c:03:5c:cd:48:47:dc:80:01:
77:df:09:ac:f5:3f:aa:d1:c6:8f:da:e7:b7:56:3b:
42:1b:9d:3a:5e:cc:c2:b3:91:e1:9b:cc:7b:3a:e9:
ed:06:6e:87:4c:ca:90:b3:42:17:68:eb:b2:1b:61:
ec:bd:59:f9:0b:b3:71:cd:f8:12:05:21:a3:9b:a7:
a5:81:62:16:77:d5:e8:4e:36:e2:e0:f4:6f:bf:63:
9c:79:0c:2a:5d:bc:19:ec:6e:e0:2c:6a:41:44:cb:
e0:cc:29:f7:52:77:50:fc:de:27:36:69:11:fe:1e:
00:ef:06:38:fa:ba:c3:08:85:39:b2:08:77:6b:83:
0b:9a:3c:d0:96:40:8f:dd:d4:52:a0:11:27:53:cb:
a1:db:87:98:00:c6:a2:bc:d0:85:e7:c3:c3:08:dc:
10:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:BE:02:0A:3B:96:A7:79:C6:17:64:A8:F7:C3:29:4E:13:08:D5:B6
X509v3 Authority Key Identifier:
keyid:AC:A2:A1:95:2E:71:89:44:A4:04:34:A0:EB:EF:FF:DA:2B:FE:ED:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKKhlS5xiUSkBDSg6-__2iv-7V8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
dd:1b:75:98:fe:1c:62:a9:36:e6:75:54:44:36:f5:34:01:07:
d6:d1:0d:61:7f:ed:37:24:05:48:50:4a:97:f5:33:8f:a9:6d:
97:eb:6c:9f:be:28:47:ec:3f:71:64:4e:b2:c2:65:83:b0:3e:
a9:1d:d6:b2:e2:5e:bf:e9:29:7a:76:22:29:32:b9:15:a1:75:
ca:e1:08:46:16:5f:77:4f:3b:18:7d:c2:b4:d0:ad:e9:d9:c5:
15:04:0e:97:62:f3:59:8e:fb:fb:5a:0d:12:85:0b:36:4d:4d:
43:c9:b3:b2:82:51:96:12:09:e1:76:a6:dd:32:60:51:41:67:
4d:2b:dc:4d:04:d3:ff:ac:8f:45:d0:13:6e:ed:77:50:79:9e:
6a:a3:0c:08:4a:6e:ee:96:23:e3:1c:9d:eb:58:b9:2b:9c:bb:
08:c0:8d:f4:07:f2:85:ba:66:74:62:d1:7a:d6:67:4d:bc:33:
ee:0a:16:30:bd:a6:fa:59:95:2b:43:58:22:ae:35:f3:22:5b:
a5:56:6e:0c:ef:44:42:41:58:17:05:c6:6b:01:1c:1b:a8:94:
21:73:a6:0b:da:c3:2f:61:5b:79:fc:a2:28:db:ee:c0:0a:0a:
91:b5:24:27:4d:56:5b:74:0a:05:6d:28:44:1d:98:58:05:ac:
83:84:14:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3F6fudt7VdtS/8QHvT2nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTJhMTk1MmU3MTg5NDRhNDA0MzRhMGViZWZmZmRhMmJm
ZWVkNWYwHhcNMjUxMTExMDMwMTIxWhcNMjUxMTEyMDMwMTIxWjAzMTEwLwYDVQQD
Eyg4MWJlMDIwYTNiOTZhNzc5YzYxNzY0YThmN2MzMjk0ZTEzMDhkNWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLgJLf0PT5lG6/dauq6FeRsndtm3
fkQ+KFgKeA4fYAKa9aQ1D+aWyxAmE3aq5kY9n6v6yHqWZ7/olvu3T3zRGRjjViOd
fTS10mrr5CMEqblz4zKUlzRbSvLdmzZDqCc8A1zNSEfcgAF33wms9T+q0caP2ue3
VjtCG506XszCs5Hhm8x7OuntBm6HTMqQs0IXaOuyG2HsvVn5C7NxzfgSBSGjm6el
gWIWd9XoTjbi4PRvv2OceQwqXbwZ7G7gLGpBRMvgzCn3UndQ/N4nNmkR/h4A7wY4
+rrDCIU5sgh3a4MLmjzQlkCP3dRSoBEnU8uh24eYAMaivNCF58PDCNwQlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIG+Ago7lqd5xhdkqPfDKU4TCNW2MB8GA1UdIwQY
MBaAFKyioZUucYlEpAQ0oOvv/9or/u1fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktLaGxTNXhpVVNrQkRTZzYtX18yaXYtN1Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9hMjY0YTgtYTY2Ni00Yzg3LTg1MWMt
YWRhMjRlZjMxMGNhLzEvcktLaGxTNXhpVVNrQkRTZzYtX18yaXYtN1Y4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9hMjY0YTgtYTY2Ni00Yzg3LTg1MWMtYWRhMjRlZjMxMGNh
LzEvcktLaGxTNXhpVVNrQkRTZzYtX18yaXYtN1Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA3Rt1mP4c
Yqk25nVURDb1NAEH1tENYX/tNyQFSFBKl/Uzj6ltl+tsn74oR+w/cWROssJlg7A+
qR3WsuJev+kpenYiKTK5FaF1yuEIRhZfd087GH3CtNCt6dnFFQQOl2LzWY77+1oN
EoULNk1NQ8mzsoJRlhIJ4Xam3TJgUUFnTSvcTQTT/6yPRdATbu13UHmeaqMMCEpu
7pYj4xyd61i5K5y7CMCN9AfyhbpmdGLRetZnTbwz7goWML2m+lmVK0NYIq418yJb
pVZuDO9EQkFYFwXGawEcG6iUIXOmC9rDL2FbefyiKNvuwAoKkbUkJ01WW3QKBW0o
RB2YWAWsg4QU2A==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:44:39 2025 by rpki-client