Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b587e9-33a9-4a86-8cd9-e57cc81f5233/1/1kgpREOu0W0GuGrxT1pfClCDd0o.mft
File: 1kgpREOu0W0GuGrxT1pfClCDd0o.mft (raw, json)
Hash identifier: BEURaOAJNrEhABpNB/x+zBh2VKS4OsXV7X0Nbt88MWs=
Subject key identifier: DC:AD:22:3E:A0:76:4F:BD:9B:9E:01:7E:AE:BF:2D:DD:87:F8:10:88
Authority key identifier: D6:48:29:44:43:AE:D1:6D:06:B8:6A:F1:4F:5A:5F:0A:50:83:77:4A
Certificate issuer: /CN=d648294443aed16d06b86af14f5a5f0a5083774a
Certificate serial: 019A72258F7A13B9DA217BD61873D0E45C41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1kgpREOu0W0GuGrxT1pfClCDd0o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b587e9-33a9-4a86-8cd9-e57cc81f5233/1/1kgpREOu0W0GuGrxT1pfClCDd0o.mft
Manifest number: 171E
Signing time: Tue 11 Nov 2025 09:00:55 +0000
Manifest this update: Tue 11 Nov 2025 09:00:55 +0000
Manifest next update: Wed 12 Nov 2025 09:00:55 +0000
Files and hashes: 1: 1kgpREOu0W0GuGrxT1pfClCDd0o.crl (hash: d2BolUYGZ4L+nr6iFbRW8GHz+gTWbo3nloPlDobcMFA=)
2: HUiYQLYoRn-P8-AKIUmGnSk_fUQ.roa (hash: ozdi5qHnRcow/nH1EVH0214AE7vAhAxmdAJcuT+IzE4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/b587e9-33a9-4a86-8cd9-e57cc81f5233/1/1kgpREOu0W0GuGrxT1pfClCDd0o.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/b587e9-33a9-4a86-8cd9-e57cc81f5233/1/1kgpREOu0W0GuGrxT1pfClCDd0o.mft
rsync://rpki.ripe.net/repository/DEFAULT/1kgpREOu0W0GuGrxT1pfClCDd0o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:8f:7a:13:b9:da:21:7b:d6:18:73:d0:e4:5c:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d648294443aed16d06b86af14f5a5f0a5083774a
Validity
Not Before: Nov 11 09:00:55 2025 GMT
Not After : Nov 12 09:00:55 2025 GMT
Subject: CN=dcad223ea0764fbd9b9e017eaebf2ddd87f81088
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:b5:1e:5c:6c:66:21:1f:85:66:e2:20:e1:52:
21:e7:21:c6:73:9b:08:41:0e:42:b0:4f:14:8e:ee:
ba:2a:5c:d6:76:b8:fc:f6:a8:a1:15:04:38:a5:4a:
db:f8:f9:cd:b6:df:b9:b3:9c:21:97:73:cd:82:05:
37:91:e8:42:d6:26:e8:60:86:a0:7f:8f:19:ec:f5:
e1:a0:d0:a9:fe:e7:32:16:26:a5:5f:82:55:ae:b8:
49:32:9e:34:55:26:2f:43:90:00:49:9c:51:99:ea:
7e:88:be:54:56:9c:3d:cc:b8:ea:57:dd:72:1e:fa:
79:ce:6e:74:b7:ec:9d:77:d5:45:5e:33:e8:63:c3:
0c:ce:9e:d6:86:75:62:bd:8c:6c:93:92:08:3a:36:
bb:1a:b7:3c:d7:0d:f2:c1:b9:51:0b:5e:5a:bc:47:
ce:ee:92:c4:e4:3f:3a:05:82:17:7e:2b:dd:b7:79:
6b:0c:c5:11:4d:f9:a0:5b:1b:54:ef:66:41:2a:57:
26:c4:2c:87:60:d3:da:e2:e3:e4:c8:70:43:84:f0:
23:92:ee:3a:ad:03:98:1d:1e:62:96:c7:7e:06:8b:
7f:ff:05:e8:a6:0e:08:e8:60:3e:04:8d:36:39:49:
3d:e8:5e:b4:8a:49:51:1e:57:e6:08:12:72:b0:fe:
c4:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:AD:22:3E:A0:76:4F:BD:9B:9E:01:7E:AE:BF:2D:DD:87:F8:10:88
X509v3 Authority Key Identifier:
keyid:D6:48:29:44:43:AE:D1:6D:06:B8:6A:F1:4F:5A:5F:0A:50:83:77:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1kgpREOu0W0GuGrxT1pfClCDd0o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b587e9-33a9-4a86-8cd9-e57cc81f5233/1/1kgpREOu0W0GuGrxT1pfClCDd0o.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b587e9-33a9-4a86-8cd9-e57cc81f5233/1/1kgpREOu0W0GuGrxT1pfClCDd0o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:bb:21:8e:e0:07:9f:6c:f3:9b:7e:ea:a4:48:f2:5b:d9:e2:
55:af:b5:8d:d8:77:39:49:b7:d9:39:77:23:7e:f3:af:b7:1d:
e9:45:c8:5d:f1:47:f3:6f:83:b1:95:43:2c:d2:6c:b7:9f:7e:
48:ed:02:d6:a6:ca:b9:6a:d0:c7:3b:ed:ee:4b:03:14:c2:4b:
54:18:66:06:3a:95:49:79:7a:1d:e5:c8:28:cb:04:23:c1:5e:
f4:82:ae:2c:25:59:2a:0d:dd:86:75:58:f3:48:e5:dd:66:f7:
d9:49:6a:85:76:74:75:79:c8:88:ba:0d:69:e8:43:b9:67:f7:
a1:52:b7:55:8a:ae:72:cc:41:42:65:fa:28:2e:ff:97:a2:6c:
ba:91:56:f4:7c:c8:5a:fd:d4:e9:f8:44:7c:e4:d2:fd:6e:1d:
d3:a7:78:a2:b6:23:b2:86:39:36:2d:e4:45:ed:ed:57:6f:ad:
f3:f4:7e:cc:c8:6c:69:bf:46:64:7b:85:58:2c:b0:b0:13:3c:
b4:ce:63:e0:62:97:70:22:0a:41:1c:06:ba:94:a2:bc:75:38:
8f:8c:6d:2a:29:47:e6:78:13:b2:63:72:dd:36:e2:6b:6a:09:
fb:56:84:87:47:bd:93:34:c0:39:99:68:b4:01:59:b3:83:61:
72:3e:f2:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJY96E7naIXvWGHPQ5FxBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NDgyOTQ0NDNhZWQxNmQwNmI4NmFmMTRmNWE1ZjBhNTA4
Mzc3NGEwHhcNMjUxMTExMDkwMDU1WhcNMjUxMTEyMDkwMDU1WjAzMTEwLwYDVQQD
EyhkY2FkMjIzZWEwNzY0ZmJkOWI5ZTAxN2VhZWJmMmRkZDg3ZjgxMDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA57UeXGxmIR+FZuIg4VIh5yHGc5sI
QQ5CsE8Uju66KlzWdrj89qihFQQ4pUrb+PnNtt+5s5whl3PNggU3kehC1iboYIag
f48Z7PXhoNCp/ucyFialX4JVrrhJMp40VSYvQ5AASZxRmep+iL5UVpw9zLjqV91y
Hvp5zm50t+ydd9VFXjPoY8MMzp7WhnVivYxsk5IIOja7Grc81w3ywblRC15avEfO
7pLE5D86BYIXfivdt3lrDMURTfmgWxtU72ZBKlcmxCyHYNPa4uPkyHBDhPAjku46
rQOYHR5ilsd+Bot//wXopg4I6GA+BI02OUk96F60iklRHlfmCBJysP7EbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNytIj6gdk+9m54Bfq6/Ld2H+BCIMB8GA1UdIwQY
MBaAFNZIKURDrtFtBrhq8U9aXwpQg3dKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWtncFJFT3UwVzBHdUdyeFQxcGZDbENEZDBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNTg3ZTktMzNhOS00YTg2LThjZDkt
ZTU3Y2M4MWY1MjMzLzEvMWtncFJFT3UwVzBHdUdyeFQxcGZDbENEZDBvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iNTg3ZTktMzNhOS00YTg2LThjZDktZTU3Y2M4MWY1MjMz
LzEvMWtncFJFT3UwVzBHdUdyeFQxcGZDbENEZDBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGrshjuAH
n2zzm37qpEjyW9niVa+1jdh3OUm32Tl3I37zr7cd6UXIXfFH82+DsZVDLNJst59+
SO0C1qbKuWrQxzvt7ksDFMJLVBhmBjqVSXl6HeXIKMsEI8Fe9IKuLCVZKg3dhnVY
80jl3Wb32UlqhXZ0dXnIiLoNaehDuWf3oVK3VYqucsxBQmX6KC7/l6JsupFW9HzI
Wv3U6fhEfOTS/W4d06d4orYjsoY5Ni3kRe3tV2+t8/R+zMhsab9GZHuFWCywsBM8
tM5j4GKXcCIKQRwGupSivHU4j4xtKilH5ngTsmNy3Tbia2oJ+1aEh0e9kzTAOZlo
tAFZs4Nhcj7yOQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:05:41 2025 by rpki-client