Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.mft
File: gKkhQIQztm6lCkAAqs4Q0q3QaoU.mft (raw, json)
Hash identifier: UnWqmot1vxzAE0oKzixEmkooSSIgG7Naq2wvIBoqLjE=
Subject key identifier: A0:FA:AA:2D:A0:89:1D:C2:C7:3A:F2:03:5A:F5:46:7A:59:D3:D2:1F
Authority key identifier: 80:A9:21:40:84:33:B6:6E:A5:0A:40:00:AA:CE:10:D2:AD:D0:6A:85
Certificate issuer: /CN=80a921408433b66ea50a4000aace10d2add06a85
Certificate serial: 019A7225E23C9EC82CA318931F631CEC2782
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gKkhQIQztm6lCkAAqs4Q0q3QaoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.mft
Manifest number: 0577
Signing time: Tue 11 Nov 2025 09:01:16 +0000
Manifest this update: Tue 11 Nov 2025 09:01:16 +0000
Manifest next update: Wed 12 Nov 2025 09:01:16 +0000
Files and hashes: 1: gKkhQIQztm6lCkAAqs4Q0q3QaoU.crl (hash: TjYzJSM6KdNygELzE/JIPexXf2Q/i3ITpsnQ7nfFuIo=)
2: knOts_9A8gA0IVqYk7a99kaTuRI.roa (hash: kCE50cAQS4imaI4wXAlSfVZnkYJchZQUkd+tGc4tAWc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.mft
rsync://rpki.ripe.net/repository/DEFAULT/gKkhQIQztm6lCkAAqs4Q0q3QaoU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:e2:3c:9e:c8:2c:a3:18:93:1f:63:1c:ec:27:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80a921408433b66ea50a4000aace10d2add06a85
Validity
Not Before: Nov 11 09:01:16 2025 GMT
Not After : Nov 12 09:01:16 2025 GMT
Subject: CN=a0faaa2da0891dc2c73af2035af5467a59d3d21f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:52:c5:57:96:6e:d6:7b:74:7c:d1:1d:21:0b:
f6:c4:d4:c7:05:d9:84:94:93:d6:aa:ba:9e:64:68:
03:5f:15:ce:c7:66:45:9b:3d:5d:e1:dd:c5:e3:72:
c5:49:a1:5e:e0:ba:90:77:37:28:d4:9e:c3:71:dd:
ac:f1:12:dd:c5:36:ac:5b:34:71:5d:3c:e5:c2:03:
a6:68:27:1a:2f:d2:74:9a:03:7f:e6:01:95:0b:85:
3b:30:17:87:da:f7:2f:bb:41:be:a2:fa:00:0f:65:
98:cc:22:32:7f:ad:d3:c8:9f:90:cc:26:d2:92:9c:
c9:b2:4b:61:9e:59:fb:50:78:64:44:c5:61:71:63:
09:a2:9f:90:1f:5f:03:b7:f2:62:65:12:3b:12:ad:
16:ac:cc:c1:4f:b1:f3:58:ba:ed:a8:79:ae:01:2b:
5f:d3:6a:1f:84:69:7f:a1:a5:45:3b:be:50:3d:d3:
c1:53:ff:fe:c1:48:68:08:5e:8e:78:34:b0:76:08:
5e:9e:88:7c:a3:95:1d:80:c5:c8:86:83:2d:ea:dd:
25:57:2c:d9:08:92:a9:87:ec:6a:4f:8a:fb:63:62:
5e:bd:26:37:69:24:a5:b3:0e:e4:f2:60:1c:60:44:
ac:d8:53:00:a8:1a:bc:f4:01:fd:6e:ac:5d:0f:cb:
23:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:FA:AA:2D:A0:89:1D:C2:C7:3A:F2:03:5A:F5:46:7A:59:D3:D2:1F
X509v3 Authority Key Identifier:
keyid:80:A9:21:40:84:33:B6:6E:A5:0A:40:00:AA:CE:10:D2:AD:D0:6A:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gKkhQIQztm6lCkAAqs4Q0q3QaoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2c:1d:8f:5c:ae:28:66:34:a4:ad:a1:0a:b6:10:1a:3c:23:a6:
f1:29:81:bb:e6:98:a7:84:e4:08:33:bc:26:ee:4c:de:64:c5:
c8:c1:c6:33:89:1f:97:4f:d1:76:ec:03:98:de:24:c4:63:b4:
77:2d:e1:cc:14:62:46:96:c5:df:c8:f1:33:85:93:9a:fc:09:
dd:27:89:42:bb:e9:0f:fa:af:1c:8e:44:5e:bb:30:bb:b1:de:
5e:e8:85:cc:b3:de:71:82:f5:c7:a3:73:d8:93:03:b3:22:ed:
74:12:e7:f2:97:57:b9:62:31:0b:92:26:c5:07:be:14:98:26:
b4:91:5b:a6:27:b2:6d:7b:b0:34:9d:f0:d1:7e:a8:8c:fb:f6:
72:b4:e6:a7:75:54:83:29:fc:6b:fd:69:1e:4d:f5:cc:de:4e:
78:67:e6:ba:b3:a9:0f:86:cb:e8:13:d4:fb:ff:29:27:d7:c7:
c0:4a:81:72:2a:ad:00:7b:6f:30:fe:32:a2:9c:54:7f:ec:af:
94:00:bb:9a:50:e4:6d:1a:93:2d:2e:e3:07:a1:cc:ac:93:28:
a4:e8:6b:09:44:77:03:41:97:dd:1c:ae:5d:37:83:35:56:40:
ff:d6:1f:5c:4b:4a:15:2b:95:06:c4:a1:c4:17:53:15:de:26:
b7:de:2e:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJeI8nsgsoxiTH2Mc7CeCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwYTkyMTQwODQzM2I2NmVhNTBhNDAwMGFhY2UxMGQyYWRk
MDZhODUwHhcNMjUxMTExMDkwMTE2WhcNMjUxMTEyMDkwMTE2WjAzMTEwLwYDVQQD
EyhhMGZhYWEyZGEwODkxZGMyYzczYWYyMDM1YWY1NDY3YTU5ZDNkMjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1LFV5Zu1nt0fNEdIQv2xNTHBdmE
lJPWqrqeZGgDXxXOx2ZFmz1d4d3F43LFSaFe4LqQdzco1J7Dcd2s8RLdxTasWzRx
XTzlwgOmaCcaL9J0mgN/5gGVC4U7MBeH2vcvu0G+ovoAD2WYzCIyf63TyJ+QzCbS
kpzJskthnln7UHhkRMVhcWMJop+QH18Dt/JiZRI7Eq0WrMzBT7HzWLrtqHmuAStf
02ofhGl/oaVFO75QPdPBU//+wUhoCF6OeDSwdghenoh8o5UdgMXIhoMt6t0lVyzZ
CJKph+xqT4r7Y2JevSY3aSSlsw7k8mAcYESs2FMAqBq89AH9bqxdD8sjzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKD6qi2giR3CxzryA1r1RnpZ09IfMB8GA1UdIwQY
MBaAFICpIUCEM7ZupQpAAKrOENKt0GqFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0traFFJUXp0bTZsQ2tBQXFzNFEwcTNRYW9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9kODA5YjEtZmFmNy00MGMyLTk0YmEt
ZjE4MTVhNDFhMDMzLzEvZ0traFFJUXp0bTZsQ2tBQXFzNFEwcTNRYW9VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9kODA5YjEtZmFmNy00MGMyLTk0YmEtZjE4MTVhNDFhMDMz
LzEvZ0traFFJUXp0bTZsQ2tBQXFzNFEwcTNRYW9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALB2PXK4o
ZjSkraEKthAaPCOm8SmBu+aYp4TkCDO8Ju5M3mTFyMHGM4kfl0/RduwDmN4kxGO0
dy3hzBRiRpbF38jxM4WTmvwJ3SeJQrvpD/qvHI5EXrswu7HeXuiFzLPecYL1x6Nz
2JMDsyLtdBLn8pdXuWIxC5ImxQe+FJgmtJFbpieybXuwNJ3w0X6ojPv2crTmp3VU
gyn8a/1pHk31zN5OeGfmurOpD4bL6BPU+/8pJ9fHwEqBciqtAHtvMP4yopxUf+yv
lAC7mlDkbRqTLS7jB6HMrJMopOhrCUR3A0GX3RyuXTeDNVZA/9YfXEtKFSuVBsSh
xBdTFd4mt94usQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:12:18 2025 by rpki-client