Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/kdAcR_AOZPNcx1LQOzSnG3FAaz8.mft
File: kdAcR_AOZPNcx1LQOzSnG3FAaz8.mft (raw, json)
Hash identifier: GCCr5BBeS/EHv0woWhxrzFA4UIKEwwaeiYd9p+e2GbA=
Subject key identifier: FD:00:3F:B9:47:85:71:37:BB:F0:03:A4:0B:31:70:A9:88:89:08:18
Authority key identifier: 91:D0:1C:47:F0:0E:64:F3:5C:C7:52:D0:3B:34:A7:1B:71:40:6B:3F
Certificate issuer: /CN=91d01c47f00e64f35cc752d03b34a71b71406b3f
Certificate serial: 019A72938739C15EC24C758F833AC6F46937
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdAcR_AOZPNcx1LQOzSnG3FAaz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/kdAcR_AOZPNcx1LQOzSnG3FAaz8.mft
Manifest number: 164D
Signing time: Tue 11 Nov 2025 11:01:02 +0000
Manifest this update: Tue 11 Nov 2025 11:01:02 +0000
Manifest next update: Wed 12 Nov 2025 11:01:02 +0000
Files and hashes: 1: 6fnAZ8W2MGF8ZNrQkh_nCxeTpv4.roa (hash: VVdXTpC74ZKSlf0OaYeG4sfAbOWwASAnFr5UUxM1yrQ=)
2: jwF2Fe8ZjLBRTo3L_7TINNi10fQ.roa (hash: Ap/raQBvujEIQc3hDUBU94DRN1La9dL+OAKrqJu5rbU=)
3: kdAcR_AOZPNcx1LQOzSnG3FAaz8.crl (hash: JYD0T5PwL3y/9vVEQSgxUTJt31uPXCwlVPBWqKguQOE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/kdAcR_AOZPNcx1LQOzSnG3FAaz8.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/kdAcR_AOZPNcx1LQOzSnG3FAaz8.mft
rsync://rpki.ripe.net/repository/DEFAULT/kdAcR_AOZPNcx1LQOzSnG3FAaz8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:87:39:c1:5e:c2:4c:75:8f:83:3a:c6:f4:69:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d01c47f00e64f35cc752d03b34a71b71406b3f
Validity
Not Before: Nov 11 11:01:02 2025 GMT
Not After : Nov 12 11:01:02 2025 GMT
Subject: CN=fd003fb947857137bbf003a40b3170a988890818
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:cf:e9:30:79:52:9a:99:2f:d7:f8:5a:8b:d6:
d1:a9:b9:c2:6e:0d:6f:7b:3c:76:05:e2:dd:cf:0c:
fc:74:98:23:7b:5e:ff:58:9f:db:32:8b:b1:db:fe:
f5:b7:89:41:6b:bd:d3:e6:ea:fc:c5:15:15:3b:97:
3b:a1:a1:55:f9:ae:52:e1:2a:41:cb:f9:cf:fd:c5:
be:6f:0e:bc:c8:12:a4:76:0e:3e:94:74:f2:39:71:
0b:74:d0:1d:1c:29:bb:3b:a3:a5:cd:45:3f:c3:c1:
86:a4:e0:75:96:d0:d4:e5:69:5b:3f:45:dc:95:6a:
11:56:cc:b3:f2:c4:47:6c:24:cb:58:3c:88:95:2f:
75:96:a2:b5:eb:46:d9:f0:f0:82:6e:48:1b:78:31:
a1:a4:29:14:02:cb:7c:c6:79:c8:e6:92:e4:3d:c5:
cf:1c:0b:f1:85:02:a7:ac:db:92:33:f6:67:67:1c:
3c:b6:e7:c8:ef:12:d1:4d:4b:85:fc:ac:23:bd:c9:
d7:e1:0e:85:2c:2e:34:e5:70:88:b3:4b:99:b4:5b:
ae:47:23:d7:89:d3:25:d2:c5:ee:4a:9e:34:6a:55:
41:b9:4e:e8:4d:05:52:bb:71:42:77:e3:0f:b5:3f:
80:24:cf:2d:dc:42:ba:8e:fb:c6:63:cd:82:2f:95:
13:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:00:3F:B9:47:85:71:37:BB:F0:03:A4:0B:31:70:A9:88:89:08:18
X509v3 Authority Key Identifier:
keyid:91:D0:1C:47:F0:0E:64:F3:5C:C7:52:D0:3B:34:A7:1B:71:40:6B:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdAcR_AOZPNcx1LQOzSnG3FAaz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/kdAcR_AOZPNcx1LQOzSnG3FAaz8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/kdAcR_AOZPNcx1LQOzSnG3FAaz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
93:23:03:70:5b:ba:7e:0e:2b:22:9b:c7:53:bc:eb:93:6e:56:
00:f9:42:7d:1d:75:aa:17:82:af:b5:3e:f6:c9:84:d3:7d:c2:
e7:3a:41:6d:a3:d0:34:63:41:15:b0:20:8c:9e:2d:96:19:25:
92:66:51:f8:56:80:62:09:8d:ec:43:b5:cf:a8:2f:a1:ef:d0:
5c:1f:8b:da:3f:8d:31:45:12:2c:6d:03:e1:6a:2c:ef:2b:cb:
65:ae:60:0f:8d:e6:84:2d:92:a9:ce:c6:b8:9d:2a:b4:45:0b:
c7:d1:db:b6:a7:5e:30:b8:19:5b:b5:b6:50:f9:ee:c1:68:66:
b2:d3:f7:04:b0:aa:f6:51:97:64:1e:7d:2d:e6:27:e5:0d:2d:
9f:f2:f2:c3:71:0f:40:8d:06:85:da:72:72:e9:9e:14:39:2d:
9f:c3:d7:f8:27:26:03:3b:4e:ad:ad:7c:ba:1d:99:71:c1:ce:
4f:e1:90:36:3f:5c:91:2d:f6:70:62:10:11:00:9c:3d:5b:61:
3e:03:3c:7e:f1:a1:77:db:84:0d:b1:56:eb:b2:0c:0a:4e:41:
57:6d:51:85:20:54:3c:45:64:0e:b6:9a:50:ba:1f:aa:4b:08:
b9:69:1a:23:a0:f4:57:e6:4c:00:7f:ea:73:35:35:a9:ad:42:
08:a0:85:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk4c5wV7CTHWPgzrG9Gk3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDAxYzQ3ZjAwZTY0ZjM1Y2M3NTJkMDNiMzRhNzFiNzE0
MDZiM2YwHhcNMjUxMTExMTEwMTAyWhcNMjUxMTEyMTEwMTAyWjAzMTEwLwYDVQQD
EyhmZDAwM2ZiOTQ3ODU3MTM3YmJmMDAzYTQwYjMxNzBhOTg4ODkwODE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAps/pMHlSmpkv1/hai9bRqbnCbg1v
ezx2BeLdzwz8dJgje17/WJ/bMoux2/71t4lBa73T5ur8xRUVO5c7oaFV+a5S4SpB
y/nP/cW+bw68yBKkdg4+lHTyOXELdNAdHCm7O6OlzUU/w8GGpOB1ltDU5WlbP0Xc
lWoRVsyz8sRHbCTLWDyIlS91lqK160bZ8PCCbkgbeDGhpCkUAst8xnnI5pLkPcXP
HAvxhQKnrNuSM/ZnZxw8tufI7xLRTUuF/KwjvcnX4Q6FLC405XCIs0uZtFuuRyPX
idMl0sXuSp40alVBuU7oTQVSu3FCd+MPtT+AJM8t3EK6jvvGY82CL5UT/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP0AP7lHhXE3u/ADpAsxcKmIiQgYMB8GA1UdIwQY
MBaAFJHQHEfwDmTzXMdS0Ds0pxtxQGs/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RBY1JfQU9aUE5jeDFMUU96U25HM0ZBYXo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9iMGZjMGMtYzUzNy00MGI0LTliNWIt
NTZiMDA2ZWYwZDNiLzEva2RBY1JfQU9aUE5jeDFMUU96U25HM0ZBYXo4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9iMGZjMGMtYzUzNy00MGI0LTliNWItNTZiMDA2ZWYwZDNi
LzEva2RBY1JfQU9aUE5jeDFMUU96U25HM0ZBYXo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkyMDcFu6
fg4rIpvHU7zrk25WAPlCfR11qheCr7U+9smE033C5zpBbaPQNGNBFbAgjJ4tlhkl
kmZR+FaAYgmN7EO1z6gvoe/QXB+L2j+NMUUSLG0D4Wos7yvLZa5gD43mhC2Sqc7G
uJ0qtEULx9HbtqdeMLgZW7W2UPnuwWhmstP3BLCq9lGXZB59LeYn5Q0tn/Lyw3EP
QI0GhdpycumeFDktn8PX+CcmAztOra18uh2ZccHOT+GQNj9ckS32cGIQEQCcPVth
PgM8fvGhd9uEDbFW67IMCk5BV21RhSBUPEVkDraaULofqksIuWkaI6D0V+ZMAH/q
czU1qa1CCKCFyQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:22:13 2025 by rpki-client