Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/be7894-0ccc-4fbd-880b-9758cb2b844e/1/itKTDR_h3UMEkf17gx3pxhaSreQ.mft
File: itKTDR_h3UMEkf17gx3pxhaSreQ.mft (raw, json)
Hash identifier: rnEAJ3ODymmRSW4ywel22h3DPpJ6srwhuooWdrF7/1w=
Subject key identifier: 14:63:75:37:0E:57:8A:E5:36:9F:56:E2:E3:0B:7F:A4:F7:74:26:7E
Authority key identifier: 8A:D2:93:0D:1F:E1:DD:43:04:91:FD:7B:83:1D:E9:C6:16:92:AD:E4
Certificate issuer: /CN=8ad2930d1fe1dd430491fd7b831de9c61692ade4
Certificate serial: 019A725C8E571B040227FDE5CE74E0E2844E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/itKTDR_h3UMEkf17gx3pxhaSreQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/be7894-0ccc-4fbd-880b-9758cb2b844e/1/itKTDR_h3UMEkf17gx3pxhaSreQ.mft
Manifest number: 144E
Signing time: Tue 11 Nov 2025 10:00:59 +0000
Manifest this update: Tue 11 Nov 2025 10:00:59 +0000
Manifest next update: Wed 12 Nov 2025 10:00:59 +0000
Files and hashes: 1: BAzsPPCBy1zDTboFw5Sl-2syIOA.roa (hash: 3HXxwP+fQhhVnJuWOZekRFhU3Q46kmrc9Y0dZLDklcg=)
2: bYpyeHiVOX2l8iPl-uPkAX9zfmw.roa (hash: clblsPlZTuaRgRGxz58OPeCdg4rL7htkupWPy4rOhKg=)
3: itKTDR_h3UMEkf17gx3pxhaSreQ.crl (hash: 2bC+PubV7ZDVy9xN2Gublmpy4DpL166IFYFhHRTQrX4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/be7894-0ccc-4fbd-880b-9758cb2b844e/1/itKTDR_h3UMEkf17gx3pxhaSreQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/be7894-0ccc-4fbd-880b-9758cb2b844e/1/itKTDR_h3UMEkf17gx3pxhaSreQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/itKTDR_h3UMEkf17gx3pxhaSreQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:8e:57:1b:04:02:27:fd:e5:ce:74:e0:e2:84:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ad2930d1fe1dd430491fd7b831de9c61692ade4
Validity
Not Before: Nov 11 10:00:59 2025 GMT
Not After : Nov 12 10:00:59 2025 GMT
Subject: CN=146375370e578ae5369f56e2e30b7fa4f774267e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:bc:a7:34:fe:30:81:9d:42:14:94:17:19:b5:
a1:1e:61:5a:3f:2c:58:9a:ea:66:0a:35:1f:ca:37:
0d:9b:df:63:76:45:a8:c2:35:c1:36:1b:dc:f2:b9:
ec:f2:fe:88:75:8f:a0:5b:c1:d1:d8:4d:19:95:11:
32:8f:19:f2:38:46:1d:c1:cb:3f:9c:a8:c3:59:5e:
a5:18:f6:2c:2d:24:b8:5e:6c:65:26:c8:c1:14:c5:
49:16:46:18:32:c2:b5:65:60:fa:df:ba:96:5b:7d:
d1:43:d5:93:b4:21:ca:84:3d:33:13:b5:65:e3:42:
9d:6e:ed:36:e4:e6:30:8c:89:21:ec:57:f6:76:1f:
58:56:f7:30:c5:e9:28:6d:ff:62:08:17:1f:1f:9f:
74:eb:c9:75:23:45:ec:9c:33:a7:d1:c7:e1:ce:ba:
ab:aa:59:ad:4a:ad:25:b1:77:06:64:1b:aa:f2:bc:
d0:10:a4:48:1f:39:06:cb:21:11:01:64:6b:03:f0:
65:4c:6c:13:1d:6d:9a:04:07:f2:3a:ff:ee:43:26:
a3:51:db:22:29:4b:cd:01:86:88:c1:d3:bf:b4:2e:
38:33:84:09:84:5b:06:dc:59:51:14:87:8f:c6:f6:
7f:f2:c2:44:c2:81:0f:0e:6a:be:79:16:4c:86:8a:
bf:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:63:75:37:0E:57:8A:E5:36:9F:56:E2:E3:0B:7F:A4:F7:74:26:7E
X509v3 Authority Key Identifier:
keyid:8A:D2:93:0D:1F:E1:DD:43:04:91:FD:7B:83:1D:E9:C6:16:92:AD:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itKTDR_h3UMEkf17gx3pxhaSreQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/be7894-0ccc-4fbd-880b-9758cb2b844e/1/itKTDR_h3UMEkf17gx3pxhaSreQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/be7894-0ccc-4fbd-880b-9758cb2b844e/1/itKTDR_h3UMEkf17gx3pxhaSreQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:cc:61:ae:9a:d3:21:cd:01:16:76:50:a6:7b:54:32:02:a9:
63:df:88:ce:c6:a4:b3:e4:51:ad:12:37:05:93:2a:dc:4e:ea:
86:3b:57:63:65:5c:b9:4f:03:a3:6a:f4:52:93:90:7b:af:c5:
d8:74:f6:d1:e6:73:48:25:aa:06:25:20:f4:11:26:60:6d:c2:
20:35:3d:fb:63:b2:a4:94:ad:8a:9c:ec:64:e9:46:b7:34:0b:
b9:0d:77:d5:fe:2c:92:54:ee:a7:6b:ff:15:ef:69:3c:74:85:
13:37:35:a8:7d:69:1f:39:6a:3b:78:53:de:c7:e9:43:8c:93:
7d:02:e8:f7:96:e6:97:10:92:d1:0f:da:1c:23:21:82:0d:cb:
45:2e:cb:ff:56:1c:2f:8c:25:b8:c6:b8:8c:b5:4a:81:30:ec:
1f:82:a8:fa:13:83:9e:10:1f:a8:2e:80:22:c3:60:57:ae:a6:
29:84:99:d1:9b:b0:45:6c:c7:75:15:6b:69:34:6e:78:a4:81:
22:97:f5:e7:85:dc:9e:ca:85:88:3b:69:a9:3a:37:3f:b7:e3:
61:f5:cc:9e:11:1e:02:61:32:75:bc:a0:11:71:63:3e:41:b3:
49:11:3f:29:03:8e:de:ad:9a:eb:bf:c3:9c:2f:7e:ea:af:1f:
9c:d5:f3:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXI5XGwQCJ/3lznTg4oROMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDI5MzBkMWZlMWRkNDMwNDkxZmQ3YjgzMWRlOWM2MTY5
MmFkZTQwHhcNMjUxMTExMTAwMDU5WhcNMjUxMTEyMTAwMDU5WjAzMTEwLwYDVQQD
EygxNDYzNzUzNzBlNTc4YWU1MzY5ZjU2ZTJlMzBiN2ZhNGY3NzQyNjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7ynNP4wgZ1CFJQXGbWhHmFaPyxY
mupmCjUfyjcNm99jdkWowjXBNhvc8rns8v6IdY+gW8HR2E0ZlREyjxnyOEYdwcs/
nKjDWV6lGPYsLSS4XmxlJsjBFMVJFkYYMsK1ZWD637qWW33RQ9WTtCHKhD0zE7Vl
40Kdbu025OYwjIkh7Ff2dh9YVvcwxekobf9iCBcfH59068l1I0XsnDOn0cfhzrqr
qlmtSq0lsXcGZBuq8rzQEKRIHzkGyyERAWRrA/BlTGwTHW2aBAfyOv/uQyajUdsi
KUvNAYaIwdO/tC44M4QJhFsG3FlRFIePxvZ/8sJEwoEPDmq+eRZMhoq/KQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBRjdTcOV4rlNp9W4uMLf6T3dCZ+MB8GA1UdIwQY
MBaAFIrSkw0f4d1DBJH9e4Md6cYWkq3kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRLVERSX2gzVU1Fa2YxN2d4M3B4aGFTcmVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9iZTc4OTQtMGNjYy00ZmJkLTg4MGIt
OTc1OGNiMmI4NDRlLzEvaXRLVERSX2gzVU1Fa2YxN2d4M3B4aGFTcmVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9iZTc4OTQtMGNjYy00ZmJkLTg4MGItOTc1OGNiMmI4NDRl
LzEvaXRLVERSX2gzVU1Fa2YxN2d4M3B4aGFTcmVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApMxhrprT
Ic0BFnZQpntUMgKpY9+Izsaks+RRrRI3BZMq3E7qhjtXY2VcuU8Do2r0UpOQe6/F
2HT20eZzSCWqBiUg9BEmYG3CIDU9+2OypJStipzsZOlGtzQLuQ131f4sklTup2v/
Fe9pPHSFEzc1qH1pHzlqO3hT3sfpQ4yTfQLo95bmlxCS0Q/aHCMhgg3LRS7L/1Yc
L4wluMa4jLVKgTDsH4Ko+hODnhAfqC6AIsNgV66mKYSZ0ZuwRWzHdRVraTRueKSB
Ipf154XcnsqFiDtpqTo3P7fjYfXMnhEeAmEydbygEXFjPkGzSRE/KQOO3q2a67/D
nC9+6q8fnNXzOw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:43:15 2025 by rpki-client