Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/c1a852-55f5-4505-8d90-2157a575db0b/1/S8K4kvLb729UtFNg_rD4QUpahQQ.mft
File: S8K4kvLb729UtFNg_rD4QUpahQQ.mft (raw, json)
Hash identifier: IOvVlhjQs4+NZeEdblw62ZEMO6m/JYORi07PKe7VcnM=
Subject key identifier: 63:8A:55:C9:5E:20:EA:7A:78:85:1D:27:35:07:49:34:C8:70:1C:26
Authority key identifier: 4B:C2:B8:92:F2:DB:EF:6F:54:B4:53:60:FE:B0:F8:41:4A:5A:85:04
Certificate issuer: /CN=4bc2b892f2dbef6f54b45360feb0f8414a5a8504
Certificate serial: 019A722613F5A253CE7C551EB36D4CD63A48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S8K4kvLb729UtFNg_rD4QUpahQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/c1a852-55f5-4505-8d90-2157a575db0b/1/S8K4kvLb729UtFNg_rD4QUpahQQ.mft
Manifest number: 111A
Signing time: Tue 11 Nov 2025 09:01:29 +0000
Manifest this update: Tue 11 Nov 2025 09:01:29 +0000
Manifest next update: Wed 12 Nov 2025 09:01:29 +0000
Files and hashes: 1: 8XxbJK1GWPrtjat_Lpe2HKly_9k.roa (hash: 1REGOqOGYIsLrmhSt5pZG4EmBpaR7Cf++uPRynahll8=)
2: S8K4kvLb729UtFNg_rD4QUpahQQ.crl (hash: DzdxLfRaxazFxVJXK8T5+mu/ZF2aDd46l9tJB39A/p0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/c1a852-55f5-4505-8d90-2157a575db0b/1/S8K4kvLb729UtFNg_rD4QUpahQQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/c1a852-55f5-4505-8d90-2157a575db0b/1/S8K4kvLb729UtFNg_rD4QUpahQQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/S8K4kvLb729UtFNg_rD4QUpahQQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:13:f5:a2:53:ce:7c:55:1e:b3:6d:4c:d6:3a:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4bc2b892f2dbef6f54b45360feb0f8414a5a8504
Validity
Not Before: Nov 11 09:01:29 2025 GMT
Not After : Nov 12 09:01:29 2025 GMT
Subject: CN=638a55c95e20ea7a78851d2735074934c8701c26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:5b:10:5b:01:57:9a:22:b4:66:d9:73:92:02:
d3:01:a5:ca:24:04:36:94:b8:85:06:e6:b0:52:5f:
be:ff:08:61:cc:14:37:c2:92:77:0f:6e:9d:ab:b8:
1a:9e:40:2c:c7:c2:af:c0:24:d2:33:5a:36:73:0a:
e2:f6:72:8c:5c:24:6f:6f:72:dd:ba:15:c6:8d:d4:
bb:be:5b:65:ee:35:31:5d:17:25:27:6f:0e:e3:59:
2e:dd:40:cc:c7:ac:e5:e8:6b:4d:75:12:b7:da:58:
f8:f8:84:37:47:59:67:97:92:0a:82:4f:96:a5:79:
f4:b0:39:80:37:e8:f1:a4:dd:b2:31:90:01:13:23:
b9:fa:21:99:80:00:56:82:66:c2:af:7e:b3:ad:78:
37:77:04:81:28:c9:ba:34:32:5d:95:44:08:26:3d:
af:0e:ad:e9:81:42:ba:ad:21:77:2d:92:02:c6:4e:
3c:db:98:8f:06:0b:66:8c:6b:1b:7a:fb:2c:8a:1c:
3b:0c:f9:65:80:23:6c:98:58:33:7b:20:64:8f:01:
a8:d0:29:c9:3c:75:b2:33:12:b1:a5:97:20:09:d0:
a5:2b:fc:33:42:13:80:38:53:f8:41:e8:a6:51:1b:
b3:f2:ed:96:30:ea:4e:84:ab:8f:69:90:9c:07:80:
cb:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:8A:55:C9:5E:20:EA:7A:78:85:1D:27:35:07:49:34:C8:70:1C:26
X509v3 Authority Key Identifier:
keyid:4B:C2:B8:92:F2:DB:EF:6F:54:B4:53:60:FE:B0:F8:41:4A:5A:85:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S8K4kvLb729UtFNg_rD4QUpahQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/c1a852-55f5-4505-8d90-2157a575db0b/1/S8K4kvLb729UtFNg_rD4QUpahQQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/c1a852-55f5-4505-8d90-2157a575db0b/1/S8K4kvLb729UtFNg_rD4QUpahQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2b:cc:24:71:15:47:c2:65:db:c5:37:30:6b:ee:64:14:2f:16:
71:2c:2c:05:b1:25:f6:a5:26:fd:8d:dc:14:c4:99:5b:c1:f9:
28:6e:c1:03:a9:ad:fa:58:5e:ec:66:87:22:df:cc:1f:49:da:
a4:26:1a:57:a8:5a:83:74:16:d7:4b:c7:db:09:01:33:1b:40:
df:26:ac:d2:65:9a:98:73:b5:cc:90:ff:ae:a3:0c:40:f2:50:
f5:67:3b:dc:ec:34:82:48:0b:cc:42:91:d5:e7:2f:ee:5e:5b:
ce:d1:ff:71:b1:22:3b:83:71:85:2f:1f:d9:96:db:eb:22:ce:
05:05:8c:22:a0:d2:01:72:80:48:0a:59:8e:b6:78:34:31:c8:
ea:a7:11:50:35:cb:0d:94:74:2b:f4:45:22:24:f3:8a:9d:b9:
af:d8:7b:70:c3:14:b7:37:af:72:43:bf:0c:33:7b:b6:10:4a:
69:ac:10:37:a0:b1:d8:05:15:81:d7:97:63:ee:d8:e9:45:ca:
66:f6:32:51:55:a2:8a:6d:49:6a:a8:39:a6:c7:f3:09:ec:a6:
c3:ef:80:1a:47:5f:43:5e:68:b8:6d:fe:3b:5d:82:38:77:97:
76:69:8c:90:4e:df:8d:b5:c6:40:6d:89:30:05:53:ce:14:52:
72:03:78:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJhP1olPOfFUes21M1jpIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiYzJiODkyZjJkYmVmNmY1NGI0NTM2MGZlYjBmODQxNGE1
YTg1MDQwHhcNMjUxMTExMDkwMTI5WhcNMjUxMTEyMDkwMTI5WjAzMTEwLwYDVQQD
Eyg2MzhhNTVjOTVlMjBlYTdhNzg4NTFkMjczNTA3NDkzNGM4NzAxYzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFsQWwFXmiK0ZtlzkgLTAaXKJAQ2
lLiFBuawUl++/whhzBQ3wpJ3D26dq7gankAsx8KvwCTSM1o2cwri9nKMXCRvb3Ld
uhXGjdS7vltl7jUxXRclJ28O41ku3UDMx6zl6GtNdRK32lj4+IQ3R1lnl5IKgk+W
pXn0sDmAN+jxpN2yMZABEyO5+iGZgABWgmbCr36zrXg3dwSBKMm6NDJdlUQIJj2v
Dq3pgUK6rSF3LZICxk4825iPBgtmjGsbevssihw7DPllgCNsmFgzeyBkjwGo0CnJ
PHWyMxKxpZcgCdClK/wzQhOAOFP4QeimURuz8u2WMOpOhKuPaZCcB4DLKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGOKVcleIOp6eIUdJzUHSTTIcBwmMB8GA1UdIwQY
MBaAFEvCuJLy2+9vVLRTYP6w+EFKWoUEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzhLNGt2TGI3MjlVdEZOZ19yRDRRVXBhaFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9jMWE4NTItNTVmNS00NTA1LThkOTAt
MjE1N2E1NzVkYjBiLzEvUzhLNGt2TGI3MjlVdEZOZ19yRDRRVXBhaFFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9jMWE4NTItNTVmNS00NTA1LThkOTAtMjE1N2E1NzVkYjBi
LzEvUzhLNGt2TGI3MjlVdEZOZ19yRDRRVXBhaFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK8wkcRVH
wmXbxTcwa+5kFC8WcSwsBbEl9qUm/Y3cFMSZW8H5KG7BA6mt+lhe7GaHIt/MH0na
pCYaV6hag3QW10vH2wkBMxtA3yas0mWamHO1zJD/rqMMQPJQ9Wc73Ow0gkgLzEKR
1ecv7l5bztH/cbEiO4NxhS8f2Zbb6yLOBQWMIqDSAXKASApZjrZ4NDHI6qcRUDXL
DZR0K/RFIiTzip25r9h7cMMUtzevckO/DDN7thBKaawQN6Cx2AUVgdeXY+7Y6UXK
ZvYyUVWiim1Jaqg5psfzCeymw++AGkdfQ15ouG3+O12COHeXdmmMkE7fjbXGQG2J
MAVTzhRScgN4Jw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:46:20 2025 by rpki-client