Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/f3a79d-38cf-4905-ab5f-5bca45efde8c/1/1-kak8RQ6vjrfxLaDX6E0498srDQ.mft
File: 1-kak8RQ6vjrfxLaDX6E0498srDQ.mft (raw, json)
Hash identifier: LKw1UWklxeL844w5ZBXfhxG6Dpiv0wbQV2oucN65/1g=
Subject key identifier: 22:38:5D:A1:8D:0A:0D:A8:BD:57:14:C2:3E:08:C2:A3:08:2D:29:97
Authority key identifier: FA:46:A4:F1:14:3A:BE:3A:DF:C4:B6:83:5F:A1:34:E3:DF:2C:AC:34
Certificate issuer: /CN=fa46a4f1143abe3adfc4b6835fa134e3df2cac34
Certificate serial: 019A725C5F3B11CAEE5ED6A47A1CEB55435E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-kak8RQ6vjrfxLaDX6E0498srDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/f3a79d-38cf-4905-ab5f-5bca45efde8c/1/1-kak8RQ6vjrfxLaDX6E0498srDQ.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 10:00:47 +0000
Manifest this update: Tue 11 Nov 2025 10:00:47 +0000
Manifest next update: Wed 12 Nov 2025 10:00:47 +0000
Files and hashes: 1: 1-kak8RQ6vjrfxLaDX6E0498srDQ.crl (hash: 2PV1kHN8SJuIRN5FjVFcNfg18uN3VJFit5on+lo/yNE=)
2: 3uEhAk6Wx4KcEg0MVVsAAyyADBw.roa (hash: FqSkeFfRf148LCqtNv59QOP75egaClJCY4HAjWTWGX0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/f3a79d-38cf-4905-ab5f-5bca45efde8c/1/1-kak8RQ6vjrfxLaDX6E0498srDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/f3a79d-38cf-4905-ab5f-5bca45efde8c/1/1-kak8RQ6vjrfxLaDX6E0498srDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-kak8RQ6vjrfxLaDX6E0498srDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:5f:3b:11:ca:ee:5e:d6:a4:7a:1c:eb:55:43:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa46a4f1143abe3adfc4b6835fa134e3df2cac34
Validity
Not Before: Nov 11 10:00:47 2025 GMT
Not After : Nov 12 10:00:47 2025 GMT
Subject: CN=22385da18d0a0da8bd5714c23e08c2a3082d2997
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:78:58:6c:bc:52:4b:90:51:89:ea:65:e0:54:
60:1e:c5:f0:aa:02:26:a2:1b:3c:df:29:52:21:a7:
7a:1b:f9:97:e7:20:56:e0:0d:d3:86:91:e7:3b:61:
af:44:3c:cb:82:99:89:93:97:f3:ea:90:e2:3d:9f:
d4:c4:9c:21:65:ad:b2:42:d1:e2:e0:c6:a0:f7:8d:
ab:88:3c:27:c3:df:b6:84:08:6a:17:81:8c:b9:36:
cb:b4:3c:37:9b:57:4e:0d:ea:a2:bb:c6:20:49:ed:
91:03:88:23:31:fa:4a:eb:5b:a6:2d:aa:14:f9:06:
b9:7c:eb:3d:f0:d7:e9:c6:39:8f:1b:48:6f:67:c9:
91:84:b0:0d:59:bf:7e:20:91:ca:ef:1b:11:ca:55:
df:05:40:70:4f:61:cf:0d:ff:4b:c0:9b:5e:4b:23:
a9:88:f3:bf:8e:d3:9f:ca:f5:e7:95:dc:a0:5b:90:
43:08:ac:f5:7a:b6:41:9b:bf:bb:bc:aa:a4:19:8d:
13:60:58:f7:c6:f9:8f:af:9c:0a:0a:79:5d:e4:d0:
7c:2e:52:c6:3a:78:ad:53:45:96:77:03:4c:3b:6f:
83:de:1c:2e:79:eb:c2:9d:23:23:7c:ab:b9:6b:7d:
c2:80:db:44:45:4d:55:73:7d:35:5b:a7:d6:b3:08:
63:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:38:5D:A1:8D:0A:0D:A8:BD:57:14:C2:3E:08:C2:A3:08:2D:29:97
X509v3 Authority Key Identifier:
keyid:FA:46:A4:F1:14:3A:BE:3A:DF:C4:B6:83:5F:A1:34:E3:DF:2C:AC:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-kak8RQ6vjrfxLaDX6E0498srDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f3a79d-38cf-4905-ab5f-5bca45efde8c/1/1-kak8RQ6vjrfxLaDX6E0498srDQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f3a79d-38cf-4905-ab5f-5bca45efde8c/1/1-kak8RQ6vjrfxLaDX6E0498srDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:c9:ea:7f:60:7d:74:c5:d8:50:49:75:a8:0f:3a:28:22:b5:
49:3c:a2:41:2a:39:20:78:cc:43:2b:08:89:12:ef:cc:7c:59:
4d:ae:ff:ac:04:30:7a:71:ac:a0:8c:66:30:bc:6d:02:9f:e8:
91:ee:e0:1d:a1:6f:57:9a:7a:10:cb:e6:28:c7:df:d7:23:42:
90:99:9c:41:40:eb:80:63:fd:65:9e:50:08:d3:e5:ac:9a:e2:
63:a3:f0:0f:ee:10:2c:c3:27:2b:4a:92:21:e7:90:ef:e3:c3:
16:08:dd:ce:49:f1:b6:87:3d:ff:ff:fd:2b:be:92:f8:f0:9e:
03:3f:78:98:a2:70:a4:b1:b8:89:82:19:98:eb:8d:8a:ec:d4:
fa:49:0f:59:9b:9e:cd:44:e9:e2:94:22:6b:be:d9:05:1c:06:
c2:a3:19:a3:e9:f0:c1:09:79:29:0c:3a:78:d2:27:8f:5d:d5:
c9:38:a0:ca:46:95:4b:cc:7a:d5:c3:93:59:7b:6e:1d:68:d0:
f0:5c:74:ca:00:95:06:e4:26:6b:e7:e7:71:a5:bd:14:ba:25:
63:06:c5:ae:c1:2b:5e:bf:2b:1e:21:8b:30:c9:d8:29:88:0d:
47:8a:a8:07:f7:b5:e0:90:91:98:b2:01:38:22:c8:01:54:19:
4f:54:f6:08
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZpyXF87EcruXtakehzrVUNeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhNDZhNGYxMTQzYWJlM2FkZmM0YjY4MzVmYTEzNGUzZGYy
Y2FjMzQwHhcNMjUxMTExMTAwMDQ3WhcNMjUxMTEyMTAwMDQ3WjAzMTEwLwYDVQQD
EygyMjM4NWRhMThkMGEwZGE4YmQ1NzE0YzIzZTA4YzJhMzA4MmQyOTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHhYbLxSS5BRiepl4FRgHsXwqgIm
ohs83ylSIad6G/mX5yBW4A3ThpHnO2GvRDzLgpmJk5fz6pDiPZ/UxJwhZa2yQtHi
4Mag942riDwnw9+2hAhqF4GMuTbLtDw3m1dODeqiu8YgSe2RA4gjMfpK61umLaoU
+Qa5fOs98NfpxjmPG0hvZ8mRhLANWb9+IJHK7xsRylXfBUBwT2HPDf9LwJteSyOp
iPO/jtOfyvXnldygW5BDCKz1erZBm7+7vKqkGY0TYFj3xvmPr5wKCnld5NB8LlLG
OnitU0WWdwNMO2+D3hwueevCnSMjfKu5a33CgNtERU1Vc301W6fWswhjeQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFCI4XaGNCg2ovVcUwj4IwqMILSmXMB8GA1UdIwQY
MBaAFPpGpPEUOr4638S2g1+hNOPfLKw0MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1rYWs4UlE2dmpyZnhMYURYNkUwNDk4c3JEUS5jZXIw
gY4GCCsGAQUFBwELBIGBMH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMvZjNhNzlkLTM4Y2YtNDkwNS1hYjVm
LTViY2E0NWVmZGU4Yy8xLzEta2FrOFJRNnZqcmZ4TGFEWDZFMDQ5OHNyRFEubWZ0
MIGCBgNVHR8EezB5MHegdaBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3Np
dG9yeS9ERUZBVUxUL2RjL2YzYTc5ZC0zOGNmLTQ5MDUtYWI1Zi01YmNhNDVlZmRl
OGMvMS8xLWthazhSUTZ2anJmeExhRFg2RTA0OThzckRRLmNybDAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgAC
BQAwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEcnq
f2B9dMXYUEl1qA86KCK1STyiQSo5IHjMQysIiRLvzHxZTa7/rAQwenGsoIxmMLxt
Ap/oke7gHaFvV5p6EMvmKMff1yNCkJmcQUDrgGP9ZZ5QCNPlrJriY6PwD+4QLMMn
K0qSIeeQ7+PDFgjdzknxtoc9///9K76S+PCeAz94mKJwpLG4iYIZmOuNiuzU+kkP
WZuezUTp4pQia77ZBRwGwqMZo+nwwQl5KQw6eNInj13VyTigykaVS8x61cOTWXtu
HWjQ8Fx0ygCVBuQma+fncaW9FLolYwbFrsErXr8rHiGLMMnYKYgNR4qoB/e14JCR
mLIBOCLIAVQZT1T2CA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:15:50 2025 by rpki-client