Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
File: a0P3ovQ2ixel4DXOS9km-KFC1os.mft (raw, json)
Hash identifier: qpvYV32Oc3x0w3eTYHlgSebDmu2j0SPyWa6c2Pmt7bk=
Subject key identifier: 51:9A:78:F8:B9:DD:2C:0E:79:5B:17:9C:17:6A:E8:7A:57:D8:2F:E4
Authority key identifier: 6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B
Certificate issuer: /CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b
Certificate serial: 019A240A30035BEAC9BD55B4C7EC21A66ACA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
Manifest number: 16F5
Signing time: Mon 27 Oct 2025 05:00:38 +0000
Manifest this update: Mon 27 Oct 2025 05:00:38 +0000
Manifest next update: Tue 28 Oct 2025 05:00:38 +0000
Files and hashes: 1: MRvoKs_tNg3-xTMgCbueoBg-yMU.roa (hash: lEsMSNpmyZrLO0pVpESTwzarMUanf5zfZ6XbX+ha5s8=)
2: a0P3ovQ2ixel4DXOS9km-KFC1os.crl (hash: l4J/nSg7xzQcE7/FAwUyiH/qcGmb7cMppFKbwb88HR0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 05:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:24:0a:30:03:5b:ea:c9:bd:55:b4:c7:ec:21:a6:6a:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b
Validity
Not Before: Oct 27 05:00:38 2025 GMT
Not After : Oct 28 05:00:38 2025 GMT
Subject: CN=519a78f8b9dd2c0e795b179c176ae87a57d82fe4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:dd:6e:94:93:80:a6:4c:cc:a8:89:2a:38:b9:
1e:6a:c5:ba:64:81:ef:f1:89:2c:ec:3d:f8:e6:f2:
2d:06:93:d5:3c:07:91:d3:97:ed:40:2d:fd:59:08:
60:0e:8d:4e:f9:4a:e1:c3:5c:4e:3a:77:fa:20:89:
0d:0f:fd:78:17:a5:d2:76:f4:0e:0a:fe:31:b9:3e:
5d:0d:ab:ac:26:ab:22:58:2a:a8:47:50:97:d6:d0:
6e:5e:fb:3d:4d:35:e0:06:66:00:c0:21:c9:a3:ee:
f8:43:f6:2a:fd:85:5b:0c:98:83:75:e4:71:06:80:
bc:ee:44:ee:56:f6:f4:db:41:bd:1f:9a:a0:85:d8:
d7:59:97:73:05:17:0a:d2:f6:88:cf:f8:5e:b7:79:
33:fc:0e:3e:09:fb:68:1e:97:b8:fc:86:d5:39:98:
cc:64:51:be:10:9d:fc:5e:32:53:54:08:0a:ac:a6:
21:18:ff:25:f3:ae:cc:cb:52:fd:1f:dc:cd:b1:7f:
7a:05:dc:8a:b9:10:49:03:4c:aa:f4:59:77:ed:e5:
49:ba:41:30:37:ac:86:d0:09:72:b4:31:66:55:50:
45:da:42:01:aa:7d:67:ab:1b:c9:2b:a3:b2:39:90:
b0:be:67:0b:92:49:e7:b2:d3:20:49:64:6f:ed:0c:
81:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:9A:78:F8:B9:DD:2C:0E:79:5B:17:9C:17:6A:E8:7A:57:D8:2F:E4
X509v3 Authority Key Identifier:
keyid:6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
01:75:30:ca:63:17:24:75:38:2d:50:2a:2e:2e:36:05:10:b7:
16:6e:47:e1:eb:1b:da:2f:f1:19:f7:26:61:d9:ba:fd:0d:3d:
ce:61:8a:82:4e:86:1e:fe:cc:ed:f1:a9:ae:fb:3b:27:9a:bd:
2c:5f:99:a2:9e:6e:25:fd:3e:b4:04:c6:92:15:4f:73:58:72:
e1:c1:40:d3:81:fd:ca:e6:8d:b0:3b:14:44:28:20:cd:97:16:
dd:1c:77:df:9b:d6:a3:7b:a9:61:81:53:f6:73:bd:3b:23:0b:
ef:69:57:c4:18:de:7b:d1:9d:01:75:7f:26:07:bb:0a:0b:0b:
b2:9e:f4:ea:8c:c9:a5:7e:0e:eb:87:d2:f8:1e:5c:ca:0c:01:
cf:2d:0c:d0:ec:36:06:ae:fd:a3:07:a7:7c:b3:21:22:6e:39:
2d:31:9a:8e:1c:13:4f:e3:20:29:d8:74:c9:76:dd:e2:65:58:
f1:46:2e:91:b2:47:ae:07:74:fc:7a:f9:c3:2c:0e:d9:e8:a3:
8a:66:f8:8c:b5:6a:05:fb:07:9c:60:33:4c:ae:5f:17:f9:1b:
b5:6e:ea:6b:2a:0d:9e:c8:19:20:67:5f:8c:59:94:2a:2c:02:
5b:12:cf:91:19:9f:19:78:76:a2:3d:ef:e1:c5:63:db:4c:ee:
b4:e9:2a:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZokCjADW+rJvVW0x+whpmrKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNDNmN2EyZjQzNjhiMTdhNWUwMzVjZTRiZDkyNmY4YTE0
MmQ2OGIwHhcNMjUxMDI3MDUwMDM4WhcNMjUxMDI4MDUwMDM4WjAzMTEwLwYDVQQD
Eyg1MTlhNzhmOGI5ZGQyYzBlNzk1YjE3OWMxNzZhZTg3YTU3ZDgyZmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlt1ulJOApkzMqIkqOLkeasW6ZIHv
8Yks7D345vItBpPVPAeR05ftQC39WQhgDo1O+Urhw1xOOnf6IIkND/14F6XSdvQO
Cv4xuT5dDausJqsiWCqoR1CX1tBuXvs9TTXgBmYAwCHJo+74Q/Yq/YVbDJiDdeRx
BoC87kTuVvb020G9H5qghdjXWZdzBRcK0vaIz/het3kz/A4+CftoHpe4/IbVOZjM
ZFG+EJ38XjJTVAgKrKYhGP8l867My1L9H9zNsX96BdyKuRBJA0yq9Fl37eVJukEw
N6yG0AlytDFmVVBF2kIBqn1nqxvJK6OyOZCwvmcLkknnstMgSWRv7QyBlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFGaePi53SwOeVsXnBdq6HpX2C/kMB8GA1UdIwQY
MBaAFGtD96L0NosXpeA1zkvZJvihQtaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMt
MzViMDMxMzZkZDAzLzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMtMzViMDMxMzZkZDAz
LzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAXUwymMX
JHU4LVAqLi42BRC3Fm5H4esb2i/xGfcmYdm6/Q09zmGKgk6GHv7M7fGprvs7J5q9
LF+Zop5uJf0+tATGkhVPc1hy4cFA04H9yuaNsDsURCggzZcW3Rx335vWo3upYYFT
9nO9OyML72lXxBjee9GdAXV/Jge7CgsLsp706ozJpX4O64fS+B5cygwBzy0M0Ow2
Bq79owenfLMhIm45LTGajhwTT+MgKdh0yXbd4mVY8UYukbJHrgd0/Hr5wywO2eij
imb4jLVqBfsHnGAzTK5fF/kbtW7qayoNnsgZIGdfjFmUKiwCWxLPkRmfGXh2oj3v
4cVj20zutOkqmQ==
-----END CERTIFICATE-----
Generated at Mon Oct 27 09:21:09 2025 by rpki-client