Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/027688-d39c-484a-a450-73dced39707f/1/kgIDakPa0GtsLMZL3nZ4cGdvh7M.mft
File: kgIDakPa0GtsLMZL3nZ4cGdvh7M.mft (raw, json)
Hash identifier: pwFtHpX88lhoBwI5t5MD6QkWso6miOnSpcGkfUGuBO8=
Subject key identifier: 24:32:B7:05:AA:41:AB:DC:56:64:2D:7B:1B:B1:08:EA:22:80:0B:DB
Authority key identifier: 92:02:03:6A:43:DA:D0:6B:6C:2C:C6:4B:DE:76:78:70:67:6F:87:B3
Certificate issuer: /CN=9202036a43dad06b6c2cc64bde767870676f87b3
Certificate serial: 019A72258A1DB5F2AABF208AC236216A4895
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kgIDakPa0GtsLMZL3nZ4cGdvh7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/027688-d39c-484a-a450-73dced39707f/1/kgIDakPa0GtsLMZL3nZ4cGdvh7M.mft
Manifest number: 0FBC
Signing time: Tue 11 Nov 2025 09:00:54 +0000
Manifest this update: Tue 11 Nov 2025 09:00:54 +0000
Manifest next update: Wed 12 Nov 2025 09:00:54 +0000
Files and hashes: 1: 9Bw4s7L1PZyJ0cmK8dHggvZkyc8.roa (hash: k8G5zSf+pp8Di/1i1Rk8bBBXkqYoG95ba1/+ZDXAe1E=)
2: kgIDakPa0GtsLMZL3nZ4cGdvh7M.crl (hash: 3lJigGJXjFFdSLV7mZz904bNofY9JxAqWwVIEixRSHA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/027688-d39c-484a-a450-73dced39707f/1/kgIDakPa0GtsLMZL3nZ4cGdvh7M.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/027688-d39c-484a-a450-73dced39707f/1/kgIDakPa0GtsLMZL3nZ4cGdvh7M.mft
rsync://rpki.ripe.net/repository/DEFAULT/kgIDakPa0GtsLMZL3nZ4cGdvh7M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:8a:1d:b5:f2:aa:bf:20:8a:c2:36:21:6a:48:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9202036a43dad06b6c2cc64bde767870676f87b3
Validity
Not Before: Nov 11 09:00:54 2025 GMT
Not After : Nov 12 09:00:54 2025 GMT
Subject: CN=2432b705aa41abdc56642d7b1bb108ea22800bdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:09:b3:e4:24:cf:b1:26:6b:f4:a2:80:d8:44:
6a:fd:56:22:b7:c5:29:b7:b4:33:ca:22:43:32:99:
5b:4c:88:b3:59:df:aa:ac:bb:c2:ce:26:41:81:24:
d0:83:df:5c:0b:16:c2:ce:f4:92:8c:e8:f9:27:db:
d7:9b:e4:b2:74:16:9a:a8:4b:66:ee:29:00:9f:dd:
14:04:b8:62:98:fb:7c:56:d3:e7:a7:88:fc:0b:9f:
d2:4d:21:1f:83:bd:32:d8:d6:8a:9b:ba:de:79:9b:
9a:67:2a:20:7a:7e:1c:95:f6:3b:91:2c:99:dc:5e:
ee:68:c7:5d:b2:05:21:38:40:1b:cc:9d:4d:e8:ca:
79:fe:09:1e:9c:4d:cc:ad:d4:53:77:72:d8:45:64:
a7:2a:d4:02:5c:ee:71:ea:84:8b:5d:d2:62:66:24:
42:fd:f2:2f:1e:e5:ca:0b:b9:ea:08:0e:b2:8c:f3:
b5:84:20:a9:8e:8e:da:52:c9:d1:79:46:e9:42:fc:
88:d0:40:2f:93:af:e4:b0:94:4e:41:b0:25:e9:a3:
1e:15:7c:b2:1b:5a:5e:bc:e5:c0:4d:f4:b5:f2:64:
21:e9:2d:56:1b:6a:0f:89:df:59:c9:29:39:fa:48:
a3:db:3f:04:ca:63:b9:6b:69:d7:96:2d:c0:f5:c0:
08:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:32:B7:05:AA:41:AB:DC:56:64:2D:7B:1B:B1:08:EA:22:80:0B:DB
X509v3 Authority Key Identifier:
keyid:92:02:03:6A:43:DA:D0:6B:6C:2C:C6:4B:DE:76:78:70:67:6F:87:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kgIDakPa0GtsLMZL3nZ4cGdvh7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/027688-d39c-484a-a450-73dced39707f/1/kgIDakPa0GtsLMZL3nZ4cGdvh7M.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/027688-d39c-484a-a450-73dced39707f/1/kgIDakPa0GtsLMZL3nZ4cGdvh7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
25:47:32:3c:b9:11:bd:2f:39:b3:80:c2:00:0a:d3:6e:01:8e:
9b:d3:16:34:b4:6d:6b:6e:ad:b2:bc:0f:3a:2b:72:fc:f4:37:
01:26:50:2e:2f:8d:87:13:b1:70:67:79:0c:30:a6:24:56:a8:
b9:8f:e8:9a:56:59:04:0f:17:51:52:d8:9c:74:e1:90:0f:4e:
e8:39:2c:a5:85:38:87:4b:24:7f:d4:5c:e6:83:65:f0:56:9e:
21:d8:4d:15:6a:b3:b9:f7:e1:66:55:81:0b:52:ac:75:14:20:
92:61:9a:6d:24:1c:7a:b2:a4:cd:6b:1e:55:0e:64:bb:f9:2a:
af:f8:6e:42:01:82:a9:37:46:e4:64:26:2b:01:28:fb:fb:ea:
c0:05:1d:96:28:c1:a9:f2:74:c5:db:d9:e5:3e:c5:87:c3:37:
fe:26:ea:d2:2a:26:35:ee:ee:f7:97:51:f3:46:31:72:d4:8d:
50:1e:9d:d0:15:f0:7a:90:10:9e:35:ff:8f:74:7d:e3:f7:aa:
65:77:ff:8d:91:12:4b:d0:11:41:53:03:98:41:78:18:ff:00:
a0:96:5e:ec:5a:ee:5e:2c:2c:6a:c2:16:4f:a9:36:9a:13:23:
fc:81:02:7c:71:15:c9:16:6c:22:75:3f:9d:f1:fa:51:4e:0f:
61:38:b6:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJYodtfKqvyCKwjYhakiVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMDIwMzZhNDNkYWQwNmI2YzJjYzY0YmRlNzY3ODcwNjc2
Zjg3YjMwHhcNMjUxMTExMDkwMDU0WhcNMjUxMTEyMDkwMDU0WjAzMTEwLwYDVQQD
EygyNDMyYjcwNWFhNDFhYmRjNTY2NDJkN2IxYmIxMDhlYTIyODAwYmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Amz5CTPsSZr9KKA2ERq/VYit8Up
t7QzyiJDMplbTIizWd+qrLvCziZBgSTQg99cCxbCzvSSjOj5J9vXm+SydBaaqEtm
7ikAn90UBLhimPt8VtPnp4j8C5/STSEfg70y2NaKm7reeZuaZyogen4clfY7kSyZ
3F7uaMddsgUhOEAbzJ1N6Mp5/gkenE3MrdRTd3LYRWSnKtQCXO5x6oSLXdJiZiRC
/fIvHuXKC7nqCA6yjPO1hCCpjo7aUsnReUbpQvyI0EAvk6/ksJROQbAl6aMeFXyy
G1pevOXATfS18mQh6S1WG2oPid9ZySk5+kij2z8EymO5a2nXli3A9cAImQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCQytwWqQavcVmQtexuxCOoigAvbMB8GA1UdIwQY
MBaAFJICA2pD2tBrbCzGS952eHBnb4ezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2dJRGFrUGEwR3RzTE1aTDNuWjRjR2R2aDdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8wMjc2ODgtZDM5Yy00ODRhLWE0NTAt
NzNkY2VkMzk3MDdmLzEva2dJRGFrUGEwR3RzTE1aTDNuWjRjR2R2aDdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8wMjc2ODgtZDM5Yy00ODRhLWE0NTAtNzNkY2VkMzk3MDdm
LzEva2dJRGFrUGEwR3RzTE1aTDNuWjRjR2R2aDdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJUcyPLkR
vS85s4DCAArTbgGOm9MWNLRta26tsrwPOity/PQ3ASZQLi+NhxOxcGd5DDCmJFao
uY/omlZZBA8XUVLYnHThkA9O6DkspYU4h0skf9Rc5oNl8FaeIdhNFWqzuffhZlWB
C1KsdRQgkmGabSQcerKkzWseVQ5ku/kqr/huQgGCqTdG5GQmKwEo+/vqwAUdlijB
qfJ0xdvZ5T7Fh8M3/ibq0iomNe7u95dR80YxctSNUB6d0BXwepAQnjX/j3R94/eq
ZXf/jZESS9ARQVMDmEF4GP8AoJZe7FruXiwsasIWT6k2mhMj/IECfHEVyRZsInU/
nfH6UU4PYTi2yw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:48:05 2025 by rpki-client