Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/e1cee6-dcff-4373-bd88-a3c539f0b6d2/1/RKO0P2R-HncUzRMHZMu8SBTnoUg.mft
File: RKO0P2R-HncUzRMHZMu8SBTnoUg.mft (raw, json)
Hash identifier: nXlCBuHr0rPdCjvsERTwi+K1mDC5MWIjOklMj9LIs9k=
Subject key identifier: 54:8B:D5:29:C7:96:B5:50:33:AD:36:1D:D5:B2:E1:40:04:37:DC:5F
Authority key identifier: 44:A3:B4:3F:64:7E:1E:77:14:CD:13:07:64:CB:BC:48:14:E7:A1:48
Certificate issuer: /CN=44a3b43f647e1e7714cd130764cbbc4814e7a148
Certificate serial: 019A4C9807B574E0E3F67A3AB64E7634129D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RKO0P2R-HncUzRMHZMu8SBTnoUg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/e1cee6-dcff-4373-bd88-a3c539f0b6d2/1/RKO0P2R-HncUzRMHZMu8SBTnoUg.mft
Manifest number: 1710
Signing time: Tue 04 Nov 2025 02:00:23 +0000
Manifest this update: Tue 04 Nov 2025 02:00:23 +0000
Manifest next update: Wed 05 Nov 2025 02:00:23 +0000
Files and hashes: 1: KrEyLtzd_FGxXKe36EuPBXxaKHA.roa (hash: ADivn+VbvpgE3fUtfn8Xzz0qtLuBXCOdiCI9IztCcUQ=)
2: RKO0P2R-HncUzRMHZMu8SBTnoUg.crl (hash: 0VbMv0RIo0qFTGHYwcgPNxoE0MgEY8OKlH8Ya9s6OlU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/e1cee6-dcff-4373-bd88-a3c539f0b6d2/1/RKO0P2R-HncUzRMHZMu8SBTnoUg.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/e1cee6-dcff-4373-bd88-a3c539f0b6d2/1/RKO0P2R-HncUzRMHZMu8SBTnoUg.mft
rsync://rpki.ripe.net/repository/DEFAULT/RKO0P2R-HncUzRMHZMu8SBTnoUg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Nov 2025 20:30:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4c:98:07:b5:74:e0:e3:f6:7a:3a:b6:4e:76:34:12:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44a3b43f647e1e7714cd130764cbbc4814e7a148
Validity
Not Before: Nov 4 02:00:23 2025 GMT
Not After : Nov 5 02:00:23 2025 GMT
Subject: CN=548bd529c796b55033ad361dd5b2e1400437dc5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b3:9d:78:17:29:9b:3b:38:a3:1e:e6:14:62:
02:35:d2:91:c8:6b:94:87:7b:90:c2:43:87:53:91:
8e:7f:4e:f8:74:fc:ff:87:26:ae:fc:a7:f1:e5:5a:
25:1a:38:ab:08:14:bb:58:e3:f1:d9:95:0f:8a:45:
6d:34:af:c7:c4:99:af:12:05:5b:23:21:44:0a:79:
e8:e6:d4:46:5a:f7:97:52:dd:23:23:1b:a2:5d:83:
1b:95:3d:9d:5e:a7:5c:4f:5d:be:35:24:7d:4d:43:
48:2b:91:6a:55:13:68:96:08:2b:ae:39:a8:20:b8:
1d:4e:50:90:da:57:0a:12:b8:ff:70:cf:a6:71:58:
a8:f5:88:6a:fb:cf:ad:38:62:75:eb:af:6f:09:7c:
92:1a:1f:0c:99:5a:ad:ed:54:3b:5e:a3:97:9b:79:
7f:40:76:bd:1c:fc:95:0a:db:c6:8d:25:4c:cc:c8:
f2:82:6b:ea:71:78:b1:c7:a3:b8:88:6f:42:82:b3:
15:9a:0a:d2:a8:78:38:1a:cb:63:e0:7e:ba:83:34:
4c:9e:e5:c6:c8:61:d4:98:5c:60:d0:c7:8b:8d:e0:
fc:6a:83:39:3f:a3:e5:0e:75:f1:df:a1:ea:ed:d3:
ed:5e:1c:f8:8f:e6:04:f9:0b:75:72:cb:dd:7f:34:
56:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:8B:D5:29:C7:96:B5:50:33:AD:36:1D:D5:B2:E1:40:04:37:DC:5F
X509v3 Authority Key Identifier:
keyid:44:A3:B4:3F:64:7E:1E:77:14:CD:13:07:64:CB:BC:48:14:E7:A1:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RKO0P2R-HncUzRMHZMu8SBTnoUg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e1cee6-dcff-4373-bd88-a3c539f0b6d2/1/RKO0P2R-HncUzRMHZMu8SBTnoUg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e1cee6-dcff-4373-bd88-a3c539f0b6d2/1/RKO0P2R-HncUzRMHZMu8SBTnoUg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3f:a6:67:0b:33:78:eb:bc:17:3a:89:ca:cd:c2:5a:3a:47:e3:
ac:9a:fe:b9:8c:85:03:16:81:b7:fa:1f:bb:fc:b8:76:9f:72:
1b:60:93:6a:2b:a0:25:4a:2c:33:03:d4:e6:f5:81:97:ed:13:
d5:67:7a:48:31:06:03:dc:1f:22:72:bd:ad:9f:89:df:bc:58:
60:ba:1b:fb:8c:2c:22:ad:e0:02:39:56:1b:49:50:0a:32:f0:
e7:85:2a:86:be:1a:c5:4a:72:31:be:97:f5:ff:e2:41:88:d6:
54:f9:ea:e7:4e:7b:f1:50:c6:72:4b:8b:ba:0d:f3:39:ab:cd:
ac:bb:3a:1c:86:ba:fd:6c:8f:04:2f:6c:e8:8a:ff:bf:91:d5:
d6:e2:22:ad:ef:e2:a9:ba:8c:df:47:2d:48:eb:81:60:d8:5d:
ef:c3:38:1b:9d:21:f4:93:a9:b6:6d:fb:37:fb:3d:d9:ae:26:
b4:34:ff:3b:1d:d6:94:aa:ad:ff:76:e1:ac:1b:4c:64:37:d7:
2f:aa:27:11:e0:90:5b:ff:ee:9f:14:7b:ad:08:51:c2:ff:10:
64:65:62:ed:e1:a8:be:8d:17:89:e4:62:b4:eb:88:a8:29:fb:
68:c8:24:a9:82:30:ce:5b:d0:7f:f8:fd:4f:ed:ff:a0:74:0c:
05:f2:f1:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpMmAe1dODj9no6tk52NBKdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YTNiNDNmNjQ3ZTFlNzcxNGNkMTMwNzY0Y2JiYzQ4MTRl
N2ExNDgwHhcNMjUxMTA0MDIwMDIzWhcNMjUxMTA1MDIwMDIzWjAzMTEwLwYDVQQD
Eyg1NDhiZDUyOWM3OTZiNTUwMzNhZDM2MWRkNWIyZTE0MDA0MzdkYzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLOdeBcpmzs4ox7mFGICNdKRyGuU
h3uQwkOHU5GOf074dPz/hyau/Kfx5VolGjirCBS7WOPx2ZUPikVtNK/HxJmvEgVb
IyFECnno5tRGWveXUt0jIxuiXYMblT2dXqdcT12+NSR9TUNIK5FqVRNolggrrjmo
ILgdTlCQ2lcKErj/cM+mcVio9Yhq+8+tOGJ1669vCXySGh8MmVqt7VQ7XqOXm3l/
QHa9HPyVCtvGjSVMzMjygmvqcXixx6O4iG9CgrMVmgrSqHg4Gstj4H66gzRMnuXG
yGHUmFxg0MeLjeD8aoM5P6PlDnXx36Hq7dPtXhz4j+YE+Qt1csvdfzRW3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFSL1SnHlrVQM602HdWy4UAEN9xfMB8GA1UdIwQY
MBaAFESjtD9kfh53FM0TB2TLvEgU56FIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUktPMFAyUi1IbmNVelJNSFpNdThTQlRub1VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9lMWNlZTYtZGNmZi00MzczLWJkODgt
YTNjNTM5ZjBiNmQyLzEvUktPMFAyUi1IbmNVelJNSFpNdThTQlRub1VnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9lMWNlZTYtZGNmZi00MzczLWJkODgtYTNjNTM5ZjBiNmQy
LzEvUktPMFAyUi1IbmNVelJNSFpNdThTQlRub1VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP6ZnCzN4
67wXOonKzcJaOkfjrJr+uYyFAxaBt/ofu/y4dp9yG2CTaiugJUosMwPU5vWBl+0T
1Wd6SDEGA9wfInK9rZ+J37xYYLob+4wsIq3gAjlWG0lQCjLw54Uqhr4axUpyMb6X
9f/iQYjWVPnq50578VDGckuLug3zOavNrLs6HIa6/WyPBC9s6Ir/v5HV1uIire/i
qbqM30ctSOuBYNhd78M4G50h9JOptm37N/s92a4mtDT/Ox3WlKqt/3bhrBtMZDfX
L6onEeCQW//unxR7rQhRwv8QZGVi7eGovo0XieRitOuIqCn7aMgkqYIwzlvQf/j9
T+3/oHQMBfLx3g==
-----END CERTIFICATE-----
Generated at Tue Nov 4 04:00:01 2025 by rpki-client