Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/97c353-0c36-4066-a56b-139a496cd59c/1/0kMistCnlP0Ha4Xo3FeKuw0D7EA.mft
File: 0kMistCnlP0Ha4Xo3FeKuw0D7EA.mft (raw, json)
Hash identifier: x3qr4NSe1wuuBc/oqnvbUNXAqa3kwSsBE1BoQpxOJoI=
Subject key identifier: EC:F1:64:59:B0:0A:E1:AE:81:48:B0:63:19:57:B6:AB:CA:A7:BA:F6
Authority key identifier: D2:43:22:B2:D0:A7:94:FD:07:6B:85:E8:DC:57:8A:BB:0D:03:EC:40
Certificate issuer: /CN=d24322b2d0a794fd076b85e8dc578abb0d03ec40
Certificate serial: 019A21773CAFD3F8ADD742B4A4D58BD5E60C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0kMistCnlP0Ha4Xo3FeKuw0D7EA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/97c353-0c36-4066-a56b-139a496cd59c/1/0kMistCnlP0Ha4Xo3FeKuw0D7EA.mft
Manifest number: 068A
Signing time: Sun 26 Oct 2025 17:00:53 +0000
Manifest this update: Sun 26 Oct 2025 17:00:53 +0000
Manifest next update: Mon 27 Oct 2025 17:00:53 +0000
Files and hashes: 1: 0i_jhQqN2iNg5AEP50J1N6ocU14.roa (hash: dte6GhHBF0dhj/nHMGGQvO/MzVf6vGP1TT8x/x47jYs=)
2: 0kMistCnlP0Ha4Xo3FeKuw0D7EA.crl (hash: 3JvuXElNi2Sm1WLINhTBL3oYNBqDJPpU9A5A0u3lP30=)
3: wH2BXhQbp4RbWEqazf0ETM0OAOI.roa (hash: WPj1rnPevOFK6Wz2Mo2etzdEIyu2IX1IvghxSjU5v1Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/97c353-0c36-4066-a56b-139a496cd59c/1/0kMistCnlP0Ha4Xo3FeKuw0D7EA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/97c353-0c36-4066-a56b-139a496cd59c/1/0kMistCnlP0Ha4Xo3FeKuw0D7EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/0kMistCnlP0Ha4Xo3FeKuw0D7EA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 17:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:21:77:3c:af:d3:f8:ad:d7:42:b4:a4:d5:8b:d5:e6:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d24322b2d0a794fd076b85e8dc578abb0d03ec40
Validity
Not Before: Oct 26 17:00:53 2025 GMT
Not After : Oct 27 17:00:53 2025 GMT
Subject: CN=ecf16459b00ae1ae8148b0631957b6abcaa7baf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7e:c6:1c:df:fb:44:38:3d:82:a2:d3:10:13:
40:12:c5:9d:83:97:4b:fd:8d:29:86:3e:87:e9:52:
3a:fb:06:84:40:0d:16:80:94:b2:2c:03:a0:6b:32:
2c:28:de:c4:57:e9:3b:51:48:c6:ba:72:0c:df:17:
e6:62:0b:09:b8:71:36:70:08:63:0f:78:ba:d8:c5:
2f:40:86:63:31:54:5f:76:d4:36:d8:49:02:9e:5f:
9d:83:c4:df:34:e5:7b:65:80:1f:53:3d:5c:54:cf:
cc:00:12:21:a1:5d:47:39:6d:6e:10:b9:1c:a7:00:
d4:56:a6:64:26:62:20:dd:a6:7b:07:d2:89:7c:ac:
09:c1:ea:d6:e6:05:91:33:5f:3c:06:5b:dd:ac:f5:
ff:dc:a3:38:ef:4d:a6:64:fb:a1:79:8e:4b:be:43:
50:e5:20:d3:0f:9a:92:a9:9b:05:7d:f6:3c:98:d0:
f1:46:84:25:61:7d:74:57:31:22:8d:02:9a:b7:5a:
af:9a:8d:9e:3e:58:6f:97:d2:13:77:23:04:bb:79:
d2:28:a6:04:36:e6:8e:fa:9a:8c:a3:f0:53:1f:b7:
4d:e0:56:8f:be:10:da:66:c5:bf:b8:35:3c:61:b0:
9e:70:40:07:ff:5b:78:88:cd:4c:3a:90:24:6e:a4:
6f:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:F1:64:59:B0:0A:E1:AE:81:48:B0:63:19:57:B6:AB:CA:A7:BA:F6
X509v3 Authority Key Identifier:
keyid:D2:43:22:B2:D0:A7:94:FD:07:6B:85:E8:DC:57:8A:BB:0D:03:EC:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0kMistCnlP0Ha4Xo3FeKuw0D7EA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/97c353-0c36-4066-a56b-139a496cd59c/1/0kMistCnlP0Ha4Xo3FeKuw0D7EA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/97c353-0c36-4066-a56b-139a496cd59c/1/0kMistCnlP0Ha4Xo3FeKuw0D7EA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0a:55:47:17:73:d8:8a:44:9d:a1:dd:c2:22:cd:4d:66:af:de:
5e:3c:bb:1c:0a:18:38:b2:73:98:5f:cc:4c:46:67:f1:1d:b5:
43:a0:52:03:7a:c5:28:be:f7:39:ad:d8:7e:3d:01:06:74:e7:
99:97:c5:8c:33:d4:60:a7:cb:76:ab:28:3e:ad:fd:5d:00:69:
f2:3b:f0:e9:64:18:4e:d6:66:de:a4:a6:c1:8f:b8:50:10:bb:
4d:aa:ed:25:d1:73:5e:e0:a4:1f:a3:bf:b9:20:e9:42:b3:e6:
29:92:d7:40:fa:68:0e:97:80:f2:34:16:ef:b4:4c:88:95:ab:
77:7a:43:a6:03:f2:db:dc:45:d0:d0:6d:22:80:96:a4:1d:13:
88:3f:02:a2:74:03:58:01:d9:08:3c:01:54:c7:a9:9d:de:26:
cc:0b:e0:53:6e:5b:a9:86:4e:d7:3a:c2:be:82:97:b8:f7:ea:
3a:e0:41:76:ff:4b:f6:7e:1d:66:b7:ac:5b:5c:b7:50:b6:42:
70:55:db:66:9c:1d:04:c1:1d:e9:43:77:cc:56:89:70:86:3d:
9d:33:b4:e0:40:7b:72:46:7e:8e:f7:0e:75:18:be:1f:7d:14:
60:06:41:13:68:36:bc:67:1f:b6:45:d6:43:f0:4e:e7:b4:eb:
fd:d8:91:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZohdzyv0/it10K0pNWL1eYMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNDMyMmIyZDBhNzk0ZmQwNzZiODVlOGRjNTc4YWJiMGQw
M2VjNDAwHhcNMjUxMDI2MTcwMDUzWhcNMjUxMDI3MTcwMDUzWjAzMTEwLwYDVQQD
EyhlY2YxNjQ1OWIwMGFlMWFlODE0OGIwNjMxOTU3YjZhYmNhYTdiYWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxX7GHN/7RDg9gqLTEBNAEsWdg5dL
/Y0phj6H6VI6+waEQA0WgJSyLAOgazIsKN7EV+k7UUjGunIM3xfmYgsJuHE2cAhj
D3i62MUvQIZjMVRfdtQ22EkCnl+dg8TfNOV7ZYAfUz1cVM/MABIhoV1HOW1uELkc
pwDUVqZkJmIg3aZ7B9KJfKwJwerW5gWRM188BlvdrPX/3KM4702mZPuheY5LvkNQ
5SDTD5qSqZsFffY8mNDxRoQlYX10VzEijQKat1qvmo2ePlhvl9ITdyMEu3nSKKYE
NuaO+pqMo/BTH7dN4FaPvhDaZsW/uDU8YbCecEAH/1t4iM1MOpAkbqRvNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOzxZFmwCuGugUiwYxlXtqvKp7r2MB8GA1UdIwQY
MBaAFNJDIrLQp5T9B2uF6NxXirsNA+xAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGtNaXN0Q25sUDBIYTRYbzNGZUt1dzBEN0VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy85N2MzNTMtMGMzNi00MDY2LWE1NmIt
MTM5YTQ5NmNkNTljLzEvMGtNaXN0Q25sUDBIYTRYbzNGZUt1dzBEN0VBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy85N2MzNTMtMGMzNi00MDY2LWE1NmItMTM5YTQ5NmNkNTlj
LzEvMGtNaXN0Q25sUDBIYTRYbzNGZUt1dzBEN0VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAClVHF3PY
ikSdod3CIs1NZq/eXjy7HAoYOLJzmF/MTEZn8R21Q6BSA3rFKL73Oa3Yfj0BBnTn
mZfFjDPUYKfLdqsoPq39XQBp8jvw6WQYTtZm3qSmwY+4UBC7TartJdFzXuCkH6O/
uSDpQrPmKZLXQPpoDpeA8jQW77RMiJWrd3pDpgPy29xF0NBtIoCWpB0TiD8ConQD
WAHZCDwBVMepnd4mzAvgU25bqYZO1zrCvoKXuPfqOuBBdv9L9n4dZresW1y3ULZC
cFXbZpwdBMEd6UN3zFaJcIY9nTO04EB7ckZ+jvcOdRi+H30UYAZBE2g2vGcftkXW
Q/BO57Tr/diR2A==
-----END CERTIFICATE-----
Generated at Mon Oct 27 02:04:45 2025 by rpki-client