Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/14099a-e2da-4f6a-b5c4-6fd751de717a/1/idaknSMAf7sSRxkvu3vZgus3M18.mft
File: idaknSMAf7sSRxkvu3vZgus3M18.mft (raw, json)
Hash identifier: uuSjamhAQc/ZxlTksxHZKtlsBuzu5ztY9oCZnK7sRvs=
Subject key identifier: 0D:1D:E3:B7:15:54:59:C0:CE:EC:CA:DD:59:9E:00:CA:F5:BF:AE:DF
Authority key identifier: 89:D6:A4:9D:23:00:7F:BB:12:47:19:2F:BB:7B:D9:82:EB:37:33:5F
Certificate issuer: /CN=89d6a49d23007fbb1247192fbb7bd982eb37335f
Certificate serial: 019A507494D4C03A70F1EACFB33D0516F06A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/idaknSMAf7sSRxkvu3vZgus3M18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/14099a-e2da-4f6a-b5c4-6fd751de717a/1/idaknSMAf7sSRxkvu3vZgus3M18.mft
Manifest number: 0213
Signing time: Tue 04 Nov 2025 20:00:08 +0000
Manifest this update: Tue 04 Nov 2025 20:00:08 +0000
Manifest next update: Wed 05 Nov 2025 20:00:08 +0000
Files and hashes: 1: h5XDYzeHNRC78pQldSdBc3wtmlU.roa (hash: y/jCUDtK6aEdyycsVox6EyAhTQt3+YacMPTfw4ggZeM=)
2: idaknSMAf7sSRxkvu3vZgus3M18.crl (hash: rkhN4UWFivzo50opvzdFlzjlUS8LAgA4IKI5sUvD9yE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/14099a-e2da-4f6a-b5c4-6fd751de717a/1/idaknSMAf7sSRxkvu3vZgus3M18.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/14099a-e2da-4f6a-b5c4-6fd751de717a/1/idaknSMAf7sSRxkvu3vZgus3M18.mft
rsync://rpki.ripe.net/repository/DEFAULT/idaknSMAf7sSRxkvu3vZgus3M18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:74:94:d4:c0:3a:70:f1:ea:cf:b3:3d:05:16:f0:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89d6a49d23007fbb1247192fbb7bd982eb37335f
Validity
Not Before: Nov 4 20:00:08 2025 GMT
Not After : Nov 5 20:00:08 2025 GMT
Subject: CN=0d1de3b7155459c0ceeccadd599e00caf5bfaedf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:6f:80:9f:5b:cb:9d:f8:e5:ab:64:b4:4f:05:
da:4b:04:a0:52:f3:a5:ac:fc:d3:21:06:55:f2:1b:
9b:b1:f0:91:dc:5e:6b:38:ec:82:3b:65:fc:9b:ce:
0f:0f:c4:90:c9:8a:cf:5e:67:ae:c9:cf:2d:5e:9c:
cf:a9:8f:a7:0e:47:3d:2f:90:70:b4:c3:62:6e:ca:
cd:aa:f5:4c:81:3c:b3:bb:02:35:93:c7:b3:c6:2c:
12:a2:e1:13:67:00:78:78:cd:ab:2f:3d:3c:a7:13:
05:d1:1c:bd:6e:df:1a:ac:94:50:1c:0d:21:f8:b0:
16:ac:e5:78:3e:99:9e:8b:eb:97:2f:42:8f:c3:90:
21:9b:34:91:c0:34:4a:d6:56:15:bc:df:b6:6c:78:
eb:6a:6e:1a:16:5a:62:9c:0f:84:f8:d0:bc:41:d5:
e2:b8:79:51:68:80:ec:fb:a7:3d:a7:73:52:d2:a8:
5f:ac:d3:75:e9:29:6f:69:93:eb:46:1e:2b:c4:9e:
90:dd:25:a2:81:13:81:86:59:38:15:b2:33:47:20:
74:d8:08:28:25:1b:2d:5f:38:df:c4:e8:8d:8f:bc:
51:49:0b:ad:cf:a4:75:b9:d0:fd:4d:4f:92:f1:c3:
0e:50:e4:c4:f1:b1:ee:d2:2d:a5:6e:79:c8:71:dd:
e9:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:1D:E3:B7:15:54:59:C0:CE:EC:CA:DD:59:9E:00:CA:F5:BF:AE:DF
X509v3 Authority Key Identifier:
keyid:89:D6:A4:9D:23:00:7F:BB:12:47:19:2F:BB:7B:D9:82:EB:37:33:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/idaknSMAf7sSRxkvu3vZgus3M18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/14099a-e2da-4f6a-b5c4-6fd751de717a/1/idaknSMAf7sSRxkvu3vZgus3M18.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/14099a-e2da-4f6a-b5c4-6fd751de717a/1/idaknSMAf7sSRxkvu3vZgus3M18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
79:dc:43:35:15:6e:e1:f6:e6:8e:e3:9d:4d:39:44:df:8b:ec:
7f:7f:b2:4a:2c:b0:1b:fe:c3:b4:fb:17:d9:03:d0:18:84:6d:
72:e1:1c:c1:fa:7b:48:96:d4:1f:15:19:e2:0f:fb:4c:f0:96:
d2:b3:9f:f0:08:03:8b:90:34:a4:6b:66:20:bf:b5:f2:1d:3d:
98:7a:f5:b9:cd:8f:2c:d7:2d:c9:d7:6a:9f:88:bd:da:63:11:
60:a2:64:ff:2a:67:9d:5f:62:4a:c4:24:1e:e2:06:5c:4a:c1:
83:6c:d5:58:69:6c:53:bc:34:26:70:56:f8:7f:4f:d4:d6:91:
62:db:7f:3b:b4:4f:c5:b6:47:8c:16:df:37:32:65:bc:a7:37:
68:52:0e:6f:2b:d0:01:d5:79:bb:bc:d8:d3:4d:84:d5:da:59:
18:3c:ae:6e:35:61:e4:c1:48:04:84:61:73:24:9b:96:c7:fb:
9d:cc:77:61:bd:7f:35:1c:14:ee:b5:f8:73:d1:a4:a8:23:c9:
a2:15:0c:3b:0d:28:f6:c4:cd:d5:a2:3a:62:33:ff:eb:e0:f7:
2f:1e:43:9e:4b:12:a3:9b:4a:57:21:5f:e8:18:87:b8:15:a0:
97:4c:c0:62:10:2f:36:7d:d7:6d:e6:af:45:d6:86:1c:f0:d3:
cd:5b:d4:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQdJTUwDpw8erPsz0FFvBqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZDZhNDlkMjMwMDdmYmIxMjQ3MTkyZmJiN2JkOTgyZWIz
NzMzNWYwHhcNMjUxMTA0MjAwMDA4WhcNMjUxMTA1MjAwMDA4WjAzMTEwLwYDVQQD
EygwZDFkZTNiNzE1NTQ1OWMwY2VlY2NhZGQ1OTllMDBjYWY1YmZhZWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlm+An1vLnfjlq2S0TwXaSwSgUvOl
rPzTIQZV8hubsfCR3F5rOOyCO2X8m84PD8SQyYrPXmeuyc8tXpzPqY+nDkc9L5Bw
tMNibsrNqvVMgTyzuwI1k8ezxiwSouETZwB4eM2rLz08pxMF0Ry9bt8arJRQHA0h
+LAWrOV4Ppmei+uXL0KPw5AhmzSRwDRK1lYVvN+2bHjram4aFlpinA+E+NC8QdXi
uHlRaIDs+6c9p3NS0qhfrNN16SlvaZPrRh4rxJ6Q3SWigROBhlk4FbIzRyB02Ago
JRstXzjfxOiNj7xRSQutz6R1udD9TU+S8cMOUOTE8bHu0i2lbnnIcd3piwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA0d47cVVFnAzuzK3VmeAMr1v67fMB8GA1UdIwQY
MBaAFInWpJ0jAH+7EkcZL7t72YLrNzNfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWRha25TTUFmN3NTUnhrdnUzdlpndXMzTTE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xNDA5OWEtZTJkYS00ZjZhLWI1YzQt
NmZkNzUxZGU3MTdhLzEvaWRha25TTUFmN3NTUnhrdnUzdlpndXMzTTE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8xNDA5OWEtZTJkYS00ZjZhLWI1YzQtNmZkNzUxZGU3MTdh
LzEvaWRha25TTUFmN3NTUnhrdnUzdlpndXMzTTE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAedxDNRVu
4fbmjuOdTTlE34vsf3+ySiywG/7DtPsX2QPQGIRtcuEcwfp7SJbUHxUZ4g/7TPCW
0rOf8AgDi5A0pGtmIL+18h09mHr1uc2PLNctyddqn4i92mMRYKJk/ypnnV9iSsQk
HuIGXErBg2zVWGlsU7w0JnBW+H9P1NaRYtt/O7RPxbZHjBbfNzJlvKc3aFIObyvQ
AdV5u7zY002E1dpZGDyubjVh5MFIBIRhcySblsf7ncx3Yb1/NRwU7rX4c9GkqCPJ
ohUMOw0o9sTN1aI6YjP/6+D3Lx5DnksSo5tKVyFf6BiHuBWgl0zAYhAvNn3Xbeav
RdaGHPDTzVvUog==
-----END CERTIFICATE-----
Generated at Wed Nov 5 02:21:24 2025 by rpki-client