Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.mft
File: rKbwaDzHS63SOoFAw4XxyBziTfc.mft (raw, json)
Hash identifier: b25Pclh+/4xTTdfn9dDIoipaUB3s2Mm1V6UoHiDPNfM=
Subject key identifier: D6:17:37:C2:43:CE:CD:FF:88:F7:71:CE:DA:8A:E7:85:9B:44:69:FB
Authority key identifier: AC:A6:F0:68:3C:C7:4B:AD:D2:3A:81:40:C3:85:F1:C8:1C:E2:4D:F7
Certificate issuer: /CN=aca6f0683cc74badd23a8140c385f1c81ce24df7
Certificate serial: 019A552D5C18714B6B8B71008C23C3EE3986
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKbwaDzHS63SOoFAw4XxyBziTfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.mft
Manifest number: 0DB9
Signing time: Wed 05 Nov 2025 18:00:27 +0000
Manifest this update: Wed 05 Nov 2025 18:00:27 +0000
Manifest next update: Thu 06 Nov 2025 18:00:27 +0000
Files and hashes: 1: 0vFnPnyD0rk0NBq-vHcuUjmsih4.roa (hash: 8C+9WOepMdgxD+Xcj7Wjy9LCISmYrp2hucRDb6Vj6WM=)
2: rKbwaDzHS63SOoFAw4XxyBziTfc.crl (hash: ADH4hP5RDS5WqZVzrkLj5xf135uHkkOEAt+l8lKl5Z8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKbwaDzHS63SOoFAw4XxyBziTfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 18:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:55:2d:5c:18:71:4b:6b:8b:71:00:8c:23:c3:ee:39:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca6f0683cc74badd23a8140c385f1c81ce24df7
Validity
Not Before: Nov 5 18:00:27 2025 GMT
Not After : Nov 6 18:00:27 2025 GMT
Subject: CN=d61737c243cecdff88f771ceda8ae7859b4469fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ec:7b:46:78:f0:8a:31:0b:1e:8e:3f:48:07:
8d:d2:fa:6c:27:bd:35:a9:b8:02:2e:6e:64:95:2e:
df:e5:78:cc:19:65:f6:18:ee:e9:7f:4f:5e:9a:1b:
4f:73:85:d1:77:a8:42:a9:35:d1:c7:a8:13:2c:a3:
2d:3c:38:ec:e7:67:3b:d5:19:fb:ab:51:ca:5a:79:
1e:99:a5:bc:dc:ce:8d:86:87:eb:e3:67:bd:b9:71:
05:a0:f7:f0:3c:bc:42:a8:c5:3e:01:25:b1:02:2b:
9f:d8:79:d6:8f:9a:07:12:53:a7:db:e9:b0:c7:48:
8b:cb:c0:ce:c2:07:93:75:14:5f:88:f0:8c:d7:b1:
5c:26:20:1b:35:33:7a:7c:ad:3d:11:05:df:30:12:
2c:5d:89:02:aa:11:77:06:de:ee:83:52:0f:6c:a4:
2a:36:7f:6c:c7:89:45:31:1b:56:31:e5:0f:6c:79:
11:a6:c6:00:e2:48:b1:d9:a0:de:44:f1:46:a8:1d:
28:73:e0:c4:bf:2d:33:59:e8:f9:b3:dc:e5:e1:e8:
1c:f1:01:9d:a5:77:48:e7:5a:73:3c:0a:a2:6a:f6:
f4:03:c4:ec:5c:af:ae:ed:5c:96:42:d7:3c:9c:d2:
16:02:58:1e:24:da:d6:58:97:29:d8:9a:fd:f4:6d:
3e:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:17:37:C2:43:CE:CD:FF:88:F7:71:CE:DA:8A:E7:85:9B:44:69:FB
X509v3 Authority Key Identifier:
keyid:AC:A6:F0:68:3C:C7:4B:AD:D2:3A:81:40:C3:85:F1:C8:1C:E2:4D:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKbwaDzHS63SOoFAw4XxyBziTfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
79:64:95:e9:af:ea:7d:23:d8:ed:2f:21:0a:cd:d7:f0:9f:e0:
e0:a4:7f:d0:69:7d:c4:42:5c:16:88:52:8e:1e:1e:25:bd:db:
8a:f7:83:80:46:b6:52:ec:f5:09:06:70:5f:68:1d:5c:2b:32:
cb:61:f3:5a:f4:16:4f:b9:c1:12:06:e4:65:a9:04:e7:af:af:
c3:ee:58:1b:f0:06:c1:24:30:d9:9c:be:d7:23:4d:ea:ef:33:
93:77:1b:de:cd:9b:3d:55:e6:25:87:8e:f9:ee:26:6b:5f:4d:
34:31:1f:8e:fe:dc:fe:ee:13:70:61:a8:97:56:26:39:da:81:
d2:74:5f:7a:72:90:22:4c:cb:01:a2:03:17:33:33:3c:59:2a:
d2:ef:a0:ab:b4:0e:e1:6c:7f:d1:72:a3:51:b2:bb:ac:9a:0a:
c1:3c:ba:c2:cc:98:54:1f:50:91:18:d7:f5:4a:1e:c4:7c:a3:
7c:e1:7b:5d:95:f5:16:4b:24:6b:a5:c1:94:17:a9:aa:49:5d:
b4:cf:c6:e7:20:e6:fd:59:3a:26:c2:27:ee:11:e8:e6:44:25:
ac:a1:ef:c5:8d:c4:7b:7e:34:1e:22:c5:af:4c:26:d9:11:6f:
66:6a:6d:d7:f6:13:64:50:6e:27:57:58:6c:9e:26:72:75:f6:
46:fe:f3:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpVLVwYcUtri3EAjCPD7jmGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTZmMDY4M2NjNzRiYWRkMjNhODE0MGMzODVmMWM4MWNl
MjRkZjcwHhcNMjUxMTA1MTgwMDI3WhcNMjUxMTA2MTgwMDI3WjAzMTEwLwYDVQQD
EyhkNjE3MzdjMjQzY2VjZGZmODhmNzcxY2VkYThhZTc4NTliNDQ2OWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+x7RnjwijELHo4/SAeN0vpsJ701
qbgCLm5klS7f5XjMGWX2GO7pf09emhtPc4XRd6hCqTXRx6gTLKMtPDjs52c71Rn7
q1HKWnkemaW83M6Nhofr42e9uXEFoPfwPLxCqMU+ASWxAiuf2HnWj5oHElOn2+mw
x0iLy8DOwgeTdRRfiPCM17FcJiAbNTN6fK09EQXfMBIsXYkCqhF3Bt7ug1IPbKQq
Nn9sx4lFMRtWMeUPbHkRpsYA4kix2aDeRPFGqB0oc+DEvy0zWej5s9zl4egc8QGd
pXdI51pzPAqiavb0A8TsXK+u7VyWQtc8nNIWAlgeJNrWWJcp2Jr99G0+wwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNYXN8JDzs3/iPdxztqK54WbRGn7MB8GA1UdIwQY
MBaAFKym8Gg8x0ut0jqBQMOF8cgc4k33MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktid2FEekhTNjNTT29GQXc0WHh5QnppVGZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8yZDQ4MTgtZjE4Mi00YjQ2LTllOGMt
MDgyNzk2MWMwNWUwLzEvcktid2FEekhTNjNTT29GQXc0WHh5QnppVGZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8yZDQ4MTgtZjE4Mi00YjQ2LTllOGMtMDgyNzk2MWMwNWUw
LzEvcktid2FEekhTNjNTT29GQXc0WHh5QnppVGZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeWSV6a/q
fSPY7S8hCs3X8J/g4KR/0Gl9xEJcFohSjh4eJb3biveDgEa2Uuz1CQZwX2gdXCsy
y2HzWvQWT7nBEgbkZakE56+vw+5YG/AGwSQw2Zy+1yNN6u8zk3cb3s2bPVXmJYeO
+e4ma19NNDEfjv7c/u4TcGGol1YmOdqB0nRfenKQIkzLAaIDFzMzPFkq0u+gq7QO
4Wx/0XKjUbK7rJoKwTy6wsyYVB9QkRjX9UoexHyjfOF7XZX1Fkska6XBlBepqkld
tM/G5yDm/Vk6JsIn7hHo5kQlrKHvxY3Ee340HiLFr0wm2RFvZmpt1/YTZFBuJ1dY
bJ4mcnX2Rv7zOQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 23:06:35 2025 by rpki-client