Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft
File: CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft (raw, json)
Hash identifier: gHMyycFnS2frjkQX7wCzAcDGB+DadIqJW8U/xw5mEI0=
Subject key identifier: D5:8E:D8:1A:43:93:EC:FF:10:8F:E7:B0:43:73:E7:32:52:EC:7A:64
Authority key identifier: 08:A3:4D:AA:A8:87:D9:8A:53:48:C3:A4:60:A2:1F:C8:4E:11:A4:E6
Certificate issuer: /CN=08a34daaa887d98a5348c3a460a21fc84e11a4e6
Certificate serial: 019A4D3D08BB716EA1BBA14D8E419C819224
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft
Manifest number: 1373
Signing time: Tue 04 Nov 2025 05:00:36 +0000
Manifest this update: Tue 04 Nov 2025 05:00:36 +0000
Manifest next update: Wed 05 Nov 2025 05:00:36 +0000
Files and hashes: 1: CKNNqqiH2YpTSMOkYKIfyE4RpOY.crl (hash: 45WtjO+TWMV5NIssx+ng2Ftozfc3dUJlSxtcF0UjC2I=)
2: DQ47vKDjcl-2XGhWvGpEltnbLx0.roa (hash: xO7ywYo6rKZE+1UGlrRMauCBtFM1TiMUXrJWYhc9zkg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft
rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 05:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:3d:08:bb:71:6e:a1:bb:a1:4d:8e:41:9c:81:92:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08a34daaa887d98a5348c3a460a21fc84e11a4e6
Validity
Not Before: Nov 4 05:00:36 2025 GMT
Not After : Nov 5 05:00:36 2025 GMT
Subject: CN=d58ed81a4393ecff108fe7b04373e73252ec7a64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:50:26:0c:39:82:10:1b:a4:e7:6c:3e:8e:e6:
d1:96:03:26:f5:bd:67:5b:35:8b:99:31:97:4f:15:
a2:02:0f:f1:f2:2a:04:f3:9c:c5:69:62:29:09:9d:
9e:4f:c2:71:67:30:8a:9d:f0:b7:72:e4:ac:95:c7:
4e:a4:81:bd:ed:87:cb:09:62:27:14:aa:72:d5:14:
73:bd:b4:69:79:a2:e4:44:8d:40:16:72:bb:0c:dd:
79:ad:df:c6:a6:c6:e3:cb:fa:e8:97:29:39:2b:dd:
12:20:58:85:5b:34:ad:ad:7d:c7:1a:f4:68:09:f0:
c2:0d:50:75:f0:25:42:d9:e9:70:7a:71:65:9b:45:
eb:ee:f1:4e:f3:03:52:e4:ff:34:0f:c8:ed:91:dc:
df:c3:5a:92:74:76:9d:f6:d0:7d:5c:7c:10:ef:a3:
a9:53:7a:0c:e9:86:82:55:16:4d:e3:a8:40:00:f6:
63:f6:94:1a:2e:20:44:37:e1:dc:50:52:fd:19:9d:
54:04:5d:0b:45:a7:a6:1f:5a:45:2e:b1:86:c5:f4:
a1:13:c5:b1:3b:49:d2:27:ec:2f:a0:53:58:14:4b:
04:06:ab:71:93:40:a4:46:0b:a4:e2:cb:5c:99:10:
d1:8e:48:a6:d1:60:41:a5:b3:90:6b:f3:6a:cd:34:
fd:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:8E:D8:1A:43:93:EC:FF:10:8F:E7:B0:43:73:E7:32:52:EC:7A:64
X509v3 Authority Key Identifier:
keyid:08:A3:4D:AA:A8:87:D9:8A:53:48:C3:A4:60:A2:1F:C8:4E:11:A4:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
30:02:99:08:f0:c0:a0:f5:98:f0:bf:c6:d7:21:d4:32:9a:1e:
1b:82:a4:45:e8:c6:6a:5e:0c:ad:eb:09:cd:da:4e:f0:ee:3c:
e3:e2:05:91:68:68:ac:ae:04:7d:44:ca:72:3c:7d:0b:c7:80:
2f:c1:0c:02:54:6e:fd:35:27:d1:c1:c5:0a:62:82:d4:4a:25:
89:69:b5:03:66:d6:cf:a9:4a:8a:8e:9b:6a:02:06:bc:e2:0a:
4a:ab:b8:0c:5a:a8:3c:b0:6d:9b:26:ed:a0:0e:be:93:33:ed:
6a:1f:8a:3b:d6:e2:9d:c8:7a:24:7f:72:5b:16:aa:07:5e:ca:
30:ac:47:e6:d8:75:3e:bf:c5:0b:26:dc:c4:24:a8:09:8c:d5:
7b:6c:ff:d3:a8:f7:6c:24:6e:1a:a0:52:c2:c0:8e:95:25:d9:
93:83:fe:5c:ad:ec:d3:44:74:a7:29:57:82:7a:05:5a:85:79:
34:08:50:4c:b4:01:cf:6a:b5:30:9a:82:1b:08:9a:64:87:7a:
af:73:22:41:6e:80:4c:50:ac:73:64:c0:4a:e5:2a:93:fd:c8:
5b:fc:f2:c1:86:4c:0c:1a:33:e3:97:8e:49:4d:00:0f:bc:ca:
36:f3:7b:81:49:73:4c:08:8f:5d:d0:f0:6f:78:8e:a2:bf:c1:
6f:d3:5b:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNPQi7cW6hu6FNjkGcgZIkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YTM0ZGFhYTg4N2Q5OGE1MzQ4YzNhNDYwYTIxZmM4NGUx
MWE0ZTYwHhcNMjUxMTA0MDUwMDM2WhcNMjUxMTA1MDUwMDM2WjAzMTEwLwYDVQQD
EyhkNThlZDgxYTQzOTNlY2ZmMTA4ZmU3YjA0MzczZTczMjUyZWM3YTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFAmDDmCEBuk52w+jubRlgMm9b1n
WzWLmTGXTxWiAg/x8ioE85zFaWIpCZ2eT8JxZzCKnfC3cuSslcdOpIG97YfLCWIn
FKpy1RRzvbRpeaLkRI1AFnK7DN15rd/Gpsbjy/rolyk5K90SIFiFWzStrX3HGvRo
CfDCDVB18CVC2elwenFlm0Xr7vFO8wNS5P80D8jtkdzfw1qSdHad9tB9XHwQ76Op
U3oM6YaCVRZN46hAAPZj9pQaLiBEN+HcUFL9GZ1UBF0LRaemH1pFLrGGxfShE8Wx
O0nSJ+wvoFNYFEsEBqtxk0CkRguk4stcmRDRjkim0WBBpbOQa/NqzTT9AQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNWO2BpDk+z/EI/nsENz5zJS7HpkMB8GA1UdIwQY
MBaAFAijTaqoh9mKU0jDpGCiH8hOEaTmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9mNDMzYzMtMTMyZi00ZDY2LWJkMzAt
YzYyY2YyMGE1ZWM5LzEvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9mNDMzYzMtMTMyZi00ZDY2LWJkMzAtYzYyY2YyMGE1ZWM5
LzEvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMAKZCPDA
oPWY8L/G1yHUMpoeG4KkRejGal4MresJzdpO8O484+IFkWhorK4EfUTKcjx9C8eA
L8EMAlRu/TUn0cHFCmKC1EoliWm1A2bWz6lKio6bagIGvOIKSqu4DFqoPLBtmybt
oA6+kzPtah+KO9binch6JH9yWxaqB17KMKxH5th1Pr/FCybcxCSoCYzVe2z/06j3
bCRuGqBSwsCOlSXZk4P+XK3s00R0pylXgnoFWoV5NAhQTLQBz2q1MJqCGwiaZId6
r3MiQW6ATFCsc2TASuUqk/3IW/zywYZMDBoz45eOSU0AD7zKNvN7gUlzTAiPXdDw
b3iOor/Bb9NbIg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:41:24 2025 by rpki-client