Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft
File: 0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft (raw, json)
Hash identifier: TFyWLQcP6llymRk97AbOrhU0G8iLgRPnOeNNwZW3aew=
Subject key identifier: 65:14:84:97:26:4C:D3:8B:07:B8:7C:1B:43:40:0D:59:55:00:47:8C
Authority key identifier: D2:48:18:59:56:E4:43:B5:5B:06:22:00:F9:64:53:7B:C1:0B:C1:30
Certificate issuer: /CN=d248185956e443b55b062200f964537bc10bc130
Certificate serial: 019A4D3CB8B8B8497BF3F9BC1955ED7AFCA4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft
Manifest number: 037B
Signing time: Tue 04 Nov 2025 05:00:16 +0000
Manifest this update: Tue 04 Nov 2025 05:00:16 +0000
Manifest next update: Wed 05 Nov 2025 05:00:16 +0000
Files and hashes: 1: 0kgYWVbkQ7VbBiIA-WRTe8ELwTA.crl (hash: MttLeMwiHrj8lQYc1IoU5W3USvV9CCrUvDj/h2r+Utw=)
2: _O0LKSVD2FWQH20B8h-W2BSyf7E.roa (hash: /osVaD1xwsZSvzrjM1Npx7gTyOHOWobbSsuEq9U9lZY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft
rsync://rpki.ripe.net/repository/DEFAULT/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 05:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:3c:b8:b8:b8:49:7b:f3:f9:bc:19:55:ed:7a:fc:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d248185956e443b55b062200f964537bc10bc130
Validity
Not Before: Nov 4 05:00:16 2025 GMT
Not After : Nov 5 05:00:16 2025 GMT
Subject: CN=65148497264cd38b07b87c1b43400d595500478c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b6:97:01:8f:d7:6d:bd:81:1c:de:1d:e6:48:
da:1f:da:c4:e2:3d:6e:01:4e:02:9a:9b:e9:71:88:
06:fa:79:76:18:26:8c:2a:f5:48:95:02:fc:ba:f6:
e2:0c:05:fc:29:05:7c:39:d3:59:a6:e1:d1:43:f5:
ce:c1:86:78:0b:54:eb:f8:81:86:9f:39:34:2a:92:
97:71:97:fc:83:ef:36:d0:15:c5:3d:a7:bc:32:7d:
05:5d:2b:22:f1:da:59:9c:6c:57:eb:41:fd:ad:66:
0f:4f:fa:32:3b:96:9a:a3:46:97:fb:6d:36:15:48:
0b:9d:8a:9f:46:75:e8:4d:8e:2d:3a:92:f5:1c:52:
65:45:f3:08:45:f2:fd:15:8d:c1:7a:85:76:45:ef:
6d:af:c0:de:d3:1a:3e:c9:dc:ba:b4:16:07:87:a2:
14:b8:0f:e4:45:c7:7c:f8:59:12:7f:a5:b1:34:cd:
ee:d9:5c:7e:f1:ac:56:95:fa:f8:9b:d5:0e:c6:b0:
2c:61:43:dd:82:ee:75:3a:5f:dd:d8:cc:61:bc:a3:
5b:c1:8a:4f:f4:45:27:4f:36:f7:33:93:28:b7:70:
1e:ff:d4:72:7b:4c:69:6e:8e:2a:d0:64:72:d5:89:
ab:91:5f:05:5d:a4:8a:25:bf:18:cb:3c:fa:a1:cb:
cc:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:14:84:97:26:4C:D3:8B:07:B8:7C:1B:43:40:0D:59:55:00:47:8C
X509v3 Authority Key Identifier:
keyid:D2:48:18:59:56:E4:43:B5:5B:06:22:00:F9:64:53:7B:C1:0B:C1:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c0:f6:20:7b:82:ef:bc:ac:f9:7f:ca:f0:58:c8:e2:0a:e2:a8:
ee:65:d8:ea:d1:ea:1b:48:a2:ef:fc:a8:2f:2f:48:d8:11:8c:
42:2a:84:50:d0:3c:18:31:22:fe:66:11:6b:83:5f:2a:f2:a9:
76:45:1b:94:fe:1f:fc:fe:a3:87:1a:68:cd:c8:1f:84:b8:55:
db:cc:f1:64:35:d6:e8:56:d8:f6:79:25:92:57:c5:ff:58:4c:
d4:8b:33:bc:4a:71:b4:2f:c1:0c:a3:c6:f2:ac:2f:f6:73:4b:
69:a5:f6:dc:4d:4b:bb:ba:41:da:ba:be:5d:7b:cc:84:19:39:
d5:e9:e6:88:4e:af:af:d8:89:84:a6:28:5a:bb:2d:9f:5a:8e:
47:c4:a4:22:a6:88:93:11:75:f3:89:79:e1:1c:bc:1b:11:76:
a3:1f:51:47:c8:06:7a:e8:65:50:c2:2c:5c:d5:85:5a:03:e6:
b9:4e:52:92:33:6c:7c:6f:01:be:36:52:8d:c5:90:5e:5d:b0:
84:c2:28:d8:9b:1b:f8:76:32:2d:22:7d:b3:32:91:d2:ea:cf:
8a:f7:b6:21:bd:05:16:a4:2b:35:20:d3:92:01:72:b3:33:80:
e1:bb:61:24:79:b0:62:9e:25:a4:15:5c:b6:69:4c:8d:bc:29:
52:d3:5f:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNPLi4uEl78/m8GVXtevykMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNDgxODU5NTZlNDQzYjU1YjA2MjIwMGY5NjQ1MzdiYzEw
YmMxMzAwHhcNMjUxMTA0MDUwMDE2WhcNMjUxMTA1MDUwMDE2WjAzMTEwLwYDVQQD
Eyg2NTE0ODQ5NzI2NGNkMzhiMDdiODdjMWI0MzQwMGQ1OTU1MDA0NzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobaXAY/Xbb2BHN4d5kjaH9rE4j1u
AU4CmpvpcYgG+nl2GCaMKvVIlQL8uvbiDAX8KQV8OdNZpuHRQ/XOwYZ4C1Tr+IGG
nzk0KpKXcZf8g+820BXFPae8Mn0FXSsi8dpZnGxX60H9rWYPT/oyO5aao0aX+202
FUgLnYqfRnXoTY4tOpL1HFJlRfMIRfL9FY3BeoV2Re9tr8De0xo+ydy6tBYHh6IU
uA/kRcd8+FkSf6WxNM3u2Vx+8axWlfr4m9UOxrAsYUPdgu51Ol/d2MxhvKNbwYpP
9EUnTzb3M5Mot3Ae/9Rye0xpbo4q0GRy1YmrkV8FXaSKJb8Yyzz6ocvM9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGUUhJcmTNOLB7h8G0NADVlVAEeMMB8GA1UdIwQY
MBaAFNJIGFlW5EO1WwYiAPlkU3vBC8EwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGtnWVdWYmtRN1ZiQmlJQS1XUlRlOEVMd1RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZTg3NWEtMDU3Ni00YTE1LWJlMjMt
YWVhMDU0Y2Y0M2JiLzEvMGtnWVdWYmtRN1ZiQmlJQS1XUlRlOEVMd1RBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZTg3NWEtMDU3Ni00YTE1LWJlMjMtYWVhMDU0Y2Y0M2Ji
LzEvMGtnWVdWYmtRN1ZiQmlJQS1XUlRlOEVMd1RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwPYge4Lv
vKz5f8rwWMjiCuKo7mXY6tHqG0ii7/yoLy9I2BGMQiqEUNA8GDEi/mYRa4NfKvKp
dkUblP4f/P6jhxpozcgfhLhV28zxZDXW6FbY9nklklfF/1hM1IszvEpxtC/BDKPG
8qwv9nNLaaX23E1Lu7pB2rq+XXvMhBk51enmiE6vr9iJhKYoWrstn1qOR8SkIqaI
kxF184l54Ry8GxF2ox9RR8gGeuhlUMIsXNWFWgPmuU5SkjNsfG8BvjZSjcWQXl2w
hMIo2Jsb+HYyLSJ9szKR0urPive2Ib0FFqQrNSDTkgFyszOA4bthJHmwYp4lpBVc
tmlMjbwpUtNf0Q==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:59:04 2025 by rpki-client