Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/b9e2f7-21dc-42c0-94b0-13c0a633e9f4/1/kGlKYihmrhWO0ofSUz1AuqvqbX0.mft
File: kGlKYihmrhWO0ofSUz1AuqvqbX0.mft (raw, json)
Hash identifier: TM47amS0MtsOSkEeonXds040kkMpGyknNxguHFwRwtE=
Subject key identifier: 64:67:1F:4D:86:6B:09:7C:E3:06:5E:E9:33:27:AA:E8:73:64:59:12
Authority key identifier: 90:69:4A:62:28:66:AE:15:8E:D2:87:D2:53:3D:40:BA:AB:EA:6D:7D
Certificate issuer: /CN=90694a622866ae158ed287d2533d40baabea6d7d
Certificate serial: 019A4F2B3F82E04316CEC1F7A8F19E0E782A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kGlKYihmrhWO0ofSUz1AuqvqbX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/b9e2f7-21dc-42c0-94b0-13c0a633e9f4/1/kGlKYihmrhWO0ofSUz1AuqvqbX0.mft
Manifest number: 0568
Signing time: Tue 04 Nov 2025 14:00:25 +0000
Manifest this update: Tue 04 Nov 2025 14:00:25 +0000
Manifest next update: Wed 05 Nov 2025 14:00:25 +0000
Files and hashes: 1: 9VYK0oHjjTC_b68oAyoNi7RTStA.roa (hash: 95NE4Wq8cotxnefZwzo13t7L9p4u4ZGJ0NIa1wNiJCg=)
2: bq3CHdF3ToMivmK2PU155LcLlRo.roa (hash: E2q6lH9inJ5ZH1jaNhC41RHD+yk7srEkGUdyytaHjj0=)
3: kGlKYihmrhWO0ofSUz1AuqvqbX0.crl (hash: 2QYicHjPtR/sKvcAoDD0+5VrPPRZdW/yyWpr2Bf94Ic=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/b9e2f7-21dc-42c0-94b0-13c0a633e9f4/1/kGlKYihmrhWO0ofSUz1AuqvqbX0.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/b9e2f7-21dc-42c0-94b0-13c0a633e9f4/1/kGlKYihmrhWO0ofSUz1AuqvqbX0.mft
rsync://rpki.ripe.net/repository/DEFAULT/kGlKYihmrhWO0ofSUz1AuqvqbX0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:2b:3f:82:e0:43:16:ce:c1:f7:a8:f1:9e:0e:78:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90694a622866ae158ed287d2533d40baabea6d7d
Validity
Not Before: Nov 4 14:00:25 2025 GMT
Not After : Nov 5 14:00:25 2025 GMT
Subject: CN=64671f4d866b097ce3065ee93327aae873645912
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:fa:7b:f1:db:70:31:34:dd:ae:f7:4d:03:ea:
da:28:3f:d5:fa:d5:9a:82:15:1d:de:44:cc:91:0a:
b5:8b:47:68:8d:0a:86:a4:fb:5e:c9:3a:b1:ca:d2:
1b:66:b7:24:f8:8e:3d:15:10:05:09:d2:a1:52:b2:
bb:8b:5c:e4:42:92:6a:3b:81:9c:07:8a:3f:80:26:
51:1b:6e:9a:a0:6f:1e:b8:be:73:01:d4:9d:9c:67:
e3:36:1d:58:b0:ed:d7:fc:99:d6:36:fc:32:cf:56:
41:f4:0e:fd:d0:1b:9a:cc:39:f3:90:6b:eb:93:a7:
d4:6d:f1:38:44:67:9c:82:7e:88:e7:3e:68:65:bd:
da:e1:05:62:c0:85:40:08:90:38:e7:23:2a:08:96:
6b:c1:4c:13:dc:f6:46:f2:90:96:f4:b0:27:5c:03:
23:5e:f2:dc:46:91:10:49:8f:6b:f9:6e:b2:a1:be:
af:55:5b:ad:76:a5:1d:0c:7b:c4:85:15:a3:60:ab:
3f:c5:e1:a0:a3:f7:7a:08:3a:8e:e2:57:8f:a8:fc:
09:64:15:48:a2:89:e2:f4:0c:be:87:50:5e:4b:a5:
43:68:fd:ef:4c:7f:f4:b8:74:59:ad:91:58:1a:8c:
ee:41:2d:8b:46:9d:47:5d:37:06:15:e0:7d:f3:dc:
df:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:67:1F:4D:86:6B:09:7C:E3:06:5E:E9:33:27:AA:E8:73:64:59:12
X509v3 Authority Key Identifier:
keyid:90:69:4A:62:28:66:AE:15:8E:D2:87:D2:53:3D:40:BA:AB:EA:6D:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kGlKYihmrhWO0ofSUz1AuqvqbX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/b9e2f7-21dc-42c0-94b0-13c0a633e9f4/1/kGlKYihmrhWO0ofSUz1AuqvqbX0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/b9e2f7-21dc-42c0-94b0-13c0a633e9f4/1/kGlKYihmrhWO0ofSUz1AuqvqbX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
27:52:52:69:03:07:c7:49:95:7e:d4:84:a2:46:07:28:43:15:
d4:97:eb:3f:d8:60:a8:94:51:54:4f:ea:83:d6:c7:25:4b:80:
9a:d5:21:7e:6d:e8:77:f9:71:78:6b:f1:60:8b:d8:e0:5c:14:
90:f0:3a:4e:e5:75:aa:b8:fd:f8:b3:d4:09:1d:a5:e9:e4:ce:
6d:57:64:e2:94:74:43:f5:64:19:7d:a6:d7:d3:36:7b:81:8d:
22:df:59:8d:ff:7f:11:4c:d5:65:93:3a:71:4a:60:8f:de:cd:
d0:d7:a7:3c:63:a8:d4:7e:dc:d7:c0:4b:21:7d:2e:56:79:62:
31:af:fb:b9:9a:6d:bf:0e:45:5e:99:47:a5:c3:3c:0d:18:ed:
99:b0:26:0c:ad:91:c4:0c:1c:d6:70:99:25:f5:d3:f2:99:06:
0d:19:c4:af:6d:9e:3a:c5:26:bb:6d:84:63:51:9e:be:26:ba:
37:98:fc:7c:a8:13:e1:e7:f3:a2:c8:a6:ba:13:42:3f:ff:bd:
77:6e:c0:97:ba:c4:37:e0:77:b6:6f:ab:b8:73:3e:6d:4b:43:
3a:88:8a:bb:85:fa:85:e5:60:aa:26:58:63:e2:2e:bd:c1:80:
a2:fc:4a:05:5f:79:d3:28:c4:9c:03:12:57:19:3d:3e:6a:09:
ae:36:8a:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPKz+C4EMWzsH3qPGeDngqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNjk0YTYyMjg2NmFlMTU4ZWQyODdkMjUzM2Q0MGJhYWJl
YTZkN2QwHhcNMjUxMTA0MTQwMDI1WhcNMjUxMTA1MTQwMDI1WjAzMTEwLwYDVQQD
Eyg2NDY3MWY0ZDg2NmIwOTdjZTMwNjVlZTkzMzI3YWFlODczNjQ1OTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/p78dtwMTTdrvdNA+raKD/V+tWa
ghUd3kTMkQq1i0dojQqGpPteyTqxytIbZrck+I49FRAFCdKhUrK7i1zkQpJqO4Gc
B4o/gCZRG26aoG8euL5zAdSdnGfjNh1YsO3X/JnWNvwyz1ZB9A790BuazDnzkGvr
k6fUbfE4RGecgn6I5z5oZb3a4QViwIVACJA45yMqCJZrwUwT3PZG8pCW9LAnXAMj
XvLcRpEQSY9r+W6yob6vVVutdqUdDHvEhRWjYKs/xeGgo/d6CDqO4lePqPwJZBVI
ooni9Ay+h1BeS6VDaP3vTH/0uHRZrZFYGozuQS2LRp1HXTcGFeB989zfdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGRnH02Gawl84wZe6TMnquhzZFkSMB8GA1UdIwQY
MBaAFJBpSmIoZq4VjtKH0lM9QLqr6m19MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0dsS1lpaG1yaFdPMG9mU1V6MUF1cXZxYlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9iOWUyZjctMjFkYy00MmMwLTk0YjAt
MTNjMGE2MzNlOWY0LzEva0dsS1lpaG1yaFdPMG9mU1V6MUF1cXZxYlgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9iOWUyZjctMjFkYy00MmMwLTk0YjAtMTNjMGE2MzNlOWY0
LzEva0dsS1lpaG1yaFdPMG9mU1V6MUF1cXZxYlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ1JSaQMH
x0mVftSEokYHKEMV1JfrP9hgqJRRVE/qg9bHJUuAmtUhfm3od/lxeGvxYIvY4FwU
kPA6TuV1qrj9+LPUCR2l6eTObVdk4pR0Q/VkGX2m19M2e4GNIt9Zjf9/EUzVZZM6
cUpgj97N0NenPGOo1H7c18BLIX0uVnliMa/7uZptvw5FXplHpcM8DRjtmbAmDK2R
xAwc1nCZJfXT8pkGDRnEr22eOsUmu22EY1Gevia6N5j8fKgT4efzosimuhNCP/+9
d27Al7rEN+B3tm+ruHM+bUtDOoiKu4X6heVgqiZYY+IuvcGAovxKBV950yjEnAMS
Vxk9PmoJrjaKYQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:34:28 2025 by rpki-client