Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
File: kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft (raw, json)
Hash identifier: 7vdiuy12T70kQj2QZjXbxriQerZhjO9o8WLPMlT08w0=
Subject key identifier: A2:C3:9F:1F:2F:EC:36:E7:60:A8:51:95:A0:DC:CB:7A:13:A2:A9:B8
Authority key identifier: 91:DD:0E:48:D9:01:1A:DF:37:66:65:AD:4D:62:CF:31:CE:63:05:8C
Certificate issuer: /CN=91dd0e48d9011adf376665ad4d62cf31ce63058c
Certificate serial: 019A4E18B08F94FD647E71FB6CA315EAE6EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
Manifest number: 0E2C
Signing time: Tue 04 Nov 2025 09:00:32 +0000
Manifest this update: Tue 04 Nov 2025 09:00:32 +0000
Manifest next update: Wed 05 Nov 2025 09:00:32 +0000
Files and hashes: 1: O0T2HbDDLXToVBgQvakFVm0WBM8.roa (hash: j4M5mhMKjocJHlnRMyKx/Jo55Alu9WqNqQzzA+GKZ+8=)
2: WPrYk3ZFYryhbXNF2_g_QVCy5G0.roa (hash: 1/VFn2v02knd9dSenNmn42s5XXg6Yfw+0bFY3ogbnpY=)
3: kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl (hash: FuY7gEueK1uSK2SZi/k2jbNc9oyNIntLvsupkgJqQ2g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:18:b0:8f:94:fd:64:7e:71:fb:6c:a3:15:ea:e6:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91dd0e48d9011adf376665ad4d62cf31ce63058c
Validity
Not Before: Nov 4 09:00:32 2025 GMT
Not After : Nov 5 09:00:32 2025 GMT
Subject: CN=a2c39f1f2fec36e760a85195a0dccb7a13a2a9b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c1:ee:05:f6:c1:d6:e8:ac:8f:2a:76:7b:95:
78:60:f9:65:eb:da:ee:2f:23:a3:b5:cd:90:4b:98:
7b:4d:bb:3e:1f:74:49:39:b8:b6:19:aa:49:f3:c6:
25:4a:8f:f3:63:9b:db:3a:dd:7e:04:65:c9:bb:91:
33:b7:ab:53:09:44:32:1a:60:b9:24:59:6f:cd:80:
ee:a9:56:24:12:9a:a7:5d:12:ff:53:c3:43:61:78:
c1:d1:78:07:6b:ed:a4:3d:19:ef:d2:74:4b:48:7a:
e5:9a:45:c8:10:c5:ee:3a:2b:2b:c4:a3:83:a9:1b:
04:86:43:f2:b7:04:3f:07:6a:a6:7a:ee:8b:fc:fc:
06:2b:1b:f9:27:1a:17:ab:9d:bb:76:db:54:48:d9:
7a:c1:98:ff:ce:39:a3:02:e1:a9:f7:a8:ac:28:a1:
4d:58:0f:12:bd:6a:ff:99:32:a4:2c:e7:fc:a2:b7:
13:28:43:81:9c:16:98:62:54:14:09:91:e7:13:0a:
e3:d5:fd:58:02:13:3e:dc:e6:d4:2f:b3:64:3d:5b:
0f:f9:e0:ee:49:33:33:3b:3d:d9:d3:53:ca:54:97:
06:44:07:44:f3:3c:33:3c:4e:52:91:48:9a:b1:61:
9f:ce:5f:e0:54:12:55:55:fb:84:53:9e:95:89:a7:
fa:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:C3:9F:1F:2F:EC:36:E7:60:A8:51:95:A0:DC:CB:7A:13:A2:A9:B8
X509v3 Authority Key Identifier:
keyid:91:DD:0E:48:D9:01:1A:DF:37:66:65:AD:4D:62:CF:31:CE:63:05:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
71:6e:10:72:3f:92:06:9e:aa:a1:e6:78:b1:3b:b9:d8:7c:51:
13:39:84:98:38:2b:76:45:66:1b:c5:a9:03:02:28:03:0d:e1:
cb:3d:4c:cf:0b:a4:75:17:01:9f:24:5c:c4:56:ff:d1:6e:1d:
9b:12:a9:54:6e:46:60:0a:27:4d:6a:66:31:89:6e:40:45:71:
b3:3a:68:f0:85:83:8b:ad:2a:0c:19:12:ad:cf:4c:e1:e9:be:
6d:f7:53:72:3a:ac:71:28:9b:65:ed:a3:a5:0d:24:73:c0:13:
11:2d:ca:60:32:43:25:f1:0a:54:ad:35:52:d0:c0:f1:0c:83:
fb:0b:f7:e2:6b:59:6d:e4:0e:90:91:d8:cc:fe:9e:58:2d:1b:
cc:69:ed:a3:e7:38:1d:9b:d8:5d:74:91:98:cf:06:b8:bc:26:
2b:53:79:23:22:9f:66:3c:12:4b:3f:d7:70:36:67:b1:7a:da:
62:07:6e:c5:67:96:32:ac:43:af:d5:24:42:28:ab:5a:bc:1f:
45:24:64:ec:68:f2:83:72:60:09:6a:ec:3f:46:28:02:e1:3e:
d4:33:eb:2b:63:3c:7c:8d:8f:0f:1b:69:fb:69:f8:59:b5:8d:
55:75:0b:a5:40:42:b2:ac:d3:06:41:39:f0:d1:d9:45:3c:96:
ed:c2:44:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGLCPlP1kfnH7bKMV6ubuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZGQwZTQ4ZDkwMTFhZGYzNzY2NjVhZDRkNjJjZjMxY2U2
MzA1OGMwHhcNMjUxMTA0MDkwMDMyWhcNMjUxMTA1MDkwMDMyWjAzMTEwLwYDVQQD
EyhhMmMzOWYxZjJmZWMzNmU3NjBhODUxOTVhMGRjY2I3YTEzYTJhOWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsHuBfbB1uisjyp2e5V4YPll69ru
LyOjtc2QS5h7Tbs+H3RJObi2GapJ88YlSo/zY5vbOt1+BGXJu5Ezt6tTCUQyGmC5
JFlvzYDuqVYkEpqnXRL/U8NDYXjB0XgHa+2kPRnv0nRLSHrlmkXIEMXuOisrxKOD
qRsEhkPytwQ/B2qmeu6L/PwGKxv5JxoXq527dttUSNl6wZj/zjmjAuGp96isKKFN
WA8SvWr/mTKkLOf8orcTKEOBnBaYYlQUCZHnEwrj1f1YAhM+3ObUL7NkPVsP+eDu
STMzOz3Z01PKVJcGRAdE8zwzPE5SkUiasWGfzl/gVBJVVfuEU56Viaf6ewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKLDnx8v7DbnYKhRlaDcy3oToqm4MB8GA1UdIwQY
MBaAFJHdDkjZARrfN2ZlrU1izzHOYwWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8xZTlkMDQtZDk0Zi00ZjEzLWJlM2Mt
MTBmMzRmNTU4MzYzLzEva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8xZTlkMDQtZDk0Zi00ZjEzLWJlM2MtMTBmMzRmNTU4MzYz
LzEva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcW4Qcj+S
Bp6qoeZ4sTu52HxREzmEmDgrdkVmG8WpAwIoAw3hyz1MzwukdRcBnyRcxFb/0W4d
mxKpVG5GYAonTWpmMYluQEVxszpo8IWDi60qDBkSrc9M4em+bfdTcjqscSibZe2j
pQ0kc8ATES3KYDJDJfEKVK01UtDA8QyD+wv34mtZbeQOkJHYzP6eWC0bzGnto+c4
HZvYXXSRmM8GuLwmK1N5IyKfZjwSSz/XcDZnsXraYgduxWeWMqxDr9UkQiirWrwf
RSRk7Gjyg3JgCWrsP0YoAuE+1DPrK2M8fI2PDxtp+2n4WbWNVXULpUBCsqzTBkE5
8NHZRTyW7cJE+Q==
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:58:25 2025 by rpki-client