Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/1e7d2e-1a62-4421-b71b-b119274ad654/1/kOszbVYE1HuugXI4sNu0l3HiRyk.mft
File: kOszbVYE1HuugXI4sNu0l3HiRyk.mft (raw, json)
Hash identifier: gpANNvVDpdcBcutFlQJ+B6Fx57dX2OjJi62gVmt1Ob0=
Subject key identifier: 4C:62:9D:5D:ED:10:E8:07:30:6D:88:FB:A4:3C:AC:F5:73:C3:26:AB
Authority key identifier: 90:EB:33:6D:56:04:D4:7B:AE:81:72:38:B0:DB:B4:97:71:E2:47:29
Certificate issuer: /CN=90eb336d5604d47bae817238b0dbb49771e24729
Certificate serial: 019A4E18936E679E8C8D6324982C924FEEE3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kOszbVYE1HuugXI4sNu0l3HiRyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/1e7d2e-1a62-4421-b71b-b119274ad654/1/kOszbVYE1HuugXI4sNu0l3HiRyk.mft
Manifest number: 170D
Signing time: Tue 04 Nov 2025 09:00:24 +0000
Manifest this update: Tue 04 Nov 2025 09:00:24 +0000
Manifest next update: Wed 05 Nov 2025 09:00:24 +0000
Files and hashes: 1: kOszbVYE1HuugXI4sNu0l3HiRyk.crl (hash: VMBWO2jIAQa5UEICSgetRxY3b20WnIpzxtPmvKyS5tU=)
2: nHFDaIILOdTjKywJ536u2NbijQ4.roa (hash: GZUS5OKqPLBVaLkWEyB2Ce3k2q8gf8Rj7vaTEKCevNk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/1e7d2e-1a62-4421-b71b-b119274ad654/1/kOszbVYE1HuugXI4sNu0l3HiRyk.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/1e7d2e-1a62-4421-b71b-b119274ad654/1/kOszbVYE1HuugXI4sNu0l3HiRyk.mft
rsync://rpki.ripe.net/repository/DEFAULT/kOszbVYE1HuugXI4sNu0l3HiRyk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:18:93:6e:67:9e:8c:8d:63:24:98:2c:92:4f:ee:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90eb336d5604d47bae817238b0dbb49771e24729
Validity
Not Before: Nov 4 09:00:24 2025 GMT
Not After : Nov 5 09:00:24 2025 GMT
Subject: CN=4c629d5ded10e807306d88fba43cacf573c326ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:9e:85:05:80:b2:07:81:e9:98:cc:29:40:68:
f6:20:56:e8:e2:e3:7e:40:79:a4:cb:df:8d:cf:75:
8f:a7:38:7c:b0:8c:56:76:c6:5b:62:5a:56:dc:ce:
f1:8c:a2:00:c0:02:9f:86:65:c0:08:bf:74:80:e8:
04:33:71:a0:f7:fe:24:29:3b:d1:39:e0:12:c4:77:
fe:f3:9b:6f:10:30:f3:86:0f:7d:19:b9:f7:4e:97:
7d:4f:be:07:b6:5b:4e:e0:11:f3:32:66:52:4a:52:
9c:2a:ba:6c:a1:d0:4f:1f:77:ce:66:07:4b:62:ae:
06:cb:1d:28:38:e9:9c:77:12:f9:65:b1:fe:da:15:
dd:f0:bb:8a:6b:89:8b:6d:32:b7:c0:87:57:b5:ca:
ba:e5:de:cf:87:32:8a:d0:a0:6c:31:d7:c4:c2:f9:
57:d1:aa:96:2e:7e:ab:40:04:d2:1c:88:3b:ec:4a:
53:f6:65:4f:c2:92:28:14:5a:9a:ad:de:c6:10:ad:
06:49:ce:f3:89:bf:d5:8f:48:af:1d:00:09:74:18:
7f:6b:3d:46:28:2f:0c:8c:8e:f1:5c:6b:8c:0f:63:
80:20:5b:62:35:22:35:d5:48:12:83:be:a2:c9:09:
20:e4:93:48:d1:3d:4c:4e:21:61:d5:c8:1f:b4:a2:
25:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:62:9D:5D:ED:10:E8:07:30:6D:88:FB:A4:3C:AC:F5:73:C3:26:AB
X509v3 Authority Key Identifier:
keyid:90:EB:33:6D:56:04:D4:7B:AE:81:72:38:B0:DB:B4:97:71:E2:47:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kOszbVYE1HuugXI4sNu0l3HiRyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1e7d2e-1a62-4421-b71b-b119274ad654/1/kOszbVYE1HuugXI4sNu0l3HiRyk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1e7d2e-1a62-4421-b71b-b119274ad654/1/kOszbVYE1HuugXI4sNu0l3HiRyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3b:c0:91:ef:d7:a0:d6:a5:c0:a2:9b:77:f7:a6:98:29:53:f3:
94:f8:d8:17:dc:aa:bc:7e:be:fa:f0:ad:a2:fd:7a:cf:00:4f:
b3:20:e3:18:f9:23:83:e3:8f:ba:30:b0:99:89:8d:34:36:14:
40:02:55:bd:42:06:78:4f:66:83:b6:e4:1c:80:12:b5:18:c0:
ad:ae:71:42:d9:a1:fc:cc:ee:e0:ca:8e:b3:fc:70:b8:5f:c3:
dc:f0:22:ce:31:c7:d9:7c:ab:c4:01:eb:de:0d:a0:0b:e1:34:
0e:2c:ea:b2:ce:63:cf:9d:38:f2:c7:bc:10:21:7f:23:8f:f1:
94:91:3f:ab:9d:8d:8b:d7:07:43:ba:3e:02:da:2b:bd:1e:4e:
1a:de:a7:18:4d:ba:90:32:0d:b5:40:f6:1a:8f:98:48:f0:2b:
0a:dc:39:e6:1e:ad:13:37:5a:33:a2:d0:7a:b8:16:49:1d:b8:
30:fc:0a:81:ac:a4:ea:41:7e:89:ac:8d:57:c1:1d:e6:ea:2d:
bb:cc:be:e6:46:f9:77:de:29:57:2a:53:63:6a:3b:fc:20:5f:
19:9a:57:26:06:d9:74:ac:c4:55:09:3f:24:08:d9:1e:0e:ca:
2d:be:a6:e0:8e:11:09:27:1c:26:ab:93:2f:d4:2a:c8:fd:f1:
a5:24:dd:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGJNuZ56MjWMkmCyST+7jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZWIzMzZkNTYwNGQ0N2JhZTgxNzIzOGIwZGJiNDk3NzFl
MjQ3MjkwHhcNMjUxMTA0MDkwMDI0WhcNMjUxMTA1MDkwMDI0WjAzMTEwLwYDVQQD
Eyg0YzYyOWQ1ZGVkMTBlODA3MzA2ZDg4ZmJhNDNjYWNmNTczYzMyNmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZ6FBYCyB4HpmMwpQGj2IFbo4uN+
QHmky9+Nz3WPpzh8sIxWdsZbYlpW3M7xjKIAwAKfhmXACL90gOgEM3Gg9/4kKTvR
OeASxHf+85tvEDDzhg99Gbn3Tpd9T74HtltO4BHzMmZSSlKcKrpsodBPH3fOZgdL
Yq4Gyx0oOOmcdxL5ZbH+2hXd8LuKa4mLbTK3wIdXtcq65d7PhzKK0KBsMdfEwvlX
0aqWLn6rQATSHIg77EpT9mVPwpIoFFqard7GEK0GSc7zib/Vj0ivHQAJdBh/az1G
KC8MjI7xXGuMD2OAIFtiNSI11UgSg76iyQkg5JNI0T1MTiFh1cgftKIl/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFExinV3tEOgHMG2I+6Q8rPVzwyarMB8GA1UdIwQY
MBaAFJDrM21WBNR7roFyOLDbtJdx4kcpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva09zemJWWUUxSHV1Z1hJNHNOdTBsM0hpUnlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xZTdkMmUtMWE2Mi00NDIxLWI3MWIt
YjExOTI3NGFkNjU0LzEva09zemJWWUUxSHV1Z1hJNHNOdTBsM0hpUnlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8xZTdkMmUtMWE2Mi00NDIxLWI3MWItYjExOTI3NGFkNjU0
LzEva09zemJWWUUxSHV1Z1hJNHNOdTBsM0hpUnlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO8CR79eg
1qXAopt396aYKVPzlPjYF9yqvH6++vCtov16zwBPsyDjGPkjg+OPujCwmYmNNDYU
QAJVvUIGeE9mg7bkHIAStRjAra5xQtmh/Mzu4MqOs/xwuF/D3PAizjHH2XyrxAHr
3g2gC+E0Dizqss5jz5048se8ECF/I4/xlJE/q52Ni9cHQ7o+AtorvR5OGt6nGE26
kDINtUD2Go+YSPArCtw55h6tEzdaM6LQergWSR24MPwKgayk6kF+iayNV8Ed5uot
u8y+5kb5d94pVypTY2o7/CBfGZpXJgbZdKzEVQk/JAjZHg7KLb6m4I4RCSccJquT
L9QqyP3xpSTdgA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:15:19 2025 by rpki-client