Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.mft
File: rKKhlS5xiUSkBDSg6-__2iv-7V8.mft (raw, json)
Hash identifier: +HVUvK2MbSuZP4MkBDRLedHKy7EtMhD99HrE5CXevGQ=
Subject key identifier: E4:E4:47:6F:43:1C:70:46:E3:DB:B7:75:13:99:9D:2C:83:3E:C8:F6
Authority key identifier: AC:A2:A1:95:2E:71:89:44:A4:04:34:A0:EB:EF:FF:DA:2B:FE:ED:5F
Certificate issuer: /CN=aca2a1952e718944a40434a0ebefffda2bfeed5f
Certificate serial: 019A50074075EB6218AB06F75A749E98C7F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKKhlS5xiUSkBDSg6-__2iv-7V8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.mft
Manifest number: 13CA
Signing time: Tue 04 Nov 2025 18:00:43 +0000
Manifest this update: Tue 04 Nov 2025 18:00:43 +0000
Manifest next update: Wed 05 Nov 2025 18:00:43 +0000
Files and hashes: 1: mN-Gq3CnQOseJQb6vbylzDVdWSg.roa (hash: fOE9ILnEXk1PyxS5P7XqjGQMPFnkivt3IHprv8lvkaM=)
2: rKKhlS5xiUSkBDSg6-__2iv-7V8.crl (hash: JezMjbGdUdgnJ8BWKx1FiU0aoHmzjjd3Vf+ml2UK/+4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKKhlS5xiUSkBDSg6-__2iv-7V8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:07:40:75:eb:62:18:ab:06:f7:5a:74:9e:98:c7:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca2a1952e718944a40434a0ebefffda2bfeed5f
Validity
Not Before: Nov 4 18:00:43 2025 GMT
Not After : Nov 5 18:00:43 2025 GMT
Subject: CN=e4e4476f431c7046e3dbb77513999d2c833ec8f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:3d:5c:9e:d8:d9:ef:06:09:bf:b7:ac:79:ed:
d1:ed:43:24:3f:dd:20:3e:d7:3a:b2:b1:08:b7:f6:
ab:8a:14:f6:39:03:f5:01:80:fd:d7:0a:16:ae:2b:
d7:97:70:13:9b:77:56:b0:99:5b:25:48:5e:7e:31:
84:98:90:cd:74:f5:ac:40:45:00:63:1d:09:b8:2f:
a1:da:ec:32:e9:73:4d:9a:41:8e:91:f6:f1:6a:b3:
d7:93:02:14:82:a7:31:ef:4d:0a:ea:36:5e:6e:56:
6d:04:01:6a:30:6b:aa:98:8d:66:eb:8f:3d:5a:37:
e8:22:c3:fb:53:5d:83:58:25:b7:d2:15:7f:58:8e:
38:95:2b:96:63:6a:60:bc:f3:9f:45:63:f6:50:f2:
10:41:be:f2:a0:e3:42:6b:a5:90:73:35:cb:29:cd:
97:3d:af:27:e6:9f:8d:b3:f3:22:fc:e0:4e:d2:98:
ff:3c:32:f2:ac:db:a9:0f:da:c1:c9:25:7e:2b:3c:
2d:c7:91:08:42:40:5c:c9:07:aa:d3:19:39:bc:47:
e9:da:78:a7:1c:95:76:0a:57:1e:2e:b1:2d:88:fc:
da:f4:99:96:6a:9f:5b:33:1a:01:a7:55:60:85:4b:
28:79:92:7e:6f:d6:96:db:21:18:a5:b0:9c:8d:64:
36:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:E4:47:6F:43:1C:70:46:E3:DB:B7:75:13:99:9D:2C:83:3E:C8:F6
X509v3 Authority Key Identifier:
keyid:AC:A2:A1:95:2E:71:89:44:A4:04:34:A0:EB:EF:FF:DA:2B:FE:ED:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKKhlS5xiUSkBDSg6-__2iv-7V8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3f:3c:4c:5e:14:fa:d6:c4:4c:ad:1b:22:d8:9d:22:4f:c9:34:
04:2a:22:9f:92:36:d6:c2:f2:64:80:4e:00:7b:45:ec:d4:92:
22:2a:87:cf:63:2a:05:b6:b9:b7:b8:ba:99:0e:fc:da:d9:b8:
3a:a5:e7:b3:0f:22:df:1b:2b:d8:8e:76:5e:bd:ec:57:53:18:
a0:0a:7e:3d:29:d7:f8:89:d0:a0:79:81:51:6f:cc:a2:80:bb:
9f:eb:68:b2:d8:04:32:b3:2d:9f:81:62:a3:16:b0:b7:6c:c7:
63:4a:f3:b6:58:14:04:a8:3d:de:51:e0:8a:44:84:72:2a:a8:
29:d6:8c:ff:35:88:e5:36:2f:c4:89:88:49:b0:7a:35:35:a3:
90:30:97:3a:c6:7f:cc:51:bd:21:43:4c:a6:80:d9:d3:7a:8d:
f5:46:45:bd:cd:94:d8:4b:4c:3d:23:9a:cc:ca:c4:66:06:82:
5c:71:f1:c9:98:a7:f0:ef:12:99:f0:69:03:8c:f2:cc:fb:81:
7c:3f:d7:53:10:91:c8:4b:5c:f3:33:7b:16:18:52:db:58:85:
b2:cc:aa:d0:fa:6e:a0:9f:2a:e8:59:35:82:2c:3a:9a:dd:28:
44:11:b7:ed:a3:20:a3:fe:e5:03:72:39:72:29:08:e1:81:bf:
d0:ba:d2:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQB0B162IYqwb3WnSemMf4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTJhMTk1MmU3MTg5NDRhNDA0MzRhMGViZWZmZmRhMmJm
ZWVkNWYwHhcNMjUxMTA0MTgwMDQzWhcNMjUxMTA1MTgwMDQzWjAzMTEwLwYDVQQD
EyhlNGU0NDc2ZjQzMWM3MDQ2ZTNkYmI3NzUxMzk5OWQyYzgzM2VjOGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4T1cntjZ7wYJv7esee3R7UMkP90g
Ptc6srEIt/arihT2OQP1AYD91woWrivXl3ATm3dWsJlbJUhefjGEmJDNdPWsQEUA
Yx0JuC+h2uwy6XNNmkGOkfbxarPXkwIUgqcx700K6jZeblZtBAFqMGuqmI1m6489
WjfoIsP7U12DWCW30hV/WI44lSuWY2pgvPOfRWP2UPIQQb7yoONCa6WQczXLKc2X
Pa8n5p+Ns/Mi/OBO0pj/PDLyrNupD9rBySV+Kzwtx5EIQkBcyQeq0xk5vEfp2nin
HJV2ClceLrEtiPza9JmWap9bMxoBp1VghUsoeZJ+b9aW2yEYpbCcjWQ2SQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOTkR29DHHBG49u3dROZnSyDPsj2MB8GA1UdIwQY
MBaAFKyioZUucYlEpAQ0oOvv/9or/u1fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktLaGxTNXhpVVNrQkRTZzYtX18yaXYtN1Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9hMjY0YTgtYTY2Ni00Yzg3LTg1MWMt
YWRhMjRlZjMxMGNhLzEvcktLaGxTNXhpVVNrQkRTZzYtX18yaXYtN1Y4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9hMjY0YTgtYTY2Ni00Yzg3LTg1MWMtYWRhMjRlZjMxMGNh
LzEvcktLaGxTNXhpVVNrQkRTZzYtX18yaXYtN1Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPzxMXhT6
1sRMrRsi2J0iT8k0BCoin5I21sLyZIBOAHtF7NSSIiqHz2MqBba5t7i6mQ782tm4
OqXnsw8i3xsr2I52Xr3sV1MYoAp+PSnX+InQoHmBUW/MooC7n+tostgEMrMtn4Fi
oxawt2zHY0rztlgUBKg93lHgikSEciqoKdaM/zWI5TYvxImISbB6NTWjkDCXOsZ/
zFG9IUNMpoDZ03qN9UZFvc2U2EtMPSOazMrEZgaCXHHxyZin8O8SmfBpA4zyzPuB
fD/XUxCRyEtc8zN7FhhS21iFssyq0PpuoJ8q6Fk1giw6mt0oRBG37aMgo/7lA3I5
cikI4YG/0LrSFg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 23:57:23 2025 by rpki-client