Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.mft
File: gKkhQIQztm6lCkAAqs4Q0q3QaoU.mft (raw, json)
Hash identifier: L6Xpnv623ODRGHLdaEJNDDP7iv/8gjtt/UjebCwh+Yo=
Subject key identifier: EC:5B:D4:1A:B1:A6:29:F0:A8:26:78:91:49:4D:3C:F2:CA:1C:2F:11
Authority key identifier: 80:A9:21:40:84:33:B6:6E:A5:0A:40:00:AA:CE:10:D2:AD:D0:6A:85
Certificate issuer: /CN=80a921408433b66ea50a4000aace10d2add06a85
Certificate serial: 019A4F61FC8AD9509F1611B19A8BDAC2B6F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gKkhQIQztm6lCkAAqs4Q0q3QaoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.mft
Manifest number: 0565
Signing time: Tue 04 Nov 2025 15:00:12 +0000
Manifest this update: Tue 04 Nov 2025 15:00:12 +0000
Manifest next update: Wed 05 Nov 2025 15:00:12 +0000
Files and hashes: 1: gKkhQIQztm6lCkAAqs4Q0q3QaoU.crl (hash: Haoll4JtgZnYazEwxsN6xWGFV1aQ+7k5bhOG31FZloM=)
2: knOts_9A8gA0IVqYk7a99kaTuRI.roa (hash: kCE50cAQS4imaI4wXAlSfVZnkYJchZQUkd+tGc4tAWc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.mft
rsync://rpki.ripe.net/repository/DEFAULT/gKkhQIQztm6lCkAAqs4Q0q3QaoU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 15:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:61:fc:8a:d9:50:9f:16:11:b1:9a:8b:da:c2:b6:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80a921408433b66ea50a4000aace10d2add06a85
Validity
Not Before: Nov 4 15:00:12 2025 GMT
Not After : Nov 5 15:00:12 2025 GMT
Subject: CN=ec5bd41ab1a629f0a8267891494d3cf2ca1c2f11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:4c:a6:e4:65:2a:c4:f3:9e:84:9d:52:f4:bd:
13:f9:c0:6c:2a:79:76:ba:32:d4:f9:0d:b2:52:f3:
9a:60:ac:31:f1:1f:75:f8:89:be:fa:54:84:17:86:
a0:03:b8:3a:7f:e3:51:4d:4e:f2:6d:33:8b:d2:94:
00:6d:34:4f:f4:bf:26:b2:7c:e4:31:7b:26:b9:fb:
aa:0d:0e:19:65:0f:b7:f1:3b:7e:ba:94:91:ab:13:
3c:66:e5:11:6b:57:d7:ee:23:ea:db:b1:e2:84:86:
d4:5e:ba:e0:c6:ed:82:69:2d:52:0b:a3:07:b8:7a:
8b:a9:7a:d2:a6:80:54:26:ee:8c:c0:15:4b:76:ee:
15:81:40:4d:cd:ab:49:6e:9e:32:92:6c:d5:c0:c4:
3b:49:9e:a5:41:04:57:a0:6e:10:4e:1f:0a:99:6d:
4d:06:62:08:6d:37:dd:ac:66:af:db:c4:dd:dc:bf:
d6:09:23:55:c0:e4:e4:e4:49:de:59:7a:6d:61:f8:
6f:2a:01:e1:af:12:3d:f5:82:10:3e:cb:2a:25:55:
f1:92:97:8a:96:73:d0:8f:e4:30:af:70:2d:59:78:
db:36:80:88:d3:b9:18:53:b5:8b:51:10:ae:04:3c:
5e:e9:a0:9d:18:4b:f4:88:cb:a8:e0:92:8a:ce:73:
ec:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:5B:D4:1A:B1:A6:29:F0:A8:26:78:91:49:4D:3C:F2:CA:1C:2F:11
X509v3 Authority Key Identifier:
keyid:80:A9:21:40:84:33:B6:6E:A5:0A:40:00:AA:CE:10:D2:AD:D0:6A:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gKkhQIQztm6lCkAAqs4Q0q3QaoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8c:34:b7:76:29:5c:2d:ce:cd:5d:33:4b:ca:d4:2e:6c:3e:fc:
79:e2:9a:65:5d:18:85:85:be:13:c7:2a:96:43:64:9a:38:ad:
b8:6f:ed:83:f9:d1:61:fa:1b:8b:99:b9:a5:00:05:ef:3c:7a:
ee:08:89:90:2e:97:19:52:18:6d:56:fd:22:5d:86:bc:4b:f2:
a0:3d:54:2f:b9:60:0c:b3:e2:42:45:0d:f2:e9:44:ad:f4:9a:
04:6f:22:af:79:2b:9a:81:cd:5b:15:55:ed:16:9a:22:35:40:
17:b5:e4:c1:68:e8:88:34:01:c7:f7:76:85:a8:61:cb:34:0a:
6f:c0:c1:8d:2a:19:9b:c3:af:6c:ec:94:85:27:59:30:7f:d3:
83:3d:c1:a1:a0:e0:73:57:6a:6a:31:d7:42:9e:4c:e4:38:5b:
65:51:70:0d:2a:d5:0a:ca:3c:b3:51:93:51:23:90:6b:91:10:
6c:05:62:ad:e7:88:58:60:be:c8:88:c4:f0:a6:db:b5:a2:78:
f0:79:30:c5:19:7e:d0:05:41:d2:88:35:ac:ca:73:53:9f:b9:
05:53:25:b2:1c:e3:42:46:23:b1:79:b6:67:e2:5c:07:a1:dd:
1f:d6:4e:c2:ad:5c:c9:11:73:ae:8c:39:d5:90:da:e2:04:06:
00:6e:d8:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYfyK2VCfFhGxmovawrb0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwYTkyMTQwODQzM2I2NmVhNTBhNDAwMGFhY2UxMGQyYWRk
MDZhODUwHhcNMjUxMTA0MTUwMDEyWhcNMjUxMTA1MTUwMDEyWjAzMTEwLwYDVQQD
EyhlYzViZDQxYWIxYTYyOWYwYTgyNjc4OTE0OTRkM2NmMmNhMWMyZjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00ym5GUqxPOehJ1S9L0T+cBsKnl2
ujLU+Q2yUvOaYKwx8R91+Im++lSEF4agA7g6f+NRTU7ybTOL0pQAbTRP9L8msnzk
MXsmufuqDQ4ZZQ+38Tt+upSRqxM8ZuURa1fX7iPq27HihIbUXrrgxu2CaS1SC6MH
uHqLqXrSpoBUJu6MwBVLdu4VgUBNzatJbp4ykmzVwMQ7SZ6lQQRXoG4QTh8KmW1N
BmIIbTfdrGav28Td3L/WCSNVwOTk5EneWXptYfhvKgHhrxI99YIQPssqJVXxkpeK
lnPQj+Qwr3AtWXjbNoCI07kYU7WLURCuBDxe6aCdGEv0iMuo4JKKznPsjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOxb1BqxpinwqCZ4kUlNPPLKHC8RMB8GA1UdIwQY
MBaAFICpIUCEM7ZupQpAAKrOENKt0GqFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0traFFJUXp0bTZsQ2tBQXFzNFEwcTNRYW9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9kODA5YjEtZmFmNy00MGMyLTk0YmEt
ZjE4MTVhNDFhMDMzLzEvZ0traFFJUXp0bTZsQ2tBQXFzNFEwcTNRYW9VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9kODA5YjEtZmFmNy00MGMyLTk0YmEtZjE4MTVhNDFhMDMz
LzEvZ0traFFJUXp0bTZsQ2tBQXFzNFEwcTNRYW9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjDS3dilc
Lc7NXTNLytQubD78eeKaZV0YhYW+E8cqlkNkmjituG/tg/nRYfobi5m5pQAF7zx6
7giJkC6XGVIYbVb9Il2GvEvyoD1UL7lgDLPiQkUN8ulErfSaBG8ir3krmoHNWxVV
7RaaIjVAF7XkwWjoiDQBx/d2hahhyzQKb8DBjSoZm8OvbOyUhSdZMH/Tgz3BoaDg
c1dqajHXQp5M5DhbZVFwDSrVCso8s1GTUSOQa5EQbAVireeIWGC+yIjE8KbbtaJ4
8HkwxRl+0AVB0og1rMpzU5+5BVMlshzjQkYjsXm2Z+JcB6HdH9ZOwq1cyRFzrow5
1ZDa4gQGAG7Y1Q==
-----END CERTIFICATE-----
Generated at Tue Nov 4 23:39:38 2025 by rpki-client