Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.mft
File: kTOA6LhQRU2zgd3euawsyKL2JTE.mft (raw, json)
Hash identifier: d52FJQtPmw7e0wpI3hwFSYcI+XUBxuJaPU7w3YHLBPc=
Subject key identifier: FA:BE:84:8C:B0:43:69:48:2C:6E:A0:ED:2E:EE:22:AA:9A:8D:44:C3
Authority key identifier: 91:33:80:E8:B8:50:45:4D:B3:81:DD:DE:B9:AC:2C:C8:A2:F6:25:31
Certificate issuer: /CN=913380e8b850454db381dddeb9ac2cc8a2f62531
Certificate serial: 019896A576DD119A1AE08380CF4E761D05BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kTOA6LhQRU2zgd3euawsyKL2JTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.mft
Manifest number: 0524
Signing time: Mon 11 Aug 2025 01:01:22 +0000
Manifest this update: Mon 11 Aug 2025 01:01:22 +0000
Manifest next update: Tue 12 Aug 2025 01:01:22 +0000
Files and hashes: 1: U5Y7YWVXNPPm9KoqmwsivloXzrs.roa (hash: ca5vcs2GJ+zXpmrDaBzBSEBE+1Vnejqdln+cTCo9uxU=)
2: kTOA6LhQRU2zgd3euawsyKL2JTE.crl (hash: PlkdGk+JKl0OTJ+5+DOq2MxUwQIqUiyQaYTIxD8frLY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.mft
rsync://rpki.ripe.net/repository/DEFAULT/kTOA6LhQRU2zgd3euawsyKL2JTE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Aug 2025 01:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:96:a5:76:dd:11:9a:1a:e0:83:80:cf:4e:76:1d:05:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=913380e8b850454db381dddeb9ac2cc8a2f62531
Validity
Not Before: Aug 11 01:01:22 2025 GMT
Not After : Aug 12 01:01:22 2025 GMT
Subject: CN=fabe848cb04369482c6ea0ed2eee22aa9a8d44c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:a5:67:77:54:fe:42:17:94:4f:34:2f:df:f6:
f9:c3:e7:3f:85:98:e3:43:63:18:11:63:9b:aa:59:
6f:8b:1b:b8:68:5c:0e:58:e9:b5:7e:5b:f3:93:63:
87:e4:dc:ce:3d:4f:c0:b4:09:90:37:fb:ea:95:0a:
ec:df:2c:c5:54:29:b5:9c:f6:f2:47:83:e3:de:c4:
0e:90:8a:79:51:73:d1:0b:61:92:10:08:d1:37:5a:
ab:0f:3b:a5:b1:e5:5b:0e:a6:d8:f9:32:0d:b1:4c:
16:99:cd:50:51:89:d7:1e:ed:3e:e7:5e:20:37:9c:
b1:ca:14:4b:66:1d:45:68:a8:13:ad:c5:43:07:14:
a8:48:a0:6d:49:b4:d6:b1:c7:dc:6d:1b:b7:3d:d6:
e8:06:b1:bd:a0:3d:de:f8:73:0c:56:bb:50:f1:41:
f1:84:53:62:e3:92:4c:f4:3f:32:9a:cd:11:a2:c5:
2f:4b:50:36:a1:bf:d6:9b:f1:4b:d5:9d:52:81:d8:
ee:83:f5:23:c0:37:07:8a:9e:64:9f:4b:79:94:e1:
b1:9c:98:d4:f2:4a:33:0a:19:07:b5:09:18:6a:76:
4a:23:49:7f:22:0e:d3:e3:be:af:6e:1b:27:38:23:
af:2f:4c:a8:f6:58:69:50:57:9c:29:3a:4d:e8:8f:
22:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:BE:84:8C:B0:43:69:48:2C:6E:A0:ED:2E:EE:22:AA:9A:8D:44:C3
X509v3 Authority Key Identifier:
keyid:91:33:80:E8:B8:50:45:4D:B3:81:DD:DE:B9:AC:2C:C8:A2:F6:25:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kTOA6LhQRU2zgd3euawsyKL2JTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6a:42:5c:39:a6:cd:e3:52:c2:aa:3f:1f:40:19:f2:98:f3:ac:
fb:90:c3:e8:66:27:d5:cf:7c:6e:ed:2a:c2:98:42:0f:86:61:
a9:be:e1:85:1c:57:a7:c0:1e:3d:ac:64:e0:fd:17:b7:45:30:
a9:79:0e:8c:34:39:31:83:58:eb:f4:0a:83:bb:3d:02:dd:c0:
0e:dd:af:84:c5:39:c4:ff:79:92:46:a0:42:39:49:19:b5:42:
ce:b3:35:7e:92:2a:ab:d6:d2:1b:7f:5c:7e:78:fe:04:d6:a1:
66:7b:77:9d:ef:fa:06:16:60:76:b4:2d:98:dc:ac:67:98:ce:
a9:27:44:b5:10:7c:f5:30:de:3c:9c:98:2b:22:a9:bd:6d:bc:
43:da:06:03:7c:26:1b:3d:14:ba:63:db:e0:bf:27:8b:43:7a:
e4:07:25:a5:9e:d3:d4:78:c8:7e:79:5e:20:91:62:ab:52:80:
a4:0b:e3:ae:13:f1:36:56:2d:fc:e6:2d:e1:08:3a:b3:2a:5a:
92:20:fc:ea:a8:fc:02:a8:2a:d9:58:3a:2f:f6:51:54:0d:9a:
04:09:38:1a:6a:30:07:38:86:ab:0a:9a:2f:2b:b9:ad:5a:77:
1e:c4:77:62:b2:8a:1e:00:a6:f9:38:c1:c7:a6:2b:28:67:66:
f5:84:c5:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiWpXbdEZoa4IOAz052HQW/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMzM4MGU4Yjg1MDQ1NGRiMzgxZGRkZWI5YWMyY2M4YTJm
NjI1MzEwHhcNMjUwODExMDEwMTIyWhcNMjUwODEyMDEwMTIyWjAzMTEwLwYDVQQD
EyhmYWJlODQ4Y2IwNDM2OTQ4MmM2ZWEwZWQyZWVlMjJhYTlhOGQ0NGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKVnd1T+QheUTzQv3/b5w+c/hZjj
Q2MYEWObqllvixu4aFwOWOm1flvzk2OH5NzOPU/AtAmQN/vqlQrs3yzFVCm1nPby
R4Pj3sQOkIp5UXPRC2GSEAjRN1qrDzulseVbDqbY+TINsUwWmc1QUYnXHu0+514g
N5yxyhRLZh1FaKgTrcVDBxSoSKBtSbTWscfcbRu3PdboBrG9oD3e+HMMVrtQ8UHx
hFNi45JM9D8yms0RosUvS1A2ob/Wm/FL1Z1Sgdjug/UjwDcHip5kn0t5lOGxnJjU
8kozChkHtQkYanZKI0l/Ig7T476vbhsnOCOvL0yo9lhpUFecKTpN6I8iuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPq+hIywQ2lILG6g7S7uIqqajUTDMB8GA1UdIwQY
MBaAFJEzgOi4UEVNs4Hd3rmsLMii9iUxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1RPQTZMaFFSVTJ6Z2QzZXVhd3N5S0wySlRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi84Njk0YjktMDFkNy00OGI4LWE4ODIt
OTRlNzAwYmQ1NWY1LzEva1RPQTZMaFFSVTJ6Z2QzZXVhd3N5S0wySlRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi84Njk0YjktMDFkNy00OGI4LWE4ODItOTRlNzAwYmQ1NWY1
LzEva1RPQTZMaFFSVTJ6Z2QzZXVhd3N5S0wySlRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAakJcOabN
41LCqj8fQBnymPOs+5DD6GYn1c98bu0qwphCD4Zhqb7hhRxXp8AePaxk4P0Xt0Uw
qXkOjDQ5MYNY6/QKg7s9At3ADt2vhMU5xP95kkagQjlJGbVCzrM1fpIqq9bSG39c
fnj+BNahZnt3ne/6BhZgdrQtmNysZ5jOqSdEtRB89TDePJyYKyKpvW28Q9oGA3wm
Gz0UumPb4L8ni0N65AclpZ7T1HjIfnleIJFiq1KApAvjrhPxNlYt/OYt4Qg6sypa
kiD86qj8Aqgq2Vg6L/ZRVA2aBAk4GmowBziGqwqaLyu5rVp3HsR3YrKKHgCm+TjB
x6YrKGdm9YTFgA==
-----END CERTIFICATE-----
Generated at Mon Aug 11 08:41:39 2025 by rpki-client