Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.mft
File: kTOA6LhQRU2zgd3euawsyKL2JTE.mft (raw, json)
Hash identifier: hZgDwgrwIX+iUnxr3Bs7sSHNMONg0W/5FuZ6t+e9CvU=
Subject key identifier: A2:74:F5:BA:C7:93:8F:6C:23:29:1C:1B:A3:13:8D:FF:BA:13:A8:61
Authority key identifier: 91:33:80:E8:B8:50:45:4D:B3:81:DD:DE:B9:AC:2C:C8:A2:F6:25:31
Certificate issuer: /CN=913380e8b850454db381dddeb9ac2cc8a2f62531
Certificate serial: 019A4EF43D4709A1D59EF0DF1343341B89BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kTOA6LhQRU2zgd3euawsyKL2JTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.mft
Manifest number: 0608
Signing time: Tue 04 Nov 2025 13:00:20 +0000
Manifest this update: Tue 04 Nov 2025 13:00:20 +0000
Manifest next update: Wed 05 Nov 2025 13:00:20 +0000
Files and hashes: 1: U5Y7YWVXNPPm9KoqmwsivloXzrs.roa (hash: ca5vcs2GJ+zXpmrDaBzBSEBE+1Vnejqdln+cTCo9uxU=)
2: kTOA6LhQRU2zgd3euawsyKL2JTE.crl (hash: 9crR6B8UZqPpGG88Tci4XZbEyuREWHDFn3a39YlhYVo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.mft
rsync://rpki.ripe.net/repository/DEFAULT/kTOA6LhQRU2zgd3euawsyKL2JTE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f4:3d:47:09:a1:d5:9e:f0:df:13:43:34:1b:89:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=913380e8b850454db381dddeb9ac2cc8a2f62531
Validity
Not Before: Nov 4 13:00:20 2025 GMT
Not After : Nov 5 13:00:20 2025 GMT
Subject: CN=a274f5bac7938f6c23291c1ba3138dffba13a861
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:0a:b5:46:bb:29:2f:c6:5f:1f:6b:de:99:92:
73:ea:83:46:40:90:d3:20:07:63:1d:6e:bd:7e:e7:
9e:34:0f:0a:01:9d:ac:8d:e0:25:fc:04:c7:74:a7:
8d:44:df:e4:68:b6:62:12:a2:52:06:65:1a:f9:8e:
e6:2d:b4:e5:a9:52:3f:8e:06:82:76:ac:cc:f1:b4:
77:4b:8d:1e:c9:2d:65:9d:87:63:bb:94:e1:d0:b8:
b3:3c:45:bb:a5:bf:fe:84:b4:07:ee:a2:06:50:4b:
cf:34:79:b3:0c:fc:59:44:1b:f3:2c:6e:67:34:ea:
ee:ff:47:f3:7e:d9:d8:ce:4a:2b:59:f9:39:02:fb:
b4:ad:50:d4:fa:19:61:99:2c:30:ea:22:7c:58:de:
bd:b4:45:ba:0f:95:a7:de:8b:b9:fe:e1:14:72:0b:
7e:63:8d:40:2a:5c:19:8d:c2:87:2b:25:85:2b:8c:
d6:15:73:a8:4d:ea:22:9f:67:2c:b5:54:db:fb:f4:
ac:c2:ac:e0:31:d9:16:20:de:88:39:fc:4c:6d:51:
41:00:20:05:e6:94:06:69:11:5a:a9:f6:8c:4a:24:
ef:c5:f5:08:6f:77:c3:ee:a9:3c:8a:17:98:de:be:
a9:a9:2c:46:80:c0:a7:a3:e1:ca:c2:37:a1:50:58:
ef:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:74:F5:BA:C7:93:8F:6C:23:29:1C:1B:A3:13:8D:FF:BA:13:A8:61
X509v3 Authority Key Identifier:
keyid:91:33:80:E8:B8:50:45:4D:B3:81:DD:DE:B9:AC:2C:C8:A2:F6:25:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kTOA6LhQRU2zgd3euawsyKL2JTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
14:f7:95:e3:36:4d:c4:df:ae:fd:8a:e2:ae:b0:f2:9c:b3:8f:
9b:c2:bd:07:eb:dc:f1:7f:1a:be:7d:29:c2:1a:36:bd:5f:8d:
d4:59:32:38:32:e3:a3:5c:8e:7e:c0:99:df:a6:f3:9a:e1:98:
72:49:0c:cf:58:c2:8b:dc:e1:ac:e9:66:0d:c8:53:0c:e9:1a:
ff:f8:60:10:1f:a0:19:82:5b:5a:45:d2:8c:59:e0:b2:e8:1b:
81:24:66:47:32:32:63:f4:9b:9c:83:8c:6c:6a:46:23:8f:73:
3a:52:41:a4:7e:82:36:b7:c7:1a:7e:1b:de:da:01:62:c9:2b:
30:10:f6:d2:1a:e7:c8:54:12:53:4c:f3:95:45:2a:8c:a5:9d:
3f:fb:00:35:77:e1:c8:95:08:ad:3a:e6:87:09:1e:07:37:ca:
6c:d1:c2:aa:42:3d:d6:78:01:72:a0:39:c1:fc:78:16:e5:8a:
ac:5c:27:59:90:ee:52:21:8d:71:90:18:ab:09:a5:0f:55:22:
a0:1c:cc:40:d1:ad:3f:55:d3:29:67:23:6f:f2:e6:a9:5d:1a:
35:1e:e2:4b:f3:0e:82:9e:7e:92:26:6b:da:1c:3c:21:ae:80:
da:ca:2d:16:cb:a3:63:30:da:3d:99:1d:cc:39:23:b1:26:45:
1e:c4:e9:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9D1HCaHVnvDfE0M0G4m8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMzM4MGU4Yjg1MDQ1NGRiMzgxZGRkZWI5YWMyY2M4YTJm
NjI1MzEwHhcNMjUxMTA0MTMwMDIwWhcNMjUxMTA1MTMwMDIwWjAzMTEwLwYDVQQD
EyhhMjc0ZjViYWM3OTM4ZjZjMjMyOTFjMWJhMzEzOGRmZmJhMTNhODYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAq1RrspL8ZfH2vemZJz6oNGQJDT
IAdjHW69fueeNA8KAZ2sjeAl/ATHdKeNRN/kaLZiEqJSBmUa+Y7mLbTlqVI/jgaC
dqzM8bR3S40eyS1lnYdju5Th0LizPEW7pb/+hLQH7qIGUEvPNHmzDPxZRBvzLG5n
NOru/0fzftnYzkorWfk5Avu0rVDU+hlhmSww6iJ8WN69tEW6D5Wn3ou5/uEUcgt+
Y41AKlwZjcKHKyWFK4zWFXOoTeoin2cstVTb+/SswqzgMdkWIN6IOfxMbVFBACAF
5pQGaRFaqfaMSiTvxfUIb3fD7qk8iheY3r6pqSxGgMCno+HKwjehUFjvoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKJ09brHk49sIykcG6MTjf+6E6hhMB8GA1UdIwQY
MBaAFJEzgOi4UEVNs4Hd3rmsLMii9iUxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1RPQTZMaFFSVTJ6Z2QzZXVhd3N5S0wySlRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi84Njk0YjktMDFkNy00OGI4LWE4ODIt
OTRlNzAwYmQ1NWY1LzEva1RPQTZMaFFSVTJ6Z2QzZXVhd3N5S0wySlRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi84Njk0YjktMDFkNy00OGI4LWE4ODItOTRlNzAwYmQ1NWY1
LzEva1RPQTZMaFFSVTJ6Z2QzZXVhd3N5S0wySlRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFPeV4zZN
xN+u/YrirrDynLOPm8K9B+vc8X8avn0pwho2vV+N1FkyODLjo1yOfsCZ36bzmuGY
ckkMz1jCi9zhrOlmDchTDOka//hgEB+gGYJbWkXSjFngsugbgSRmRzIyY/SbnIOM
bGpGI49zOlJBpH6CNrfHGn4b3toBYskrMBD20hrnyFQSU0zzlUUqjKWdP/sANXfh
yJUIrTrmhwkeBzfKbNHCqkI91ngBcqA5wfx4FuWKrFwnWZDuUiGNcZAYqwmlD1Ui
oBzMQNGtP1XTKWcjb/LmqV0aNR7iS/MOgp5+kiZr2hw8Ia6A2sotFsujYzDaPZkd
zDkjsSZFHsTppA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:56:52 2025 by rpki-client