Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/263447-0c80-4cda-b915-081a637f703e/1/00KrFW1a4VOtFlKOh9nIR53ApKU.mft
File: 00KrFW1a4VOtFlKOh9nIR53ApKU.mft (raw, json)
Hash identifier: Dw355PMkqESYytti/UJycx5FquS4H9GQjPFuJICpXTM=
Subject key identifier: 35:AA:AF:B1:89:DF:6D:35:7D:25:EF:B8:AF:C3:72:02:51:6F:CA:B8
Authority key identifier: D3:42:AB:15:6D:5A:E1:53:AD:16:52:8E:87:D9:C8:47:9D:C0:A4:A5
Certificate issuer: /CN=d342ab156d5ae153ad16528e87d9c8479dc0a4a5
Certificate serial: 019A4D3CFAC432CB7BCBE620BA0F96CAB5D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/00KrFW1a4VOtFlKOh9nIR53ApKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/263447-0c80-4cda-b915-081a637f703e/1/00KrFW1a4VOtFlKOh9nIR53ApKU.mft
Manifest number: 170D
Signing time: Tue 04 Nov 2025 05:00:33 +0000
Manifest this update: Tue 04 Nov 2025 05:00:33 +0000
Manifest next update: Wed 05 Nov 2025 05:00:33 +0000
Files and hashes: 1: 00KrFW1a4VOtFlKOh9nIR53ApKU.crl (hash: /+ccrzIK/7t4Q6FBNhqDghKP6W6l62VmmK/BC1bPhnM=)
2: YzWazfZkDmpS6lnGJouGiR4vMgw.roa (hash: g+4T1wjwDSXCQUkHT41UwModEGJm2ijdNXqnxLEPkqw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/263447-0c80-4cda-b915-081a637f703e/1/00KrFW1a4VOtFlKOh9nIR53ApKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/263447-0c80-4cda-b915-081a637f703e/1/00KrFW1a4VOtFlKOh9nIR53ApKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/00KrFW1a4VOtFlKOh9nIR53ApKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 05:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:3c:fa:c4:32:cb:7b:cb:e6:20:ba:0f:96:ca:b5:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d342ab156d5ae153ad16528e87d9c8479dc0a4a5
Validity
Not Before: Nov 4 05:00:33 2025 GMT
Not After : Nov 5 05:00:33 2025 GMT
Subject: CN=35aaafb189df6d357d25efb8afc37202516fcab8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:12:14:48:16:2a:3a:0c:56:67:4b:4a:ae:00:
e6:5b:e1:37:2a:04:a6:02:1c:02:28:fc:8e:9f:e5:
7d:71:3b:b4:11:31:0e:aa:8d:a0:24:3e:28:4f:c2:
a4:48:c6:5b:9c:7b:89:82:aa:bd:4e:b0:b2:79:7a:
9d:4f:e3:7e:9f:5a:e0:90:34:bf:e7:86:e9:54:59:
49:70:f4:b1:08:29:73:ad:7a:29:7d:64:c1:69:bf:
8c:a2:b6:53:c6:2b:89:4f:d1:9c:3b:77:20:47:75:
94:ab:fe:49:10:7c:2e:ee:c3:a0:47:bf:fc:d1:f6:
7d:4e:90:19:1b:3b:f4:61:f9:56:c5:7c:b7:46:9f:
de:b7:c2:7f:a9:ca:17:fc:23:fe:30:18:f2:34:a4:
2d:f5:3e:e7:d9:62:ec:e7:81:b8:0d:8f:5f:a7:e1:
78:39:2b:2e:58:f5:c7:32:35:4d:48:91:38:dd:8c:
08:25:e2:5d:6c:1c:d2:3f:a1:93:de:64:63:25:8b:
14:36:65:6b:96:47:f9:af:5e:c1:31:e9:6e:28:4d:
1d:58:99:db:b7:ce:35:f2:10:04:ff:4c:3a:23:a6:
ba:13:71:22:60:d7:4d:77:c7:3c:e9:97:6b:50:4a:
46:03:3b:13:db:db:73:36:95:10:d1:9a:4f:f7:31:
ab:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:AA:AF:B1:89:DF:6D:35:7D:25:EF:B8:AF:C3:72:02:51:6F:CA:B8
X509v3 Authority Key Identifier:
keyid:D3:42:AB:15:6D:5A:E1:53:AD:16:52:8E:87:D9:C8:47:9D:C0:A4:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/00KrFW1a4VOtFlKOh9nIR53ApKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/263447-0c80-4cda-b915-081a637f703e/1/00KrFW1a4VOtFlKOh9nIR53ApKU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/263447-0c80-4cda-b915-081a637f703e/1/00KrFW1a4VOtFlKOh9nIR53ApKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:1e:e6:af:6b:ec:21:b3:30:fb:0d:c0:dc:8e:a0:9b:48:ae:
94:53:31:80:0c:85:0a:6c:82:ce:09:f9:91:b2:66:f6:96:be:
95:45:bf:00:66:84:87:ff:ac:bf:b0:19:38:7d:9a:99:3f:83:
4e:56:43:e5:5d:5d:a7:a0:a8:1f:f7:da:f2:e3:7c:3a:c3:72:
26:fa:72:9e:34:d7:44:e5:d6:71:b3:6b:d1:e7:1d:78:30:f5:
a7:d9:ab:e0:85:72:7e:5c:14:71:fc:5f:f7:5c:5f:e1:a1:ff:
3a:d8:c0:e2:57:22:e6:f2:89:1f:6a:18:47:05:52:c0:20:6f:
c1:67:b8:1e:71:a0:cd:a3:b3:df:78:c6:11:1a:b4:0b:af:b5:
c0:c5:c1:89:b8:40:e5:c8:06:d9:d4:66:45:e1:e6:09:82:1c:
84:06:d0:e3:dc:af:83:e1:74:34:c5:14:f7:b3:7a:00:11:3b:
32:22:5a:e5:ec:79:5a:86:5d:f4:fe:67:10:35:22:95:74:8d:
4b:a9:37:99:39:1b:d3:4b:eb:af:37:0a:8a:ba:1c:ee:ae:45:
ce:20:52:e2:4e:e7:95:a4:3b:c0:da:be:c8:27:37:2d:29:e8:
44:5a:8e:11:21:04:bb:82:f0:93:0b:96:d8:aa:9c:d1:a1:de:
f3:8a:b7:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNPPrEMst7y+Ygug+WyrXSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNDJhYjE1NmQ1YWUxNTNhZDE2NTI4ZTg3ZDljODQ3OWRj
MGE0YTUwHhcNMjUxMTA0MDUwMDMzWhcNMjUxMTA1MDUwMDMzWjAzMTEwLwYDVQQD
EygzNWFhYWZiMTg5ZGY2ZDM1N2QyNWVmYjhhZmMzNzIwMjUxNmZjYWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxIUSBYqOgxWZ0tKrgDmW+E3KgSm
AhwCKPyOn+V9cTu0ETEOqo2gJD4oT8KkSMZbnHuJgqq9TrCyeXqdT+N+n1rgkDS/
54bpVFlJcPSxCClzrXopfWTBab+MorZTxiuJT9GcO3cgR3WUq/5JEHwu7sOgR7/8
0fZ9TpAZGzv0YflWxXy3Rp/et8J/qcoX/CP+MBjyNKQt9T7n2WLs54G4DY9fp+F4
OSsuWPXHMjVNSJE43YwIJeJdbBzSP6GT3mRjJYsUNmVrlkf5r17BMeluKE0dWJnb
t8418hAE/0w6I6a6E3EiYNdNd8c86ZdrUEpGAzsT29tzNpUQ0ZpP9zGrzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDWqr7GJ3201fSXvuK/DcgJRb8q4MB8GA1UdIwQY
MBaAFNNCqxVtWuFTrRZSjofZyEedwKSlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDBLckZXMWE0Vk90RmxLT2g5bklSNTNBcEtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8yNjM0NDctMGM4MC00Y2RhLWI5MTUt
MDgxYTYzN2Y3MDNlLzEvMDBLckZXMWE0Vk90RmxLT2g5bklSNTNBcEtVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8yNjM0NDctMGM4MC00Y2RhLWI5MTUtMDgxYTYzN2Y3MDNl
LzEvMDBLckZXMWE0Vk90RmxLT2g5bklSNTNBcEtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZB7mr2vs
IbMw+w3A3I6gm0iulFMxgAyFCmyCzgn5kbJm9pa+lUW/AGaEh/+sv7AZOH2amT+D
TlZD5V1dp6CoH/fa8uN8OsNyJvpynjTXROXWcbNr0ecdeDD1p9mr4IVyflwUcfxf
91xf4aH/OtjA4lci5vKJH2oYRwVSwCBvwWe4HnGgzaOz33jGERq0C6+1wMXBibhA
5cgG2dRmReHmCYIchAbQ49yvg+F0NMUU97N6ABE7MiJa5ex5WoZd9P5nEDUilXSN
S6k3mTkb00vrrzcKiroc7q5FziBS4k7nlaQ7wNq+yCc3LSnoRFqOESEEu4LwkwuW
2Kqc0aHe84q36w==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:41:30 2025 by rpki-client