Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
File: a0P3ovQ2ixel4DXOS9km-KFC1os.mft (raw, json)
Hash identifier: 91e5hC3SAb2BrUDzbHmQRFTbuo2GlwomIuiawa9P34A=
Subject key identifier: BB:76:05:F2:35:BC:75:CA:CF:0C:BA:50:1C:C3:B1:DB:DE:47:03:77
Authority key identifier: 6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B
Certificate issuer: /CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b
Certificate serial: 019A5263615CE86FA5755F34FFAB91B0A28B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
Manifest number: 170D
Signing time: Wed 05 Nov 2025 05:00:35 +0000
Manifest this update: Wed 05 Nov 2025 05:00:35 +0000
Manifest next update: Thu 06 Nov 2025 05:00:35 +0000
Files and hashes: 1: MRvoKs_tNg3-xTMgCbueoBg-yMU.roa (hash: lEsMSNpmyZrLO0pVpESTwzarMUanf5zfZ6XbX+ha5s8=)
2: a0P3ovQ2ixel4DXOS9km-KFC1os.crl (hash: 5v358C3WiEBrbAl6BPJFUaOBagdSGi/rnmo0pMTOz1M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:63:61:5c:e8:6f:a5:75:5f:34:ff:ab:91:b0:a2:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b
Validity
Not Before: Nov 5 05:00:35 2025 GMT
Not After : Nov 6 05:00:35 2025 GMT
Subject: CN=bb7605f235bc75cacf0cba501cc3b1dbde470377
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:14:ff:b0:7c:bd:e2:89:b6:a3:e3:7e:a1:5f:
93:fe:7c:02:86:58:74:69:66:3a:da:57:89:b5:9d:
26:71:2b:30:f7:77:0d:9b:ae:f4:fa:60:f9:ce:c0:
59:e4:6e:95:d5:71:8f:ff:ac:ab:d8:30:2b:c7:83:
98:91:c9:51:39:66:6d:e9:a9:f9:e1:9e:25:e3:6d:
39:3d:3a:ed:14:a4:00:6c:f4:12:d4:a2:ed:65:35:
f6:cb:56:9d:72:77:20:fa:61:df:01:fc:f0:94:ce:
d3:d8:2f:ae:b9:7e:25:52:09:32:b6:de:92:9d:50:
19:2b:cc:a2:f6:bb:3f:32:0f:96:61:e5:03:bd:93:
44:5a:83:32:f9:11:51:7f:51:4e:88:f4:d9:61:fb:
45:19:78:30:e3:d6:4a:c4:b2:99:89:21:0d:76:48:
aa:58:24:1e:67:35:21:bf:38:72:f5:0a:62:86:b1:
76:ee:fd:e0:33:90:0b:8c:60:be:82:2d:de:63:02:
92:f8:0c:d4:9e:a6:af:4b:d7:90:a3:4f:67:45:a2:
72:eb:c4:bd:4c:09:e2:7d:6e:5d:a9:4b:bc:8d:27:
6f:be:fc:e9:39:e2:4d:e6:89:4a:ad:d0:e2:59:db:
ef:43:59:c8:6f:93:b3:d2:e4:f0:13:41:9e:30:4f:
1e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:76:05:F2:35:BC:75:CA:CF:0C:BA:50:1C:C3:B1:DB:DE:47:03:77
X509v3 Authority Key Identifier:
keyid:6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
78:f8:3b:0c:13:10:a2:35:41:7f:32:81:01:cf:a5:3b:73:68:
bd:f6:92:84:b4:a1:38:91:53:8f:0b:5e:3c:b6:d9:0a:11:51:
b3:f0:1b:13:59:8a:b1:17:81:cd:7a:4e:f2:8c:7b:f0:1c:5f:
81:ae:b3:89:b6:33:ea:ad:8e:90:c1:3a:01:b6:1d:be:71:d8:
65:f1:14:cb:8f:85:30:8d:cb:bd:a3:85:56:5d:83:1c:8a:c8:
65:06:07:42:74:30:de:47:b7:c2:8a:da:db:97:43:f3:b1:9e:
12:e0:04:1a:69:ff:9e:b1:37:85:b4:65:26:26:3e:66:5e:c0:
71:4f:1d:f8:a3:8b:8f:e4:12:77:74:9f:03:e6:2b:e5:bc:72:
13:58:c1:c2:61:49:fd:b4:92:6a:12:32:21:bc:d5:06:9b:25:
b4:f5:ed:dc:95:b7:97:3c:5e:07:34:c0:cd:f9:da:6e:64:2e:
47:d5:cb:d8:85:87:39:a1:d1:53:7a:8d:5c:09:98:03:2a:5d:
d2:59:b5:84:ff:9d:67:6e:08:b5:84:5e:21:ab:2b:76:9f:c7:
1c:d4:b1:ac:f7:68:de:93:77:e7:31:a1:59:57:5c:f9:bd:cb:
01:2a:1f:17:cf:60:e4:2f:3e:a3:3c:ee:11:55:38:b3:6f:87:
02:4d:fb:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpSY2Fc6G+ldV80/6uRsKKLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNDNmN2EyZjQzNjhiMTdhNWUwMzVjZTRiZDkyNmY4YTE0
MmQ2OGIwHhcNMjUxMTA1MDUwMDM1WhcNMjUxMTA2MDUwMDM1WjAzMTEwLwYDVQQD
EyhiYjc2MDVmMjM1YmM3NWNhY2YwY2JhNTAxY2MzYjFkYmRlNDcwMzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthT/sHy94om2o+N+oV+T/nwChlh0
aWY62leJtZ0mcSsw93cNm670+mD5zsBZ5G6V1XGP/6yr2DArx4OYkclROWZt6an5
4Z4l4205PTrtFKQAbPQS1KLtZTX2y1adcncg+mHfAfzwlM7T2C+uuX4lUgkytt6S
nVAZK8yi9rs/Mg+WYeUDvZNEWoMy+RFRf1FOiPTZYftFGXgw49ZKxLKZiSENdkiq
WCQeZzUhvzhy9QpihrF27v3gM5ALjGC+gi3eYwKS+AzUnqavS9eQo09nRaJy68S9
TAnifW5dqUu8jSdvvvzpOeJN5olKrdDiWdvvQ1nIb5Oz0uTwE0GeME8eLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLt2BfI1vHXKzwy6UBzDsdveRwN3MB8GA1UdIwQY
MBaAFGtD96L0NosXpeA1zkvZJvihQtaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMt
MzViMDMxMzZkZDAzLzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMtMzViMDMxMzZkZDAz
LzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAePg7DBMQ
ojVBfzKBAc+lO3NovfaShLShOJFTjwtePLbZChFRs/AbE1mKsReBzXpO8ox78Bxf
ga6zibYz6q2OkME6AbYdvnHYZfEUy4+FMI3LvaOFVl2DHIrIZQYHQnQw3ke3wora
25dD87GeEuAEGmn/nrE3hbRlJiY+Zl7AcU8d+KOLj+QSd3SfA+Yr5bxyE1jBwmFJ
/bSSahIyIbzVBpsltPXt3JW3lzxeBzTAzfnabmQuR9XL2IWHOaHRU3qNXAmYAypd
0lm1hP+dZ24ItYReIasrdp/HHNSxrPdo3pN35zGhWVdc+b3LASofF89g5C8+ozzu
EVU4s2+HAk37Tg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 09:08:54 2025 by rpki-client