Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/d19549-31b8-4a1e-b6d5-6a17e21ca6c7/1/kI7SZXsDRI2ii8JIwvfsSXPabjs.mft
File: kI7SZXsDRI2ii8JIwvfsSXPabjs.mft (raw, json)
Hash identifier: XfUAn+t36g5xSV98N11/HSz+xevblrO60MObNPeXRPk=
Subject key identifier: 02:7D:79:29:2F:42:34:D6:49:23:89:81:7D:45:C8:5C:D5:1E:B0:7E
Authority key identifier: 90:8E:D2:65:7B:03:44:8D:A2:8B:C2:48:C2:F7:EC:49:73:DA:6E:3B
Certificate issuer: /CN=908ed2657b03448da28bc248c2f7ec4973da6e3b
Certificate serial: 019A52D1E3F429185AB1A67ACE96858EDEF0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kI7SZXsDRI2ii8JIwvfsSXPabjs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/d19549-31b8-4a1e-b6d5-6a17e21ca6c7/1/kI7SZXsDRI2ii8JIwvfsSXPabjs.mft
Manifest number: 15
Signing time: Wed 05 Nov 2025 07:01:18 +0000
Manifest this update: Wed 05 Nov 2025 07:01:18 +0000
Manifest next update: Thu 06 Nov 2025 07:01:18 +0000
Files and hashes: 1: TcSp7o6uwH24irSRe8iMFLsbk94.roa (hash: c25HUD+HppjHQuOQwqciQrtoVauED60d+2+faqqkKIY=)
2: kI7SZXsDRI2ii8JIwvfsSXPabjs.crl (hash: otVvVWxSbT4MZgf3eNZ7zV2b7Uz0lyoSQVCFMSAxVMA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/d19549-31b8-4a1e-b6d5-6a17e21ca6c7/1/kI7SZXsDRI2ii8JIwvfsSXPabjs.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/d19549-31b8-4a1e-b6d5-6a17e21ca6c7/1/kI7SZXsDRI2ii8JIwvfsSXPabjs.mft
rsync://rpki.ripe.net/repository/DEFAULT/kI7SZXsDRI2ii8JIwvfsSXPabjs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:d1:e3:f4:29:18:5a:b1:a6:7a:ce:96:85:8e:de:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=908ed2657b03448da28bc248c2f7ec4973da6e3b
Validity
Not Before: Nov 5 07:01:18 2025 GMT
Not After : Nov 6 07:01:18 2025 GMT
Subject: CN=027d79292f4234d6492389817d45c85cd51eb07e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:d3:25:42:99:b2:51:6f:c4:44:c0:ac:98:35:
e5:51:c6:1d:24:37:d3:5f:52:d4:f0:e6:de:1b:fb:
aa:a0:93:c2:f5:54:e3:92:83:7c:e6:d2:f1:bb:98:
44:ba:d0:9c:02:f6:20:bf:0e:d5:a8:d2:67:3f:ed:
8a:13:f4:0d:42:1e:fd:a0:c3:39:2e:67:31:1d:f7:
76:e1:af:ae:84:49:4d:03:f8:f4:93:74:08:dc:31:
64:13:24:2c:53:be:0a:16:7c:24:0c:5a:a1:15:5f:
1d:20:83:02:cf:d1:5e:2f:68:fb:82:97:6f:fb:3d:
e4:c9:03:07:7e:6d:12:d0:b1:de:5e:ea:ae:f6:21:
34:ea:e1:c6:76:4c:5c:17:67:95:57:6c:da:2a:21:
f1:54:9d:42:1c:dc:eb:ab:e3:1b:ba:1b:8b:3e:bc:
d7:51:31:da:10:ef:5a:03:f2:0a:2d:8c:cc:5c:49:
19:f3:55:78:83:1b:98:d3:5f:d1:a7:53:1d:79:8b:
15:77:e8:80:22:cc:03:c8:67:34:08:3f:af:da:9e:
b7:01:83:d8:8a:de:d2:29:60:c2:33:89:5a:00:7e:
02:84:85:e0:73:a1:af:df:e9:5b:7c:4b:6a:11:40:
6f:48:95:3b:6a:58:32:5b:4a:9a:94:d3:84:90:60:
48:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:7D:79:29:2F:42:34:D6:49:23:89:81:7D:45:C8:5C:D5:1E:B0:7E
X509v3 Authority Key Identifier:
keyid:90:8E:D2:65:7B:03:44:8D:A2:8B:C2:48:C2:F7:EC:49:73:DA:6E:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kI7SZXsDRI2ii8JIwvfsSXPabjs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/d19549-31b8-4a1e-b6d5-6a17e21ca6c7/1/kI7SZXsDRI2ii8JIwvfsSXPabjs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/d19549-31b8-4a1e-b6d5-6a17e21ca6c7/1/kI7SZXsDRI2ii8JIwvfsSXPabjs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5d:1f:09:29:f3:d9:93:06:a5:1f:d8:1f:de:53:e8:29:ae:12:
e7:a6:33:c6:71:b8:60:0b:aa:7b:75:7b:e5:0d:cf:6d:27:fd:
be:05:ff:fb:18:69:d4:f4:3e:48:90:b6:de:b3:35:24:9c:0d:
d2:dc:0a:26:21:59:a1:11:84:b5:06:09:a0:74:43:0d:a2:a1:
44:68:26:b5:c5:33:23:f5:f7:6e:11:47:e3:72:b5:fe:55:bb:
ec:ce:2e:81:9b:df:08:b5:60:ec:8e:3f:e1:5b:e2:d1:92:b4:
98:d4:8c:9d:16:b5:57:ea:8c:a4:c3:b5:d2:d2:44:cc:c1:bc:
43:8e:7d:a2:3e:91:4e:27:24:1c:02:ea:77:5f:d3:1f:80:7f:
ae:a1:c7:10:89:4c:5b:f0:5e:a7:ef:3f:63:f5:b6:e5:e3:b3:
38:e3:5b:61:23:51:59:4b:03:29:b2:0e:1a:26:20:f5:4a:03:
9d:76:92:0c:3a:1d:01:bb:34:52:45:53:1f:22:5f:81:3f:26:
6f:89:41:fd:7a:8a:26:0b:fa:29:86:e2:af:6e:60:c5:b6:e8:
39:3c:db:8e:96:e5:5c:ec:e6:ad:b8:8f:ea:52:40:79:67:16:
58:f9:8e:52:5e:33:a1:9d:fa:e9:d3:f5:67:9e:88:41:bd:10:
15:b6:00:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0eP0KRhasaZ6zpaFjt7wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwOGVkMjY1N2IwMzQ0OGRhMjhiYzI0OGMyZjdlYzQ5NzNk
YTZlM2IwHhcNMjUxMTA1MDcwMTE4WhcNMjUxMTA2MDcwMTE4WjAzMTEwLwYDVQQD
EygwMjdkNzkyOTJmNDIzNGQ2NDkyMzg5ODE3ZDQ1Yzg1Y2Q1MWViMDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8dMlQpmyUW/ERMCsmDXlUcYdJDfT
X1LU8ObeG/uqoJPC9VTjkoN85tLxu5hEutCcAvYgvw7VqNJnP+2KE/QNQh79oMM5
LmcxHfd24a+uhElNA/j0k3QI3DFkEyQsU74KFnwkDFqhFV8dIIMCz9FeL2j7gpdv
+z3kyQMHfm0S0LHeXuqu9iE06uHGdkxcF2eVV2zaKiHxVJ1CHNzrq+MbuhuLPrzX
UTHaEO9aA/IKLYzMXEkZ81V4gxuY01/Rp1MdeYsVd+iAIswDyGc0CD+v2p63AYPY
it7SKWDCM4laAH4ChIXgc6Gv3+lbfEtqEUBvSJU7algyW0qalNOEkGBIgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAJ9eSkvQjTWSSOJgX1FyFzVHrB+MB8GA1UdIwQY
MBaAFJCO0mV7A0SNoovCSML37Elz2m47MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0k3U1pYc0RSSTJpaThKSXd2ZnNTWFBhYmpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9kMTk1NDktMzFiOC00YTFlLWI2ZDUt
NmExN2UyMWNhNmM3LzEva0k3U1pYc0RSSTJpaThKSXd2ZnNTWFBhYmpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9kMTk1NDktMzFiOC00YTFlLWI2ZDUtNmExN2UyMWNhNmM3
LzEva0k3U1pYc0RSSTJpaThKSXd2ZnNTWFBhYmpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXR8JKfPZ
kwalH9gf3lPoKa4S56YzxnG4YAuqe3V75Q3PbSf9vgX/+xhp1PQ+SJC23rM1JJwN
0twKJiFZoRGEtQYJoHRDDaKhRGgmtcUzI/X3bhFH43K1/lW77M4ugZvfCLVg7I4/
4Vvi0ZK0mNSMnRa1V+qMpMO10tJEzMG8Q459oj6RTickHALqd1/TH4B/rqHHEIlM
W/Bep+8/Y/W25eOzOONbYSNRWUsDKbIOGiYg9UoDnXaSDDodAbs0UkVTHyJfgT8m
b4lB/XqKJgv6KYbir25gxbboOTzbjpblXOzmrbiP6lJAeWcWWPmOUl4zoZ366dP1
Z56IQb0QFbYADw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 10:41:54 2025 by rpki-client