Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/KMIgKkQ1N_uPsoBWehdIXxIwxBE.mft
File: KMIgKkQ1N_uPsoBWehdIXxIwxBE.mft (raw, json)
Hash identifier: BiUba3anmwoKDQTExCElh1ojHShkBxetv4CL/JH0c6w=
Subject key identifier: A8:28:ED:DF:2E:7E:9B:4C:1A:BB:A9:89:EA:8D:71:E2:A8:33:15:F7
Authority key identifier: 28:C2:20:2A:44:35:37:FB:8F:B2:80:56:7A:17:48:5F:12:30:C4:11
Certificate issuer: /CN=28c2202a443537fb8fb280567a17485f1230c411
Certificate serial: 019A71EE83DE59BC180FFB9AA9B2F3936286
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KMIgKkQ1N_uPsoBWehdIXxIwxBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/KMIgKkQ1N_uPsoBWehdIXxIwxBE.mft
Manifest number: 1722
Signing time: Tue 11 Nov 2025 08:00:47 +0000
Manifest this update: Tue 11 Nov 2025 08:00:47 +0000
Manifest next update: Wed 12 Nov 2025 08:00:47 +0000
Files and hashes: 1: KMIgKkQ1N_uPsoBWehdIXxIwxBE.crl (hash: 6T1uX9QOOGkJPaep4POKUszTidKWAQuRs6Lzxu1k2hQ=)
2: rzOkydR3EHFZXD3XEkRebB02-_4.roa (hash: df7jTqxQL8Sw059sbRTkyG9ltt5KtHFaW+BfP29wPTk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/KMIgKkQ1N_uPsoBWehdIXxIwxBE.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/KMIgKkQ1N_uPsoBWehdIXxIwxBE.mft
rsync://rpki.ripe.net/repository/DEFAULT/KMIgKkQ1N_uPsoBWehdIXxIwxBE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:83:de:59:bc:18:0f:fb:9a:a9:b2:f3:93:62:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28c2202a443537fb8fb280567a17485f1230c411
Validity
Not Before: Nov 11 08:00:47 2025 GMT
Not After : Nov 12 08:00:47 2025 GMT
Subject: CN=a828eddf2e7e9b4c1abba989ea8d71e2a83315f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e1:2e:b9:d2:d6:73:25:39:bb:69:ee:19:07:
11:85:c7:fb:b2:69:ea:dc:cf:c6:64:2b:b0:6f:e2:
55:e7:e3:6c:fa:0d:fd:f5:14:8a:27:f4:a3:30:97:
ba:56:8a:a1:5f:25:3f:64:ea:eb:77:e5:b9:c5:b0:
de:7b:89:2f:db:c3:4c:44:7c:06:9f:d6:f1:61:aa:
4a:2d:5c:21:88:1c:35:d9:27:62:7a:22:57:ca:82:
5e:b9:c3:d0:6a:0a:e7:07:9e:d4:e4:44:58:5b:f4:
52:70:c7:7b:2e:11:d5:7c:5a:cc:8c:22:eb:5f:f1:
12:55:23:a6:d4:b4:99:83:c5:e5:53:3e:ea:c4:2e:
67:8d:ab:6d:35:fd:21:0a:c4:62:48:b6:0c:60:1b:
90:a7:9f:44:c8:c5:b9:a7:06:35:f4:9f:4c:3a:26:
67:87:a4:42:a3:7c:f6:a4:20:78:06:e7:d8:a2:eb:
f9:f7:31:b0:ad:78:4d:35:2d:23:2e:ef:53:23:5c:
57:80:11:d8:08:00:69:59:ab:ab:e9:db:87:99:e4:
2f:63:e1:b6:09:cb:0f:e2:ff:92:51:e1:e5:c3:07:
ce:d2:b7:e8:27:55:4a:ea:14:29:d3:5e:38:74:2e:
8f:d0:af:17:ad:d0:d0:2f:cc:e4:82:ff:ed:a4:07:
57:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:28:ED:DF:2E:7E:9B:4C:1A:BB:A9:89:EA:8D:71:E2:A8:33:15:F7
X509v3 Authority Key Identifier:
keyid:28:C2:20:2A:44:35:37:FB:8F:B2:80:56:7A:17:48:5F:12:30:C4:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMIgKkQ1N_uPsoBWehdIXxIwxBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/KMIgKkQ1N_uPsoBWehdIXxIwxBE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/KMIgKkQ1N_uPsoBWehdIXxIwxBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
45:1f:18:7d:b3:8e:05:54:d5:6e:f9:8b:5c:f2:9e:1b:c0:f8:
9e:32:79:f6:02:7b:a4:dc:15:ff:9b:56:f4:c0:4a:15:3e:55:
bf:f8:58:4b:20:09:2c:27:f5:f5:78:6e:59:0c:65:cd:da:a0:
6c:1f:1f:e7:b1:0e:a8:e1:c0:0a:7c:6a:92:5f:f7:30:3e:8e:
51:b7:1e:62:bf:15:4d:55:b3:d8:4e:75:5a:02:26:ad:56:6f:
8b:b6:0d:d9:b5:5b:e0:74:8d:47:e8:15:40:35:7a:56:29:6e:
2a:97:1e:a3:6b:86:b5:f6:84:0a:3e:b0:43:07:95:57:26:35:
b9:1e:dd:f8:92:13:90:66:8b:de:30:27:0e:4c:41:9f:17:2c:
74:5b:1d:3f:26:08:0c:23:4f:80:bb:39:05:c0:df:33:a7:55:
7d:c4:ab:2d:e5:16:6b:c3:ed:51:1c:10:43:4d:41:86:a0:3a:
d1:89:77:1d:92:fb:99:fe:69:79:d0:1f:95:12:2b:cb:8e:80:
9e:af:24:a7:1e:36:5d:cb:03:9b:80:6f:75:63:a9:a9:91:8f:
61:bd:fd:c3:4c:0c:79:f4:ce:ad:41:2c:92:db:1b:84:e3:c3:
26:ba:37:b7:4b:24:15:78:b2:2a:5e:3e:7c:a0:87:a2:d7:be:
38:86:aa:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7oPeWbwYD/uaqbLzk2KGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YzIyMDJhNDQzNTM3ZmI4ZmIyODA1NjdhMTc0ODVmMTIz
MGM0MTEwHhcNMjUxMTExMDgwMDQ3WhcNMjUxMTEyMDgwMDQ3WjAzMTEwLwYDVQQD
EyhhODI4ZWRkZjJlN2U5YjRjMWFiYmE5ODllYThkNzFlMmE4MzMxNWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOEuudLWcyU5u2nuGQcRhcf7smnq
3M/GZCuwb+JV5+Ns+g399RSKJ/SjMJe6VoqhXyU/ZOrrd+W5xbDee4kv28NMRHwG
n9bxYapKLVwhiBw12SdieiJXyoJeucPQagrnB57U5ERYW/RScMd7LhHVfFrMjCLr
X/ESVSOm1LSZg8XlUz7qxC5njattNf0hCsRiSLYMYBuQp59EyMW5pwY19J9MOiZn
h6RCo3z2pCB4BufYouv59zGwrXhNNS0jLu9TI1xXgBHYCABpWaur6duHmeQvY+G2
CcsP4v+SUeHlwwfO0rfoJ1VK6hQp0144dC6P0K8XrdDQL8zkgv/tpAdX0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKgo7d8ufptMGrupieqNceKoMxX3MB8GA1UdIwQY
MBaAFCjCICpENTf7j7KAVnoXSF8SMMQRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS01JZ0trUTFOX3VQc29CV2VoZElYeEl3eEJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9hMmNlNjQtMzNhZi00NWZlLTkwZWIt
ODlkMjYxMWE5NWRiLzEvS01JZ0trUTFOX3VQc29CV2VoZElYeEl3eEJFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9hMmNlNjQtMzNhZi00NWZlLTkwZWItODlkMjYxMWE5NWRi
LzEvS01JZ0trUTFOX3VQc29CV2VoZElYeEl3eEJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARR8YfbOO
BVTVbvmLXPKeG8D4njJ59gJ7pNwV/5tW9MBKFT5Vv/hYSyAJLCf19XhuWQxlzdqg
bB8f57EOqOHACnxqkl/3MD6OUbceYr8VTVWz2E51WgImrVZvi7YN2bVb4HSNR+gV
QDV6ViluKpceo2uGtfaECj6wQweVVyY1uR7d+JITkGaL3jAnDkxBnxcsdFsdPyYI
DCNPgLs5BcDfM6dVfcSrLeUWa8PtURwQQ01BhqA60Yl3HZL7mf5pedAflRIry46A
nq8kpx42XcsDm4BvdWOpqZGPYb39w0wMefTOrUEsktsbhOPDJro3t0skFXiyKl4+
fKCHote+OIaq8g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:20:19 2025 by rpki-client