Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.mft
File: KZkwB8fJLfYXjny0MYP9f1KlJtg.mft (raw, json)
Hash identifier: JMpf11vY83qXC9J8QJmQpiEv7n20djrtBIM8WwHhlwg=
Subject key identifier: 0A:AC:64:16:F0:DD:F8:9B:09:B9:1D:AE:02:38:2C:04:75:01:05:A4
Authority key identifier: 29:99:30:07:C7:C9:2D:F6:17:8E:7C:B4:31:83:FD:7F:52:A5:26:D8
Certificate issuer: /CN=29993007c7c92df6178e7cb43183fd7f52a526d8
Certificate serial: 019A71EEDAFEF55757AECFC3E5E2E9D6D11A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KZkwB8fJLfYXjny0MYP9f1KlJtg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.mft
Manifest number: 04CA
Signing time: Tue 11 Nov 2025 08:01:10 +0000
Manifest this update: Tue 11 Nov 2025 08:01:10 +0000
Manifest next update: Wed 12 Nov 2025 08:01:10 +0000
Files and hashes: 1: 4Onxw3ZyCceGdWFdrDz9GypV1To.roa (hash: rLXGfCwokEmOeP6DWTGHar2KAFcpyGY37FcoMJ/rm24=)
2: 6w2llJPr5u5R0U0gFJBhkfjASt8.roa (hash: Et1DM1KW1gT7dKyxGFfIxs38O3+sH74ZansUhbBdzew=)
3: HxZyQaGrGtOk8RKg0Mhbl06w1Co.roa (hash: T6PK192RHox/GMNjjl8t8FiOFdhRf0h3waZVXZOPKpk=)
4: KZkwB8fJLfYXjny0MYP9f1KlJtg.crl (hash: PB9+UMnulxrgy4DH5SACYoovk+038m67gfYuPNSpL7M=)
5: PwMQ2FB61zxu5sQ2E09luTqKMvk.roa (hash: izn212mH5oYV5cpl26pTxpZxIsUMzoPkaD7C7yvNm8E=)
6: fNae6M71mV294ZXPAPike0PbceE.roa (hash: yK1vBYE3EmPb37wOJedAwxWWRQFUDScm3ZCALz4wEUs=)
7: nFiPEMhy3ZN7Kzd1c5drtsfC2Ms.roa (hash: K/fi1bP7PVVo/L+gbRw+2aDpJIZXZHh+7f96KzgbyVo=)
8: od9af71GeQfA9Hxa-pUi9HfyQbQ.roa (hash: XWeJ2o3YIDMGq+Gf7bx+E7FN5efcdXQkm09+SRPSSXw=)
9: ypFL40Xoi4y05qu3ogA3n6gvBmc.roa (hash: Osn8j8oSksWpQIeEIhv5U30zU1XAWvsewtWKW4S5v1U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KZkwB8fJLfYXjny0MYP9f1KlJtg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:da:fe:f5:57:57:ae:cf:c3:e5:e2:e9:d6:d1:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29993007c7c92df6178e7cb43183fd7f52a526d8
Validity
Not Before: Nov 11 08:01:10 2025 GMT
Not After : Nov 12 08:01:10 2025 GMT
Subject: CN=0aac6416f0ddf89b09b91dae02382c04750105a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ff:97:d6:05:79:ce:aa:f8:3e:ab:47:a1:d3:
68:9b:07:85:2a:07:e9:dd:25:45:eb:44:2c:e4:94:
03:68:39:c6:56:ae:cb:89:15:d3:0c:8f:01:94:5d:
07:eb:27:b7:e6:5f:c9:f5:ae:e5:90:e2:56:89:18:
72:b6:42:d0:2f:05:c6:0e:ff:fa:d6:17:e7:ba:4b:
84:90:13:05:f2:23:e2:e5:c5:ae:bf:79:f7:65:85:
cd:3e:4d:91:e5:33:ab:02:e0:01:1c:b1:94:6d:a4:
8e:6a:a4:96:bd:bf:c8:db:e7:0d:1d:21:10:76:1b:
bf:ed:44:72:d2:1d:3c:b5:d9:7e:5f:81:42:62:69:
78:65:68:db:9b:1d:92:af:2a:3a:34:9a:98:dc:99:
fe:34:ba:81:10:a7:d9:11:1a:98:f7:33:43:fa:73:
f0:ba:b0:3a:9d:88:5d:52:e7:c7:a3:3d:97:f2:3f:
ed:89:2a:4b:d1:bd:7d:8d:85:6d:c8:02:6d:c3:d1:
94:6d:8a:21:77:ef:54:88:11:c5:70:4f:f3:4b:8f:
30:fd:26:3e:67:64:66:c8:d6:64:de:58:bc:f3:f4:
91:c9:29:67:59:af:c2:9f:f2:b4:24:6f:25:f4:d1:
30:f1:a6:63:bd:c0:1c:05:6b:cc:e9:80:b2:a3:1f:
05:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:AC:64:16:F0:DD:F8:9B:09:B9:1D:AE:02:38:2C:04:75:01:05:A4
X509v3 Authority Key Identifier:
keyid:29:99:30:07:C7:C9:2D:F6:17:8E:7C:B4:31:83:FD:7F:52:A5:26:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KZkwB8fJLfYXjny0MYP9f1KlJtg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
98:19:2a:b5:4d:3b:56:47:eb:d9:c2:e1:4a:65:99:62:df:f7:
fb:4b:14:81:e0:a5:a1:d9:cc:cb:31:38:f5:87:32:a8:fa:86:
a4:77:c0:09:88:7a:bb:de:66:79:b0:74:cd:cb:8d:ad:df:62:
bb:b9:87:b2:cd:da:4f:42:6f:e9:2d:d5:07:42:ac:5f:cc:66:
d8:66:87:df:fe:75:5a:c8:83:3b:e1:b7:4e:22:c8:e9:4e:2f:
43:cf:ee:a5:5f:a8:a5:84:56:ba:4e:5d:f3:cb:b4:20:76:b2:
51:f5:0d:7e:cf:59:62:a3:4b:4e:c2:ff:82:8f:77:b1:b1:92:
93:d9:37:1a:93:b8:7b:8a:b5:95:84:74:0e:4b:45:35:08:40:
44:de:76:e1:a7:f2:7c:6d:e3:93:5c:07:62:cb:6a:66:f5:ec:
1e:13:7f:f3:c8:a1:bc:e3:01:a4:2c:dd:12:93:a5:10:78:a6:
12:30:e8:61:58:c0:0a:84:61:14:36:ec:74:49:69:41:89:7e:
d2:62:e3:db:d2:d7:01:b9:1a:90:24:82:93:f6:2d:1a:bb:b7:
6b:c6:b9:db:82:e0:63:2d:ec:2f:1b:4a:ed:90:2b:8b:db:75:
8c:92:26:31:f9:4e:53:95:a6:55:65:c8:92:40:77:75:6b:14:
17:55:aa:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7tr+9VdXrs/D5eLp1tEaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OTkzMDA3YzdjOTJkZjYxNzhlN2NiNDMxODNmZDdmNTJh
NTI2ZDgwHhcNMjUxMTExMDgwMTEwWhcNMjUxMTEyMDgwMTEwWjAzMTEwLwYDVQQD
EygwYWFjNjQxNmYwZGRmODliMDliOTFkYWUwMjM4MmMwNDc1MDEwNWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyv+X1gV5zqr4PqtHodNomweFKgfp
3SVF60Qs5JQDaDnGVq7LiRXTDI8BlF0H6ye35l/J9a7lkOJWiRhytkLQLwXGDv/6
1hfnukuEkBMF8iPi5cWuv3n3ZYXNPk2R5TOrAuABHLGUbaSOaqSWvb/I2+cNHSEQ
dhu/7URy0h08tdl+X4FCYml4ZWjbmx2Sryo6NJqY3Jn+NLqBEKfZERqY9zND+nPw
urA6nYhdUufHoz2X8j/tiSpL0b19jYVtyAJtw9GUbYohd+9UiBHFcE/zS48w/SY+
Z2RmyNZk3li88/SRySlnWa/Cn/K0JG8l9NEw8aZjvcAcBWvM6YCyox8FJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAqsZBbw3fibCbkdrgI4LAR1AQWkMB8GA1UdIwQY
MBaAFCmZMAfHyS32F458tDGD/X9SpSbYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1prd0I4ZkpMZllYam55ME1ZUDlmMUtsSnRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9kYzliNmYtM2E2ZC00NDlmLThiODkt
MWU4MjlmZmExYzNhLzEvS1prd0I4ZkpMZllYam55ME1ZUDlmMUtsSnRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9kYzliNmYtM2E2ZC00NDlmLThiODktMWU4MjlmZmExYzNh
LzEvS1prd0I4ZkpMZllYam55ME1ZUDlmMUtsSnRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmBkqtU07
Vkfr2cLhSmWZYt/3+0sUgeClodnMyzE49YcyqPqGpHfACYh6u95mebB0zcuNrd9i
u7mHss3aT0Jv6S3VB0KsX8xm2GaH3/51WsiDO+G3TiLI6U4vQ8/upV+opYRWuk5d
88u0IHayUfUNfs9ZYqNLTsL/go93sbGSk9k3GpO4e4q1lYR0DktFNQhARN524afy
fG3jk1wHYstqZvXsHhN/88ihvOMBpCzdEpOlEHimEjDoYVjACoRhFDbsdElpQYl+
0mLj29LXAbkakCSCk/YtGru3a8a524LgYy3sLxtK7ZAri9t1jJImMflOU5WmVWXI
kkB3dWsUF1Wqrw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:17:31 2025 by rpki-client