Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/217a30-8ee1-4913-a127-576d403c918f/1/KPev7E0_BvgNaHKm1iRs0B5z1qY.mft
File: KPev7E0_BvgNaHKm1iRs0B5z1qY.mft (raw, json)
Hash identifier: xGRFDtXAlDOSdS8LEID+jwkelEw9BqhGq/LF35p4rQE=
Subject key identifier: A8:9D:1C:E2:49:5A:B6:EB:0E:86:D5:C4:E8:C9:32:F7:2F:59:9F:D5
Authority key identifier: 28:F7:AF:EC:4D:3F:06:F8:0D:68:72:A6:D6:24:6C:D0:1E:73:D6:A6
Certificate issuer: /CN=28f7afec4d3f06f80d6872a6d6246cd01e73d6a6
Certificate serial: 019A71B8E5853652339D8F7C4E9A5AC62C14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KPev7E0_BvgNaHKm1iRs0B5z1qY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/217a30-8ee1-4913-a127-576d403c918f/1/KPev7E0_BvgNaHKm1iRs0B5z1qY.mft
Manifest number: 171B
Signing time: Tue 11 Nov 2025 07:02:13 +0000
Manifest this update: Tue 11 Nov 2025 07:02:13 +0000
Manifest next update: Wed 12 Nov 2025 07:02:13 +0000
Files and hashes: 1: KPev7E0_BvgNaHKm1iRs0B5z1qY.crl (hash: NT+nvM5BxmrVGZ4CHQSBBwqtYt6mMZhwuWzbYI51mHQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/217a30-8ee1-4913-a127-576d403c918f/1/KPev7E0_BvgNaHKm1iRs0B5z1qY.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/217a30-8ee1-4913-a127-576d403c918f/1/KPev7E0_BvgNaHKm1iRs0B5z1qY.mft
rsync://rpki.ripe.net/repository/DEFAULT/KPev7E0_BvgNaHKm1iRs0B5z1qY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:e5:85:36:52:33:9d:8f:7c:4e:9a:5a:c6:2c:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28f7afec4d3f06f80d6872a6d6246cd01e73d6a6
Validity
Not Before: Nov 11 07:02:13 2025 GMT
Not After : Nov 12 07:02:13 2025 GMT
Subject: CN=a89d1ce2495ab6eb0e86d5c4e8c932f72f599fd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:75:fa:cc:d0:76:17:7b:28:10:1a:f2:57:91:
3b:b6:ba:f5:57:78:16:d4:6e:d2:3a:58:2d:64:c9:
fe:c8:81:4b:2f:56:66:80:5d:d9:6b:29:42:8c:df:
e9:bf:36:3f:24:ef:28:e9:f1:d0:0d:6c:6b:92:bb:
d0:f5:d5:96:b7:3e:47:e2:3b:ae:1b:0e:d3:16:47:
f2:01:ba:fa:f3:5d:d3:15:13:7e:f3:bc:b4:86:8c:
ef:4b:17:7c:10:5a:93:d6:1a:c5:01:bb:bb:7b:70:
ae:bf:18:a7:71:7d:63:59:20:a0:f3:95:06:a1:43:
fc:6e:1f:20:c7:7d:67:97:7c:44:67:f6:06:8a:c9:
7b:22:7f:f8:4c:6e:34:d1:f9:a4:70:99:79:6b:17:
ad:e7:cd:69:49:73:5d:52:f4:40:dd:14:87:37:bb:
94:d7:72:e7:46:4a:e7:09:f4:c3:35:e5:b0:a4:2e:
6d:ec:b2:72:52:61:c2:d8:0c:cf:d0:aa:dd:cb:80:
c3:9a:21:49:6b:e0:e0:35:96:cc:77:a7:99:41:09:
fc:fb:65:e1:de:f1:ed:a2:b7:b3:6c:d6:9e:57:3c:
c2:b4:b8:46:f8:7d:a3:52:43:f7:72:fd:24:cf:80:
f9:aa:82:53:2f:4d:b0:15:ec:60:da:12:f7:e0:b4:
98:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:9D:1C:E2:49:5A:B6:EB:0E:86:D5:C4:E8:C9:32:F7:2F:59:9F:D5
X509v3 Authority Key Identifier:
keyid:28:F7:AF:EC:4D:3F:06:F8:0D:68:72:A6:D6:24:6C:D0:1E:73:D6:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KPev7E0_BvgNaHKm1iRs0B5z1qY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/217a30-8ee1-4913-a127-576d403c918f/1/KPev7E0_BvgNaHKm1iRs0B5z1qY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/217a30-8ee1-4913-a127-576d403c918f/1/KPev7E0_BvgNaHKm1iRs0B5z1qY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
38:bc:a3:78:8c:3c:3a:60:e3:7e:ab:6e:de:f1:45:9c:61:7a:
4b:73:2f:4b:a0:52:22:f9:28:f5:c5:82:5d:e8:f3:75:21:5e:
a1:0d:4a:96:e2:95:e9:e3:3b:41:8b:03:23:57:60:96:ca:31:
96:dc:6e:27:43:66:bf:90:e2:df:7e:b2:05:a6:d9:3b:c5:6f:
88:3b:a3:9a:d1:62:45:40:93:ab:f9:91:09:ee:26:1d:41:bc:
0c:cd:5f:d9:4b:9e:92:99:07:e1:1d:6b:85:ff:83:55:b1:e7:
27:82:33:17:51:df:2a:12:e0:a7:4c:61:38:7b:63:8e:52:12:
e2:18:37:cb:77:2b:5b:df:76:72:93:0c:c5:b6:f0:2a:93:a2:
ca:38:ad:8c:86:5a:7d:a3:66:a4:d5:6c:dd:32:fa:18:00:ba:
03:57:76:36:62:8d:b3:5a:76:40:f5:a5:b5:45:25:44:4f:76:
69:fb:47:c5:13:36:e3:75:85:25:90:e6:49:19:cf:1c:f3:d2:
c2:d9:22:15:f0:08:bf:a7:84:af:f8:38:61:1b:a3:c5:69:47:
43:0c:de:1a:67:a6:53:0b:0d:65:ee:04:5f:4a:47:b3:99:0c:
0d:cd:58:67:af:c1:12:14:a5:b1:f8:d7:a3:f4:f2:a8:17:8d:
ab:16:40:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuOWFNlIznY98TppaxiwUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ZjdhZmVjNGQzZjA2ZjgwZDY4NzJhNmQ2MjQ2Y2QwMWU3
M2Q2YTYwHhcNMjUxMTExMDcwMjEzWhcNMjUxMTEyMDcwMjEzWjAzMTEwLwYDVQQD
EyhhODlkMWNlMjQ5NWFiNmViMGU4NmQ1YzRlOGM5MzJmNzJmNTk5ZmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3X6zNB2F3soEBryV5E7trr1V3gW
1G7SOlgtZMn+yIFLL1ZmgF3ZaylCjN/pvzY/JO8o6fHQDWxrkrvQ9dWWtz5H4juu
Gw7TFkfyAbr6813TFRN+87y0hozvSxd8EFqT1hrFAbu7e3CuvxincX1jWSCg85UG
oUP8bh8gx31nl3xEZ/YGisl7In/4TG400fmkcJl5axet581pSXNdUvRA3RSHN7uU
13LnRkrnCfTDNeWwpC5t7LJyUmHC2AzP0Krdy4DDmiFJa+DgNZbMd6eZQQn8+2Xh
3vHtorezbNaeVzzCtLhG+H2jUkP3cv0kz4D5qoJTL02wFexg2hL34LSY6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKidHOJJWrbrDobVxOjJMvcvWZ/VMB8GA1UdIwQY
MBaAFCj3r+xNPwb4DWhyptYkbNAec9amMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1BldjdFMF9CdmdOYUhLbTFpUnMwQjV6MXFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8yMTdhMzAtOGVlMS00OTEzLWExMjct
NTc2ZDQwM2M5MThmLzEvS1BldjdFMF9CdmdOYUhLbTFpUnMwQjV6MXFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8yMTdhMzAtOGVlMS00OTEzLWExMjctNTc2ZDQwM2M5MThm
LzEvS1BldjdFMF9CdmdOYUhLbTFpUnMwQjV6MXFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOLyjeIw8
OmDjfqtu3vFFnGF6S3MvS6BSIvko9cWCXejzdSFeoQ1KluKV6eM7QYsDI1dglsox
ltxuJ0Nmv5Di336yBabZO8VviDujmtFiRUCTq/mRCe4mHUG8DM1f2UuekpkH4R1r
hf+DVbHnJ4IzF1HfKhLgp0xhOHtjjlIS4hg3y3crW992cpMMxbbwKpOiyjitjIZa
faNmpNVs3TL6GAC6A1d2NmKNs1p2QPWltUUlRE92aftHxRM243WFJZDmSRnPHPPS
wtkiFfAIv6eEr/g4YRujxWlHQwzeGmemUwsNZe4EX0pHs5kMDc1YZ6/BEhSlsfjX
o/TyqBeNqxZAEQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:00:33 2025 by rpki-client