Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/75dbc4-ae22-4971-9ef5-a3f355beeedd/1/KFjS8TFxXLrzzdkgZFkk9TUI4Gc.mft
File: KFjS8TFxXLrzzdkgZFkk9TUI4Gc.mft (raw, json)
Hash identifier: UqH0j0PKuyn9fCqWL6hVc0HAk5Cd7Niq56z7vTSo5mg=
Subject key identifier: 41:BD:46:1E:FF:D0:C0:62:5C:30:E1:72:43:68:8A:D1:B4:43:6A:EA
Authority key identifier: 28:58:D2:F1:31:71:5C:BA:F3:CD:D9:20:64:59:24:F5:35:08:E0:67
Certificate issuer: /CN=2858d2f131715cbaf3cdd920645924f53508e067
Certificate serial: 019A71B9011201A0D961EDE41428CE8629DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KFjS8TFxXLrzzdkgZFkk9TUI4Gc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/75dbc4-ae22-4971-9ef5-a3f355beeedd/1/KFjS8TFxXLrzzdkgZFkk9TUI4Gc.mft
Manifest number: 0BBE
Signing time: Tue 11 Nov 2025 07:02:20 +0000
Manifest this update: Tue 11 Nov 2025 07:02:20 +0000
Manifest next update: Wed 12 Nov 2025 07:02:20 +0000
Files and hashes: 1: Gxa8ZTehusQ__zJKE-EIDPUx7f0.roa (hash: D3bg8s9LSpHww0XiOamb2fTNkB0scUvbSEDIBYdOll4=)
2: KFjS8TFxXLrzzdkgZFkk9TUI4Gc.crl (hash: 6m4/exCDl7GAvQauzP2ZtsgxVhu24xaCCfOn7gx1VSM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/75dbc4-ae22-4971-9ef5-a3f355beeedd/1/KFjS8TFxXLrzzdkgZFkk9TUI4Gc.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/75dbc4-ae22-4971-9ef5-a3f355beeedd/1/KFjS8TFxXLrzzdkgZFkk9TUI4Gc.mft
rsync://rpki.ripe.net/repository/DEFAULT/KFjS8TFxXLrzzdkgZFkk9TUI4Gc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b9:01:12:01:a0:d9:61:ed:e4:14:28:ce:86:29:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2858d2f131715cbaf3cdd920645924f53508e067
Validity
Not Before: Nov 11 07:02:20 2025 GMT
Not After : Nov 12 07:02:20 2025 GMT
Subject: CN=41bd461effd0c0625c30e17243688ad1b4436aea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:06:cb:5d:1f:cd:45:41:41:be:ac:75:51:9e:
99:3e:2a:3a:f0:f6:11:fc:bb:b1:91:e2:03:32:18:
91:8c:b9:3c:66:88:bc:21:80:b7:26:ac:e8:14:36:
d8:8c:4b:8e:d8:25:9b:0a:fe:1d:b9:09:f0:67:c7:
4c:23:ac:92:38:ba:c8:3e:ff:d3:16:6e:4e:36:80:
3b:31:53:ad:8f:ea:00:c3:10:1e:e4:d3:17:a8:05:
85:d0:99:1f:04:72:12:21:d6:40:06:76:1c:a9:45:
82:c5:06:82:34:1c:6e:9c:f8:86:91:1d:59:7f:b7:
81:c0:e8:03:78:d4:b2:d6:29:ab:9e:ce:64:67:2f:
4a:8b:83:df:5b:65:85:f6:4c:22:e3:15:2d:fd:2b:
d8:6a:73:0c:a4:87:06:aa:7d:1e:62:50:3c:f9:59:
a3:36:c4:ca:73:cc:e9:ea:2f:6b:4a:2f:bb:79:bd:
01:3d:e1:e0:b5:3f:3c:8d:43:d6:0c:2c:5f:8c:5e:
1e:10:96:71:c5:e7:9d:ff:f4:4a:70:b5:72:29:21:
b2:18:a6:0a:60:f5:3c:26:49:e8:fa:6f:2c:57:d5:
3c:bd:c6:3f:af:0c:4d:34:9a:0e:d3:21:ed:48:40:
62:13:9e:9b:c3:c0:77:73:14:52:b9:67:81:2c:5a:
a1:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:BD:46:1E:FF:D0:C0:62:5C:30:E1:72:43:68:8A:D1:B4:43:6A:EA
X509v3 Authority Key Identifier:
keyid:28:58:D2:F1:31:71:5C:BA:F3:CD:D9:20:64:59:24:F5:35:08:E0:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KFjS8TFxXLrzzdkgZFkk9TUI4Gc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/75dbc4-ae22-4971-9ef5-a3f355beeedd/1/KFjS8TFxXLrzzdkgZFkk9TUI4Gc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/75dbc4-ae22-4971-9ef5-a3f355beeedd/1/KFjS8TFxXLrzzdkgZFkk9TUI4Gc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1d:46:11:00:58:88:d2:01:03:5d:88:f2:c2:cc:53:69:33:41:
01:99:e6:52:df:28:d0:ba:ba:2e:9e:b7:69:cd:2f:bf:bd:e9:
41:e6:b1:7e:ba:9e:47:b7:35:3c:a4:dd:f0:1a:8d:89:9c:45:
f6:99:70:a0:3f:97:39:17:7c:5c:d4:b1:09:43:a7:ec:97:fe:
4e:ed:b0:16:8a:9a:cc:af:8a:27:4d:a6:09:32:ae:a4:bc:a7:
01:c5:6a:31:96:88:29:d0:be:87:51:b6:a6:b1:fb:22:f4:e4:
5a:e7:42:f5:00:13:99:c5:49:b0:51:f0:8d:ce:f9:81:ae:fa:
46:11:1c:0d:05:98:a7:f3:1d:b7:59:b6:92:41:c1:bd:c2:bf:
28:fe:cd:77:c7:c8:81:5e:2f:de:db:0e:28:7a:eb:88:67:97:
36:c5:72:64:73:cf:59:7c:c4:53:ae:f4:ca:ec:34:58:11:f4:
86:2c:a1:31:07:09:15:dc:64:c4:cb:7f:df:5f:e7:7e:2d:5d:
0d:84:d9:e2:7b:be:b6:a0:0f:90:7d:cb:a6:95:24:d5:91:93:
ac:20:11:32:1a:e8:71:81:1b:d3:7e:06:30:f0:49:0e:b3:8f:
9c:c3:3e:34:35:ed:c8:a5:5c:9d:c2:ab:36:16:3c:51:a4:e9:
27:6f:51:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuQESAaDZYe3kFCjOhinfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NThkMmYxMzE3MTVjYmFmM2NkZDkyMDY0NTkyNGY1MzUw
OGUwNjcwHhcNMjUxMTExMDcwMjIwWhcNMjUxMTEyMDcwMjIwWjAzMTEwLwYDVQQD
Eyg0MWJkNDYxZWZmZDBjMDYyNWMzMGUxNzI0MzY4OGFkMWI0NDM2YWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0AbLXR/NRUFBvqx1UZ6ZPio68PYR
/LuxkeIDMhiRjLk8Zoi8IYC3JqzoFDbYjEuO2CWbCv4duQnwZ8dMI6ySOLrIPv/T
Fm5ONoA7MVOtj+oAwxAe5NMXqAWF0JkfBHISIdZABnYcqUWCxQaCNBxunPiGkR1Z
f7eBwOgDeNSy1imrns5kZy9Ki4PfW2WF9kwi4xUt/SvYanMMpIcGqn0eYlA8+Vmj
NsTKc8zp6i9rSi+7eb0BPeHgtT88jUPWDCxfjF4eEJZxxeed//RKcLVyKSGyGKYK
YPU8Jkno+m8sV9U8vcY/rwxNNJoO0yHtSEBiE56bw8B3cxRSuWeBLFqhzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEG9Rh7/0MBiXDDhckNoitG0Q2rqMB8GA1UdIwQY
MBaAFChY0vExcVy6883ZIGRZJPU1COBnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0ZqUzhURnhYTHJ6emRrZ1pGa2s5VFVJNEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi83NWRiYzQtYWUyMi00OTcxLTllZjUt
YTNmMzU1YmVlZWRkLzEvS0ZqUzhURnhYTHJ6emRrZ1pGa2s5VFVJNEdjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi83NWRiYzQtYWUyMi00OTcxLTllZjUtYTNmMzU1YmVlZWRk
LzEvS0ZqUzhURnhYTHJ6emRrZ1pGa2s5VFVJNEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHUYRAFiI
0gEDXYjywsxTaTNBAZnmUt8o0Lq6Lp63ac0vv73pQeaxfrqeR7c1PKTd8BqNiZxF
9plwoD+XORd8XNSxCUOn7Jf+Tu2wFoqazK+KJ02mCTKupLynAcVqMZaIKdC+h1G2
prH7IvTkWudC9QATmcVJsFHwjc75ga76RhEcDQWYp/Mdt1m2kkHBvcK/KP7Nd8fI
gV4v3tsOKHrriGeXNsVyZHPPWXzEU670yuw0WBH0hiyhMQcJFdxkxMt/31/nfi1d
DYTZ4nu+tqAPkH3LppUk1ZGTrCARMhrocYEb034GMPBJDrOPnMM+NDXtyKVcncKr
NhY8UaTpJ29RzA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:41:02 2025 by rpki-client