Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
File: KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft (raw, json)
Hash identifier: cSKakX8j8fefAdoSUCl4WFUJbezxQaRdB4uOz1ns1Gs=
Subject key identifier: 42:9A:9E:46:EB:18:93:0A:88:8F:85:C9:CA:CC:C5:3E:75:E0:1A:D8
Authority key identifier: 2A:21:B1:AB:E7:87:E2:54:64:39:1F:AD:61:D0:0E:3F:37:6B:98:CF
Certificate issuer: /CN=2a21b1abe787e25464391fad61d00e3f376b98cf
Certificate serial: 019A71B7909C5D74C2E8553B7338C6FAF45F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
Manifest number: 0C3A
Signing time: Tue 11 Nov 2025 07:00:46 +0000
Manifest this update: Tue 11 Nov 2025 07:00:46 +0000
Manifest next update: Wed 12 Nov 2025 07:00:46 +0000
Files and hashes: 1: HDOhzz0jBa_Gp9AJUMy27D9Cjlg.roa (hash: lm71x5ibbc8ZUL32IG9cJWwnD/vjqa8xr80jq2AaleE=)
2: KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl (hash: 8QUJDFww/bKD5UP6UBY+49FlSDwHSXVf7JbmM3RfJV8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:90:9c:5d:74:c2:e8:55:3b:73:38:c6:fa:f4:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a21b1abe787e25464391fad61d00e3f376b98cf
Validity
Not Before: Nov 11 07:00:46 2025 GMT
Not After : Nov 12 07:00:46 2025 GMT
Subject: CN=429a9e46eb18930a888f85c9caccc53e75e01ad8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:6c:f7:02:37:16:80:c7:b1:42:41:ae:47:58:
8b:c6:85:c3:01:29:53:2b:a8:29:ab:8e:49:b0:54:
16:94:60:d6:b6:ff:97:4c:21:c1:80:46:ff:13:4a:
22:f6:60:b9:c0:a1:be:a2:35:41:b3:c1:27:55:20:
09:50:27:98:e6:ac:9e:98:f2:18:b0:6e:72:7c:8c:
8a:85:e7:6c:0c:3b:f6:77:c5:01:b6:3d:a1:3c:94:
7c:87:03:97:6e:64:58:26:11:26:97:0f:95:5f:28:
c9:be:87:77:81:4a:91:c7:8b:9a:88:bf:0d:be:23:
3c:24:8e:87:d5:f7:68:d8:90:3c:d0:9d:df:1d:62:
45:e3:8b:5c:76:6f:0f:1e:64:a0:51:54:39:2a:fc:
f6:2e:38:c0:81:7b:ef:50:33:0d:42:54:9e:9d:12:
17:72:2b:5d:0e:ae:2f:83:dd:5a:b9:e4:f7:4c:93:
d1:56:87:8d:7f:84:4e:ee:06:19:3e:99:1f:27:f4:
f2:41:8c:93:eb:d4:6c:a3:57:d9:cb:47:b5:f5:ab:
79:ef:c5:b2:04:3f:db:db:80:80:02:9a:a7:5f:a1:
53:bf:89:52:75:09:8b:c3:cc:36:fc:3e:01:f1:2a:
ee:82:c1:5c:b2:b8:3c:35:c7:9c:85:b4:d7:bc:b0:
e8:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:9A:9E:46:EB:18:93:0A:88:8F:85:C9:CA:CC:C5:3E:75:E0:1A:D8
X509v3 Authority Key Identifier:
keyid:2A:21:B1:AB:E7:87:E2:54:64:39:1F:AD:61:D0:0E:3F:37:6B:98:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
20:0c:e2:3f:8c:f8:71:af:3a:ed:86:c6:60:f5:fb:7d:0f:b4:
59:be:ab:ac:6f:c8:f5:b2:8e:4c:a1:cf:e4:93:08:02:73:c5:
57:20:0a:c4:db:d5:f4:61:ec:78:91:5e:b8:61:94:9c:07:c5:
d5:f2:69:ff:52:9d:ae:e7:b2:b0:aa:8a:2e:6d:0c:04:df:6e:
ee:84:f9:53:7c:70:c2:d5:df:09:2d:01:0d:ce:6d:68:dc:d0:
6e:c8:b5:67:58:22:7b:5e:94:99:7f:62:a3:6d:85:c3:12:d4:
f6:ae:19:68:09:fb:77:0d:85:db:ed:64:bc:b2:0b:0d:82:5a:
3b:6b:49:c5:53:d1:3d:5c:44:4b:2d:85:d1:bc:13:a5:b9:04:
83:95:54:6a:d5:07:a4:1f:6d:35:25:ba:54:dd:c0:2f:18:fd:
a9:02:6c:7e:c3:19:47:6e:1d:63:2f:b5:94:e0:bc:4e:8d:1c:
41:35:15:3e:20:2f:e0:a6:5e:ad:8b:ac:4a:4c:92:66:54:21:
f8:87:f0:9c:36:d8:76:8b:58:24:f9:4b:cc:ed:b4:b1:35:d5:
9c:da:07:e9:0a:39:e0:50:c9:23:84:6c:b4:f7:4c:16:41:3d:
2a:2c:43:5c:fe:d0:1c:5f:8f:35:79:e4:a2:4e:48:6d:e2:86:
6a:a3:aa:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt5CcXXTC6FU7czjG+vRfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMjFiMWFiZTc4N2UyNTQ2NDM5MWZhZDYxZDAwZTNmMzc2
Yjk4Y2YwHhcNMjUxMTExMDcwMDQ2WhcNMjUxMTEyMDcwMDQ2WjAzMTEwLwYDVQQD
Eyg0MjlhOWU0NmViMTg5MzBhODg4Zjg1YzljYWNjYzUzZTc1ZTAxYWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2z3AjcWgMexQkGuR1iLxoXDASlT
K6gpq45JsFQWlGDWtv+XTCHBgEb/E0oi9mC5wKG+ojVBs8EnVSAJUCeY5qyemPIY
sG5yfIyKhedsDDv2d8UBtj2hPJR8hwOXbmRYJhEmlw+VXyjJvod3gUqRx4uaiL8N
viM8JI6H1fdo2JA80J3fHWJF44tcdm8PHmSgUVQ5Kvz2LjjAgXvvUDMNQlSenRIX
citdDq4vg91aueT3TJPRVoeNf4RO7gYZPpkfJ/TyQYyT69Rso1fZy0e19at578Wy
BD/b24CAApqnX6FTv4lSdQmLw8w2/D4B8SrugsFcsrg8NcechbTXvLDoEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEKankbrGJMKiI+FycrMxT514BrYMB8GA1UdIwQY
MBaAFCohsavnh+JUZDkfrWHQDj83a5jPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZDA2NTQtNzI0Yy00ZTkwLTgxZmYt
OTlmNWNiN2EzY2E1LzEvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZDA2NTQtNzI0Yy00ZTkwLTgxZmYtOTlmNWNiN2EzY2E1
LzEvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIAziP4z4
ca867YbGYPX7fQ+0Wb6rrG/I9bKOTKHP5JMIAnPFVyAKxNvV9GHseJFeuGGUnAfF
1fJp/1KdrueysKqKLm0MBN9u7oT5U3xwwtXfCS0BDc5taNzQbsi1Z1gie16UmX9i
o22FwxLU9q4ZaAn7dw2F2+1kvLILDYJaO2tJxVPRPVxESy2F0bwTpbkEg5VUatUH
pB9tNSW6VN3ALxj9qQJsfsMZR24dYy+1lOC8To0cQTUVPiAv4KZerYusSkySZlQh
+IfwnDbYdotYJPlLzO20sTXVnNoH6Qo54FDJI4RstPdMFkE9KixDXP7QHF+PNXnk
ok5IbeKGaqOq0w==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:22:34 2025 by rpki-client