Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/562e1d-952a-4fea-9e4a-67a98e256cc7/1/_KrlFMX5lAORQ1YU15QEvuEgmzs.mft
File: _KrlFMX5lAORQ1YU15QEvuEgmzs.mft (raw, json)
Hash identifier: XENFp5h/JdVW8qcSEObID3HLgtwU599kFYOf2gjDMoY=
Subject key identifier: 6B:9F:24:A3:4A:AC:00:AE:C9:2E:B7:5A:FE:91:80:B5:49:8A:49:DD
Authority key identifier: FC:AA:E5:14:C5:F9:94:03:91:43:56:14:D7:94:04:BE:E1:20:9B:3B
Certificate issuer: /CN=fcaae514c5f9940391435614d79404bee1209b3b
Certificate serial: 019A7112DEADDB33034F36619F68111B638E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_KrlFMX5lAORQ1YU15QEvuEgmzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/562e1d-952a-4fea-9e4a-67a98e256cc7/1/_KrlFMX5lAORQ1YU15QEvuEgmzs.mft
Manifest number: 08C6
Signing time: Tue 11 Nov 2025 04:00:53 +0000
Manifest this update: Tue 11 Nov 2025 04:00:53 +0000
Manifest next update: Wed 12 Nov 2025 04:00:53 +0000
Files and hashes: 1: _KrlFMX5lAORQ1YU15QEvuEgmzs.crl (hash: 5/3yCx9yCnundnGQT/a3wx8IVZdEElFRbFPpMjxxOLc=)
2: x6k0RFp7Tx1S2sYvTKRUnwMB54o.roa (hash: Kj0Dd36Z9ZII60RmdvUVufyE+PZ0m6JPvwn/WhUbw7E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/562e1d-952a-4fea-9e4a-67a98e256cc7/1/_KrlFMX5lAORQ1YU15QEvuEgmzs.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/562e1d-952a-4fea-9e4a-67a98e256cc7/1/_KrlFMX5lAORQ1YU15QEvuEgmzs.mft
rsync://rpki.ripe.net/repository/DEFAULT/_KrlFMX5lAORQ1YU15QEvuEgmzs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:12:de:ad:db:33:03:4f:36:61:9f:68:11:1b:63:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fcaae514c5f9940391435614d79404bee1209b3b
Validity
Not Before: Nov 11 04:00:53 2025 GMT
Not After : Nov 12 04:00:53 2025 GMT
Subject: CN=6b9f24a34aac00aec92eb75afe9180b5498a49dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:56:3e:97:d8:05:1f:52:61:e0:1b:2a:7a:79:
e2:c5:f2:63:38:40:a4:c8:8c:ef:af:c2:a2:bf:46:
dc:f6:48:62:33:55:02:be:c3:36:0a:bc:91:65:8e:
33:2c:31:75:33:cf:c9:45:e3:e1:21:ad:7b:11:4b:
13:21:fc:cf:b3:e9:d0:33:71:8b:38:4c:49:5a:2a:
c2:49:70:6e:db:f6:cc:d9:bd:63:c0:01:ad:fe:4e:
18:10:34:dd:aa:0b:a4:86:ab:6a:87:f4:75:80:4d:
e3:e7:9f:08:e2:a0:ce:86:06:e0:0f:96:08:48:bd:
5e:ac:ef:62:b8:37:0f:45:85:a8:13:3e:5a:1e:8b:
4f:43:43:4e:4d:15:06:7b:28:da:f2:fc:4b:f7:c6:
63:9b:83:8c:4d:51:f7:74:b0:c6:c2:e2:51:76:ac:
ff:35:4f:ee:a3:4f:43:2e:57:4f:8b:75:f1:e2:df:
fa:07:96:95:e3:84:65:66:e6:2c:b1:1f:0e:22:ba:
c6:eb:51:6a:61:c8:1b:c7:4a:0a:8b:d2:22:c8:35:
7c:0f:97:2b:e2:9f:71:40:43:2e:5b:cf:0d:6f:3b:
ef:6e:c3:79:4c:61:55:c0:a2:0c:56:2b:3d:20:a4:
4e:d5:40:14:e4:c2:16:aa:b8:7d:55:df:5f:46:20:
bd:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:9F:24:A3:4A:AC:00:AE:C9:2E:B7:5A:FE:91:80:B5:49:8A:49:DD
X509v3 Authority Key Identifier:
keyid:FC:AA:E5:14:C5:F9:94:03:91:43:56:14:D7:94:04:BE:E1:20:9B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_KrlFMX5lAORQ1YU15QEvuEgmzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/562e1d-952a-4fea-9e4a-67a98e256cc7/1/_KrlFMX5lAORQ1YU15QEvuEgmzs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/562e1d-952a-4fea-9e4a-67a98e256cc7/1/_KrlFMX5lAORQ1YU15QEvuEgmzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bd:2c:57:13:55:f1:c7:b9:03:33:48:ea:b0:11:1a:49:9f:f0:
d0:e8:b1:38:33:e8:53:a8:c4:0f:92:d8:80:88:f2:39:84:04:
26:ba:65:0d:ed:63:ba:59:04:99:df:f6:80:bf:ad:c0:4f:5b:
d3:34:e7:ba:db:fe:f1:74:74:de:7d:f6:33:78:76:a1:38:2e:
09:61:c8:04:93:30:3b:07:97:fe:75:f5:9a:27:ea:55:17:29:
09:e3:97:b2:54:87:d8:53:46:bb:2e:66:c4:db:cc:c7:9f:be:
c3:21:db:9a:60:4c:f0:29:4e:80:12:65:b5:b3:65:a6:28:79:
cb:e3:ba:47:26:8c:31:ca:a1:0d:15:9a:22:b5:9e:1b:24:e4:
a9:2a:47:23:ce:fa:79:30:7f:d2:10:e5:1b:e3:15:a6:ae:5d:
d0:88:6b:00:79:1b:7c:c6:38:82:4b:97:87:4c:31:7a:fb:88:
82:e5:b5:19:4d:0d:f2:04:8e:30:e8:9c:c3:35:7f:46:69:d4:
55:69:f5:e3:c9:3a:36:24:88:65:15:6c:56:28:0b:3a:2e:49:
e3:4d:7f:ad:75:41:e6:75:57:c3:4b:d8:0e:4d:ce:b5:88:9b:
f1:ba:18:91:d1:72:31:24:03:6c:fe:a5:04:66:92:7d:f0:bd:
a3:cb:7c:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEt6t2zMDTzZhn2gRG2OOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjYWFlNTE0YzVmOTk0MDM5MTQzNTYxNGQ3OTQwNGJlZTEy
MDliM2IwHhcNMjUxMTExMDQwMDUzWhcNMjUxMTEyMDQwMDUzWjAzMTEwLwYDVQQD
Eyg2YjlmMjRhMzRhYWMwMGFlYzkyZWI3NWFmZTkxODBiNTQ5OGE0OWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlY+l9gFH1Jh4BsqennixfJjOECk
yIzvr8Kiv0bc9khiM1UCvsM2CryRZY4zLDF1M8/JRePhIa17EUsTIfzPs+nQM3GL
OExJWirCSXBu2/bM2b1jwAGt/k4YEDTdqgukhqtqh/R1gE3j558I4qDOhgbgD5YI
SL1erO9iuDcPRYWoEz5aHotPQ0NOTRUGeyja8vxL98Zjm4OMTVH3dLDGwuJRdqz/
NU/uo09DLldPi3Xx4t/6B5aV44RlZuYssR8OIrrG61FqYcgbx0oKi9IiyDV8D5cr
4p9xQEMuW88NbzvvbsN5TGFVwKIMVis9IKRO1UAU5MIWqrh9Vd9fRiC9AwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGufJKNKrACuyS63Wv6RgLVJikndMB8GA1UdIwQY
MBaAFPyq5RTF+ZQDkUNWFNeUBL7hIJs7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0tybEZNWDVsQU9SUTFZVTE1UUV2dUVnbXpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy81NjJlMWQtOTUyYS00ZmVhLTllNGEt
NjdhOThlMjU2Y2M3LzEvX0tybEZNWDVsQU9SUTFZVTE1UUV2dUVnbXpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy81NjJlMWQtOTUyYS00ZmVhLTllNGEtNjdhOThlMjU2Y2M3
LzEvX0tybEZNWDVsQU9SUTFZVTE1UUV2dUVnbXpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvSxXE1Xx
x7kDM0jqsBEaSZ/w0OixODPoU6jED5LYgIjyOYQEJrplDe1julkEmd/2gL+twE9b
0zTnutv+8XR03n32M3h2oTguCWHIBJMwOweX/nX1mifqVRcpCeOXslSH2FNGuy5m
xNvMx5++wyHbmmBM8ClOgBJltbNlpih5y+O6RyaMMcqhDRWaIrWeGyTkqSpHI876
eTB/0hDlG+MVpq5d0IhrAHkbfMY4gkuXh0wxevuIguW1GU0N8gSOMOicwzV/RmnU
VWn148k6NiSIZRVsVigLOi5J401/rXVB5nVXw0vYDk3OtYib8boYkdFyMSQDbP6l
BGaSffC9o8t8jw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:33:10 2025 by rpki-client