Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/d3a55c-1f62-4779-86b9-61b50f6a6c02/1/KIQ9uW5PRZuH34wnkFfu1pu5uGI.mft
File: KIQ9uW5PRZuH34wnkFfu1pu5uGI.mft (raw, json)
Hash identifier: PSwduXRlligpov/1/qJgFYIXhnjoDGNKmglglMfmLKc=
Subject key identifier: 76:15:85:DA:16:31:67:53:62:F1:90:A1:0D:03:61:82:AB:DD:D4:D4
Authority key identifier: 28:84:3D:B9:6E:4F:45:9B:87:DF:8C:27:90:57:EE:D6:9B:B9:B8:62
Certificate issuer: /CN=28843db96e4f459b87df8c279057eed69bb9b862
Certificate serial: 019A7112AE506512A76525347C8B4A23E725
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIQ9uW5PRZuH34wnkFfu1pu5uGI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/d3a55c-1f62-4779-86b9-61b50f6a6c02/1/KIQ9uW5PRZuH34wnkFfu1pu5uGI.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 04:00:40 +0000
Manifest this update: Tue 11 Nov 2025 04:00:40 +0000
Manifest next update: Wed 12 Nov 2025 04:00:40 +0000
Files and hashes: 1: C5Gcuv2gc5uFwke_GvIiYxRqvf4.roa (hash: aAHqvnwWD8oItQ342R5b0KuB97GMKDOjFhJ8IpWVibI=)
2: KIQ9uW5PRZuH34wnkFfu1pu5uGI.crl (hash: f+X8OfQcpuAQGiuNFP0jTyZM8gsDNIgDCLkSvlawWic=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/d3a55c-1f62-4779-86b9-61b50f6a6c02/1/KIQ9uW5PRZuH34wnkFfu1pu5uGI.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/d3a55c-1f62-4779-86b9-61b50f6a6c02/1/KIQ9uW5PRZuH34wnkFfu1pu5uGI.mft
rsync://rpki.ripe.net/repository/DEFAULT/KIQ9uW5PRZuH34wnkFfu1pu5uGI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:12:ae:50:65:12:a7:65:25:34:7c:8b:4a:23:e7:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28843db96e4f459b87df8c279057eed69bb9b862
Validity
Not Before: Nov 11 04:00:40 2025 GMT
Not After : Nov 12 04:00:40 2025 GMT
Subject: CN=761585da1631675362f190a10d036182abddd4d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:68:3b:fc:3c:3a:5f:8e:c2:29:84:f8:40:cb:
c2:cc:a9:e0:52:4c:3e:f4:3b:ab:4b:86:56:3e:33:
5e:f6:d8:96:7b:9c:72:6a:29:c9:30:63:82:a8:32:
5e:f5:fd:d6:2d:33:21:d1:54:d8:15:da:d3:fc:aa:
04:20:f8:83:75:e4:86:e8:40:ee:82:d0:aa:6f:50:
db:57:c6:eb:30:ec:fd:7a:0e:d9:5a:70:78:e4:7a:
f0:db:65:7d:0d:40:b1:4b:fc:75:67:4e:41:15:cb:
72:71:7d:e5:64:bd:72:d1:a8:84:f0:bb:af:5e:07:
b7:6f:52:c0:ad:31:b5:3e:e9:29:ed:1e:d1:e8:f3:
d4:cc:3f:5b:1e:3c:2f:35:8c:65:e3:09:1b:7c:70:
9b:1c:56:33:d4:c7:1a:27:a7:1c:b8:41:ea:d0:eb:
eb:68:27:0f:65:6c:59:04:cd:5e:32:72:7b:92:88:
54:3d:9a:1d:de:51:93:1b:9d:e3:99:bd:84:37:7c:
e5:47:20:d8:be:5d:32:c2:82:3b:a7:0b:93:40:fa:
91:76:4e:3e:67:15:73:d6:7a:5c:84:3d:25:b0:f2:
4f:69:a5:83:8b:d2:57:ca:31:c4:c7:85:ce:8c:2b:
51:69:80:15:79:8b:37:e6:6d:41:59:53:de:3f:75:
13:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:15:85:DA:16:31:67:53:62:F1:90:A1:0D:03:61:82:AB:DD:D4:D4
X509v3 Authority Key Identifier:
keyid:28:84:3D:B9:6E:4F:45:9B:87:DF:8C:27:90:57:EE:D6:9B:B9:B8:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIQ9uW5PRZuH34wnkFfu1pu5uGI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/d3a55c-1f62-4779-86b9-61b50f6a6c02/1/KIQ9uW5PRZuH34wnkFfu1pu5uGI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/d3a55c-1f62-4779-86b9-61b50f6a6c02/1/KIQ9uW5PRZuH34wnkFfu1pu5uGI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
30:84:34:64:c3:aa:58:02:0f:01:d0:6a:0e:eb:53:01:b0:ac:
97:d1:7d:e7:2d:35:ba:ac:39:33:d3:e9:75:1a:66:19:a4:10:
d3:03:72:05:f0:74:b5:55:f1:ee:1a:bc:3b:bb:99:b2:d9:08:
b0:be:d4:c5:5c:c2:47:96:ce:50:84:7b:76:bb:92:9c:9a:e6:
f7:6a:1c:45:9b:bb:8b:fe:e6:b4:aa:41:db:00:c1:b0:4e:7e:
dc:bf:25:7c:9e:fb:f8:d9:fe:bf:73:be:c4:a3:f8:c7:49:8d:
44:9e:9e:f4:61:cb:6a:bd:4e:f2:ac:5b:5b:1f:1c:35:4a:59:
1f:02:35:1f:dd:7d:00:e5:3a:01:0b:d5:a5:1e:60:6d:a1:fb:
e2:37:36:d0:20:d8:76:2a:79:80:31:da:bf:f5:dc:a8:86:56:
8c:83:63:62:87:21:ff:82:62:a1:c5:ea:e8:4e:1e:e1:e5:e5:
4a:66:d2:04:61:f2:2f:e6:58:09:d0:63:05:4a:84:a5:90:90:
f9:d3:f8:79:67:ee:f5:cd:54:4d:a9:80:f5:ee:7b:15:c4:57:
3f:1e:1a:1e:16:ec:d8:97:c2:45:7e:d3:b9:fe:a6:30:a3:e1:
a8:67:7b:b9:ae:ec:fe:b2:20:cd:50:30:10:d5:9f:5a:76:e0:
8e:6b:e3:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEq5QZRKnZSU0fItKI+clMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ODQzZGI5NmU0ZjQ1OWI4N2RmOGMyNzkwNTdlZWQ2OWJi
OWI4NjIwHhcNMjUxMTExMDQwMDQwWhcNMjUxMTEyMDQwMDQwWjAzMTEwLwYDVQQD
Eyg3NjE1ODVkYTE2MzE2NzUzNjJmMTkwYTEwZDAzNjE4MmFiZGRkNGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWg7/Dw6X47CKYT4QMvCzKngUkw+
9DurS4ZWPjNe9tiWe5xyainJMGOCqDJe9f3WLTMh0VTYFdrT/KoEIPiDdeSG6EDu
gtCqb1DbV8brMOz9eg7ZWnB45Hrw22V9DUCxS/x1Z05BFctycX3lZL1y0aiE8Luv
Xge3b1LArTG1Pukp7R7R6PPUzD9bHjwvNYxl4wkbfHCbHFYz1McaJ6ccuEHq0Ovr
aCcPZWxZBM1eMnJ7kohUPZod3lGTG53jmb2EN3zlRyDYvl0ywoI7pwuTQPqRdk4+
ZxVz1npchD0lsPJPaaWDi9JXyjHEx4XOjCtRaYAVeYs35m1BWVPeP3UToQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHYVhdoWMWdTYvGQoQ0DYYKr3dTUMB8GA1UdIwQY
MBaAFCiEPbluT0Wbh9+MJ5BX7tabubhiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0lROXVXNVBSWnVIMzR3bmtGZnUxcHU1dUdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9kM2E1NWMtMWY2Mi00Nzc5LTg2Yjkt
NjFiNTBmNmE2YzAyLzEvS0lROXVXNVBSWnVIMzR3bmtGZnUxcHU1dUdJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9kM2E1NWMtMWY2Mi00Nzc5LTg2YjktNjFiNTBmNmE2YzAy
LzEvS0lROXVXNVBSWnVIMzR3bmtGZnUxcHU1dUdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMIQ0ZMOq
WAIPAdBqDutTAbCsl9F95y01uqw5M9PpdRpmGaQQ0wNyBfB0tVXx7hq8O7uZstkI
sL7UxVzCR5bOUIR7druSnJrm92ocRZu7i/7mtKpB2wDBsE5+3L8lfJ77+Nn+v3O+
xKP4x0mNRJ6e9GHLar1O8qxbWx8cNUpZHwI1H919AOU6AQvVpR5gbaH74jc20CDY
dip5gDHav/XcqIZWjINjYoch/4JiocXq6E4e4eXlSmbSBGHyL+ZYCdBjBUqEpZCQ
+dP4eWfu9c1UTamA9e57FcRXPx4aHhbs2JfCRX7Tuf6mMKPhqGd7ua7s/rIgzVAw
ENWfWnbgjmvjzg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:32:36 2025 by rpki-client