Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
File: KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft (raw, json)
Hash identifier: T5zpFUPHZWfjDJjQwVaUToitaUuOpcD83ZRO3Ui7kSU=
Subject key identifier: B4:AC:DA:1F:CE:E6:5E:F6:05:24:0E:8F:6F:12:BF:B5:10:A8:27:CB
Authority key identifier: 28:36:24:00:7F:44:DC:AF:56:8C:37:0E:7F:71:F9:50:CB:19:40:EF
Certificate issuer: /CN=283624007f44dcaf568c370e7f71f950cb1940ef
Certificate serial: 0199221ED56306C49FAEF8B920D4E392672B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
Manifest number: 07EC
Signing time: Sun 07 Sep 2025 03:01:09 +0000
Manifest this update: Sun 07 Sep 2025 03:01:09 +0000
Manifest next update: Mon 08 Sep 2025 03:01:09 +0000
Files and hashes: 1: 8nNgOGtBQWNTilGRrMmNlFZZwGM.roa (hash: mOJcQQ3vA0VCC5mkB6hJglG7LUq/Vu6wljMQaBgi+dM=)
2: KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl (hash: IMpYzFy6W7Oty2hbLL26aAnCsiJuGnDz3c9RbHGoJPc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 03:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:1e:d5:63:06:c4:9f:ae:f8:b9:20:d4:e3:92:67:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=283624007f44dcaf568c370e7f71f950cb1940ef
Validity
Not Before: Sep 7 03:01:09 2025 GMT
Not After : Sep 8 03:01:09 2025 GMT
Subject: CN=b4acda1fcee65ef605240e8f6f12bfb510a827cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a1:1c:9f:63:1f:7f:e2:f7:a3:73:5b:72:43:
f8:78:aa:ef:a4:c5:fc:4a:42:44:c9:ff:cd:1c:2b:
66:b4:55:a5:26:ff:8e:b3:aa:d4:3c:fc:5b:b4:98:
0b:d6:34:c9:fc:b1:71:ea:a1:ab:52:44:ed:17:ae:
17:9b:44:ee:fe:ff:4d:35:73:a8:7e:a6:a8:99:ea:
a7:7c:0e:32:ef:8c:bf:bf:02:0b:63:99:c5:3d:0f:
69:e0:21:96:78:68:58:e6:d0:13:aa:1f:8e:19:6c:
08:59:bc:f8:01:ef:94:b6:58:63:21:b4:ff:a3:b9:
83:3c:de:3d:1d:a9:6e:f4:33:fe:ad:33:5c:44:6f:
65:c1:98:62:cc:b2:c7:5d:0b:6e:b7:db:86:06:8b:
4f:a8:c3:26:73:82:34:9b:8d:a4:f1:63:d4:49:be:
5d:02:b0:9f:dd:4c:63:d5:c8:17:95:42:00:34:b7:
93:eb:58:f0:b5:2c:c9:ae:3f:c6:71:f4:05:c6:3b:
e1:4c:51:53:c5:86:4d:72:bf:47:37:db:84:f5:e5:
86:b7:0f:99:77:69:8b:17:32:d4:48:f6:9f:3c:fe:
03:04:10:49:af:f2:ec:b8:71:28:1c:b3:86:c3:a6:
fd:7d:b2:3a:cb:ad:f2:9a:d5:cf:79:27:8e:6f:00:
8b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:AC:DA:1F:CE:E6:5E:F6:05:24:0E:8F:6F:12:BF:B5:10:A8:27:CB
X509v3 Authority Key Identifier:
keyid:28:36:24:00:7F:44:DC:AF:56:8C:37:0E:7F:71:F9:50:CB:19:40:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3d:79:71:7e:be:bd:b6:f1:fb:fd:34:f7:cd:cd:f0:44:c4:a2:
6c:ca:0d:c7:5d:a9:fd:af:8a:56:80:48:29:03:4d:bc:2b:50:
96:cc:46:46:06:4c:c8:cf:9b:68:a4:e2:2d:08:e2:6b:b5:70:
7d:e6:27:72:2e:17:63:11:17:d1:c2:08:50:b8:a3:89:5f:a4:
bf:f7:d3:7d:f2:f4:e9:08:1c:97:04:b5:8a:3b:31:ee:15:13:
21:fd:ac:cf:a7:99:1e:3c:b9:5f:6d:90:34:6a:69:cd:d8:75:
42:70:f2:56:1c:ec:25:b0:ac:20:2d:6d:39:46:be:f5:96:2e:
76:8e:3e:58:95:b7:33:b7:b6:6e:66:69:0b:8c:47:b2:8c:7c:
09:91:5d:2e:46:09:ab:61:ef:a9:9e:26:bf:21:a8:d4:dc:43:
67:62:0a:9a:89:31:52:12:d0:40:0d:ba:c2:de:55:f5:7c:5c:
b2:03:7a:77:6c:8f:6a:14:0c:8e:e1:18:03:f0:ee:88:98:66:
f9:04:48:cd:53:e4:36:11:0b:91:23:6f:d4:c0:4e:03:28:9c:
26:0c:de:13:0f:fa:e7:b3:bf:75:51:1a:c4:0a:69:01:ee:5b:
50:91:4f:e1:c3:64:b4:e0:d4:3c:09:9d:bb:7c:88:4b:61:15:
4b:f4:a1:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHtVjBsSfrvi5INTjkmcrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MzYyNDAwN2Y0NGRjYWY1NjhjMzcwZTdmNzFmOTUwY2Ix
OTQwZWYwHhcNMjUwOTA3MDMwMTA5WhcNMjUwOTA4MDMwMTA5WjAzMTEwLwYDVQQD
EyhiNGFjZGExZmNlZTY1ZWY2MDUyNDBlOGY2ZjEyYmZiNTEwYTgyN2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaEcn2Mff+L3o3NbckP4eKrvpMX8
SkJEyf/NHCtmtFWlJv+Os6rUPPxbtJgL1jTJ/LFx6qGrUkTtF64Xm0Tu/v9NNXOo
fqaomeqnfA4y74y/vwILY5nFPQ9p4CGWeGhY5tATqh+OGWwIWbz4Ae+UtlhjIbT/
o7mDPN49Halu9DP+rTNcRG9lwZhizLLHXQtut9uGBotPqMMmc4I0m42k8WPUSb5d
ArCf3Uxj1cgXlUIANLeT61jwtSzJrj/GcfQFxjvhTFFTxYZNcr9HN9uE9eWGtw+Z
d2mLFzLUSPafPP4DBBBJr/LsuHEoHLOGw6b9fbI6y63ymtXPeSeObwCLbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLSs2h/O5l72BSQOj28Sv7UQqCfLMB8GA1UdIwQY
MBaAFCg2JAB/RNyvVow3Dn9x+VDLGUDvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82MGM3MjQtYTAwNS00NmQ3LTg0NTIt
MTZjZTMzOTAxNmEwLzEvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82MGM3MjQtYTAwNS00NmQ3LTg0NTItMTZjZTMzOTAxNmEw
LzEvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPXlxfr69
tvH7/TT3zc3wRMSibMoNx12p/a+KVoBIKQNNvCtQlsxGRgZMyM+baKTiLQjia7Vw
feYnci4XYxEX0cIIULijiV+kv/fTffL06QgclwS1ijsx7hUTIf2sz6eZHjy5X22Q
NGppzdh1QnDyVhzsJbCsIC1tOUa+9ZYudo4+WJW3M7e2bmZpC4xHsox8CZFdLkYJ
q2HvqZ4mvyGo1NxDZ2IKmokxUhLQQA26wt5V9XxcsgN6d2yPahQMjuEYA/DuiJhm
+QRIzVPkNhELkSNv1MBOAyicJgzeEw/657O/dVEaxAppAe5bUJFP4cNktODUPAmd
u3yIS2EVS/ShHQ==
-----END CERTIFICATE-----
Generated at Sun Sep 7 11:29:21 2025 by rpki-client