Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
File: KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft (raw, json)
Hash identifier: Sc8VsIbASoAuPN/pjYq8OVWCDy3KB5RMzJBOAEHwr0A=
Subject key identifier: 6C:81:F6:98:24:06:8C:25:0A:E0:D1:9D:CD:F2:9B:68:76:EC:5D:A4
Authority key identifier: 28:36:24:00:7F:44:DC:AF:56:8C:37:0E:7F:71:F9:50:CB:19:40:EF
Certificate issuer: /CN=283624007f44dcaf568c370e7f71f950cb1940ef
Certificate serial: 019A7225E0F3D8B4FA0B028EC24751F6EFC4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
Manifest number: 089A
Signing time: Tue 11 Nov 2025 09:01:16 +0000
Manifest this update: Tue 11 Nov 2025 09:01:16 +0000
Manifest next update: Wed 12 Nov 2025 09:01:16 +0000
Files and hashes: 1: 8nNgOGtBQWNTilGRrMmNlFZZwGM.roa (hash: mOJcQQ3vA0VCC5mkB6hJglG7LUq/Vu6wljMQaBgi+dM=)
2: KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl (hash: 0ZOxbUBrSmWkG/sJDNv7SB3UnC6NfjFxBmqjLjGefa8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:e0:f3:d8:b4:fa:0b:02:8e:c2:47:51:f6:ef:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=283624007f44dcaf568c370e7f71f950cb1940ef
Validity
Not Before: Nov 11 09:01:16 2025 GMT
Not After : Nov 12 09:01:16 2025 GMT
Subject: CN=6c81f69824068c250ae0d19dcdf29b6876ec5da4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:5c:ad:c9:b4:a3:40:72:7a:19:38:23:8d:e1:
48:05:88:83:de:93:e3:75:ce:37:5f:2e:db:59:ea:
c3:d5:db:b8:6d:3b:ef:fc:43:54:31:13:94:b3:2b:
e9:4e:52:fb:d1:b9:7b:26:f5:89:31:dd:46:ab:dc:
d0:6e:5a:13:09:53:74:80:5d:34:f8:8a:9d:eb:43:
1e:35:ba:39:12:ab:b1:54:fc:77:e0:85:e5:b7:00:
79:dc:b5:04:fa:df:2b:92:ad:2c:1d:20:48:ba:a1:
b7:92:f1:c8:8e:8c:29:92:f2:da:34:a4:44:b3:f2:
21:02:a5:0c:b3:c8:0c:68:e1:54:5e:fd:27:7b:46:
88:0b:c7:5c:ec:b3:01:6b:75:af:07:72:45:fb:db:
53:51:e9:12:55:e7:3b:ae:03:68:b2:7f:39:ec:7a:
10:0e:1e:d9:17:c4:de:cb:1c:91:1d:d2:fe:04:5e:
42:23:fc:6c:22:78:3e:e7:cc:ec:ef:a4:e6:ff:81:
c7:71:73:20:2e:d1:86:56:7b:4b:51:b1:f0:e7:36:
33:22:b2:a4:b7:21:1e:0b:5c:12:17:c5:48:41:2a:
66:1b:64:fb:85:9b:0b:61:54:aa:29:06:02:9e:0f:
e1:a8:10:98:7f:1c:b8:fb:6c:8a:9e:f6:db:23:68:
53:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:81:F6:98:24:06:8C:25:0A:E0:D1:9D:CD:F2:9B:68:76:EC:5D:A4
X509v3 Authority Key Identifier:
keyid:28:36:24:00:7F:44:DC:AF:56:8C:37:0E:7F:71:F9:50:CB:19:40:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7d:f1:eb:70:3c:82:6a:5c:54:d2:c7:0d:8c:8e:e4:fe:56:33:
5a:d1:4a:3d:5c:9a:47:22:f8:46:db:05:43:5f:d3:2f:e3:60:
00:81:ae:54:82:d3:ec:4e:06:a8:0a:1b:13:29:0c:4f:cb:49:
12:e0:6d:3d:36:aa:e2:b6:c3:4f:46:5f:3f:88:66:e9:07:c3:
e7:17:3d:9f:f9:e9:22:33:e4:8d:fe:0a:71:1f:a4:16:47:2b:
31:c2:8f:b0:f7:df:85:fd:c8:8a:ca:eb:61:5c:71:35:9b:9a:
80:73:7e:c6:20:12:b2:a2:48:90:7c:65:f0:f6:6c:56:d3:53:
d3:1f:52:e4:6a:b4:48:b7:01:34:5f:32:d6:99:c4:23:51:61:
87:f5:32:5f:73:0c:b6:3f:82:82:ac:fd:fe:ef:e4:8a:71:45:
ba:cc:49:1f:99:0f:92:06:c3:35:77:98:f6:57:48:a2:c8:f3:
2f:17:ce:3e:b8:85:6a:23:37:db:c0:7c:c3:bb:15:28:78:c7:
77:4e:73:76:bb:ba:57:d4:a5:9b:6d:1c:2c:68:3b:24:c6:2f:
bf:8b:19:b1:fa:f0:dc:ea:fe:d4:a8:ad:79:88:5d:5e:a8:90:
e0:56:bd:2c:27:2a:5d:15:19:77:26:e0:40:13:10:ff:64:91:
56:92:45:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJeDz2LT6CwKOwkdR9u/EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MzYyNDAwN2Y0NGRjYWY1NjhjMzcwZTdmNzFmOTUwY2Ix
OTQwZWYwHhcNMjUxMTExMDkwMTE2WhcNMjUxMTEyMDkwMTE2WjAzMTEwLwYDVQQD
Eyg2YzgxZjY5ODI0MDY4YzI1MGFlMGQxOWRjZGYyOWI2ODc2ZWM1ZGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1ytybSjQHJ6GTgjjeFIBYiD3pPj
dc43Xy7bWerD1du4bTvv/ENUMROUsyvpTlL70bl7JvWJMd1Gq9zQbloTCVN0gF00
+Iqd60MeNbo5EquxVPx34IXltwB53LUE+t8rkq0sHSBIuqG3kvHIjowpkvLaNKRE
s/IhAqUMs8gMaOFUXv0ne0aIC8dc7LMBa3WvB3JF+9tTUekSVec7rgNosn857HoQ
Dh7ZF8TeyxyRHdL+BF5CI/xsIng+58zs76Tm/4HHcXMgLtGGVntLUbHw5zYzIrKk
tyEeC1wSF8VIQSpmG2T7hZsLYVSqKQYCng/hqBCYfxy4+2yKnvbbI2hTLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGyB9pgkBowlCuDRnc3ym2h27F2kMB8GA1UdIwQY
MBaAFCg2JAB/RNyvVow3Dn9x+VDLGUDvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82MGM3MjQtYTAwNS00NmQ3LTg0NTIt
MTZjZTMzOTAxNmEwLzEvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82MGM3MjQtYTAwNS00NmQ3LTg0NTItMTZjZTMzOTAxNmEw
LzEvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAffHrcDyC
alxU0scNjI7k/lYzWtFKPVyaRyL4RtsFQ1/TL+NgAIGuVILT7E4GqAobEykMT8tJ
EuBtPTaq4rbDT0ZfP4hm6QfD5xc9n/npIjPkjf4KcR+kFkcrMcKPsPffhf3Iisrr
YVxxNZuagHN+xiASsqJIkHxl8PZsVtNT0x9S5Gq0SLcBNF8y1pnEI1Fhh/UyX3MM
tj+Cgqz9/u/kinFFusxJH5kPkgbDNXeY9ldIosjzLxfOPriFaiM328B8w7sVKHjH
d05zdru6V9Slm20cLGg7JMYvv4sZsfrw3Or+1KiteYhdXqiQ4Fa9LCcqXRUZdybg
QBMQ/2SRVpJFsw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:20:34 2025 by rpki-client