Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
File: KqPjBJdiCGjhestHhoLOegvRNTQ.mft (raw, json)
Hash identifier: fbDTEQrSVHcgI+BQk3iYn8smwqp6rDxTVmD56Dz3MKw=
Subject key identifier: 9F:8D:2E:40:B5:39:1A:29:EA:67:39:B4:B7:DB:6E:3B:E0:CB:F4:28
Authority key identifier: 2A:A3:E3:04:97:62:08:68:E1:7A:CB:47:86:82:CE:7A:0B:D1:35:34
Certificate issuer: /CN=2aa3e30497620868e17acb478682ce7a0bd13534
Certificate serial: 019A722663E8FFFED576222815179D29DA44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
Manifest number: 171E
Signing time: Tue 11 Nov 2025 09:01:49 +0000
Manifest this update: Tue 11 Nov 2025 09:01:49 +0000
Manifest next update: Wed 12 Nov 2025 09:01:49 +0000
Files and hashes: 1: KqPjBJdiCGjhestHhoLOegvRNTQ.crl (hash: vzThvPru2GrNw8MMMU0o2UqBK/cc386MSvRO5CvfFdY=)
2: _F5YjzIp4N7IiS5lXnJMJsPMLEU.roa (hash: HX+68oJeKBQGUaK3TL3s9cs53fsCINCeh8CnxLw+JsM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:63:e8:ff:fe:d5:76:22:28:15:17:9d:29:da:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2aa3e30497620868e17acb478682ce7a0bd13534
Validity
Not Before: Nov 11 09:01:49 2025 GMT
Not After : Nov 12 09:01:49 2025 GMT
Subject: CN=9f8d2e40b5391a29ea6739b4b7db6e3be0cbf428
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:fa:81:0f:68:70:b0:b5:37:56:ec:10:02:e7:
38:28:83:75:e1:97:37:ce:39:96:73:ab:9d:4d:25:
e8:85:94:2f:9c:e2:ec:8d:2e:9d:ef:96:71:da:2b:
b6:da:f4:d9:08:56:9e:07:0c:0e:b4:3b:5a:fc:8e:
2f:78:bb:2c:b0:91:c6:ac:f7:1a:11:f4:36:ef:ac:
9a:39:04:f4:9b:2b:a0:40:39:86:8b:a7:82:38:ab:
91:8d:3b:98:df:28:f2:db:d4:0b:3a:dd:ca:bb:a8:
12:41:3b:0f:64:f9:ed:11:a2:84:cc:5a:3b:ca:e8:
d5:9a:18:27:ca:22:7c:52:db:3e:85:d0:fd:17:b9:
16:33:95:b5:ac:cb:d1:65:b7:8a:cc:6f:cd:b5:91:
17:fd:3f:ab:3d:32:80:44:10:37:8e:4c:46:95:98:
c3:c8:12:ad:da:0f:0f:22:43:7e:71:86:a4:86:39:
49:b5:5d:29:b2:00:8b:ea:0d:c6:4b:b7:a1:6c:26:
f5:59:2d:4c:2a:41:ef:da:63:57:6b:6e:43:6c:7d:
de:a8:10:90:02:3f:35:bd:40:ad:49:93:ae:11:15:
8a:84:26:ce:34:6a:51:3c:a5:ce:88:8e:f9:76:46:
9b:75:d8:71:39:96:d5:38:a4:82:e0:c6:2d:9d:60:
b2:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:8D:2E:40:B5:39:1A:29:EA:67:39:B4:B7:DB:6E:3B:E0:CB:F4:28
X509v3 Authority Key Identifier:
keyid:2A:A3:E3:04:97:62:08:68:E1:7A:CB:47:86:82:CE:7A:0B:D1:35:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8b:aa:26:74:9e:a2:90:7d:d4:9c:63:93:c5:d9:a2:68:3d:86:
77:4e:e6:24:aa:4a:fa:75:6f:6f:a8:72:e3:e3:43:8f:e6:be:
a8:26:bb:a8:20:7d:1a:d4:b9:0b:ff:94:c0:ae:63:32:5f:26:
fd:97:0c:2e:36:ec:57:1d:b4:97:61:5b:c2:c5:23:24:ca:b2:
4b:9c:15:bc:29:0a:c9:ca:20:86:6f:bf:13:6f:b4:a1:1f:ab:
53:1f:6f:79:47:72:df:1d:38:20:fc:67:ca:1b:ab:9c:a5:0d:
e8:42:93:e0:9d:fe:8a:ad:eb:5f:36:ed:2d:87:d7:3c:b8:2d:
1a:b5:e1:70:c6:fd:bc:e5:54:a7:b2:08:d8:5c:32:f0:68:ba:
db:0c:86:1f:5b:4f:96:b8:12:62:7b:c6:8f:c5:1e:85:7a:28:
7e:ef:dc:79:50:38:74:97:df:a6:59:11:2b:08:c1:4a:4a:6b:
91:a8:f6:c6:7b:ac:bf:d5:3e:31:31:1d:1a:4f:31:1e:b9:1b:
14:18:b8:a6:06:a1:3b:72:3b:0d:90:a7:7b:07:fd:dc:04:11:
57:ea:4b:b5:28:16:75:b1:43:83:27:ee:67:ab:4e:4c:65:89:
a6:3a:eb:78:db:c5:12:8d:dc:26:c4:90:8c:49:21:e1:87:30:
c2:dc:4e:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJmPo//7VdiIoFRedKdpEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYTNlMzA0OTc2MjA4NjhlMTdhY2I0Nzg2ODJjZTdhMGJk
MTM1MzQwHhcNMjUxMTExMDkwMTQ5WhcNMjUxMTEyMDkwMTQ5WjAzMTEwLwYDVQQD
Eyg5ZjhkMmU0MGI1MzkxYTI5ZWE2NzM5YjRiN2RiNmUzYmUwY2JmNDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvqBD2hwsLU3VuwQAuc4KIN14Zc3
zjmWc6udTSXohZQvnOLsjS6d75Zx2iu22vTZCFaeBwwOtDta/I4veLsssJHGrPca
EfQ276yaOQT0myugQDmGi6eCOKuRjTuY3yjy29QLOt3Ku6gSQTsPZPntEaKEzFo7
yujVmhgnyiJ8Uts+hdD9F7kWM5W1rMvRZbeKzG/NtZEX/T+rPTKARBA3jkxGlZjD
yBKt2g8PIkN+cYakhjlJtV0psgCL6g3GS7ehbCb1WS1MKkHv2mNXa25DbH3eqBCQ
Aj81vUCtSZOuERWKhCbONGpRPKXOiI75dkabddhxOZbVOKSC4MYtnWCywwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ+NLkC1ORop6mc5tLfbbjvgy/QoMB8GA1UdIwQY
MBaAFCqj4wSXYgho4XrLR4aCznoL0TU0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS85ODdiM2MtZjM0NS00MTEyLTkyNDAt
YTRjMGFiYTliYmViLzEvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS85ODdiM2MtZjM0NS00MTEyLTkyNDAtYTRjMGFiYTliYmVi
LzEvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi6omdJ6i
kH3UnGOTxdmiaD2Gd07mJKpK+nVvb6hy4+NDj+a+qCa7qCB9GtS5C/+UwK5jMl8m
/ZcMLjbsVx20l2FbwsUjJMqyS5wVvCkKycoghm+/E2+0oR+rUx9veUdy3x04IPxn
yhurnKUN6EKT4J3+iq3rXzbtLYfXPLgtGrXhcMb9vOVUp7II2Fwy8Gi62wyGH1tP
lrgSYnvGj8UehXoofu/ceVA4dJffplkRKwjBSkprkaj2xnusv9U+MTEdGk8xHrkb
FBi4pgahO3I7DZCnewf93AQRV+pLtSgWdbFDgyfuZ6tOTGWJpjrreNvFEo3cJsSQ
jEkh4YcwwtxOEA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:14:18 2025 by rpki-client