Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/b19811-fa23-47b0-b577-17698f88c3bd/1/KqFL_4NIDRDND767gLLLUJH8-C8.mft
File: KqFL_4NIDRDND767gLLLUJH8-C8.mft (raw, json)
Hash identifier: mWJb5H72rl1kLiMpyt67XNrzr9c65p/DLI1EADNsN/g=
Subject key identifier: 0E:B0:4E:09:C3:9C:61:CB:72:37:1C:D0:7A:95:B3:95:82:50:DE:A6
Authority key identifier: 2A:A1:4B:FF:83:48:0D:10:CD:0F:BE:BB:80:B2:CB:50:91:FC:F8:2F
Certificate issuer: /CN=2aa14bff83480d10cd0fbebb80b2cb5091fcf82f
Certificate serial: 019A71135573C5752A5F4CB61376D71193DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqFL_4NIDRDND767gLLLUJH8-C8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/b19811-fa23-47b0-b577-17698f88c3bd/1/KqFL_4NIDRDND767gLLLUJH8-C8.mft
Manifest number: 171D
Signing time: Tue 11 Nov 2025 04:01:23 +0000
Manifest this update: Tue 11 Nov 2025 04:01:23 +0000
Manifest next update: Wed 12 Nov 2025 04:01:23 +0000
Files and hashes: 1: 0zY-sGp0Ft0AM9Sf-NYlNdybUWg.roa (hash: eX1zp0GC5bqV6hOy4nxEisONQ8sH8x4mX06jY0ZL3fw=)
2: KqFL_4NIDRDND767gLLLUJH8-C8.crl (hash: XgdIW8hiw+ZdZl89oyuCEJKPw83n2Cj6Nu9dImz/2qA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/b19811-fa23-47b0-b577-17698f88c3bd/1/KqFL_4NIDRDND767gLLLUJH8-C8.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/b19811-fa23-47b0-b577-17698f88c3bd/1/KqFL_4NIDRDND767gLLLUJH8-C8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KqFL_4NIDRDND767gLLLUJH8-C8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:13:55:73:c5:75:2a:5f:4c:b6:13:76:d7:11:93:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2aa14bff83480d10cd0fbebb80b2cb5091fcf82f
Validity
Not Before: Nov 11 04:01:23 2025 GMT
Not After : Nov 12 04:01:23 2025 GMT
Subject: CN=0eb04e09c39c61cb72371cd07a95b3958250dea6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:05:69:39:10:28:92:cf:04:5b:3d:cf:3f:9d:
98:00:91:b0:73:c6:47:2f:9b:e4:dd:9e:76:80:31:
ce:c3:15:2e:a2:27:bb:8f:30:24:51:b6:10:e1:cf:
2f:74:9d:74:ce:0f:75:1a:c1:80:67:ad:ff:64:a3:
13:26:85:ff:b2:e9:e9:03:4f:20:1b:f8:c9:b6:13:
3b:65:6b:45:87:ba:89:66:ee:26:d3:1a:ea:b7:7b:
47:e5:35:4c:0b:82:ef:42:84:97:73:e0:e7:54:0e:
3c:66:f2:03:2a:c9:1a:53:10:9e:91:a3:0d:d3:4e:
6c:1f:6b:30:a7:73:8e:23:c1:08:88:d0:b8:4e:c5:
7e:6a:53:bd:cc:77:41:54:d9:d8:c5:9e:cb:bc:6e:
ee:fe:ec:d3:0e:0e:e1:df:04:76:13:e6:20:3c:8d:
8a:68:1f:bd:f3:86:c1:b2:e9:13:ae:65:b0:c4:e4:
fe:1f:a2:74:c4:b5:6d:93:b9:d0:a4:7f:8d:01:ce:
d3:8a:92:a1:d3:ae:05:86:67:41:63:41:90:cc:fb:
12:45:74:b8:28:04:0a:59:41:86:9e:52:81:0f:ec:
2b:32:3d:f8:ef:b2:a5:ff:b2:9c:b6:2a:4a:61:5c:
46:53:83:34:c0:a4:eb:fc:98:d5:d4:ee:f6:d1:96:
a1:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:B0:4E:09:C3:9C:61:CB:72:37:1C:D0:7A:95:B3:95:82:50:DE:A6
X509v3 Authority Key Identifier:
keyid:2A:A1:4B:FF:83:48:0D:10:CD:0F:BE:BB:80:B2:CB:50:91:FC:F8:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqFL_4NIDRDND767gLLLUJH8-C8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/b19811-fa23-47b0-b577-17698f88c3bd/1/KqFL_4NIDRDND767gLLLUJH8-C8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/b19811-fa23-47b0-b577-17698f88c3bd/1/KqFL_4NIDRDND767gLLLUJH8-C8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
81:3f:a7:0a:e0:33:0a:e5:0a:eb:ff:bd:ad:89:73:dd:bc:59:
6c:0c:c9:e7:1e:0f:e9:c2:f0:73:1e:29:c9:04:4b:69:a8:bf:
ca:61:f1:b5:92:0d:40:22:53:25:86:e1:23:09:c9:74:db:cd:
85:02:6b:d8:de:a9:52:bb:01:cd:e9:64:8f:27:82:2e:80:98:
c5:56:97:ac:84:e7:33:ec:6d:15:de:a4:66:b8:b0:13:d1:1c:
58:bc:9f:99:e7:75:b9:e2:5d:69:7c:70:af:10:59:68:dc:37:
b7:81:b3:a0:4f:6a:94:5b:13:50:2a:64:83:50:89:0d:02:a7:
1e:b0:09:95:41:c0:0f:e5:5b:ed:6b:5d:de:12:2d:69:eb:2b:
1e:bc:0f:3b:6a:d6:5d:7f:de:40:4e:67:ae:0c:87:d7:7c:d1:
73:87:79:e5:58:ba:6e:0b:4b:7c:26:ba:f5:b1:7a:00:fb:f2:
38:1a:0b:15:db:ff:3d:bc:93:5e:d7:63:a5:be:a2:0e:c1:f2:
0c:3e:38:d1:fe:55:27:8a:4c:99:81:e9:8f:d6:34:9b:d5:7b:
8d:d4:d9:95:ae:7d:61:1e:63:45:a7:7a:8d:b5:56:41:58:e3:
71:fc:84:be:61:c6:24:89:12:21:e6:f6:ab:8d:38:79:48:e7:
b1:cc:ad:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxE1VzxXUqX0y2E3bXEZPdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYTE0YmZmODM0ODBkMTBjZDBmYmViYjgwYjJjYjUwOTFm
Y2Y4MmYwHhcNMjUxMTExMDQwMTIzWhcNMjUxMTEyMDQwMTIzWjAzMTEwLwYDVQQD
EygwZWIwNGUwOWMzOWM2MWNiNzIzNzFjZDA3YTk1YjM5NTgyNTBkZWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgVpORAoks8EWz3PP52YAJGwc8ZH
L5vk3Z52gDHOwxUuoie7jzAkUbYQ4c8vdJ10zg91GsGAZ63/ZKMTJoX/sunpA08g
G/jJthM7ZWtFh7qJZu4m0xrqt3tH5TVMC4LvQoSXc+DnVA48ZvIDKskaUxCekaMN
005sH2swp3OOI8EIiNC4TsV+alO9zHdBVNnYxZ7LvG7u/uzTDg7h3wR2E+YgPI2K
aB+984bBsukTrmWwxOT+H6J0xLVtk7nQpH+NAc7TipKh064FhmdBY0GQzPsSRXS4
KAQKWUGGnlKBD+wrMj3477Kl/7KctipKYVxGU4M0wKTr/JjV1O720ZahZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA6wTgnDnGHLcjcc0HqVs5WCUN6mMB8GA1UdIwQY
MBaAFCqhS/+DSA0QzQ++u4Cyy1CR/PgvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3FGTF80TklEUkRORDc2N2dMTExVSkg4LUM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9iMTk4MTEtZmEyMy00N2IwLWI1Nzct
MTc2OThmODhjM2JkLzEvS3FGTF80TklEUkRORDc2N2dMTExVSkg4LUM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9iMTk4MTEtZmEyMy00N2IwLWI1NzctMTc2OThmODhjM2Jk
LzEvS3FGTF80TklEUkRORDc2N2dMTExVSkg4LUM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgT+nCuAz
CuUK6/+9rYlz3bxZbAzJ5x4P6cLwcx4pyQRLaai/ymHxtZINQCJTJYbhIwnJdNvN
hQJr2N6pUrsBzelkjyeCLoCYxVaXrITnM+xtFd6kZriwE9EcWLyfmed1ueJdaXxw
rxBZaNw3t4GzoE9qlFsTUCpkg1CJDQKnHrAJlUHAD+Vb7Wtd3hItaesrHrwPO2rW
XX/eQE5nrgyH13zRc4d55Vi6bgtLfCa69bF6APvyOBoLFdv/PbyTXtdjpb6iDsHy
DD440f5VJ4pMmYHpj9Y0m9V7jdTZla59YR5jRad6jbVWQVjjcfyEvmHGJIkSIeb2
q404eUjnscytYg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:35:13 2025 by rpki-client