Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c54f42-912f-4b81-8b00-5c00fcd73619/1/Kz9vqfA3dl50vfKsgsy6vH5PyO0.mft
File: Kz9vqfA3dl50vfKsgsy6vH5PyO0.mft (raw, json)
Hash identifier: XTlHqnq9xAm/zG8hoB3iKZyGhKX6G98HDwG82c5RYmE=
Subject key identifier: 26:4F:02:E7:87:0C:9B:A3:6C:A1:9F:02:16:46:81:E5:7F:4C:EC:E7
Authority key identifier: 2B:3F:6F:A9:F0:37:76:5E:74:BD:F2:AC:82:CC:BA:BC:7E:4F:C8:ED
Certificate issuer: /CN=2b3f6fa9f037765e74bdf2ac82ccbabc7e4fc8ed
Certificate serial: 019A7149CBF45BB80FD68D234619CB4F01FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kz9vqfA3dl50vfKsgsy6vH5PyO0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c54f42-912f-4b81-8b00-5c00fcd73619/1/Kz9vqfA3dl50vfKsgsy6vH5PyO0.mft
Manifest number: 0312
Signing time: Tue 11 Nov 2025 05:00:53 +0000
Manifest this update: Tue 11 Nov 2025 05:00:53 +0000
Manifest next update: Wed 12 Nov 2025 05:00:53 +0000
Files and hashes: 1: 7RtSvYvJ-s26z4jJmihBpc9PPTg.roa (hash: +WPL+eLMOyDQbtRDqabesCoaqYzO2nUYgvkky6oLihM=)
2: Kz9vqfA3dl50vfKsgsy6vH5PyO0.crl (hash: v1cDy8QnsVfCTKPkfvOUbfGa1eXNXi2SqnI1dFYm3s4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/c54f42-912f-4b81-8b00-5c00fcd73619/1/Kz9vqfA3dl50vfKsgsy6vH5PyO0.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/c54f42-912f-4b81-8b00-5c00fcd73619/1/Kz9vqfA3dl50vfKsgsy6vH5PyO0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Kz9vqfA3dl50vfKsgsy6vH5PyO0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:cb:f4:5b:b8:0f:d6:8d:23:46:19:cb:4f:01:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b3f6fa9f037765e74bdf2ac82ccbabc7e4fc8ed
Validity
Not Before: Nov 11 05:00:53 2025 GMT
Not After : Nov 12 05:00:53 2025 GMT
Subject: CN=264f02e7870c9ba36ca19f02164681e57f4cece7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:b8:8c:1a:49:ea:75:51:54:e5:5b:25:9c:07:
00:34:97:17:b3:c3:34:30:2c:7a:1e:59:dd:b1:59:
83:65:1a:b6:4c:f8:a5:7e:b6:e0:95:f5:67:4e:6f:
41:6d:93:d0:c0:fa:3e:64:0d:5e:47:47:d9:e1:d1:
8a:2e:b4:8f:3f:ab:0c:d5:de:41:de:b3:ff:f7:1e:
46:eb:4c:10:7f:0d:69:fe:7c:88:1d:4e:d9:39:a9:
60:be:2b:14:77:71:49:bb:83:9f:51:dc:03:b4:dd:
59:24:fb:63:ab:44:9d:fc:68:c7:a5:60:f8:6f:da:
41:76:6f:42:ff:6c:64:51:3a:08:5d:16:ea:98:17:
b9:6b:e1:59:9a:a6:a8:a7:bd:f8:99:ff:0c:92:9f:
26:0d:c5:1f:df:ba:6e:01:39:66:70:36:c1:77:22:
ce:93:11:f8:3f:23:32:f6:55:98:8b:aa:1a:b9:7e:
38:8b:55:b6:7f:8f:77:3f:da:65:f8:9f:a0:d5:3c:
b1:cf:3a:e6:05:6c:25:42:98:da:7a:a1:fe:8c:4c:
64:c4:5e:3e:b6:b1:95:d0:5a:9c:0a:eb:57:5c:7a:
6d:ca:b8:e5:84:eb:a8:89:23:62:f0:0e:b2:75:4e:
06:6d:15:87:19:b0:13:a1:d6:00:4c:e2:30:cd:34:
03:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:4F:02:E7:87:0C:9B:A3:6C:A1:9F:02:16:46:81:E5:7F:4C:EC:E7
X509v3 Authority Key Identifier:
keyid:2B:3F:6F:A9:F0:37:76:5E:74:BD:F2:AC:82:CC:BA:BC:7E:4F:C8:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kz9vqfA3dl50vfKsgsy6vH5PyO0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c54f42-912f-4b81-8b00-5c00fcd73619/1/Kz9vqfA3dl50vfKsgsy6vH5PyO0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c54f42-912f-4b81-8b00-5c00fcd73619/1/Kz9vqfA3dl50vfKsgsy6vH5PyO0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
63:60:0a:f1:6f:c0:bc:1a:db:05:6c:a7:52:46:fa:2e:94:45:
26:d1:04:73:8a:2d:da:6d:6a:ae:f0:ae:60:06:51:7a:63:f4:
7e:68:ac:ef:e3:1f:d1:83:6e:24:66:fc:05:a7:38:eb:ce:f3:
9f:4d:b3:5c:e5:2d:0d:d1:1f:76:cb:2d:55:f2:a3:7e:28:7c:
dd:00:cc:04:de:1a:79:ce:e0:58:0a:67:dc:f5:a4:48:f9:58:
66:f7:d3:40:86:26:2b:65:df:84:cc:cc:74:83:f9:42:c6:99:
76:92:47:d1:d5:7f:7a:97:dc:82:61:26:5e:9f:f7:3e:1c:29:
df:61:9e:60:cb:ab:33:29:21:86:b1:6b:d1:34:59:d5:2e:fa:
5b:e5:ea:84:85:10:c3:b3:da:cc:96:e8:28:a9:f2:19:af:ce:
1f:b1:a1:a0:d8:aa:9f:7d:92:a7:be:de:77:48:a5:18:5a:40:
11:e9:e6:a0:d8:2a:9e:79:12:bb:ce:b7:85:0f:85:03:23:70:
2a:21:ed:fa:35:15:40:8a:03:92:ba:aa:b2:77:50:bb:1a:b9:
60:d0:97:6b:b4:52:af:6c:dc:6b:8c:07:df:94:21:df:a0:d5:
ce:8b:21:4a:e6:3e:44:3e:cd:f5:14:f9:41:b9:71:a6:f8:9e:
23:55:83:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxScv0W7gP1o0jRhnLTwH/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiM2Y2ZmE5ZjAzNzc2NWU3NGJkZjJhYzgyY2NiYWJjN2U0
ZmM4ZWQwHhcNMjUxMTExMDUwMDUzWhcNMjUxMTEyMDUwMDUzWjAzMTEwLwYDVQQD
EygyNjRmMDJlNzg3MGM5YmEzNmNhMTlmMDIxNjQ2ODFlNTdmNGNlY2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3LiMGknqdVFU5VslnAcANJcXs8M0
MCx6HlndsVmDZRq2TPilfrbglfVnTm9BbZPQwPo+ZA1eR0fZ4dGKLrSPP6sM1d5B
3rP/9x5G60wQfw1p/nyIHU7ZOalgvisUd3FJu4OfUdwDtN1ZJPtjq0Sd/GjHpWD4
b9pBdm9C/2xkUToIXRbqmBe5a+FZmqaop734mf8Mkp8mDcUf37puATlmcDbBdyLO
kxH4PyMy9lWYi6oauX44i1W2f493P9pl+J+g1TyxzzrmBWwlQpjaeqH+jExkxF4+
trGV0FqcCutXXHptyrjlhOuoiSNi8A6ydU4GbRWHGbATodYATOIwzTQD8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCZPAueHDJujbKGfAhZGgeV/TOznMB8GA1UdIwQY
MBaAFCs/b6nwN3ZedL3yrILMurx+T8jtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3o5dnFmQTNkbDUwdmZLc2dzeTZ2SDVQeU8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jNTRmNDItOTEyZi00YjgxLThiMDAt
NWMwMGZjZDczNjE5LzEvS3o5dnFmQTNkbDUwdmZLc2dzeTZ2SDVQeU8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jNTRmNDItOTEyZi00YjgxLThiMDAtNWMwMGZjZDczNjE5
LzEvS3o5dnFmQTNkbDUwdmZLc2dzeTZ2SDVQeU8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY2AK8W/A
vBrbBWynUkb6LpRFJtEEc4ot2m1qrvCuYAZRemP0fmis7+Mf0YNuJGb8Bac4687z
n02zXOUtDdEfdsstVfKjfih83QDMBN4aec7gWApn3PWkSPlYZvfTQIYmK2XfhMzM
dIP5QsaZdpJH0dV/epfcgmEmXp/3Phwp32GeYMurMykhhrFr0TRZ1S76W+XqhIUQ
w7PazJboKKnyGa/OH7GhoNiqn32Sp77ed0ilGFpAEenmoNgqnnkSu863hQ+FAyNw
KiHt+jUVQIoDkrqqsndQuxq5YNCXa7RSr2zca4wH35Qh36DVzoshSuY+RD7N9RT5
QblxpvieI1WDNg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:10:58 2025 by rpki-client