Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
File: kaEXOnDkH0WTVHZpraIvDX9o81Q.mft (raw, json)
Hash identifier: ISYpm8TjXZaFncUIAG2FX6pJQLtw2VBTEnxYZ/t/9Ds=
Subject key identifier: D2:61:BE:9A:7E:19:0E:D2:5D:49:9F:28:57:4B:0E:25:B0:23:10:F5
Authority key identifier: 91:A1:17:3A:70:E4:1F:45:93:54:76:69:AD:A2:2F:0D:7F:68:F3:54
Certificate issuer: /CN=91a1173a70e41f4593547669ada22f0d7f68f354
Certificate serial: 019A70A509F8FEEDBE594CBF61EEBDC6492D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 02:00:55 +0000
Manifest this update: Tue 11 Nov 2025 02:00:55 +0000
Manifest next update: Wed 12 Nov 2025 02:00:55 +0000
Files and hashes: 1: kaEXOnDkH0WTVHZpraIvDX9o81Q.crl (hash: IWZkHhQEeH4TzZ+2CdJZbYcxlirJjUM77F5dXyGK9Vo=)
2: xREpLh3GVdj1ODzVkMBccz2oKXk.roa (hash: xbsUY7nQRM1AibU2b9y10o7TiQNt9Xvh0b0IzmFT71c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 02:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:a5:09:f8:fe:ed:be:59:4c:bf:61:ee:bd:c6:49:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91a1173a70e41f4593547669ada22f0d7f68f354
Validity
Not Before: Nov 11 02:00:55 2025 GMT
Not After : Nov 12 02:00:55 2025 GMT
Subject: CN=d261be9a7e190ed25d499f28574b0e25b02310f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:68:e2:9b:98:24:6a:f7:cc:6d:cf:7b:d9:91:
d6:f5:59:92:0e:18:8b:58:a5:27:f4:3c:53:fe:85:
eb:2f:6b:b4:24:c0:4b:2b:8b:6a:26:a0:5e:b8:8b:
4a:1b:d8:8e:23:b1:75:df:dc:c0:bc:dc:34:cd:2b:
e1:52:09:49:bb:60:f2:49:39:09:4e:2f:5a:2c:08:
97:84:8c:06:bd:62:2c:59:24:23:7f:2a:a5:94:10:
6f:05:d2:aa:90:29:df:99:d5:1a:bc:9a:d8:d6:d3:
9b:6d:97:b2:72:cf:5a:1e:d9:b2:0a:91:94:d2:11:
c8:c1:a6:b6:b0:36:a5:46:49:9c:8e:98:32:77:2b:
f4:31:70:b1:9e:bf:75:7f:d5:50:ff:85:7b:0e:fa:
76:b1:1c:b0:41:2b:80:50:7e:21:72:00:28:bb:a4:
03:ba:87:e5:2a:71:66:ad:3c:e8:16:bc:d7:9c:bd:
b3:f6:1a:37:51:28:a5:f6:3d:9e:7e:02:49:17:82:
3f:73:ab:db:a9:3b:77:b8:f9:0c:3e:2c:e6:cb:8f:
66:f4:fa:a5:32:8c:ab:04:9d:0e:5a:7b:e6:c3:9f:
b2:2e:97:4b:05:d5:0f:24:46:06:b4:8b:63:6f:2d:
db:19:10:94:ee:66:b9:d8:da:9d:21:b9:ed:82:57:
7f:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:61:BE:9A:7E:19:0E:D2:5D:49:9F:28:57:4B:0E:25:B0:23:10:F5
X509v3 Authority Key Identifier:
keyid:91:A1:17:3A:70:E4:1F:45:93:54:76:69:AD:A2:2F:0D:7F:68:F3:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
52:40:6e:95:64:d8:e3:87:9a:9a:2e:13:21:33:ec:70:3d:8d:
b9:46:26:7c:1d:5f:a3:74:1b:d6:d8:18:db:e0:9f:39:fd:f1:
e4:98:a2:6e:b8:ff:a8:d0:d2:b1:02:cd:68:1b:0d:a5:e3:da:
1a:4a:ab:36:62:3e:b7:03:9f:3d:30:af:4f:be:34:14:fe:c1:
41:ed:60:70:b7:74:96:46:22:01:ba:32:44:45:2f:dc:92:fd:
fd:98:a9:85:8c:f9:e9:2e:9c:6e:aa:35:d9:58:a1:13:c1:da:
f9:24:d1:05:ce:6a:53:6a:20:11:af:74:c7:f8:f5:fe:0a:28:
1a:31:9b:5c:83:d1:c2:20:43:be:54:d7:cd:a6:9a:8f:ec:fe:
c2:28:27:58:5c:a3:9b:d2:fb:d4:6a:86:f4:94:ad:da:92:38:
1c:59:19:8d:02:00:e5:78:64:d2:01:02:d0:7c:b8:69:f1:09:
31:0d:6a:72:0a:f2:02:e6:7a:ce:47:f8:fa:6a:6b:88:4c:a6:
af:41:8a:32:0b:82:25:e7:cf:a2:b1:e4:9a:5a:ba:61:18:97:
93:3c:24:f5:41:14:6f:c8:fd:30:37:87:99:5b:c0:c1:d5:70:
b1:6b:e5:a0:0c:5f:fe:54:50:72:aa:31:43:93:e0:c9:d3:4e:
bc:16:3f:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpQn4/u2+WUy/Ye69xkktMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYTExNzNhNzBlNDFmNDU5MzU0NzY2OWFkYTIyZjBkN2Y2
OGYzNTQwHhcNMjUxMTExMDIwMDU1WhcNMjUxMTEyMDIwMDU1WjAzMTEwLwYDVQQD
EyhkMjYxYmU5YTdlMTkwZWQyNWQ0OTlmMjg1NzRiMGUyNWIwMjMxMGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGjim5gkavfMbc972ZHW9VmSDhiL
WKUn9DxT/oXrL2u0JMBLK4tqJqBeuItKG9iOI7F139zAvNw0zSvhUglJu2DySTkJ
Ti9aLAiXhIwGvWIsWSQjfyqllBBvBdKqkCnfmdUavJrY1tObbZeycs9aHtmyCpGU
0hHIwaa2sDalRkmcjpgydyv0MXCxnr91f9VQ/4V7Dvp2sRywQSuAUH4hcgAou6QD
uoflKnFmrTzoFrzXnL2z9ho3USil9j2efgJJF4I/c6vbqTt3uPkMPizmy49m9Pql
MoyrBJ0OWnvmw5+yLpdLBdUPJEYGtItjby3bGRCU7ma52NqdIbntgld/QwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNJhvpp+GQ7SXUmfKFdLDiWwIxD1MB8GA1UdIwQY
MBaAFJGhFzpw5B9Fk1R2aa2iLw1/aPNUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8zNGU1M2YtNjc1OS00Y2Y1LTk4MDEt
NWQ2MzBlMjAzZmQ1LzEva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8zNGU1M2YtNjc1OS00Y2Y1LTk4MDEtNWQ2MzBlMjAzZmQ1
LzEva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUkBulWTY
44eami4TITPscD2NuUYmfB1fo3Qb1tgY2+CfOf3x5Jiibrj/qNDSsQLNaBsNpePa
GkqrNmI+twOfPTCvT740FP7BQe1gcLd0lkYiAboyREUv3JL9/ZiphYz56S6cbqo1
2VihE8Ha+STRBc5qU2ogEa90x/j1/gooGjGbXIPRwiBDvlTXzaaaj+z+wignWFyj
m9L71GqG9JSt2pI4HFkZjQIA5Xhk0gEC0Hy4afEJMQ1qcgryAuZ6zkf4+mpriEym
r0GKMguCJefPorHkmlq6YRiXkzwk9UEUb8j9MDeHmVvAwdVwsWvloAxf/lRQcqox
Q5PgydNOvBY/TA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:46:34 2025 by rpki-client