Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/d3cb14-30ad-4213-815b-f6a513de2fea/1/kMzZE6mbr9iT4HupaKZ0NOPfVCA.mft
File: kMzZE6mbr9iT4HupaKZ0NOPfVCA.mft (raw, json)
Hash identifier: sSlzNDxIP9U0WeYqPqgGUnRDDGE4b0maFlmskOqOBUo=
Subject key identifier: B0:64:2A:D0:47:AA:00:A6:D7:47:A1:7E:76:A9:9F:0A:6A:D4:AE:BE
Authority key identifier: 90:CC:D9:13:A9:9B:AF:D8:93:E0:7B:A9:68:A6:74:34:E3:DF:54:20
Certificate issuer: /CN=90ccd913a99bafd893e07ba968a67434e3df5420
Certificate serial: 019A71B8FF593ABD98A6B151B97BA3AA1A09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kMzZE6mbr9iT4HupaKZ0NOPfVCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/d3cb14-30ad-4213-815b-f6a513de2fea/1/kMzZE6mbr9iT4HupaKZ0NOPfVCA.mft
Manifest number: 1677
Signing time: Tue 11 Nov 2025 07:02:20 +0000
Manifest this update: Tue 11 Nov 2025 07:02:20 +0000
Manifest next update: Wed 12 Nov 2025 07:02:20 +0000
Files and hashes: 1: 7ma8rm9Nc8aP0i9rOur_HEzgHJs.roa (hash: GInuicNk1jMv1+rnjCpEDF87yGDttTl9tUwBgJS9KiA=)
2: kMzZE6mbr9iT4HupaKZ0NOPfVCA.crl (hash: 9QjFLEPJyFuu/gn0FUAuN09zRP+YOvaOIhB+nUrUCLQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/d3cb14-30ad-4213-815b-f6a513de2fea/1/kMzZE6mbr9iT4HupaKZ0NOPfVCA.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/d3cb14-30ad-4213-815b-f6a513de2fea/1/kMzZE6mbr9iT4HupaKZ0NOPfVCA.mft
rsync://rpki.ripe.net/repository/DEFAULT/kMzZE6mbr9iT4HupaKZ0NOPfVCA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:ff:59:3a:bd:98:a6:b1:51:b9:7b:a3:aa:1a:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90ccd913a99bafd893e07ba968a67434e3df5420
Validity
Not Before: Nov 11 07:02:20 2025 GMT
Not After : Nov 12 07:02:20 2025 GMT
Subject: CN=b0642ad047aa00a6d747a17e76a99f0a6ad4aebe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:87:e4:7e:61:f8:b3:a0:62:e3:a3:72:4b:df:
84:9d:d4:36:30:4a:2a:f6:62:3b:84:b4:88:b4:73:
3b:cd:ab:7c:7e:2f:8f:a9:d5:16:39:d6:5f:13:c0:
cb:c2:c2:84:ae:a8:47:cc:d4:66:d6:38:c7:40:14:
c9:91:6d:c4:22:bf:f6:2d:19:30:7e:49:c1:51:66:
a9:bb:05:46:6a:17:ff:ed:17:d7:0c:94:e4:8d:35:
d7:19:3d:65:2a:e3:60:7c:30:25:76:d7:d6:6d:ea:
f5:d6:9e:a5:75:06:cc:00:44:ab:61:b8:c3:10:7f:
8f:c5:2f:13:f2:b3:6e:16:95:65:19:c7:64:41:e5:
11:06:95:24:c2:d6:40:c2:99:a0:be:9b:07:aa:7a:
5e:4c:c3:3c:a2:e1:3f:ec:c1:61:54:eb:55:71:d5:
c5:09:c4:2c:37:33:6a:ca:31:96:d2:a6:da:00:81:
e9:34:a8:98:ed:2b:c6:b1:0f:86:ee:46:be:cb:7f:
b4:e0:dc:d1:7e:62:c5:4d:01:c5:fc:2e:9f:49:27:
ba:56:6a:3c:c0:94:7b:7c:0c:bf:9a:58:a1:ab:37:
a8:cb:4e:ef:90:05:eb:18:c0:1b:52:e4:15:cd:0c:
d7:b7:dc:8f:74:15:14:c0:d0:13:c1:af:7a:ce:a7:
57:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:64:2A:D0:47:AA:00:A6:D7:47:A1:7E:76:A9:9F:0A:6A:D4:AE:BE
X509v3 Authority Key Identifier:
keyid:90:CC:D9:13:A9:9B:AF:D8:93:E0:7B:A9:68:A6:74:34:E3:DF:54:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kMzZE6mbr9iT4HupaKZ0NOPfVCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/d3cb14-30ad-4213-815b-f6a513de2fea/1/kMzZE6mbr9iT4HupaKZ0NOPfVCA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/d3cb14-30ad-4213-815b-f6a513de2fea/1/kMzZE6mbr9iT4HupaKZ0NOPfVCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:9c:c7:b9:0f:7e:9c:de:e9:f2:8a:c4:f9:25:d9:a5:fa:4b:
fb:09:9a:af:3a:5c:fb:c5:9a:7b:9a:46:85:35:10:41:c6:d5:
cb:6c:eb:b7:90:e0:ad:72:0f:b4:88:0e:7d:c0:0a:e3:85:a5:
8d:2d:77:90:47:75:89:a3:5f:89:cb:e7:53:47:9f:57:f4:83:
e1:e3:b6:4f:d4:4b:1a:07:cf:94:f5:e9:71:82:26:f5:4e:cd:
92:35:d0:25:00:ec:90:dd:da:d3:72:34:68:f0:94:b3:85:d9:
a5:47:7b:ba:f1:c2:b2:68:4e:c9:7e:9a:ef:65:a8:f3:b4:dd:
9e:1e:f7:e6:52:7e:d7:c8:70:eb:d4:71:bf:37:7f:24:be:ce:
e2:3c:4a:26:5b:2d:c7:69:86:0c:da:34:74:ad:84:2b:65:7b:
72:e9:42:6b:e8:43:f6:26:9b:95:1c:72:24:6d:9d:09:17:f1:
f4:30:4e:70:54:cb:0c:21:ed:a5:a0:17:ca:84:65:51:ae:4e:
f2:ab:bf:4c:02:c1:6c:d1:db:ab:aa:cd:30:8c:5b:20:16:fe:
10:e1:05:c2:37:af:b9:31:7a:7e:88:ff:e6:a9:ea:e5:46:c5:
e7:28:0f:8d:e6:ec:1e:82:d2:d7:6a:cc:33:49:8e:ec:10:95:
17:86:38:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuP9ZOr2YprFRuXujqhoJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwY2NkOTEzYTk5YmFmZDg5M2UwN2JhOTY4YTY3NDM0ZTNk
ZjU0MjAwHhcNMjUxMTExMDcwMjIwWhcNMjUxMTEyMDcwMjIwWjAzMTEwLwYDVQQD
EyhiMDY0MmFkMDQ3YWEwMGE2ZDc0N2ExN2U3NmE5OWYwYTZhZDRhZWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ofkfmH4s6Bi46NyS9+EndQ2MEoq
9mI7hLSItHM7zat8fi+PqdUWOdZfE8DLwsKErqhHzNRm1jjHQBTJkW3EIr/2LRkw
fknBUWapuwVGahf/7RfXDJTkjTXXGT1lKuNgfDAldtfWber11p6ldQbMAESrYbjD
EH+PxS8T8rNuFpVlGcdkQeURBpUkwtZAwpmgvpsHqnpeTMM8ouE/7MFhVOtVcdXF
CcQsNzNqyjGW0qbaAIHpNKiY7SvGsQ+G7ka+y3+04NzRfmLFTQHF/C6fSSe6Vmo8
wJR7fAy/mlihqzeoy07vkAXrGMAbUuQVzQzXt9yPdBUUwNATwa96zqdXewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLBkKtBHqgCm10ehfnapnwpq1K6+MB8GA1UdIwQY
MBaAFJDM2ROpm6/Yk+B7qWimdDTj31QgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva016WkU2bWJyOWlUNEh1cGFLWjBOT1BmVkNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9kM2NiMTQtMzBhZC00MjEzLTgxNWIt
ZjZhNTEzZGUyZmVhLzEva016WkU2bWJyOWlUNEh1cGFLWjBOT1BmVkNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9kM2NiMTQtMzBhZC00MjEzLTgxNWItZjZhNTEzZGUyZmVh
LzEva016WkU2bWJyOWlUNEh1cGFLWjBOT1BmVkNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGpzHuQ9+
nN7p8orE+SXZpfpL+wmarzpc+8Wae5pGhTUQQcbVy2zrt5DgrXIPtIgOfcAK44Wl
jS13kEd1iaNficvnU0efV/SD4eO2T9RLGgfPlPXpcYIm9U7NkjXQJQDskN3a03I0
aPCUs4XZpUd7uvHCsmhOyX6a72Wo87Tdnh735lJ+18hw69Rxvzd/JL7O4jxKJlst
x2mGDNo0dK2EK2V7culCa+hD9iablRxyJG2dCRfx9DBOcFTLDCHtpaAXyoRlUa5O
8qu/TALBbNHbq6rNMIxbIBb+EOEFwjevuTF6foj/5qnq5UbF5ygPjebsHoLS12rM
M0mO7BCVF4Y4Pg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:35:23 2025 by rpki-client