Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/89fb99-9049-482f-95dc-9e3cd0d9d77a/1/kYMWq06hPrtUVgwaZwQtR-lm2CM.mft
File: kYMWq06hPrtUVgwaZwQtR-lm2CM.mft (raw, json)
Hash identifier: bsfd/0q/8r0CRacpVbRGyqlPPy/PIKKmx5O3p+HfiDk=
Subject key identifier: 0E:89:98:C9:99:D2:E7:3A:2F:EE:CE:A1:8B:80:18:DD:35:77:54:3F
Authority key identifier: 91:83:16:AB:4E:A1:3E:BB:54:56:0C:1A:67:04:2D:47:E9:66:D8:23
Certificate issuer: /CN=918316ab4ea13ebb54560c1a67042d47e966d823
Certificate serial: 019A37C90ABD9F377B79BC2544070C6AF4EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kYMWq06hPrtUVgwaZwQtR-lm2CM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/89fb99-9049-482f-95dc-9e3cd0d9d77a/1/kYMWq06hPrtUVgwaZwQtR-lm2CM.mft
Manifest number: 1704
Signing time: Fri 31 Oct 2025 01:01:53 +0000
Manifest this update: Fri 31 Oct 2025 01:01:53 +0000
Manifest next update: Sat 01 Nov 2025 01:01:53 +0000
Files and hashes: 1: 1pItkF34I0T0XrYWSJRD7pj_ja0.roa (hash: xX/gcWJfZ1minzry/xWMxIOizMCvErT51ZVCYZljegM=)
2: kYMWq06hPrtUVgwaZwQtR-lm2CM.crl (hash: qEKQyieph5O6miHnKsVa5jNudyvgoBs8QqZFFPeQAtM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/89fb99-9049-482f-95dc-9e3cd0d9d77a/1/kYMWq06hPrtUVgwaZwQtR-lm2CM.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/89fb99-9049-482f-95dc-9e3cd0d9d77a/1/kYMWq06hPrtUVgwaZwQtR-lm2CM.mft
rsync://rpki.ripe.net/repository/DEFAULT/kYMWq06hPrtUVgwaZwQtR-lm2CM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Nov 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:37:c9:0a:bd:9f:37:7b:79:bc:25:44:07:0c:6a:f4:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=918316ab4ea13ebb54560c1a67042d47e966d823
Validity
Not Before: Oct 31 01:01:53 2025 GMT
Not After : Nov 1 01:01:53 2025 GMT
Subject: CN=0e8998c999d2e73a2feecea18b8018dd3577543f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:48:cf:69:4f:ed:b2:a8:da:fd:87:d5:70:16:
ea:a3:a4:48:ac:1d:11:0f:b8:81:ec:fa:01:c1:5e:
6d:71:bd:ac:e7:82:d0:a1:1c:fa:99:93:ac:ff:f7:
c7:24:b3:c8:1f:a5:1a:43:ed:d1:89:ea:a4:9e:87:
5e:d7:b3:a1:93:d4:20:7f:f4:16:12:68:26:e7:26:
2d:0b:43:71:72:12:fa:20:57:89:60:fc:32:78:00:
28:23:d2:d4:17:6a:09:af:89:c5:e3:91:be:ea:2d:
00:11:be:71:87:4d:85:45:7d:c1:2f:66:6d:bf:c9:
72:b6:63:bc:67:cb:ff:c8:a4:98:8f:9b:80:88:fe:
a7:ab:79:d8:08:2f:47:dc:68:d7:7c:4d:00:50:d8:
f8:5c:9a:4f:fc:48:45:9a:00:e4:96:63:9a:1f:d4:
69:df:ed:2f:17:4b:9c:08:b6:9e:35:49:36:70:90:
7c:69:4f:8e:51:89:16:7e:bc:83:7e:1f:4c:4f:6c:
25:2e:c5:56:31:47:b8:13:92:eb:28:42:a9:6f:ac:
6c:12:64:f6:2c:06:dd:60:9d:db:7a:a3:29:36:ae:
6f:c4:00:37:7c:e0:53:80:33:ef:76:7c:75:cf:29:
98:fc:b5:55:39:fb:a4:20:cc:89:33:8f:57:56:03:
99:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:89:98:C9:99:D2:E7:3A:2F:EE:CE:A1:8B:80:18:DD:35:77:54:3F
X509v3 Authority Key Identifier:
keyid:91:83:16:AB:4E:A1:3E:BB:54:56:0C:1A:67:04:2D:47:E9:66:D8:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kYMWq06hPrtUVgwaZwQtR-lm2CM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/89fb99-9049-482f-95dc-9e3cd0d9d77a/1/kYMWq06hPrtUVgwaZwQtR-lm2CM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/89fb99-9049-482f-95dc-9e3cd0d9d77a/1/kYMWq06hPrtUVgwaZwQtR-lm2CM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
15:0e:40:c6:e4:b2:d6:98:98:f9:0e:af:ba:b5:e4:41:3d:83:
bd:81:a7:4a:9d:47:c3:ba:b1:7c:18:4d:f3:64:74:2c:3f:3b:
19:d0:74:6e:56:a3:4f:c4:5f:2c:23:35:67:bf:3d:4e:c7:5e:
1b:c2:8e:db:41:fe:d6:c0:dd:19:c1:7c:8a:22:f5:0f:ad:c7:
b7:b0:81:d5:fa:04:ac:fb:55:8a:b6:f1:b1:38:77:43:ba:de:
c6:19:38:40:10:f7:ec:c3:40:f6:5a:3e:b3:74:08:63:45:a6:
95:d8:dc:4f:29:06:5c:54:f6:21:5b:2d:f1:85:f1:55:37:8d:
53:c1:b6:41:4f:46:c6:93:ab:f4:6f:f2:52:50:a1:25:99:b3:
72:fc:f7:80:46:48:f4:2f:e1:e0:25:ad:6e:c1:46:d1:23:36:
18:4c:98:d0:d9:f7:97:7b:83:a8:a7:be:13:66:72:64:91:99:
80:c7:0b:3e:9c:44:a2:f0:4a:51:bb:01:a1:d4:3b:d5:74:04:
e4:d8:b6:fb:a1:5b:95:9d:9d:7b:4c:28:0e:57:84:15:9e:db:
9b:a1:ae:7b:7e:23:16:ee:f6:92:f4:41:93:4f:c9:14:bd:c8:
86:ef:83:c8:42:98:5b:fd:36:a9:2f:2d:b5:0f:9d:8a:60:0d:
5d:90:5b:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZo3yQq9nzd7ebwlRAcMavTrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxODMxNmFiNGVhMTNlYmI1NDU2MGMxYTY3MDQyZDQ3ZTk2
NmQ4MjMwHhcNMjUxMDMxMDEwMTUzWhcNMjUxMTAxMDEwMTUzWjAzMTEwLwYDVQQD
EygwZTg5OThjOTk5ZDJlNzNhMmZlZWNlYTE4YjgwMThkZDM1Nzc1NDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokjPaU/tsqja/YfVcBbqo6RIrB0R
D7iB7PoBwV5tcb2s54LQoRz6mZOs//fHJLPIH6UaQ+3Rieqknode17Ohk9Qgf/QW
Emgm5yYtC0NxchL6IFeJYPwyeAAoI9LUF2oJr4nF45G+6i0AEb5xh02FRX3BL2Zt
v8lytmO8Z8v/yKSYj5uAiP6nq3nYCC9H3GjXfE0AUNj4XJpP/EhFmgDklmOaH9Rp
3+0vF0ucCLaeNUk2cJB8aU+OUYkWfryDfh9MT2wlLsVWMUe4E5LrKEKpb6xsEmT2
LAbdYJ3beqMpNq5vxAA3fOBTgDPvdnx1zymY/LVVOfukIMyJM49XVgOZfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA6JmMmZ0uc6L+7OoYuAGN01d1Q/MB8GA1UdIwQY
MBaAFJGDFqtOoT67VFYMGmcELUfpZtgjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1lNV3EwNmhQcnRVVmd3YVp3UXRSLWxtMkNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi84OWZiOTktOTA0OS00ODJmLTk1ZGMt
OWUzY2QwZDlkNzdhLzEva1lNV3EwNmhQcnRVVmd3YVp3UXRSLWxtMkNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi84OWZiOTktOTA0OS00ODJmLTk1ZGMtOWUzY2QwZDlkNzdh
LzEva1lNV3EwNmhQcnRVVmd3YVp3UXRSLWxtMkNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFQ5AxuSy
1piY+Q6vurXkQT2DvYGnSp1Hw7qxfBhN82R0LD87GdB0blajT8RfLCM1Z789Tsde
G8KO20H+1sDdGcF8iiL1D63Ht7CB1foErPtVirbxsTh3Q7rexhk4QBD37MNA9lo+
s3QIY0WmldjcTykGXFT2IVst8YXxVTeNU8G2QU9GxpOr9G/yUlChJZmzcvz3gEZI
9C/h4CWtbsFG0SM2GEyY0Nn3l3uDqKe+E2ZyZJGZgMcLPpxEovBKUbsBodQ71XQE
5Ni2+6FblZ2de0woDleEFZ7bm6Gue34jFu72kvRBk0/JFL3Ihu+DyEKYW/02qS8t
tQ+dimANXZBbrQ==
-----END CERTIFICATE-----
Generated at Fri Oct 31 06:53:57 2025 by rpki-client