Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
File: KbOnF2ZaETfpncj60i4-f5jbiXM.mft (raw, json)
Hash identifier: K5OR7ZWr1aroYTccMT4dyoPu6sBjNfdPYRXuMS+tmNg=
Subject key identifier: 5C:9F:E2:90:B6:5B:E3:E9:4D:FA:52:0F:20:B4:28:0C:D0:25:ED:C4
Authority key identifier: 29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
Certificate issuer: /CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Certificate serial: 019A2967A29E31DC1A0FC647DB2165C017EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
Manifest number: 16FF
Signing time: Tue 28 Oct 2025 06:00:48 +0000
Manifest this update: Tue 28 Oct 2025 06:00:48 +0000
Manifest next update: Wed 29 Oct 2025 06:00:48 +0000
Files and hashes: 1: 0l-uuc0ta--zZGivAH1vRPmB_34.roa (hash: N3+ixN59bx1CAdzBVH5dBhTA7XSG6tSZGbX7+qQ9kkU=)
2: KbOnF2ZaETfpncj60i4-f5jbiXM.crl (hash: Jk+AOnix18xTNTcSifQUUx2NeLF7cJRmR1Z6Ut1Efks=)
3: ZjCHU3LEGq34M383f_KumGN_eB4.roa (hash: YxlGAgs8g3hAPxhoH9iP3cLnbEfE9zXQU/84spENz30=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 06:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:29:67:a2:9e:31:dc:1a:0f:c6:47:db:21:65:c0:17:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Validity
Not Before: Oct 28 06:00:48 2025 GMT
Not After : Oct 29 06:00:48 2025 GMT
Subject: CN=5c9fe290b65be3e94dfa520f20b4280cd025edc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1f:46:44:50:1f:cc:96:d1:d9:08:53:6f:3a:
ed:78:65:db:84:c6:77:49:8f:67:8c:3f:89:9a:9f:
ab:d3:06:d7:dd:b3:ff:bb:b2:18:2d:2c:10:c2:7c:
a9:3b:4c:f2:10:1b:6e:90:af:16:73:b0:02:8d:32:
cd:7f:a6:44:0a:8d:24:23:b0:63:1a:55:56:da:11:
8d:ed:e1:55:2b:41:9c:84:5f:ce:85:9e:93:63:e6:
53:86:f8:13:6c:d3:bb:3d:54:bb:f7:1d:53:7a:df:
41:1a:22:22:57:b1:e4:2a:fa:12:16:93:5a:2f:12:
f3:b3:ea:db:12:71:4d:e1:82:65:2f:c3:39:1e:4d:
88:5a:0b:83:a5:54:a7:8d:7f:0d:2d:05:0a:fd:1a:
10:cc:9b:e1:04:fb:aa:8a:ea:c8:7e:ed:55:1f:87:
da:5e:87:d8:bf:21:f1:d0:a8:72:ff:fa:54:25:e4:
14:83:27:01:0a:0d:87:59:c3:65:17:d7:b4:24:4d:
a8:44:d3:f4:4c:75:05:b7:bf:40:24:5a:03:37:2f:
39:b0:98:09:43:e9:16:6c:0d:92:ee:2c:48:12:a1:
dc:b2:ef:fc:06:a9:df:e6:ef:c8:cb:cf:cf:10:14:
08:89:7e:37:62:d8:81:1f:07:12:f8:65:5d:3e:71:
ac:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:9F:E2:90:B6:5B:E3:E9:4D:FA:52:0F:20:B4:28:0C:D0:25:ED:C4
X509v3 Authority Key Identifier:
keyid:29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
46:14:9e:71:70:7a:0a:1a:5f:46:e7:69:e0:7d:5e:e7:ca:69:
0e:0f:22:e7:3a:94:36:d8:19:57:61:39:04:c0:80:3a:ff:d8:
c6:1e:45:05:00:d1:f2:81:0f:39:a5:32:60:df:0d:86:14:35:
5f:09:ba:84:8a:e9:43:f2:39:cb:69:24:81:7a:fd:3e:21:75:
f6:67:cb:c4:cc:13:4c:8c:7d:61:da:81:3b:82:15:12:b9:dc:
08:1f:a4:5e:ac:a4:bb:25:37:36:f4:0a:bc:c8:22:0c:83:98:
13:2a:27:6f:3f:74:2f:4e:24:54:cc:2f:f5:d8:31:9a:6b:1a:
84:99:2d:d3:1f:88:bb:4c:36:79:5d:44:2d:93:59:90:34:0d:
51:b9:cd:72:25:86:d7:77:dc:13:06:2a:f5:42:ab:22:e2:57:
57:e4:fa:bf:f8:4d:c1:f1:b4:30:81:d2:23:9e:1b:aa:a4:25:
4a:b7:ab:83:75:b2:49:e4:f0:8d:8e:eb:99:8f:00:07:09:00:
4f:fb:9f:80:87:94:d7:88:1f:e4:a6:ec:ce:bf:36:6e:e3:51:
44:a6:2c:a9:c7:20:9d:83:a0:41:c1:51:f1:38:54:63:4c:50:
5a:36:42:be:4b:71:d9:85:82:c0:f1:62:a9:38:bd:22:3b:5b:
69:80:4f:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZopZ6KeMdwaD8ZH2yFlwBfqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YjNhNzE3NjY1YTExMzdlOTlkYzhmYWQyMmUzZTdmOThk
Yjg5NzMwHhcNMjUxMDI4MDYwMDQ4WhcNMjUxMDI5MDYwMDQ4WjAzMTEwLwYDVQQD
Eyg1YzlmZTI5MGI2NWJlM2U5NGRmYTUyMGYyMGI0MjgwY2QwMjVlZGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAth9GRFAfzJbR2QhTbzrteGXbhMZ3
SY9njD+Jmp+r0wbX3bP/u7IYLSwQwnypO0zyEBtukK8Wc7ACjTLNf6ZECo0kI7Bj
GlVW2hGN7eFVK0GchF/OhZ6TY+ZThvgTbNO7PVS79x1Tet9BGiIiV7HkKvoSFpNa
LxLzs+rbEnFN4YJlL8M5Hk2IWguDpVSnjX8NLQUK/RoQzJvhBPuqiurIfu1VH4fa
XofYvyHx0Khy//pUJeQUgycBCg2HWcNlF9e0JE2oRNP0THUFt79AJFoDNy85sJgJ
Q+kWbA2S7ixIEqHcsu/8Bqnf5u/Iy8/PEBQIiX43YtiBHwcS+GVdPnGs+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFyf4pC2W+PpTfpSDyC0KAzQJe3EMB8GA1UdIwQY
MBaAFCmzpxdmWhE36Z3I+tIuPn+Y24lzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgt
NjY5ZjdhNzYxNjMxLzEvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgtNjY5ZjdhNzYxNjMx
LzEvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARhSecXB6
ChpfRudp4H1e58ppDg8i5zqUNtgZV2E5BMCAOv/Yxh5FBQDR8oEPOaUyYN8NhhQ1
Xwm6hIrpQ/I5y2kkgXr9PiF19mfLxMwTTIx9YdqBO4IVErncCB+kXqykuyU3NvQK
vMgiDIOYEyonbz90L04kVMwv9dgxmmsahJkt0x+Iu0w2eV1ELZNZkDQNUbnNciWG
13fcEwYq9UKrIuJXV+T6v/hNwfG0MIHSI54bqqQlSrerg3WySeTwjY7rmY8ABwkA
T/ufgIeU14gf5Kbszr82buNRRKYsqccgnYOgQcFR8ThUY0xQWjZCvktx2YWCwPFi
qTi9IjtbaYBPSQ==
-----END CERTIFICATE-----
Generated at Tue Oct 28 14:17:57 2025 by rpki-client