Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/kNdTolR-A6Sw0vkccOnOTkRoBBg.mft
File: kNdTolR-A6Sw0vkccOnOTkRoBBg.mft (raw, json)
Hash identifier: mGzhcayiusdfen4vSfD9jXUFr+ApXMQpgNgKo9aAzgg=
Subject key identifier: 8E:AF:0E:45:C0:85:04:DB:A8:08:DB:00:A5:EB:EE:4E:27:86:EE:A6
Authority key identifier: 90:D7:53:A2:54:7E:03:A4:B0:D2:F9:1C:70:E9:CE:4E:44:68:04:18
Certificate issuer: /CN=90d753a2547e03a4b0d2f91c70e9ce4e44680418
Certificate serial: 019A7293AAC94CA068CBA5E34473808D37A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kNdTolR-A6Sw0vkccOnOTkRoBBg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/kNdTolR-A6Sw0vkccOnOTkRoBBg.mft
Manifest number: 0BC3
Signing time: Tue 11 Nov 2025 11:01:11 +0000
Manifest this update: Tue 11 Nov 2025 11:01:11 +0000
Manifest next update: Wed 12 Nov 2025 11:01:11 +0000
Files and hashes: 1: g5z8NV4dmlaKd11s7v3mxc0KYqU.roa (hash: bnZ9DFLSZGC/zi7MlcnpGi6LDIICQO79p3wjfCQfT+E=)
2: kNdTolR-A6Sw0vkccOnOTkRoBBg.crl (hash: aJJQh9rJnKP1P7VQkergd/xMZeNmTC7ELOMTsOxyWjY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/kNdTolR-A6Sw0vkccOnOTkRoBBg.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/kNdTolR-A6Sw0vkccOnOTkRoBBg.mft
rsync://rpki.ripe.net/repository/DEFAULT/kNdTolR-A6Sw0vkccOnOTkRoBBg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:aa:c9:4c:a0:68:cb:a5:e3:44:73:80:8d:37:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90d753a2547e03a4b0d2f91c70e9ce4e44680418
Validity
Not Before: Nov 11 11:01:11 2025 GMT
Not After : Nov 12 11:01:11 2025 GMT
Subject: CN=8eaf0e45c08504dba808db00a5ebee4e2786eea6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f3:e0:11:02:e1:fa:52:78:88:9a:fd:2a:90:
d9:d3:3d:21:f1:9a:46:44:53:97:b6:79:eb:3e:31:
3a:b2:f7:66:cc:73:02:e4:4b:25:f3:37:c9:a7:8c:
0c:49:8c:47:70:42:1b:64:b5:d8:02:96:7a:61:87:
f6:20:40:29:6c:c6:0c:6e:20:af:70:b5:5b:61:7a:
86:74:88:7a:d0:43:af:98:9e:7b:81:11:20:58:f5:
00:8d:42:61:97:90:66:ca:58:94:2d:6a:3e:cb:93:
b4:6f:f3:63:04:11:37:a8:8f:18:60:5f:95:fc:b7:
80:1a:3a:8c:2c:58:3d:a6:fe:2a:77:c4:f9:fd:e2:
79:68:04:f7:53:89:4a:ae:af:1e:93:3c:dc:e6:42:
1f:30:ee:79:6f:f5:3a:76:c7:e1:e8:54:e8:7e:8f:
28:3b:eb:e7:fa:cb:b8:5b:1d:ec:89:57:a6:df:a8:
a0:58:2d:14:cb:e1:b9:e3:55:f3:bb:bd:de:97:c9:
fc:5d:c4:18:a6:ca:43:5d:05:8f:f0:3e:cb:1a:5c:
5f:71:d5:af:cf:74:46:c5:61:82:ae:d1:fc:32:08:
c2:78:f9:93:14:85:6e:b4:28:c7:a2:f2:27:77:45:
70:2b:be:c3:24:24:96:69:43:78:86:65:9b:82:2e:
17:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:AF:0E:45:C0:85:04:DB:A8:08:DB:00:A5:EB:EE:4E:27:86:EE:A6
X509v3 Authority Key Identifier:
keyid:90:D7:53:A2:54:7E:03:A4:B0:D2:F9:1C:70:E9:CE:4E:44:68:04:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kNdTolR-A6Sw0vkccOnOTkRoBBg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/kNdTolR-A6Sw0vkccOnOTkRoBBg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/kNdTolR-A6Sw0vkccOnOTkRoBBg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3c:06:ab:00:a1:db:62:b7:2b:bd:73:02:cd:0b:ed:ac:27:8e:
3b:09:4c:d2:68:b6:a7:81:09:b2:28:9f:44:db:2b:7b:93:0c:
54:15:ea:02:c7:39:60:aa:bf:2d:6c:af:1c:b7:66:35:da:b2:
89:d3:d7:92:b0:33:08:6a:10:39:45:e7:d8:98:7c:a8:9e:b2:
96:2d:79:16:66:3f:5e:e5:a5:84:9b:75:56:f4:84:5b:99:9a:
b2:89:65:42:e1:c0:b1:c6:dc:db:08:98:b3:d9:77:95:b6:5b:
25:e4:c0:6e:ee:f9:11:39:1c:63:df:f7:c2:be:bb:0b:2c:7e:
b2:29:f3:c9:1a:a7:95:43:56:b0:a8:00:ec:e5:5a:df:57:f2:
61:5f:19:a4:3d:96:28:93:b7:05:69:f5:4e:87:a6:47:4b:17:
0d:c8:fe:f2:e4:fa:91:61:41:e0:00:83:3f:61:f9:95:c0:66:
29:b6:c5:b1:2c:bf:56:c5:3c:f1:e1:9b:8e:a8:1b:1f:49:df:
c5:7f:95:06:e0:0e:81:a2:58:ae:38:3a:48:d0:d1:66:43:7b:
6a:85:e4:97:c5:9a:25:13:1d:f5:f4:7b:fe:62:33:ce:2d:5a:
44:3b:92:b8:1d:bb:43:3c:4f:af:9d:44:ed:42:b5:bb:e5:73:
06:fa:16:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk6rJTKBoy6XjRHOAjTeoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZDc1M2EyNTQ3ZTAzYTRiMGQyZjkxYzcwZTljZTRlNDQ2
ODA0MTgwHhcNMjUxMTExMTEwMTExWhcNMjUxMTEyMTEwMTExWjAzMTEwLwYDVQQD
Eyg4ZWFmMGU0NWMwODUwNGRiYTgwOGRiMDBhNWViZWU0ZTI3ODZlZWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfPgEQLh+lJ4iJr9KpDZ0z0h8ZpG
RFOXtnnrPjE6svdmzHMC5Esl8zfJp4wMSYxHcEIbZLXYApZ6YYf2IEApbMYMbiCv
cLVbYXqGdIh60EOvmJ57gREgWPUAjUJhl5BmyliULWo+y5O0b/NjBBE3qI8YYF+V
/LeAGjqMLFg9pv4qd8T5/eJ5aAT3U4lKrq8ekzzc5kIfMO55b/U6dsfh6FTofo8o
O+vn+su4Wx3siVem36igWC0Uy+G541Xzu73el8n8XcQYpspDXQWP8D7LGlxfcdWv
z3RGxWGCrtH8MgjCePmTFIVutCjHovInd0VwK77DJCSWaUN4hmWbgi4XIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI6vDkXAhQTbqAjbAKXr7k4nhu6mMB8GA1UdIwQY
MBaAFJDXU6JUfgOksNL5HHDpzk5EaAQYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva05kVG9sUi1BNlN3MHZrY2NPbk9Ua1JvQkJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9jYzkwOTktNzEwMS00NzJlLWFlZmMt
NWViNjZiY2UzMThkLzEva05kVG9sUi1BNlN3MHZrY2NPbk9Ua1JvQkJnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9jYzkwOTktNzEwMS00NzJlLWFlZmMtNWViNjZiY2UzMThk
LzEva05kVG9sUi1BNlN3MHZrY2NPbk9Ua1JvQkJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPAarAKHb
YrcrvXMCzQvtrCeOOwlM0mi2p4EJsiifRNsre5MMVBXqAsc5YKq/LWyvHLdmNdqy
idPXkrAzCGoQOUXn2Jh8qJ6yli15FmY/XuWlhJt1VvSEW5masollQuHAscbc2wiY
s9l3lbZbJeTAbu75ETkcY9/3wr67Cyx+sinzyRqnlUNWsKgA7OVa31fyYV8ZpD2W
KJO3BWn1ToemR0sXDcj+8uT6kWFB4ACDP2H5lcBmKbbFsSy/VsU88eGbjqgbH0nf
xX+VBuAOgaJYrjg6SNDRZkN7aoXkl8WaJRMd9fR7/mIzzi1aRDuSuB27QzxPr51E
7UK1u+VzBvoWaA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:16:00 2025 by rpki-client