Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft
File: KBZKV1f91XJaYIRPKufvc7EHpMA.mft (raw, json)
Hash identifier: r/i/Sr0bjHHHiTjqvpY7zhDIwoU/oDl4eEc1Vfa2/cQ=
Subject key identifier: 7C:1D:D1:66:BB:DC:2F:37:97:DD:EC:B3:80:BD:3E:1F:71:8E:4E:14
Authority key identifier: 28:16:4A:57:57:FD:D5:72:5A:60:84:4F:2A:E7:EF:73:B1:07:A4:C0
Certificate issuer: /CN=28164a5757fdd5725a60844f2ae7ef73b107a4c0
Certificate serial: 019A70DC7ECA83DFCB21D57C983581D7B2ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft
Manifest number: 171C
Signing time: Tue 11 Nov 2025 03:01:29 +0000
Manifest this update: Tue 11 Nov 2025 03:01:29 +0000
Manifest next update: Wed 12 Nov 2025 03:01:29 +0000
Files and hashes: 1: KBZKV1f91XJaYIRPKufvc7EHpMA.crl (hash: obg30DhR0w7G4YWP19Fd0MT3cv80r5IowzvQy7/15P0=)
2: MhHg4JFChvahbVNUw3bJFSkkmEg.roa (hash: 4DOu8CWNY1OjDP1XSPeR4I2ZieWWV4v3/yu30qnq/P4=)
3: jPXAyTxRg6IHrumUsMVZCICaKwI.roa (hash: yu/3MPqNqBbwh5Kh6v8tYgtrr60bnzQOIu7M1/9ZqhU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:dc:7e:ca:83:df:cb:21:d5:7c:98:35:81:d7:b2:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28164a5757fdd5725a60844f2ae7ef73b107a4c0
Validity
Not Before: Nov 11 03:01:29 2025 GMT
Not After : Nov 12 03:01:29 2025 GMT
Subject: CN=7c1dd166bbdc2f3797ddecb380bd3e1f718e4e14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:62:a3:9b:fe:cc:3c:e8:1a:8c:39:63:9e:ff:
dd:11:c3:1f:54:c6:d6:f7:ec:47:f8:a6:0d:30:e1:
f7:c6:dc:83:0e:0c:9a:1d:9b:ac:fe:64:2e:19:6a:
af:b2:2d:1f:f7:6e:6e:86:11:25:3a:46:44:4d:6f:
ba:05:39:41:7e:71:3b:ba:20:7f:6a:17:b8:f1:d9:
72:d7:30:a4:de:13:fc:58:2a:5f:6f:4d:51:6a:f9:
76:42:e8:1d:f1:2c:61:5e:2c:a6:23:0b:73:27:26:
da:ae:95:c0:0b:f2:d4:b9:e4:e4:d6:41:b2:26:c8:
f3:fb:bb:f8:8c:99:38:76:32:e7:81:b5:17:5e:28:
35:fc:1b:39:fd:72:91:2a:75:0e:9c:3f:34:ac:c7:
18:88:f9:74:df:2b:81:d2:e0:50:61:15:17:87:16:
40:79:03:bc:86:f1:42:b0:24:f3:9b:62:8b:25:1a:
e0:4f:57:cb:3d:7b:2d:0b:03:ab:bf:1d:19:1e:09:
92:36:cd:7c:bb:de:f2:f1:d0:92:06:11:cb:05:a6:
dc:53:d4:1c:81:fd:c9:ab:e3:5c:bd:b9:64:53:7e:
ef:44:2f:31:a8:e3:47:ac:a9:2a:e2:23:82:c8:d7:
54:9a:43:9d:96:a7:99:f9:7e:28:64:d0:ea:9a:e4:
4e:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:1D:D1:66:BB:DC:2F:37:97:DD:EC:B3:80:BD:3E:1F:71:8E:4E:14
X509v3 Authority Key Identifier:
keyid:28:16:4A:57:57:FD:D5:72:5A:60:84:4F:2A:E7:EF:73:B1:07:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c4:70:f0:f7:a5:d3:f6:f0:44:89:d1:d9:26:48:8e:d0:40:45:
e6:6e:2d:14:a8:05:c2:f9:67:66:f6:35:e6:25:bb:da:c4:fe:
8d:aa:ab:94:9f:af:70:03:9d:c8:f3:c9:11:dd:ff:bd:ec:a4:
d9:41:cb:bf:2a:f7:74:07:3f:b1:be:c4:35:40:12:3e:0c:21:
a3:a0:df:24:28:16:da:b4:57:46:0d:77:f6:9f:23:c6:85:da:
1a:07:c9:ba:61:db:14:3c:e5:20:bb:99:69:9c:a9:c8:0a:10:
44:7f:d1:b3:de:15:80:f8:9c:8b:3d:cf:eb:ba:bb:50:b3:df:
a7:c9:e8:be:e8:b1:5d:89:eb:f3:3c:e1:67:5a:69:9d:47:74:
ec:23:2a:58:38:4f:98:9e:ba:85:5f:c2:2f:4b:0d:55:39:ee:
86:11:a2:ac:02:b5:9c:42:cf:41:50:b4:47:b5:30:b9:0b:9d:
8c:52:46:80:be:82:6e:c2:eb:d6:7a:e3:55:fc:f1:58:46:3f:
46:63:8c:85:89:7d:34:a6:b0:5c:69:aa:97:25:76:65:32:94:
a7:40:c3:01:eb:9d:66:d6:0e:32:8c:ed:8b:ce:66:f9:c4:33:
bf:8b:fc:27:46:57:9d:0a:ee:3d:06:6e:93:d4:9f:22:eb:38:
ba:3f:ab:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3H7Kg9/LIdV8mDWB17LtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTY0YTU3NTdmZGQ1NzI1YTYwODQ0ZjJhZTdlZjczYjEw
N2E0YzAwHhcNMjUxMTExMDMwMTI5WhcNMjUxMTEyMDMwMTI5WjAzMTEwLwYDVQQD
Eyg3YzFkZDE2NmJiZGMyZjM3OTdkZGVjYjM4MGJkM2UxZjcxOGU0ZTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWKjm/7MPOgajDljnv/dEcMfVMbW
9+xH+KYNMOH3xtyDDgyaHZus/mQuGWqvsi0f925uhhElOkZETW+6BTlBfnE7uiB/
ahe48dly1zCk3hP8WCpfb01Ravl2Qugd8SxhXiymIwtzJybarpXAC/LUueTk1kGy
Jsjz+7v4jJk4djLngbUXXig1/Bs5/XKRKnUOnD80rMcYiPl03yuB0uBQYRUXhxZA
eQO8hvFCsCTzm2KLJRrgT1fLPXstCwOrvx0ZHgmSNs18u97y8dCSBhHLBabcU9Qc
gf3Jq+NcvblkU37vRC8xqONHrKkq4iOCyNdUmkOdlqeZ+X4oZNDqmuROqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHwd0Wa73C83l93ss4C9Ph9xjk4UMB8GA1UdIwQY
MBaAFCgWSldX/dVyWmCETyrn73OxB6TAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85NTUzNWItZTYzMC00NTdmLThhMDEt
YWVhZTViYmMzOTIwLzEvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85NTUzNWItZTYzMC00NTdmLThhMDEtYWVhZTViYmMzOTIw
LzEvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxHDw96XT
9vBEidHZJkiO0EBF5m4tFKgFwvlnZvY15iW72sT+jaqrlJ+vcAOdyPPJEd3/veyk
2UHLvyr3dAc/sb7ENUASPgwho6DfJCgW2rRXRg139p8jxoXaGgfJumHbFDzlILuZ
aZypyAoQRH/Rs94VgPiciz3P67q7ULPfp8novuixXYnr8zzhZ1ppnUd07CMqWDhP
mJ66hV/CL0sNVTnuhhGirAK1nELPQVC0R7UwuQudjFJGgL6CbsLr1nrjVfzxWEY/
RmOMhYl9NKawXGmqlyV2ZTKUp0DDAeudZtYOMozti85m+cQzv4v8J0ZXnQruPQZu
k9SfIus4uj+rMg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:52:17 2025 by rpki-client