Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft
File: kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft (raw, json)
Hash identifier: mZamEUuT7nSOTgiSTAPXMUDh0Tv5xSaWWvWcqs8mjtg=
Subject key identifier: 64:88:70:78:83:43:3F:C3:99:74:11:28:2E:33:4D:7D:76:47:43:4D
Authority key identifier: 91:D3:38:37:0E:10:62:7A:4C:D6:31:E3:FD:E1:86:E1:94:89:8C:81
Certificate issuer: /CN=91d338370e10627a4cd631e3fde186e194898c81
Certificate serial: 019A71B8F8D3212DD193480D9973569812A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft
Manifest number: 0D0A
Signing time: Tue 11 Nov 2025 07:02:18 +0000
Manifest this update: Tue 11 Nov 2025 07:02:18 +0000
Manifest next update: Wed 12 Nov 2025 07:02:18 +0000
Files and hashes: 1: kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.crl (hash: +vl6IGDIDDK29cUwnVRbj/0qxfD/uzol7TQzWFWzSlM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft
rsync://rpki.ripe.net/repository/DEFAULT/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:f8:d3:21:2d:d1:93:48:0d:99:73:56:98:12:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d338370e10627a4cd631e3fde186e194898c81
Validity
Not Before: Nov 11 07:02:18 2025 GMT
Not After : Nov 12 07:02:18 2025 GMT
Subject: CN=6488707883433fc3997411282e334d7d7647434d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:da:61:af:51:ee:89:01:fc:18:33:e5:db:31:
5f:80:29:1c:41:ee:ac:f3:83:b4:02:62:e0:3b:8d:
23:17:aa:3e:6c:31:e7:75:48:6f:34:3f:30:e8:e7:
c8:79:a3:1e:85:2e:fe:4f:54:49:cd:15:80:25:bb:
12:21:0d:13:78:9f:c7:24:af:2b:27:db:34:14:45:
98:4a:a6:c3:67:54:80:3b:81:16:f5:81:58:7f:df:
24:b4:ff:35:58:34:07:98:24:7d:83:74:39:8c:fd:
e6:ff:18:40:07:64:99:85:00:dd:d8:33:1c:70:1a:
74:af:ed:04:81:f7:56:23:21:ae:72:8f:f9:fe:91:
86:50:ae:50:de:da:ef:0a:23:88:45:9e:8a:2e:46:
ca:e7:fc:b2:52:4c:3c:8d:f6:41:12:af:45:e0:7b:
37:cd:0e:3c:ff:68:23:bc:65:3e:2c:25:37:9c:f5:
79:51:c6:88:28:13:88:25:87:58:6f:dd:56:66:91:
a7:e6:6a:49:d8:95:fd:27:6e:53:ce:b9:8e:d2:ca:
3b:de:65:df:72:15:79:21:a0:00:1f:83:ac:0b:8d:
04:9c:87:b1:2b:54:23:7f:bb:ec:1f:3b:b5:a6:b3:
3b:13:bb:fc:64:38:b8:8c:79:f2:00:76:23:0a:49:
cd:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:88:70:78:83:43:3F:C3:99:74:11:28:2E:33:4D:7D:76:47:43:4D
X509v3 Authority Key Identifier:
keyid:91:D3:38:37:0E:10:62:7A:4C:D6:31:E3:FD:E1:86:E1:94:89:8C:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
51:ca:7e:1e:b0:bd:d0:c7:f5:7b:c2:00:b3:29:2c:3b:91:e2:
94:5d:d1:36:96:af:95:7d:27:4f:e4:cd:62:3d:0b:32:91:5a:
ce:ce:01:e3:60:38:c3:01:99:de:3e:cd:a2:a3:ed:83:03:94:
a7:8a:54:26:04:c3:2a:1b:a6:eb:88:c3:7b:f1:e3:6b:ae:1f:
fb:59:8e:e8:84:b2:d6:81:47:66:21:7f:f2:f6:71:90:a4:2c:
16:a3:61:a9:a3:03:e4:c5:f1:d7:d6:0b:ab:79:78:c8:8e:ea:
a0:fd:a0:66:7b:93:e9:96:c7:5c:7a:0b:e9:32:55:90:87:84:
de:c4:0d:52:72:80:b5:e2:2d:ed:39:66:bf:d5:e2:08:2c:f6:
cd:9c:c9:9f:64:f9:de:7e:4d:3c:1a:da:b7:35:14:86:b3:1d:
d3:9f:fc:da:06:9d:4d:08:4b:c0:99:d8:29:b1:9b:e7:30:0d:
ad:31:8f:3e:84:05:fe:0e:b8:7c:ac:ce:8e:04:da:b0:c9:e1:
89:91:da:9e:3b:65:50:af:a5:79:0b:8b:62:18:f1:ce:5e:18:
c9:be:56:8f:cf:27:a7:1e:9f:73:3e:86:64:2d:cc:5a:5d:97:
41:e6:32:67:2a:b3:93:7f:85:46:3b:e5:56:09:2d:ad:01:c9:
10:08:0e:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuPjTIS3Rk0gNmXNWmBKlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDMzODM3MGUxMDYyN2E0Y2Q2MzFlM2ZkZTE4NmUxOTQ4
OThjODEwHhcNMjUxMTExMDcwMjE4WhcNMjUxMTEyMDcwMjE4WjAzMTEwLwYDVQQD
Eyg2NDg4NzA3ODgzNDMzZmMzOTk3NDExMjgyZTMzNGQ3ZDc2NDc0MzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNphr1HuiQH8GDPl2zFfgCkcQe6s
84O0AmLgO40jF6o+bDHndUhvND8w6OfIeaMehS7+T1RJzRWAJbsSIQ0TeJ/HJK8r
J9s0FEWYSqbDZ1SAO4EW9YFYf98ktP81WDQHmCR9g3Q5jP3m/xhAB2SZhQDd2DMc
cBp0r+0EgfdWIyGuco/5/pGGUK5Q3trvCiOIRZ6KLkbK5/yyUkw8jfZBEq9F4Hs3
zQ48/2gjvGU+LCU3nPV5UcaIKBOIJYdYb91WZpGn5mpJ2JX9J25TzrmO0so73mXf
chV5IaAAH4OsC40EnIexK1Qjf7vsHzu1prM7E7v8ZDi4jHnyAHYjCknNowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGSIcHiDQz/DmXQRKC4zTX12R0NNMB8GA1UdIwQY
MBaAFJHTODcOEGJ6TNYx4/3hhuGUiYyBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RNNE53NFFZbnBNMWpIal9lR0c0WlNKaklFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni85OTBmZGEtNTkwNS00ZTQ5LWE2MzAt
MTUzNTdjZDVlY2U0LzEva2RNNE53NFFZbnBNMWpIal9lR0c0WlNKaklFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni85OTBmZGEtNTkwNS00ZTQ5LWE2MzAtMTUzNTdjZDVlY2U0
LzEva2RNNE53NFFZbnBNMWpIal9lR0c0WlNKaklFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUcp+HrC9
0Mf1e8IAsyksO5HilF3RNpavlX0nT+TNYj0LMpFazs4B42A4wwGZ3j7NoqPtgwOU
p4pUJgTDKhum64jDe/Hja64f+1mO6ISy1oFHZiF/8vZxkKQsFqNhqaMD5MXx19YL
q3l4yI7qoP2gZnuT6ZbHXHoL6TJVkIeE3sQNUnKAteIt7Tlmv9XiCCz2zZzJn2T5
3n5NPBratzUUhrMd05/82gadTQhLwJnYKbGb5zANrTGPPoQF/g64fKzOjgTasMnh
iZHanjtlUK+leQuLYhjxzl4Yyb5Wj88npx6fcz6GZC3MWl2XQeYyZyqzk3+FRjvl
VgktrQHJEAgOyw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:58:44 2025 by rpki-client