Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/aa975c-b9b5-4651-bc5b-ba7956b0f2dd/1/KL69RlhhhHPtTIN2fFHejiM8MpI.mft
File: KL69RlhhhHPtTIN2fFHejiM8MpI.mft (raw, json)
Hash identifier: lLXY9ESXAUgkRXncgksGXk41sjbEIxUAjYnx3S2Dcr8=
Subject key identifier: 21:A5:3B:31:87:98:A0:11:1A:41:9F:6A:BA:92:A6:AD:24:10:8E:19
Authority key identifier: 28:BE:BD:46:58:61:84:73:ED:4C:83:76:7C:51:DE:8E:23:3C:32:92
Certificate issuer: /CN=28bebd4658618473ed4c83767c51de8e233c3292
Certificate serial: 019A7301A1B990ABCD6A0D280A751A07C69C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KL69RlhhhHPtTIN2fFHejiM8MpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/aa975c-b9b5-4651-bc5b-ba7956b0f2dd/1/KL69RlhhhHPtTIN2fFHejiM8MpI.mft
Manifest number: 109D
Signing time: Tue 11 Nov 2025 13:01:18 +0000
Manifest this update: Tue 11 Nov 2025 13:01:18 +0000
Manifest next update: Wed 12 Nov 2025 13:01:18 +0000
Files and hashes: 1: KL69RlhhhHPtTIN2fFHejiM8MpI.crl (hash: xgHqig1dQzUVBfCv9255rijqlIi7EWZeWMdjyWNSI6w=)
2: jp-8lbUOvN6sUPZsTL-dh7MOVR8.roa (hash: /kMpoM5rzLA4Q5DdnfjuYEV0in2H+0XYtN+u4LENV/A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/aa975c-b9b5-4651-bc5b-ba7956b0f2dd/1/KL69RlhhhHPtTIN2fFHejiM8MpI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/aa975c-b9b5-4651-bc5b-ba7956b0f2dd/1/KL69RlhhhHPtTIN2fFHejiM8MpI.mft
rsync://rpki.ripe.net/repository/DEFAULT/KL69RlhhhHPtTIN2fFHejiM8MpI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:01:a1:b9:90:ab:cd:6a:0d:28:0a:75:1a:07:c6:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28bebd4658618473ed4c83767c51de8e233c3292
Validity
Not Before: Nov 11 13:01:18 2025 GMT
Not After : Nov 12 13:01:18 2025 GMT
Subject: CN=21a53b318798a0111a419f6aba92a6ad24108e19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:34:f4:d8:19:bf:72:ae:1f:b4:2f:a8:08:c3:
2f:d2:6a:91:52:92:90:55:69:56:57:7c:64:20:e6:
40:10:25:2d:be:bd:d7:82:80:22:cf:7b:4e:d4:c1:
57:03:76:f5:33:cf:65:90:48:a1:04:3f:3b:fc:08:
7c:11:93:1f:bc:97:b3:ac:57:f3:3b:eb:10:fb:40:
2c:ac:1c:0a:e3:77:fe:a6:cd:14:00:52:92:40:0e:
25:8f:aa:8f:0d:3c:bb:68:ac:5d:2a:fb:91:00:7e:
80:55:31:4f:1d:e0:90:3e:4b:96:20:a3:a2:17:fc:
84:a4:e5:73:ca:05:92:64:da:50:98:ed:63:a5:2f:
9d:16:63:62:40:d8:43:27:71:69:79:53:39:06:29:
e6:9c:96:b9:42:1d:df:92:1e:06:d6:9f:c3:ac:1d:
49:39:8d:09:2e:ae:95:55:ca:62:01:f6:51:2d:bf:
ca:73:c7:77:8d:7e:60:9b:7f:62:65:6e:05:f1:42:
27:9f:3c:1f:92:fc:19:ab:48:fd:0c:b5:2e:8d:54:
b3:75:52:10:82:a1:da:aa:be:85:e2:8f:23:3b:02:
91:0a:38:cd:99:d4:2c:bb:f7:b2:1e:d4:c0:f8:2d:
b9:5a:20:db:2c:d7:77:8b:d0:22:00:c3:2d:93:69:
59:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:A5:3B:31:87:98:A0:11:1A:41:9F:6A:BA:92:A6:AD:24:10:8E:19
X509v3 Authority Key Identifier:
keyid:28:BE:BD:46:58:61:84:73:ED:4C:83:76:7C:51:DE:8E:23:3C:32:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KL69RlhhhHPtTIN2fFHejiM8MpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/aa975c-b9b5-4651-bc5b-ba7956b0f2dd/1/KL69RlhhhHPtTIN2fFHejiM8MpI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/aa975c-b9b5-4651-bc5b-ba7956b0f2dd/1/KL69RlhhhHPtTIN2fFHejiM8MpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:2e:50:ed:00:c1:a9:d2:c3:4c:38:61:ca:19:8f:f5:b3:b6:
f3:f1:59:05:c2:16:5f:5f:ae:5a:66:07:a2:02:a1:9c:32:ac:
fa:de:85:1f:52:cc:b1:95:9a:f2:6f:60:15:fb:d9:1a:b7:96:
aa:72:c1:c1:1d:19:40:6a:9d:2e:ff:5c:bb:93:56:6b:00:44:
3a:97:46:63:5c:5d:b7:64:9f:cf:db:40:73:52:87:ed:27:1b:
00:45:c9:19:7c:2d:50:d5:ca:c3:5e:3f:48:c0:d9:24:19:c4:
6e:77:54:41:13:1c:18:c7:de:a8:72:ee:db:8f:d9:4b:ba:1d:
9d:e6:f4:7d:c2:dd:fd:91:b5:9d:92:ba:cd:5a:cc:49:e9:66:
f0:96:e7:98:19:7f:a2:a1:a5:6d:f6:32:dc:86:70:11:6d:b3:
b3:b7:5a:02:e2:06:9f:3f:d8:b5:8e:0c:37:70:15:2b:29:c9:
5e:25:72:72:40:76:22:fc:c8:72:c1:5a:99:2d:b5:d7:3a:d7:
6c:ef:84:68:ee:96:c2:42:3c:25:bf:cf:2d:2e:60:12:f8:58:
2f:0a:19:ff:99:49:23:66:e0:4d:2f:a1:33:af:55:59:81:bb:
28:0b:b0:12:6f:69:c3:e3:25:36:92:1a:95:b2:a4:b2:50:af:
b3:87:9f:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAaG5kKvNag0oCnUaB8acMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YmViZDQ2NTg2MTg0NzNlZDRjODM3NjdjNTFkZThlMjMz
YzMyOTIwHhcNMjUxMTExMTMwMTE4WhcNMjUxMTEyMTMwMTE4WjAzMTEwLwYDVQQD
EygyMWE1M2IzMTg3OThhMDExMWE0MTlmNmFiYTkyYTZhZDI0MTA4ZTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzT02Bm/cq4ftC+oCMMv0mqRUpKQ
VWlWV3xkIOZAECUtvr3XgoAiz3tO1MFXA3b1M89lkEihBD87/Ah8EZMfvJezrFfz
O+sQ+0AsrBwK43f+ps0UAFKSQA4lj6qPDTy7aKxdKvuRAH6AVTFPHeCQPkuWIKOi
F/yEpOVzygWSZNpQmO1jpS+dFmNiQNhDJ3FpeVM5BinmnJa5Qh3fkh4G1p/DrB1J
OY0JLq6VVcpiAfZRLb/Kc8d3jX5gm39iZW4F8UInnzwfkvwZq0j9DLUujVSzdVIQ
gqHaqr6F4o8jOwKRCjjNmdQsu/eyHtTA+C25WiDbLNd3i9AiAMMtk2lZpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCGlOzGHmKARGkGfarqSpq0kEI4ZMB8GA1UdIwQY
MBaAFCi+vUZYYYRz7UyDdnxR3o4jPDKSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0w2OVJsaGhoSFB0VElOMmZGSGVqaU04TXBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9hYTk3NWMtYjliNS00NjUxLWJjNWIt
YmE3OTU2YjBmMmRkLzEvS0w2OVJsaGhoSFB0VElOMmZGSGVqaU04TXBJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9hYTk3NWMtYjliNS00NjUxLWJjNWItYmE3OTU2YjBmMmRk
LzEvS0w2OVJsaGhoSFB0VElOMmZGSGVqaU04TXBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAES5Q7QDB
qdLDTDhhyhmP9bO28/FZBcIWX1+uWmYHogKhnDKs+t6FH1LMsZWa8m9gFfvZGreW
qnLBwR0ZQGqdLv9cu5NWawBEOpdGY1xdt2Sfz9tAc1KH7ScbAEXJGXwtUNXKw14/
SMDZJBnEbndUQRMcGMfeqHLu24/ZS7odneb0fcLd/ZG1nZK6zVrMSelm8JbnmBl/
oqGlbfYy3IZwEW2zs7daAuIGnz/YtY4MN3AVKynJXiVyckB2IvzIcsFamS211zrX
bO+EaO6WwkI8Jb/PLS5gEvhYLwoZ/5lJI2bgTS+hM69VWYG7KAuwEm9pw+MlNpIa
lbKkslCvs4eflA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:45:49 2025 by rpki-client