Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/0614a6-d01c-4ff2-a993-7246457fd2b3/1/KfUkAji4KPFuYCKeJjNQPwSEZZk.mft
File: KfUkAji4KPFuYCKeJjNQPwSEZZk.mft (raw, json)
Hash identifier: I09dHDQU1ubNGycI4lpJAojd+/5mQ07qljytxo0+89o=
Subject key identifier: A6:B3:80:D5:22:BF:ED:B9:D6:F4:1A:83:31:52:A5:C2:5C:73:77:47
Authority key identifier: 29:F5:24:02:38:B8:28:F1:6E:60:22:9E:26:33:50:3F:04:84:65:99
Certificate issuer: /CN=29f5240238b828f16e60229e2633503f04846599
Certificate serial: 019A72935DAC072B20036AC25DB4961C5702
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KfUkAji4KPFuYCKeJjNQPwSEZZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/0614a6-d01c-4ff2-a993-7246457fd2b3/1/KfUkAji4KPFuYCKeJjNQPwSEZZk.mft
Manifest number: 0410
Signing time: Tue 11 Nov 2025 11:00:51 +0000
Manifest this update: Tue 11 Nov 2025 11:00:51 +0000
Manifest next update: Wed 12 Nov 2025 11:00:51 +0000
Files and hashes: 1: KfUkAji4KPFuYCKeJjNQPwSEZZk.crl (hash: ZdRnreDPaE3C5sciicxZsh9A0PVPmo9FMvamJlViL/w=)
2: ffvaic9mo-Ox_7Jsdhd4jhWeyvM.roa (hash: nAU1XWM3o+xHaVb0+VtmU8Q3s90CIRxbMQo+s7S+UMk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/0614a6-d01c-4ff2-a993-7246457fd2b3/1/KfUkAji4KPFuYCKeJjNQPwSEZZk.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/0614a6-d01c-4ff2-a993-7246457fd2b3/1/KfUkAji4KPFuYCKeJjNQPwSEZZk.mft
rsync://rpki.ripe.net/repository/DEFAULT/KfUkAji4KPFuYCKeJjNQPwSEZZk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:5d:ac:07:2b:20:03:6a:c2:5d:b4:96:1c:57:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29f5240238b828f16e60229e2633503f04846599
Validity
Not Before: Nov 11 11:00:51 2025 GMT
Not After : Nov 12 11:00:51 2025 GMT
Subject: CN=a6b380d522bfedb9d6f41a833152a5c25c737747
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:7f:42:05:c2:08:4f:2e:75:f9:a5:b6:12:74:
26:be:b5:e6:cd:03:22:f2:96:be:ae:e9:1f:84:af:
dc:07:74:1a:e3:86:12:95:f5:77:6d:00:28:44:e3:
0d:e3:09:67:a0:12:49:92:b3:79:93:08:0a:2e:ea:
78:d1:d2:f1:a1:8e:fb:a6:d1:70:33:ad:7b:14:f7:
ce:d6:89:cd:0f:3e:e6:6c:ee:a2:0c:64:0e:e6:86:
c6:95:b8:47:39:94:a7:8b:58:72:39:75:9a:cd:f6:
96:a3:18:a6:79:17:5f:14:ca:85:e5:09:0d:f7:86:
c4:8d:4b:a7:ee:3e:2b:68:5c:7c:6a:43:00:61:d2:
40:09:ce:48:e1:3e:fe:3e:82:d1:5c:3f:71:fb:dd:
ef:66:90:d8:99:1a:45:ac:9e:6c:01:1c:9b:2d:0d:
91:fc:8b:fa:ab:7a:59:b5:d7:c3:4a:c8:df:d0:db:
fe:ed:83:91:cf:55:ad:e5:30:fa:36:9d:c2:f2:dc:
56:85:c2:7e:bf:e8:1e:b6:53:85:65:ba:15:87:10:
2b:7f:1e:34:ae:05:84:cc:ce:f4:6f:87:52:20:2d:
1f:73:80:62:8d:98:0c:e3:ec:b0:73:a3:dd:cc:f9:
92:4f:aa:d8:c9:03:78:78:22:0b:e6:b6:0d:d7:ee:
90:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:B3:80:D5:22:BF:ED:B9:D6:F4:1A:83:31:52:A5:C2:5C:73:77:47
X509v3 Authority Key Identifier:
keyid:29:F5:24:02:38:B8:28:F1:6E:60:22:9E:26:33:50:3F:04:84:65:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KfUkAji4KPFuYCKeJjNQPwSEZZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/0614a6-d01c-4ff2-a993-7246457fd2b3/1/KfUkAji4KPFuYCKeJjNQPwSEZZk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/0614a6-d01c-4ff2-a993-7246457fd2b3/1/KfUkAji4KPFuYCKeJjNQPwSEZZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ca:8b:b7:cb:ae:df:2f:25:2f:e5:f0:b6:3b:a1:c8:67:fa:1d:
a2:41:b3:19:3b:ad:e5:09:fc:fe:69:c9:97:00:7a:e4:df:b8:
e6:52:23:7c:9e:2d:6b:9f:85:e0:0e:6c:2d:be:89:25:94:5c:
b1:50:6c:08:31:7e:cb:4e:5b:8d:98:0f:15:f5:97:e4:ed:0a:
a0:06:13:9d:6a:75:87:0a:ad:09:59:78:29:60:85:b2:88:b9:
64:b9:39:70:f2:ac:ae:5f:c9:97:81:00:97:b9:63:36:b8:c9:
f2:df:26:05:df:04:27:2d:44:93:eb:38:cd:af:80:68:1d:49:
07:d1:44:c3:65:8a:3f:ce:64:23:66:01:45:d0:6d:e8:41:93:
80:21:8f:7c:99:49:1b:a6:b6:02:81:05:ec:20:17:6f:af:e8:
12:f5:3a:c7:19:80:b7:3e:8c:84:94:5d:d5:25:28:9c:71:6b:
a0:02:13:89:97:28:29:5b:ab:14:41:42:c5:76:ca:af:b7:31:
b4:77:81:43:45:8e:b7:88:95:b5:26:b3:41:8a:ed:f1:15:6b:
3b:d4:6e:06:f1:e2:2f:27:ad:a9:df:ff:82:2a:87:d9:ae:a8:
da:c6:b0:cf:b0:6b:ae:7b:db:fc:16:0a:9c:ad:46:32:26:03:
c7:a2:0f:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk12sBysgA2rCXbSWHFcCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZjUyNDAyMzhiODI4ZjE2ZTYwMjI5ZTI2MzM1MDNmMDQ4
NDY1OTkwHhcNMjUxMTExMTEwMDUxWhcNMjUxMTEyMTEwMDUxWjAzMTEwLwYDVQQD
EyhhNmIzODBkNTIyYmZlZGI5ZDZmNDFhODMzMTUyYTVjMjVjNzM3NzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1X9CBcIITy51+aW2EnQmvrXmzQMi
8pa+rukfhK/cB3Qa44YSlfV3bQAoROMN4wlnoBJJkrN5kwgKLup40dLxoY77ptFw
M617FPfO1onNDz7mbO6iDGQO5obGlbhHOZSni1hyOXWazfaWoximeRdfFMqF5QkN
94bEjUun7j4raFx8akMAYdJACc5I4T7+PoLRXD9x+93vZpDYmRpFrJ5sARybLQ2R
/Iv6q3pZtdfDSsjf0Nv+7YORz1Wt5TD6Np3C8txWhcJ+v+getlOFZboVhxArfx40
rgWEzM70b4dSIC0fc4BijZgM4+ywc6PdzPmST6rYyQN4eCIL5rYN1+6QqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKazgNUiv+251vQagzFSpcJcc3dHMB8GA1UdIwQY
MBaAFCn1JAI4uCjxbmAiniYzUD8EhGWZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZVa0FqaTRLUEZ1WUNLZUpqTlFQd1NFWlprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8wNjE0YTYtZDAxYy00ZmYyLWE5OTMt
NzI0NjQ1N2ZkMmIzLzEvS2ZVa0FqaTRLUEZ1WUNLZUpqTlFQd1NFWlprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8wNjE0YTYtZDAxYy00ZmYyLWE5OTMtNzI0NjQ1N2ZkMmIz
LzEvS2ZVa0FqaTRLUEZ1WUNLZUpqTlFQd1NFWlprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyou3y67f
LyUv5fC2O6HIZ/odokGzGTut5Qn8/mnJlwB65N+45lIjfJ4ta5+F4A5sLb6JJZRc
sVBsCDF+y05bjZgPFfWX5O0KoAYTnWp1hwqtCVl4KWCFsoi5ZLk5cPKsrl/Jl4EA
l7ljNrjJ8t8mBd8EJy1Ek+s4za+AaB1JB9FEw2WKP85kI2YBRdBt6EGTgCGPfJlJ
G6a2AoEF7CAXb6/oEvU6xxmAtz6MhJRd1SUonHFroAITiZcoKVurFEFCxXbKr7cx
tHeBQ0WOt4iVtSazQYrt8RVrO9RuBvHiLyetqd//giqH2a6o2sawz7Brrnvb/BYK
nK1GMiYDx6IPIA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:37:09 2025 by rpki-client