Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
File: kpbYTmTVXsgSR2-4BvD-daCL-ys.mft (raw, json)
Hash identifier: MomGPj1QZemu/TCM0tT6NoQmWjIADOVAcyqbnKk9awA=
Subject key identifier: E5:F1:D6:E9:D5:8D:71:45:AF:95:AA:4F:66:49:91:EC:73:62:F4:BA
Authority key identifier: 92:96:D8:4E:64:D5:5E:C8:12:47:6F:B8:06:F0:FE:75:A0:8B:FB:2B
Certificate issuer: /CN=9296d84e64d55ec812476fb806f0fe75a08bfb2b
Certificate serial: 0199EC78B4620DE1C71EAED4E58C95C7F814
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
Manifest number: 16DB
Signing time: Thu 16 Oct 2025 10:02:37 +0000
Manifest this update: Thu 16 Oct 2025 10:02:37 +0000
Manifest next update: Fri 17 Oct 2025 10:02:37 +0000
Files and hashes: 1: kpbYTmTVXsgSR2-4BvD-daCL-ys.crl (hash: sw3q6BTfZu9qdLhF1TQ5YCDKLT+pA3Dr1fYnw87ou3w=)
2: r4bjJ2cCOInhIlG1f9hIdTm3g6M.roa (hash: aZToxg96BEY8Qvj4uVJxCXKyOgQmRt2zg6OKjNY/eQ0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Oct 2025 06:44:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ec:78:b4:62:0d:e1:c7:1e:ae:d4:e5:8c:95:c7:f8:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9296d84e64d55ec812476fb806f0fe75a08bfb2b
Validity
Not Before: Oct 16 10:02:37 2025 GMT
Not After : Oct 17 10:02:37 2025 GMT
Subject: CN=e5f1d6e9d58d7145af95aa4f664991ec7362f4ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:90:fc:f2:81:77:9b:fa:ed:16:64:c2:6e:52:
9b:6f:09:59:e8:f9:0e:26:35:bc:a8:ef:cf:e9:f4:
9b:d7:ec:ba:f9:74:9d:63:96:e9:0f:22:2c:35:e6:
4e:e2:58:49:53:82:4e:e1:dd:e2:53:32:a7:42:2a:
a3:0f:15:4d:2b:57:d8:d0:fb:c0:58:6a:97:a7:73:
91:9c:7d:01:f8:c9:5e:03:3e:fe:5f:ae:37:f8:6b:
a2:30:88:89:c4:8d:98:e7:63:95:29:fe:d1:f6:e4:
d0:0a:b6:b0:ae:0e:e9:39:dd:5e:c8:59:a4:41:1f:
46:5d:21:ce:49:ef:d4:dc:19:ca:dc:e5:14:8c:12:
98:81:c7:39:37:20:cb:22:31:a7:ac:c0:f1:47:c0:
97:c0:86:0d:c3:ae:55:52:a1:82:e5:89:22:83:7a:
3f:01:b5:3a:3c:e9:e8:22:4d:18:ce:d3:79:16:08:
a3:1a:d1:77:96:fe:d1:b7:d3:6d:36:75:38:2d:83:
ce:8b:e8:79:d2:20:2a:66:dd:31:37:10:71:34:5e:
41:5e:80:99:6a:a1:ee:20:36:ab:13:c8:96:61:f7:
4d:38:dd:19:e0:a0:2c:8b:b5:43:b8:2a:99:51:8a:
f6:60:5c:26:1f:73:d4:c7:84:89:6c:be:6f:43:6b:
2c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:F1:D6:E9:D5:8D:71:45:AF:95:AA:4F:66:49:91:EC:73:62:F4:BA
X509v3 Authority Key Identifier:
keyid:92:96:D8:4E:64:D5:5E:C8:12:47:6F:B8:06:F0:FE:75:A0:8B:FB:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9a:8d:ba:f6:b2:40:49:10:05:8e:44:4a:c9:ab:4f:ee:3d:d8:
f0:44:84:a1:a6:33:43:27:48:de:6f:8e:5f:5d:1f:8e:1f:bd:
5a:12:54:ee:89:8a:4b:a1:c5:9b:e6:91:57:c7:25:a2:f5:2d:
56:a9:82:f2:4c:1d:2e:47:35:82:e9:8b:69:1e:c2:8b:dd:2b:
27:df:52:9a:d0:d8:93:eb:1b:1f:11:e2:89:86:d2:45:1a:04:
bd:2d:23:4e:79:08:7c:57:ea:e4:a1:2b:b7:36:1e:cd:4a:ed:
28:b1:37:7a:55:b2:63:34:7c:b0:d2:04:b4:60:8b:61:24:1c:
ea:31:4e:8d:16:06:4e:e3:83:74:00:dc:ea:2a:d2:b5:47:e5:
50:6b:cc:b2:ee:d6:66:02:85:29:03:95:28:39:0a:11:4c:26:
68:2d:1f:2a:a9:49:9f:cc:16:de:8c:08:3f:64:63:09:df:49:
72:99:af:d3:52:51:4d:6e:fa:bf:4c:cf:f0:ef:3b:fe:80:d1:
36:70:cf:f8:0a:4e:93:49:8f:7d:f3:a5:21:38:d4:33:a6:54:
1c:84:a4:8e:30:31:a0:0c:6f:a3:1c:17:94:20:b1:d6:e7:e9:
30:04:c1:34:5c:fd:7e:92:27:06:29:81:4a:58:04:a0:af:a0:
a4:97:75:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZnseLRiDeHHHq7U5YyVx/gUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTZkODRlNjRkNTVlYzgxMjQ3NmZiODA2ZjBmZTc1YTA4
YmZiMmIwHhcNMjUxMDE2MTAwMjM3WhcNMjUxMDE3MTAwMjM3WjAzMTEwLwYDVQQD
EyhlNWYxZDZlOWQ1OGQ3MTQ1YWY5NWFhNGY2NjQ5OTFlYzczNjJmNGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZD88oF3m/rtFmTCblKbbwlZ6PkO
JjW8qO/P6fSb1+y6+XSdY5bpDyIsNeZO4lhJU4JO4d3iUzKnQiqjDxVNK1fY0PvA
WGqXp3ORnH0B+MleAz7+X643+GuiMIiJxI2Y52OVKf7R9uTQCrawrg7pOd1eyFmk
QR9GXSHOSe/U3BnK3OUUjBKYgcc5NyDLIjGnrMDxR8CXwIYNw65VUqGC5Ykig3o/
AbU6POnoIk0YztN5FgijGtF3lv7Rt9NtNnU4LYPOi+h50iAqZt0xNxBxNF5BXoCZ
aqHuIDarE8iWYfdNON0Z4KAsi7VDuCqZUYr2YFwmH3PUx4SJbL5vQ2ssEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOXx1unVjXFFr5WqT2ZJkexzYvS6MB8GA1UdIwQY
MBaAFJKW2E5k1V7IEkdvuAbw/nWgi/srMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9hNTRlYjEtMzNkZS00MDFmLTkzNWEt
ZjM0OTI4NDUwOWI3LzEva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9hNTRlYjEtMzNkZS00MDFmLTkzNWEtZjM0OTI4NDUwOWI3
LzEva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmo269rJA
SRAFjkRKyatP7j3Y8ESEoaYzQydI3m+OX10fjh+9WhJU7omKS6HFm+aRV8clovUt
VqmC8kwdLkc1gumLaR7Ci90rJ99SmtDYk+sbHxHiiYbSRRoEvS0jTnkIfFfq5KEr
tzYezUrtKLE3elWyYzR8sNIEtGCLYSQc6jFOjRYGTuODdADc6irStUflUGvMsu7W
ZgKFKQOVKDkKEUwmaC0fKqlJn8wW3owIP2RjCd9Jcpmv01JRTW76v0zP8O87/oDR
NnDP+ApOk0mPffOlITjUM6ZUHISkjjAxoAxvoxwXlCCx1ufpMATBNFz9fpInBimB
SlgEoK+gpJd1Pw==
-----END CERTIFICATE-----
Generated at Thu Oct 16 12:01:38 2025 by rpki-client