Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
File: KYXMQ9gGohtjMwIZ62OLsbpJroA.mft (raw, json)
Hash identifier: p39Jv5tvn4Y8Q+GRtqLXTQF/m9D7mViqj5Br8E0Jmiw=
Subject key identifier: 9C:B9:01:C5:2A:33:54:2C:39:DA:E0:0A:38:A8:81:28:AE:37:F4:6E
Authority key identifier: 29:85:CC:43:D8:06:A2:1B:63:33:02:19:EB:63:8B:B1:BA:49:AE:80
Certificate issuer: /CN=2985cc43d806a21b63330219eb638bb1ba49ae80
Certificate serial: 019A1E3EBE924F7D753C6D9144C74520215B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
Manifest number: 04DD
Signing time: Sun 26 Oct 2025 02:00:19 +0000
Manifest this update: Sun 26 Oct 2025 02:00:19 +0000
Manifest next update: Mon 27 Oct 2025 02:00:19 +0000
Files and hashes: 1: 2Erepc7c7P1VRx_bLNiYu7weRzk.roa (hash: k2SMyfwtPMsgu8pAJX36t6HmVMk0LqM07DF6s7B27wo=)
2: KYXMQ9gGohtjMwIZ62OLsbpJroA.crl (hash: 0KcJOfR+6mmJd1UX/p+8pUb6+8/WUWS0wHRRxt+QcbU=)
3: L_UMuGgef__KCIxYo719-pYnMY0.roa (hash: qQUOKChy81kdhWvOW3DW3K7T6hbp7d9kPXUCB0/Qv9Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 02:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:1e:3e:be:92:4f:7d:75:3c:6d:91:44:c7:45:20:21:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2985cc43d806a21b63330219eb638bb1ba49ae80
Validity
Not Before: Oct 26 02:00:19 2025 GMT
Not After : Oct 27 02:00:19 2025 GMT
Subject: CN=9cb901c52a33542c39dae00a38a88128ae37f46e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:f5:35:c9:b9:94:48:0f:54:21:be:af:ce:66:
4d:e3:26:be:09:61:24:9c:3c:8b:a1:92:19:b3:49:
fe:a8:b6:4f:bc:41:01:81:d5:95:a8:4d:12:37:72:
40:76:09:34:9f:77:d3:ff:f5:d5:18:f3:0a:c4:c2:
de:d4:81:08:e1:cc:3e:59:5c:22:a0:9d:de:1d:96:
b6:be:74:3f:3c:95:a3:44:3f:56:e3:57:93:a6:a8:
7c:5d:2c:96:f5:01:4c:2e:a1:9a:e1:21:c2:d7:98:
b9:7c:ce:8f:5c:07:90:7f:b1:d2:a2:6a:66:82:b2:
cb:9f:b8:84:a5:65:45:02:ac:a3:af:d1:8c:f5:1d:
3c:38:cb:8e:7a:b4:6f:5e:bf:b2:ea:7e:dc:cc:ff:
89:e2:6e:4f:93:02:54:ec:48:40:5c:7d:d3:c3:22:
c7:e8:9b:a5:5e:a5:5f:2c:ec:19:73:ad:b4:62:67:
44:7d:50:40:ff:7b:8e:9e:2f:97:89:74:aa:e6:da:
df:d1:97:f9:b4:1f:13:b8:20:ca:b3:6e:92:40:c2:
40:43:17:1f:25:46:71:d4:68:af:5f:1d:33:bb:53:
94:29:0b:6c:1b:a9:dd:c1:d2:d2:f9:2f:5a:3a:91:
ed:8e:1c:cd:f1:4a:77:d4:09:62:6a:d7:37:e1:fe:
28:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:B9:01:C5:2A:33:54:2C:39:DA:E0:0A:38:A8:81:28:AE:37:F4:6E
X509v3 Authority Key Identifier:
keyid:29:85:CC:43:D8:06:A2:1B:63:33:02:19:EB:63:8B:B1:BA:49:AE:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
93:4d:c3:dc:70:ff:eb:e6:77:79:0d:a5:19:95:87:12:be:fd:
40:83:75:31:dc:f3:3c:35:43:3f:c9:91:18:51:11:b2:ae:9a:
b8:d6:8c:22:2c:a8:5c:a2:73:2a:fb:71:41:2e:62:13:11:ba:
80:2d:38:2e:05:06:e5:a5:72:f7:7a:42:a6:ed:50:e2:ad:ef:
df:bd:42:d0:f0:fd:95:52:42:9a:07:33:e0:9a:c0:4f:c3:c4:
fa:14:c4:7e:61:3e:04:c4:4b:2c:0c:66:39:28:37:09:ca:4c:
7e:b8:41:8a:bd:8e:d3:85:f6:9a:81:54:49:dd:b2:1a:68:74:
63:a3:db:56:ad:ff:db:e3:fe:17:10:98:e4:eb:f2:a2:55:81:
04:df:e8:67:4d:8b:ff:d7:95:09:40:61:51:ed:9c:2f:8e:3c:
92:a6:41:f8:ea:08:d1:a3:4c:d2:42:ea:bd:e3:8a:23:94:a6:
71:5a:e8:be:73:44:2e:a2:b3:c9:83:1b:04:8f:6c:0b:b7:34:
2e:60:77:f9:72:2d:2e:b7:74:95:88:ba:7e:b9:e4:09:14:c5:
07:6e:2c:35:15:d4:92:7e:0c:12:02:19:1a:e8:b6:84:f0:13:
4b:cb:87:c1:0a:95:06:93:a2:a7:00:c7:82:74:9c:59:3a:60:
11:8b:72:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoePr6ST311PG2RRMdFICFbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ODVjYzQzZDgwNmEyMWI2MzMzMDIxOWViNjM4YmIxYmE0
OWFlODAwHhcNMjUxMDI2MDIwMDE5WhcNMjUxMDI3MDIwMDE5WjAzMTEwLwYDVQQD
Eyg5Y2I5MDFjNTJhMzM1NDJjMzlkYWUwMGEzOGE4ODEyOGFlMzdmNDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2fU1ybmUSA9UIb6vzmZN4ya+CWEk
nDyLoZIZs0n+qLZPvEEBgdWVqE0SN3JAdgk0n3fT//XVGPMKxMLe1IEI4cw+WVwi
oJ3eHZa2vnQ/PJWjRD9W41eTpqh8XSyW9QFMLqGa4SHC15i5fM6PXAeQf7HSompm
grLLn7iEpWVFAqyjr9GM9R08OMuOerRvXr+y6n7czP+J4m5PkwJU7EhAXH3TwyLH
6JulXqVfLOwZc620YmdEfVBA/3uOni+XiXSq5trf0Zf5tB8TuCDKs26SQMJAQxcf
JUZx1GivXx0zu1OUKQtsG6ndwdLS+S9aOpHtjhzN8Up31Aliatc34f4oCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJy5AcUqM1QsOdrgCjiogSiuN/RuMB8GA1UdIwQY
MBaAFCmFzEPYBqIbYzMCGetji7G6Sa6AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9mM2ZlZjQtNDVkYS00YjQzLTk4YzIt
NGRmODg0MGVmYjE3LzEvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9mM2ZlZjQtNDVkYS00YjQzLTk4YzItNGRmODg0MGVmYjE3
LzEvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk03D3HD/
6+Z3eQ2lGZWHEr79QIN1MdzzPDVDP8mRGFERsq6auNaMIiyoXKJzKvtxQS5iExG6
gC04LgUG5aVy93pCpu1Q4q3v371C0PD9lVJCmgcz4JrAT8PE+hTEfmE+BMRLLAxm
OSg3CcpMfrhBir2O04X2moFUSd2yGmh0Y6PbVq3/2+P+FxCY5OvyolWBBN/oZ02L
/9eVCUBhUe2cL448kqZB+OoI0aNM0kLqveOKI5SmcVrovnNELqKzyYMbBI9sC7c0
LmB3+XItLrd0lYi6frnkCRTFB24sNRXUkn4MEgIZGui2hPATS8uHwQqVBpOipwDH
gnScWTpgEYtylQ==
-----END CERTIFICATE-----
Generated at Sun Oct 26 10:52:35 2025 by rpki-client