Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
File: KYXMQ9gGohtjMwIZ62OLsbpJroA.mft (raw, json)
Hash identifier: ArIoEX/ndpjbalj06Ae0xR6jMcTGw/3aoMs1a2najyg=
Subject key identifier: 58:44:FB:EB:7E:97:6C:2F:2F:3C:54:2F:65:60:3E:7F:14:C4:9E:3A
Authority key identifier: 29:85:CC:43:D8:06:A2:1B:63:33:02:19:EB:63:8B:B1:BA:49:AE:80
Certificate issuer: /CN=2985cc43d806a21b63330219eb638bb1ba49ae80
Certificate serial: 019932A40CDC217864C95ED3A7A386C028B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
Manifest number: 0463
Signing time: Wed 10 Sep 2025 08:00:35 +0000
Manifest this update: Wed 10 Sep 2025 08:00:35 +0000
Manifest next update: Thu 11 Sep 2025 08:00:35 +0000
Files and hashes: 1: 2Erepc7c7P1VRx_bLNiYu7weRzk.roa (hash: k2SMyfwtPMsgu8pAJX36t6HmVMk0LqM07DF6s7B27wo=)
2: KYXMQ9gGohtjMwIZ62OLsbpJroA.crl (hash: 577vVUY21Fen+13rGuoTRSc6iBRNYZa7C5MH2Uy3eGE=)
3: L_UMuGgef__KCIxYo719-pYnMY0.roa (hash: qQUOKChy81kdhWvOW3DW3K7T6hbp7d9kPXUCB0/Qv9Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Sep 2025 08:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:32:a4:0c:dc:21:78:64:c9:5e:d3:a7:a3:86:c0:28:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2985cc43d806a21b63330219eb638bb1ba49ae80
Validity
Not Before: Sep 10 08:00:35 2025 GMT
Not After : Sep 11 08:00:35 2025 GMT
Subject: CN=5844fbeb7e976c2f2f3c542f65603e7f14c49e3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:1d:ed:06:17:9c:a9:bd:ba:fc:d3:9f:f0:da:
30:b8:92:ea:06:2e:02:fd:e4:59:ad:ed:63:13:b9:
6a:cd:e1:aa:59:45:e6:74:c8:41:02:ee:c6:df:8e:
a8:05:79:97:a5:25:f0:95:6e:7d:e7:14:9c:3a:5f:
96:3f:78:68:da:c3:b5:8c:c9:6b:d5:7e:d7:1b:1b:
04:5b:44:97:cb:89:b8:d9:ab:f3:aa:cd:a1:fc:66:
20:3f:57:48:21:0c:53:5e:15:9c:87:19:fa:dc:40:
c2:dd:d6:41:49:39:45:40:45:8d:ac:1f:7a:ea:57:
3c:b0:5c:8f:ae:d4:d7:8a:86:28:57:10:67:84:c8:
ba:71:8f:1e:42:b0:cc:e1:d2:5d:2d:0e:de:ba:67:
c1:cd:37:82:64:8f:f4:b3:9a:0d:09:f9:23:7b:26:
e2:ab:58:6e:a1:5c:ca:d5:98:30:56:0a:bf:3a:5e:
12:de:df:b5:a9:06:db:af:75:94:34:16:21:71:67:
9a:b3:3f:df:34:01:9b:01:39:46:69:bb:60:67:8b:
b1:b9:71:c1:36:fa:31:f8:c3:20:7c:a3:a0:73:1a:
13:de:1b:f6:7b:e2:b6:d1:bd:1a:f3:be:e2:2e:f3:
ce:74:c8:fa:82:35:4a:e8:7e:7e:13:83:be:32:fe:
7a:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:44:FB:EB:7E:97:6C:2F:2F:3C:54:2F:65:60:3E:7F:14:C4:9E:3A
X509v3 Authority Key Identifier:
keyid:29:85:CC:43:D8:06:A2:1B:63:33:02:19:EB:63:8B:B1:BA:49:AE:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
70:11:be:40:9d:66:39:89:ff:5d:2f:40:ba:d7:85:3f:fa:1e:
6c:5a:a1:f5:ec:a0:40:21:b4:8c:34:bd:b4:c6:38:59:a8:61:
92:ce:68:af:55:a7:98:e9:95:d3:a5:85:b6:34:56:e8:d1:d7:
1c:d7:f0:a9:40:fc:6b:11:01:00:52:07:21:76:ce:a8:6c:29:
42:b4:09:81:68:c2:2f:ab:d0:7a:74:1c:92:c6:43:0c:94:d2:
a1:78:d7:c3:5d:48:8e:ae:32:3b:02:59:fd:76:ba:2e:63:57:
e6:45:20:ce:ad:a7:b4:a8:c5:ea:6a:82:ae:87:ba:e9:70:67:
51:58:e4:fe:14:d8:05:b3:da:4e:19:cb:83:b4:4f:a3:7f:d0:
d5:32:8e:bd:e5:9e:8b:21:e2:f7:9b:f5:34:98:da:35:cf:70:
6d:00:3f:61:2b:30:2b:31:75:70:2e:b9:65:71:5a:42:b4:c5:
99:4a:23:e6:13:ed:2a:47:6d:8d:ae:b0:5d:bb:c6:8b:01:dc:
71:f2:4a:1a:2b:60:0a:84:a0:97:66:3c:ce:36:76:d7:c2:a8:
70:2d:7c:56:8f:ae:e8:1c:a3:25:ed:2f:8c:41:87:16:d8:43:
27:ce:b2:36:0d:86:79:cf:ba:7f:3c:90:45:03:bc:fa:00:59:
1f:d2:ed:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkypAzcIXhkyV7Tp6OGwCiwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ODVjYzQzZDgwNmEyMWI2MzMzMDIxOWViNjM4YmIxYmE0
OWFlODAwHhcNMjUwOTEwMDgwMDM1WhcNMjUwOTExMDgwMDM1WjAzMTEwLwYDVQQD
Eyg1ODQ0ZmJlYjdlOTc2YzJmMmYzYzU0MmY2NTYwM2U3ZjE0YzQ5ZTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5B3tBhecqb26/NOf8NowuJLqBi4C
/eRZre1jE7lqzeGqWUXmdMhBAu7G346oBXmXpSXwlW595xScOl+WP3ho2sO1jMlr
1X7XGxsEW0SXy4m42avzqs2h/GYgP1dIIQxTXhWchxn63EDC3dZBSTlFQEWNrB96
6lc8sFyPrtTXioYoVxBnhMi6cY8eQrDM4dJdLQ7eumfBzTeCZI/0s5oNCfkjeybi
q1huoVzK1ZgwVgq/Ol4S3t+1qQbbr3WUNBYhcWeasz/fNAGbATlGabtgZ4uxuXHB
Nvox+MMgfKOgcxoT3hv2e+K20b0a877iLvPOdMj6gjVK6H5+E4O+Mv566wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFhE++t+l2wvLzxUL2VgPn8UxJ46MB8GA1UdIwQY
MBaAFCmFzEPYBqIbYzMCGetji7G6Sa6AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9mM2ZlZjQtNDVkYS00YjQzLTk4YzIt
NGRmODg0MGVmYjE3LzEvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9mM2ZlZjQtNDVkYS00YjQzLTk4YzItNGRmODg0MGVmYjE3
LzEvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcBG+QJ1m
OYn/XS9AuteFP/oebFqh9eygQCG0jDS9tMY4Wahhks5or1WnmOmV06WFtjRW6NHX
HNfwqUD8axEBAFIHIXbOqGwpQrQJgWjCL6vQenQcksZDDJTSoXjXw11Ijq4yOwJZ
/Xa6LmNX5kUgzq2ntKjF6mqCroe66XBnUVjk/hTYBbPaThnLg7RPo3/Q1TKOveWe
iyHi95v1NJjaNc9wbQA/YSswKzF1cC65ZXFaQrTFmUoj5hPtKkdtja6wXbvGiwHc
cfJKGitgCoSgl2Y8zjZ218KocC18Vo+u6ByjJe0vjEGHFthDJ86yNg2Gec+6fzyQ
RQO8+gBZH9LtrA==
-----END CERTIFICATE-----
Generated at Wed Sep 10 17:38:28 2025 by rpki-client