Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/KtL-ZGbQcJSkJW2izIRwg8UAaxo.mft
File: KtL-ZGbQcJSkJW2izIRwg8UAaxo.mft (raw, json)
Hash identifier: 7+orKES4LEfuCfG3l0cdshxl3j6jeVDMh+0wsncTbUs=
Subject key identifier: 48:2E:91:9C:F2:52:AC:F9:2A:B2:93:91:E8:85:FF:9B:36:19:CA:BA
Authority key identifier: 2A:D2:FE:64:66:D0:70:94:A4:25:6D:A2:CC:84:70:83:C5:00:6B:1A
Certificate issuer: /CN=2ad2fe6466d07094a4256da2cc847083c5006b1a
Certificate serial: 019A23D316C39C234D73F16C2D8C3646AB74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KtL-ZGbQcJSkJW2izIRwg8UAaxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/KtL-ZGbQcJSkJW2izIRwg8UAaxo.mft
Manifest number: 1400
Signing time: Mon 27 Oct 2025 04:00:27 +0000
Manifest this update: Mon 27 Oct 2025 04:00:27 +0000
Manifest next update: Tue 28 Oct 2025 04:00:27 +0000
Files and hashes: 1: KtL-ZGbQcJSkJW2izIRwg8UAaxo.crl (hash: f7SYIcDaojGi+4dD9+IUgwUuCPpZWd3hdJA6jHECm/k=)
2: uSrOots_DMPy38Ek0_9yV10Tzw8.roa (hash: Ypv5LfASDsUldkz8kd27ybD8JIawSksjG/puUQcmBe4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/KtL-ZGbQcJSkJW2izIRwg8UAaxo.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/KtL-ZGbQcJSkJW2izIRwg8UAaxo.mft
rsync://rpki.ripe.net/repository/DEFAULT/KtL-ZGbQcJSkJW2izIRwg8UAaxo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 04:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:23:d3:16:c3:9c:23:4d:73:f1:6c:2d:8c:36:46:ab:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ad2fe6466d07094a4256da2cc847083c5006b1a
Validity
Not Before: Oct 27 04:00:27 2025 GMT
Not After : Oct 28 04:00:27 2025 GMT
Subject: CN=482e919cf252acf92ab29391e885ff9b3619caba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:62:cc:50:24:86:6b:4c:4c:59:d7:80:6b:a3:
85:82:5f:e7:b8:cd:31:fc:85:cf:0f:69:14:29:7d:
4e:de:d3:1d:d3:aa:9b:f8:7b:66:49:cf:ac:66:b1:
b8:c5:c8:29:ba:73:d2:62:46:1c:48:2e:db:35:f0:
20:64:1e:b9:1c:e6:62:06:d5:5d:1f:cf:bc:4c:f4:
c2:c7:a5:87:1d:7d:07:be:36:2a:6b:9c:b6:db:da:
b4:1b:36:0e:92:31:40:ef:86:78:0f:d4:88:f9:f8:
dc:03:03:84:fc:3f:30:8d:4c:e7:8e:81:54:76:2a:
5f:c2:bc:85:08:21:8c:17:a1:a1:1e:29:38:0f:b7:
24:6e:cf:dd:ed:6c:da:bf:82:60:8e:22:70:68:89:
79:d0:19:dc:91:e0:24:79:5d:3a:68:ff:1a:2c:72:
2e:98:b5:98:cf:1b:4f:3e:5b:70:89:d7:0c:3e:da:
da:f3:cb:bf:71:e7:26:10:3a:b2:38:c0:c0:73:1b:
7d:67:6f:41:25:91:1f:be:42:88:bb:1b:8a:7c:94:
32:58:4f:59:ac:8d:6d:ff:96:e2:93:b9:bf:f6:84:
20:46:40:a9:f1:ce:eb:aa:e5:bc:b8:d1:16:20:60:
19:66:cd:1c:66:d2:82:c4:bb:0b:35:fe:2b:94:67:
ce:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:2E:91:9C:F2:52:AC:F9:2A:B2:93:91:E8:85:FF:9B:36:19:CA:BA
X509v3 Authority Key Identifier:
keyid:2A:D2:FE:64:66:D0:70:94:A4:25:6D:A2:CC:84:70:83:C5:00:6B:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KtL-ZGbQcJSkJW2izIRwg8UAaxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/KtL-ZGbQcJSkJW2izIRwg8UAaxo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/KtL-ZGbQcJSkJW2izIRwg8UAaxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1d:fd:4e:61:18:d2:21:f5:f2:b3:74:18:c0:bb:3b:5e:37:3b:
a9:a8:9e:dc:54:e2:3d:39:89:e6:a4:97:6b:a7:ec:84:dd:1d:
2a:8d:26:b6:23:70:f7:0d:a5:32:65:5f:35:f8:38:ba:ac:ab:
9c:df:0b:36:28:52:f9:e4:e5:ae:94:e3:88:4c:e6:ca:7c:3a:
81:eb:0a:0b:37:31:e8:92:78:46:80:44:f4:31:f3:f6:54:92:
f6:ca:6e:9c:1b:ae:0d:3b:b8:fd:db:bd:9f:26:49:4d:09:4d:
73:88:63:6a:d1:0c:98:35:0d:a0:11:98:d6:c1:4a:4e:43:ad:
e1:27:ad:c7:ae:06:28:0c:9f:aa:b6:87:ed:4e:af:e5:91:7c:
d8:4f:cc:d6:06:4f:5a:e4:64:eb:d1:93:b9:a4:6e:49:c8:c8:
62:14:d6:07:1f:c6:c6:a7:99:38:d7:f6:a8:de:b2:16:4b:6f:
0b:d1:b6:8b:79:9b:b1:e5:c5:00:d1:0f:27:a3:32:d2:4b:50:
77:67:1e:d7:c8:06:6e:1d:54:55:cb:f3:3d:5e:d0:bf:89:8d:
7b:ba:ca:14:d8:40:b4:34:0c:ce:3c:b2:c9:c7:50:31:70:17:
80:62:9c:5f:15:a6:14:d1:77:99:6f:45:4e:c4:44:67:4f:e9:
ff:bd:24:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoj0xbDnCNNc/FsLYw2Rqt0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhZDJmZTY0NjZkMDcwOTRhNDI1NmRhMmNjODQ3MDgzYzUw
MDZiMWEwHhcNMjUxMDI3MDQwMDI3WhcNMjUxMDI4MDQwMDI3WjAzMTEwLwYDVQQD
Eyg0ODJlOTE5Y2YyNTJhY2Y5MmFiMjkzOTFlODg1ZmY5YjM2MTljYWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWLMUCSGa0xMWdeAa6OFgl/nuM0x
/IXPD2kUKX1O3tMd06qb+HtmSc+sZrG4xcgpunPSYkYcSC7bNfAgZB65HOZiBtVd
H8+8TPTCx6WHHX0HvjYqa5y229q0GzYOkjFA74Z4D9SI+fjcAwOE/D8wjUznjoFU
dipfwryFCCGMF6GhHik4D7ckbs/d7Wzav4JgjiJwaIl50BnckeAkeV06aP8aLHIu
mLWYzxtPPltwidcMPtra88u/cecmEDqyOMDAcxt9Z29BJZEfvkKIuxuKfJQyWE9Z
rI1t/5bik7m/9oQgRkCp8c7rquW8uNEWIGAZZs0cZtKCxLsLNf4rlGfO7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEgukZzyUqz5KrKTkeiF/5s2Gcq6MB8GA1UdIwQY
MBaAFCrS/mRm0HCUpCVtosyEcIPFAGsaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3RMLVpHYlFjSlNrSlcyaXpJUndnOFVBYXhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84YTMxZjMtN2FjZi00N2I0LWI5N2It
ZmEzMWUyZGM2YWJiLzEvS3RMLVpHYlFjSlNrSlcyaXpJUndnOFVBYXhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84YTMxZjMtN2FjZi00N2I0LWI5N2ItZmEzMWUyZGM2YWJi
LzEvS3RMLVpHYlFjSlNrSlcyaXpJUndnOFVBYXhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHf1OYRjS
IfXys3QYwLs7Xjc7qaie3FTiPTmJ5qSXa6fshN0dKo0mtiNw9w2lMmVfNfg4uqyr
nN8LNihS+eTlrpTjiEzmynw6gesKCzcx6JJ4RoBE9DHz9lSS9spunBuuDTu4/du9
nyZJTQlNc4hjatEMmDUNoBGY1sFKTkOt4Setx64GKAyfqraH7U6v5ZF82E/M1gZP
WuRk69GTuaRuScjIYhTWBx/GxqeZONf2qN6yFktvC9G2i3mbseXFANEPJ6My0ktQ
d2ce18gGbh1UVcvzPV7Qv4mNe7rKFNhAtDQMzjyyycdQMXAXgGKcXxWmFNF3mW9F
TsREZ0/p/70kJA==
-----END CERTIFICATE-----
Generated at Mon Oct 27 11:56:53 2025 by rpki-client