Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/10346e-1504-43dd-ab28-66858bc8eb77/1/KqJOWBL8wxBrnrCusA5ie6I10FY.mft
File: KqJOWBL8wxBrnrCusA5ie6I10FY.mft (raw, json)
Hash identifier: oFn1BYZV+4ShBYf0IDZNHDgpKHj2v+z5dOpDXw3Xn28=
Subject key identifier: FA:49:6C:B6:83:AA:1D:D7:54:A4:4C:5C:1C:8A:6D:09:57:29:50:B0
Authority key identifier: 2A:A2:4E:58:12:FC:C3:10:6B:9E:B0:AE:B0:0E:62:7B:A2:35:D0:56
Certificate issuer: /CN=2aa24e5812fcc3106b9eb0aeb00e627ba235d056
Certificate serial: 019932A443D15003584CF79008F427F724C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqJOWBL8wxBrnrCusA5ie6I10FY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/10346e-1504-43dd-ab28-66858bc8eb77/1/KqJOWBL8wxBrnrCusA5ie6I10FY.mft
Manifest number: 090D
Signing time: Wed 10 Sep 2025 08:00:49 +0000
Manifest this update: Wed 10 Sep 2025 08:00:49 +0000
Manifest next update: Thu 11 Sep 2025 08:00:49 +0000
Files and hashes: 1: KqJOWBL8wxBrnrCusA5ie6I10FY.crl (hash: 9ti43hSRoUz3QFFsVxG5jRiOQG8qXkPS4oIcYox7cF8=)
2: cNLYAjPMpLbcGOrpCslyUiLMP34.roa (hash: JmHm3+B47TlFvMWFE2W9uNvIfC/wvizwOPaVYVDTxDo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/10346e-1504-43dd-ab28-66858bc8eb77/1/KqJOWBL8wxBrnrCusA5ie6I10FY.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/10346e-1504-43dd-ab28-66858bc8eb77/1/KqJOWBL8wxBrnrCusA5ie6I10FY.mft
rsync://rpki.ripe.net/repository/DEFAULT/KqJOWBL8wxBrnrCusA5ie6I10FY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Sep 2025 08:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:32:a4:43:d1:50:03:58:4c:f7:90:08:f4:27:f7:24:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2aa24e5812fcc3106b9eb0aeb00e627ba235d056
Validity
Not Before: Sep 10 08:00:49 2025 GMT
Not After : Sep 11 08:00:49 2025 GMT
Subject: CN=fa496cb683aa1dd754a44c5c1c8a6d09572950b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c2:3e:5e:ec:06:e2:9c:d2:90:fc:29:1a:3a:
6b:13:7c:89:98:63:43:a3:b8:d2:14:b1:3c:1c:e0:
58:14:2b:21:ee:8e:52:72:da:d3:b2:2f:b5:9f:d2:
5f:0a:58:38:ae:91:b6:64:25:c6:d6:78:ba:f3:32:
ff:c1:0e:df:f1:41:17:85:e6:2e:8e:7e:c2:b3:05:
5b:53:a2:cf:67:a5:43:24:0c:13:d8:5a:6a:6b:6f:
7a:0f:9b:5a:d3:58:30:4d:ca:62:5f:87:9f:e7:bc:
57:f6:ab:7f:67:0d:67:07:92:10:94:ab:fe:0a:03:
16:cf:d5:70:98:60:b1:56:4f:ad:cb:95:c9:94:a5:
ed:e0:7d:77:e4:16:51:bf:df:15:30:89:04:fa:cc:
63:da:9f:96:46:28:0f:88:0a:36:96:39:17:e8:a6:
2f:d1:3e:43:e8:1b:8f:ec:aa:d8:60:0b:c9:eb:fe:
52:89:ec:d5:75:df:d8:97:dc:39:43:a2:b0:32:82:
2c:e9:a8:be:d2:5b:66:5c:60:bb:d9:f3:a4:2b:84:
6e:9d:fe:3e:4d:98:35:00:bf:83:85:09:c1:fe:6c:
45:3a:36:e0:23:d2:c6:02:d5:40:45:6e:26:f6:23:
7f:96:d0:3d:c2:23:8c:7e:64:8e:7d:89:62:7b:06:
dc:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:49:6C:B6:83:AA:1D:D7:54:A4:4C:5C:1C:8A:6D:09:57:29:50:B0
X509v3 Authority Key Identifier:
keyid:2A:A2:4E:58:12:FC:C3:10:6B:9E:B0:AE:B0:0E:62:7B:A2:35:D0:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqJOWBL8wxBrnrCusA5ie6I10FY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/10346e-1504-43dd-ab28-66858bc8eb77/1/KqJOWBL8wxBrnrCusA5ie6I10FY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/10346e-1504-43dd-ab28-66858bc8eb77/1/KqJOWBL8wxBrnrCusA5ie6I10FY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
04:a8:19:80:80:a8:43:b6:9e:cb:36:4d:cc:6a:ff:59:1d:8f:
32:b9:1c:9e:3b:4c:72:26:bf:62:84:20:16:48:7a:50:5e:ce:
00:e9:b1:45:a6:5e:9a:66:62:86:66:e7:b0:07:22:dd:8e:5a:
80:d2:c0:e8:45:88:99:d8:1e:08:e2:de:81:96:5f:f4:56:d4:
4e:4e:d2:7d:b2:10:19:6c:38:f3:1d:65:25:e2:f5:e3:7e:1a:
ca:f6:5f:72:bd:14:62:b2:79:6c:dc:4d:96:02:d2:19:ed:bd:
c1:2e:99:9a:d0:14:d9:13:1f:2f:28:71:38:b1:46:42:b8:ae:
b9:d9:77:65:00:3d:47:b2:51:13:3b:9d:6e:40:c9:5a:1e:c3:
39:cc:5e:9f:ae:65:1b:ad:cc:55:9a:14:2c:ff:78:c1:d4:79:
4c:89:9b:f7:96:47:d4:7b:6d:ab:0d:9c:2e:58:77:98:e1:a9:
fd:09:a3:5d:05:1d:36:83:9b:ec:c1:9c:14:56:d0:17:de:d3:
00:ce:97:c2:54:98:df:07:bc:75:38:89:14:9d:be:1b:93:97:
62:b0:76:83:ea:bb:aa:da:2e:31:5e:d2:1e:f8:ae:0d:ca:53:
de:fd:68:62:19:b6:91:2c:df:92:04:5a:08:f0:9d:21:61:e0:
2e:d1:a1:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkypEPRUANYTPeQCPQn9yTCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYTI0ZTU4MTJmY2MzMTA2YjllYjBhZWIwMGU2MjdiYTIz
NWQwNTYwHhcNMjUwOTEwMDgwMDQ5WhcNMjUwOTExMDgwMDQ5WjAzMTEwLwYDVQQD
EyhmYTQ5NmNiNjgzYWExZGQ3NTRhNDRjNWMxYzhhNmQwOTU3Mjk1MGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcI+XuwG4pzSkPwpGjprE3yJmGND
o7jSFLE8HOBYFCsh7o5SctrTsi+1n9JfClg4rpG2ZCXG1ni68zL/wQ7f8UEXheYu
jn7CswVbU6LPZ6VDJAwT2Fpqa296D5ta01gwTcpiX4ef57xX9qt/Zw1nB5IQlKv+
CgMWz9VwmGCxVk+ty5XJlKXt4H135BZRv98VMIkE+sxj2p+WRigPiAo2ljkX6KYv
0T5D6BuP7KrYYAvJ6/5SiezVdd/Yl9w5Q6KwMoIs6ai+0ltmXGC72fOkK4Runf4+
TZg1AL+DhQnB/mxFOjbgI9LGAtVARW4m9iN/ltA9wiOMfmSOfYliewbcnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPpJbLaDqh3XVKRMXByKbQlXKVCwMB8GA1UdIwQY
MBaAFCqiTlgS/MMQa56wrrAOYnuiNdBWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3FKT1dCTDh3eEJybnJDdXNBNWllNkkxMEZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8xMDM0NmUtMTUwNC00M2RkLWFiMjgt
NjY4NThiYzhlYjc3LzEvS3FKT1dCTDh3eEJybnJDdXNBNWllNkkxMEZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8xMDM0NmUtMTUwNC00M2RkLWFiMjgtNjY4NThiYzhlYjc3
LzEvS3FKT1dCTDh3eEJybnJDdXNBNWllNkkxMEZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABKgZgICo
Q7aeyzZNzGr/WR2PMrkcnjtMcia/YoQgFkh6UF7OAOmxRaZemmZihmbnsAci3Y5a
gNLA6EWImdgeCOLegZZf9FbUTk7SfbIQGWw48x1lJeL1434ayvZfcr0UYrJ5bNxN
lgLSGe29wS6ZmtAU2RMfLyhxOLFGQriuudl3ZQA9R7JREzudbkDJWh7DOcxen65l
G63MVZoULP94wdR5TImb95ZH1Httqw2cLlh3mOGp/QmjXQUdNoOb7MGcFFbQF97T
AM6XwlSY3we8dTiJFJ2+G5OXYrB2g+q7qtouMV7SHviuDcpT3v1oYhm2kSzfkgRa
CPCdIWHgLtGhmA==
-----END CERTIFICATE-----
Generated at Wed Sep 10 13:45:18 2025 by rpki-client