Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft
File: KNX3dyLGFlf4HJ965JznKbWA9ng.mft (raw, json)
Hash identifier: pupwmcQ939BjCPb88mlmhXb1vO+VGR1qwvK9SRKlajs=
Subject key identifier: 59:C4:FB:BA:69:AA:7F:9D:9C:EA:E9:99:DA:60:2C:EB:99:62:96:C6
Authority key identifier: 28:D5:F7:77:22:C6:16:57:F8:1C:9F:7A:E4:9C:E7:29:B5:80:F6:78
Certificate issuer: /CN=28d5f77722c61657f81c9f7ae49ce729b580f678
Certificate serial: 019A71B7DBE3B567800C54ED69809C72E34F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KNX3dyLGFlf4HJ965JznKbWA9ng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft
Manifest number: 171C
Signing time: Tue 11 Nov 2025 07:01:05 +0000
Manifest this update: Tue 11 Nov 2025 07:01:05 +0000
Manifest next update: Wed 12 Nov 2025 07:01:05 +0000
Files and hashes: 1: KNX3dyLGFlf4HJ965JznKbWA9ng.crl (hash: aOkhVhdM2Ur32Dp572FGiJUw3qoiss1Cd8zNXrM5org=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft
rsync://rpki.ripe.net/repository/DEFAULT/KNX3dyLGFlf4HJ965JznKbWA9ng.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:db:e3:b5:67:80:0c:54:ed:69:80:9c:72:e3:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28d5f77722c61657f81c9f7ae49ce729b580f678
Validity
Not Before: Nov 11 07:01:05 2025 GMT
Not After : Nov 12 07:01:05 2025 GMT
Subject: CN=59c4fbba69aa7f9d9ceae999da602ceb996296c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:9a:7a:8d:be:d2:6c:e9:91:80:53:5d:f4:96:
ba:7b:98:dd:ab:cc:8e:2c:10:06:35:0c:24:7b:18:
ee:58:7c:48:a9:48:9d:41:53:db:97:76:28:51:fd:
45:d7:fd:68:5d:3e:f2:b9:61:48:bf:a1:1e:f0:76:
7b:f8:62:69:87:4d:2d:46:e4:39:4b:c8:88:96:7e:
9d:3e:b4:f7:34:60:34:f1:f7:f9:d5:d0:18:5b:f6:
81:fb:f4:52:be:4b:00:65:21:5b:53:86:ad:b0:30:
ca:d0:2c:da:56:c4:57:f7:e1:46:19:54:15:0f:8a:
c8:c6:e0:81:39:77:eb:9e:a9:20:71:8d:28:49:f9:
87:9a:33:4e:3e:3a:d2:51:ca:d0:b6:2b:fa:ac:37:
c9:9f:24:c1:f7:f0:14:f0:6a:74:2b:cb:4e:d1:21:
a4:2d:4e:f6:e0:b7:ba:46:0b:1a:6e:6a:31:31:82:
a6:7e:3c:0f:a9:be:8e:30:9f:40:ac:88:dc:bb:2d:
78:62:35:f0:75:08:c4:c9:20:6d:62:db:50:0b:7e:
a8:c8:50:17:3a:22:50:bd:b0:58:09:9d:b0:4e:2a:
80:cf:84:69:fd:45:36:1e:dc:87:cd:a0:bc:96:94:
aa:18:ee:19:87:34:54:90:6f:31:d6:45:52:2e:c5:
c2:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:C4:FB:BA:69:AA:7F:9D:9C:EA:E9:99:DA:60:2C:EB:99:62:96:C6
X509v3 Authority Key Identifier:
keyid:28:D5:F7:77:22:C6:16:57:F8:1C:9F:7A:E4:9C:E7:29:B5:80:F6:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KNX3dyLGFlf4HJ965JznKbWA9ng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
65:13:be:b7:19:6b:3c:3d:b9:81:58:07:40:e0:cd:4b:2f:9b:
06:e7:cd:73:65:68:35:34:0b:53:26:b0:db:f3:b6:f8:4a:c6:
3e:ba:af:7e:7f:40:ae:4e:0f:a0:f6:34:a5:8a:33:ab:11:e6:
94:17:a8:6e:64:19:dd:c8:94:1e:e3:06:db:f1:04:16:0a:b0:
41:33:33:09:ef:43:77:84:67:8a:cc:11:f7:64:d9:8d:85:5d:
68:37:91:d6:2e:be:24:75:21:6d:b5:9f:59:46:e1:94:54:a3:
36:74:df:a6:1c:63:bc:9c:34:7e:0f:11:1c:13:d6:7f:24:67:
a8:26:32:d6:62:8d:f2:eb:e6:5f:c4:96:ec:e9:29:62:56:e0:
a6:a1:8c:79:32:e7:e4:40:e8:44:a0:6f:ca:f4:4e:43:b2:e7:
5a:16:c2:be:ea:10:00:3e:d0:9f:8e:cc:ed:b2:e4:cb:eb:18:
6d:93:19:90:ac:c3:e9:f7:7f:46:10:c8:2c:29:d1:e6:c7:67:
37:21:9a:ec:91:e3:de:f3:ec:93:83:4a:a7:84:63:cc:c0:d5:
11:4a:a4:c7:a9:30:ed:f8:f6:e7:7c:37:f9:f4:07:80:2a:3f:
cf:90:56:8a:05:83:8a:68:51:c7:7b:e7:ae:2c:55:d3:63:d4:
68:48:eb:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt9vjtWeADFTtaYCccuNPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ZDVmNzc3MjJjNjE2NTdmODFjOWY3YWU0OWNlNzI5YjU4
MGY2NzgwHhcNMjUxMTExMDcwMTA1WhcNMjUxMTEyMDcwMTA1WjAzMTEwLwYDVQQD
Eyg1OWM0ZmJiYTY5YWE3ZjlkOWNlYWU5OTlkYTYwMmNlYjk5NjI5NmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5p6jb7SbOmRgFNd9Ja6e5jdq8yO
LBAGNQwkexjuWHxIqUidQVPbl3YoUf1F1/1oXT7yuWFIv6Ee8HZ7+GJph00tRuQ5
S8iIln6dPrT3NGA08ff51dAYW/aB+/RSvksAZSFbU4atsDDK0CzaVsRX9+FGGVQV
D4rIxuCBOXfrnqkgcY0oSfmHmjNOPjrSUcrQtiv6rDfJnyTB9/AU8Gp0K8tO0SGk
LU724Le6RgsabmoxMYKmfjwPqb6OMJ9ArIjcuy14YjXwdQjEySBtYttQC36oyFAX
OiJQvbBYCZ2wTiqAz4Rp/UU2HtyHzaC8lpSqGO4ZhzRUkG8x1kVSLsXCcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFnE+7ppqn+dnOrpmdpgLOuZYpbGMB8GA1UdIwQY
MBaAFCjV93cixhZX+ByfeuSc5ym1gPZ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS05YM2R5TEdGbGY0SEo5NjVKem5LYldBOW5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85ZTgxZjMtMmUwMi00ODU3LWFmNDkt
NjFiZThhMDZmM2FmLzEvS05YM2R5TEdGbGY0SEo5NjVKem5LYldBOW5nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85ZTgxZjMtMmUwMi00ODU3LWFmNDktNjFiZThhMDZmM2Fm
LzEvS05YM2R5TEdGbGY0SEo5NjVKem5LYldBOW5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZRO+txlr
PD25gVgHQODNSy+bBufNc2VoNTQLUyaw2/O2+ErGPrqvfn9Ark4PoPY0pYozqxHm
lBeobmQZ3ciUHuMG2/EEFgqwQTMzCe9Dd4RniswR92TZjYVdaDeR1i6+JHUhbbWf
WUbhlFSjNnTfphxjvJw0fg8RHBPWfyRnqCYy1mKN8uvmX8SW7OkpYlbgpqGMeTLn
5EDoRKBvyvROQ7LnWhbCvuoQAD7Qn47M7bLky+sYbZMZkKzD6fd/RhDILCnR5sdn
NyGa7JHj3vPsk4NKp4RjzMDVEUqkx6kw7fj253w3+fQHgCo/z5BWigWDimhRx3vn
rixV02PUaEjrnQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:00:54 2025 by rpki-client