Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f11dea-305e-4898-9192-365347f416c0/1/knseVqx9B4AsRWfEZ5Q1FZtCIJY.mft
File: knseVqx9B4AsRWfEZ5Q1FZtCIJY.mft (raw, json)
Hash identifier: Xlk8Ua6m9irGPmsZGzSiN65nR24gBBUj3qfdsSg1B5E=
Subject key identifier: 2A:B5:AC:5D:CE:E3:A4:43:29:81:50:FC:D6:58:BD:89:B0:B0:83:CA
Authority key identifier: 92:7B:1E:56:AC:7D:07:80:2C:45:67:C4:67:94:35:15:9B:42:20:96
Certificate issuer: /CN=927b1e56ac7d07802c4567c4679435159b422096
Certificate serial: 019A70DBF8C12B7305D6D63E2381CA5AEA22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/knseVqx9B4AsRWfEZ5Q1FZtCIJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f11dea-305e-4898-9192-365347f416c0/1/knseVqx9B4AsRWfEZ5Q1FZtCIJY.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 03:00:55 +0000
Manifest this update: Tue 11 Nov 2025 03:00:55 +0000
Manifest next update: Wed 12 Nov 2025 03:00:55 +0000
Files and hashes: 1: ZZutCOlh3Ali7o57VArVQ-r6xEQ.roa (hash: Z8oFv1O8k+i1SuyJDIP9mmTPP/Uv75FEkkBOgolEt4M=)
2: knseVqx9B4AsRWfEZ5Q1FZtCIJY.crl (hash: XN9K5GoefTt1ZgQIs3VvvkUbQ3tK0Zl6ZOSwt3P7wXA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/f11dea-305e-4898-9192-365347f416c0/1/knseVqx9B4AsRWfEZ5Q1FZtCIJY.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/f11dea-305e-4898-9192-365347f416c0/1/knseVqx9B4AsRWfEZ5Q1FZtCIJY.mft
rsync://rpki.ripe.net/repository/DEFAULT/knseVqx9B4AsRWfEZ5Q1FZtCIJY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:db:f8:c1:2b:73:05:d6:d6:3e:23:81:ca:5a:ea:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=927b1e56ac7d07802c4567c4679435159b422096
Validity
Not Before: Nov 11 03:00:55 2025 GMT
Not After : Nov 12 03:00:55 2025 GMT
Subject: CN=2ab5ac5dcee3a443298150fcd658bd89b0b083ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:4f:59:5e:90:b9:c8:f4:d7:9c:db:08:a7:d4:
df:09:69:92:b4:f9:f0:41:fa:78:f2:3b:3f:9b:2f:
47:46:56:7b:83:2a:18:d9:30:4d:e9:fb:30:98:13:
03:cf:13:15:b8:27:a4:98:e1:8f:46:d6:dc:5d:fb:
bd:9c:cd:9c:e1:6b:56:5b:8e:ea:f0:10:26:3b:ac:
8a:22:66:32:2f:46:75:2b:8f:34:38:da:e5:11:04:
13:a0:4c:ae:fa:b7:21:0a:92:d8:3e:9b:31:51:35:
58:42:8a:8e:74:b7:eb:43:c1:ec:40:05:2f:43:ce:
ab:a0:9d:ab:26:89:7c:03:39:fe:bd:92:79:34:28:
a1:e9:51:4d:47:d0:d5:a3:96:3c:f8:c5:ea:0e:22:
1d:5f:8e:98:f8:88:c7:62:fe:0f:7e:50:72:06:47:
c7:10:2f:4e:a7:53:5a:57:64:a0:ea:6b:de:4c:c5:
8c:e4:d3:c8:6f:5c:db:72:c9:52:1b:7c:9e:5c:ed:
47:39:81:53:fd:73:6b:6b:69:74:30:2f:95:aa:5d:
75:0e:7a:bd:9c:a8:07:87:b6:53:b6:34:d7:9a:5c:
f0:b0:f6:cd:21:ee:e0:98:79:7d:17:72:54:4b:9a:
66:ce:be:2b:0d:50:29:b6:34:1e:1d:4c:4a:57:5a:
0a:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:B5:AC:5D:CE:E3:A4:43:29:81:50:FC:D6:58:BD:89:B0:B0:83:CA
X509v3 Authority Key Identifier:
keyid:92:7B:1E:56:AC:7D:07:80:2C:45:67:C4:67:94:35:15:9B:42:20:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/knseVqx9B4AsRWfEZ5Q1FZtCIJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f11dea-305e-4898-9192-365347f416c0/1/knseVqx9B4AsRWfEZ5Q1FZtCIJY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f11dea-305e-4898-9192-365347f416c0/1/knseVqx9B4AsRWfEZ5Q1FZtCIJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
51:ad:ff:65:ee:92:fd:ff:f5:ad:26:e3:db:74:8e:a0:b7:b0:
bf:16:bc:ff:af:e0:62:9b:47:36:eb:8c:9b:45:a7:8c:02:15:
86:9b:50:dd:99:52:e9:66:89:58:c4:73:f1:0b:24:3e:15:f6:
66:47:b0:cc:6a:bf:c8:c4:49:73:f9:5d:ff:38:f1:38:88:75:
e6:46:e3:96:46:28:9d:27:c2:2e:05:58:20:87:39:92:2e:ee:
dc:63:a8:ed:2f:9a:e4:16:45:99:4b:bd:ba:d4:ea:87:4f:52:
79:ff:6b:49:bc:cd:0c:8c:b6:0b:a0:58:d0:04:07:0a:9f:2a:
d2:1d:0e:96:5e:f8:4c:3b:76:c5:eb:7c:3c:fe:2e:2e:86:29:
63:14:bb:5f:fc:57:18:2b:d1:09:a0:7b:76:2a:c8:90:8a:6b:
bf:99:ae:d7:a4:7e:a8:89:57:6d:54:b7:63:01:5d:ce:8b:8f:
c3:cf:4c:78:08:e5:a2:84:31:97:09:12:e1:69:1f:0a:35:e8:
c0:2e:ab:cf:25:c6:b5:d6:a6:62:7d:1d:9e:3c:3c:6b:b7:26:
30:1a:04:5d:57:a0:24:28:80:4f:fa:13:66:db:d7:21:36:02:
47:b6:22:f5:a5:fc:74:35:44:03:10:c2:83:ad:35:b8:6c:38:
38:bf:d0:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw2/jBK3MF1tY+I4HKWuoiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyN2IxZTU2YWM3ZDA3ODAyYzQ1NjdjNDY3OTQzNTE1OWI0
MjIwOTYwHhcNMjUxMTExMDMwMDU1WhcNMjUxMTEyMDMwMDU1WjAzMTEwLwYDVQQD
EygyYWI1YWM1ZGNlZTNhNDQzMjk4MTUwZmNkNjU4YmQ4OWIwYjA4M2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlU9ZXpC5yPTXnNsIp9TfCWmStPnw
Qfp48js/my9HRlZ7gyoY2TBN6fswmBMDzxMVuCekmOGPRtbcXfu9nM2c4WtWW47q
8BAmO6yKImYyL0Z1K480ONrlEQQToEyu+rchCpLYPpsxUTVYQoqOdLfrQ8HsQAUv
Q86roJ2rJol8Azn+vZJ5NCih6VFNR9DVo5Y8+MXqDiIdX46Y+IjHYv4PflByBkfH
EC9Op1NaV2Sg6mveTMWM5NPIb1zbcslSG3yeXO1HOYFT/XNra2l0MC+Vql11Dnq9
nKgHh7ZTtjTXmlzwsPbNIe7gmHl9F3JUS5pmzr4rDVAptjQeHUxKV1oK5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCq1rF3O46RDKYFQ/NZYvYmwsIPKMB8GA1UdIwQY
MBaAFJJ7HlasfQeALEVnxGeUNRWbQiCWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva25zZVZxeDlCNEFzUldmRVo1UTFGWnRDSUpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMTFkZWEtMzA1ZS00ODk4LTkxOTIt
MzY1MzQ3ZjQxNmMwLzEva25zZVZxeDlCNEFzUldmRVo1UTFGWnRDSUpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMTFkZWEtMzA1ZS00ODk4LTkxOTItMzY1MzQ3ZjQxNmMw
LzEva25zZVZxeDlCNEFzUldmRVo1UTFGWnRDSUpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUa3/Ze6S
/f/1rSbj23SOoLewvxa8/6/gYptHNuuMm0WnjAIVhptQ3ZlS6WaJWMRz8QskPhX2
ZkewzGq/yMRJc/ld/zjxOIh15kbjlkYonSfCLgVYIIc5ki7u3GOo7S+a5BZFmUu9
utTqh09Sef9rSbzNDIy2C6BY0AQHCp8q0h0Oll74TDt2xet8PP4uLoYpYxS7X/xX
GCvRCaB7dirIkIprv5mu16R+qIlXbVS3YwFdzouPw89MeAjlooQxlwkS4WkfCjXo
wC6rzyXGtdamYn0dnjw8a7cmMBoEXVegJCiAT/oTZtvXITYCR7Yi9aX8dDVEAxDC
g601uGw4OL/QvA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:54:41 2025 by rpki-client