Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.mft
File: kyIxLx0huzs4bKOqlzrGzSVLcDk.mft (raw, json)
Hash identifier: vC9uxzz3yjOG8O3+qIgECk8oqv09q1lZE+AujzFh6Cg=
Subject key identifier: BF:5A:27:E7:5C:FC:67:AA:0E:5D:DD:42:71:45:E4:9B:3F:C5:9C:CF
Authority key identifier: 93:22:31:2F:1D:21:BB:3B:38:6C:A3:AA:97:3A:C6:CD:25:4B:70:39
Certificate issuer: /CN=9322312f1d21bb3b386ca3aa973ac6cd254b7039
Certificate serial: 019A725C4805E6059E3202C6F025FFCF48A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kyIxLx0huzs4bKOqlzrGzSVLcDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.mft
Manifest number: 171B
Signing time: Tue 11 Nov 2025 10:00:41 +0000
Manifest this update: Tue 11 Nov 2025 10:00:41 +0000
Manifest next update: Wed 12 Nov 2025 10:00:41 +0000
Files and hashes: 1: kyIxLx0huzs4bKOqlzrGzSVLcDk.crl (hash: CSVqrwOcRZr05k5E6LGHGLixiUOio/bq3NINmXt51Gg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/kyIxLx0huzs4bKOqlzrGzSVLcDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:48:05:e6:05:9e:32:02:c6:f0:25:ff:cf:48:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9322312f1d21bb3b386ca3aa973ac6cd254b7039
Validity
Not Before: Nov 11 10:00:41 2025 GMT
Not After : Nov 12 10:00:41 2025 GMT
Subject: CN=bf5a27e75cfc67aa0e5ddd427145e49b3fc59ccf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a1:a0:dd:e5:b8:93:a2:7c:bb:8b:00:de:13:
c7:37:ec:d2:d1:8e:1d:5d:69:c6:d9:3d:f5:9e:6e:
c8:5d:17:56:b7:5b:e2:13:bf:b3:19:5e:58:54:f0:
2e:37:06:b0:49:b6:94:8c:26:0b:48:30:c7:52:64:
f8:94:b7:6c:7b:f8:f8:d3:c7:cf:9c:86:c0:87:fe:
34:83:23:8e:6a:a0:e4:54:10:4c:69:13:81:32:57:
a8:e7:53:0f:05:9d:62:d7:e7:b6:8f:ab:5a:02:01:
27:9a:d9:eb:32:5f:ac:a7:b8:57:25:ff:0e:41:c5:
9a:c7:1b:64:d3:04:1c:f3:9a:15:fa:f7:37:b5:38:
d6:4f:39:ae:10:69:5c:67:a2:eb:1d:7a:cf:ab:ee:
b2:f6:6c:a7:20:90:49:80:64:d5:9d:46:4a:cf:35:
08:7b:86:9a:91:36:e2:7f:2b:13:9d:b3:4a:a2:63:
9b:b4:2f:0f:6b:1d:53:52:15:28:62:19:92:45:3c:
7e:6b:d9:eb:8a:67:0c:ca:56:23:a9:0b:de:00:d7:
57:a4:44:68:34:77:31:76:3c:99:9c:25:ea:51:3d:
fb:c1:f0:56:17:d9:fc:cf:35:d0:ea:53:31:9e:04:
2d:8b:51:25:65:78:57:0a:71:58:4a:8d:ed:08:39:
85:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:5A:27:E7:5C:FC:67:AA:0E:5D:DD:42:71:45:E4:9B:3F:C5:9C:CF
X509v3 Authority Key Identifier:
keyid:93:22:31:2F:1D:21:BB:3B:38:6C:A3:AA:97:3A:C6:CD:25:4B:70:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kyIxLx0huzs4bKOqlzrGzSVLcDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
15:b0:bc:79:75:c1:81:28:1f:bc:3b:99:9d:b3:d0:eb:f0:f0:
90:81:b2:a7:62:3c:8f:0f:c2:da:d0:63:6b:f7:39:f3:2d:1c:
54:67:f9:15:3d:a4:2c:8e:be:81:1e:34:e6:88:25:7c:24:32:
b0:96:0c:69:34:06:77:0c:c0:4f:66:5d:5d:c0:1a:25:43:bd:
33:81:93:1b:fd:17:50:17:c5:a4:66:ad:de:8f:ec:a8:6b:14:
aa:a8:32:90:8f:d8:35:c8:a1:e7:17:78:d7:93:3d:e8:55:85:
80:07:9c:f1:d7:b9:75:30:41:de:ae:c8:a0:f2:64:a3:96:c2:
be:36:51:10:83:bb:d2:fe:fe:6d:3f:9d:c0:9c:a6:d3:1c:05:
19:52:b9:b3:81:c5:d7:0e:1a:33:34:0e:76:0e:57:ce:72:a3:
34:c2:41:36:93:73:d9:89:4f:73:44:b2:9f:1b:a6:3a:78:58:
8b:7d:db:fa:c2:a3:37:19:9a:73:b4:ec:fa:d8:31:fb:ca:99:
23:76:78:b1:31:8e:3e:af:0a:f8:51:cf:8e:aa:25:be:ac:67:
49:73:2b:7b:0d:97:ae:aa:cf:b7:3d:dd:4c:45:c0:ab:7f:ec:
18:87:6c:c0:1b:9c:24:22:15:87:38:b8:73:46:56:bc:8c:08:
6f:8c:fa:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXEgF5gWeMgLG8CX/z0ioMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMjIzMTJmMWQyMWJiM2IzODZjYTNhYTk3M2FjNmNkMjU0
YjcwMzkwHhcNMjUxMTExMTAwMDQxWhcNMjUxMTEyMTAwMDQxWjAzMTEwLwYDVQQD
EyhiZjVhMjdlNzVjZmM2N2FhMGU1ZGRkNDI3MTQ1ZTQ5YjNmYzU5Y2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxaGg3eW4k6J8u4sA3hPHN+zS0Y4d
XWnG2T31nm7IXRdWt1viE7+zGV5YVPAuNwawSbaUjCYLSDDHUmT4lLdse/j408fP
nIbAh/40gyOOaqDkVBBMaROBMleo51MPBZ1i1+e2j6taAgEnmtnrMl+sp7hXJf8O
QcWaxxtk0wQc85oV+vc3tTjWTzmuEGlcZ6LrHXrPq+6y9mynIJBJgGTVnUZKzzUI
e4aakTbifysTnbNKomObtC8Pax1TUhUoYhmSRTx+a9nrimcMylYjqQveANdXpERo
NHcxdjyZnCXqUT37wfBWF9n8zzXQ6lMxngQti1ElZXhXCnFYSo3tCDmF0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL9aJ+dc/GeqDl3dQnFF5Js/xZzPMB8GA1UdIwQY
MBaAFJMiMS8dIbs7OGyjqpc6xs0lS3A5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3lJeEx4MGh1enM0YktPcWx6ckd6U1ZMY0RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC82OTVkNzEtYmJhMS00MjVkLWI5ZjMt
YzI2Nzc4MDliNGE3LzEva3lJeEx4MGh1enM0YktPcWx6ckd6U1ZMY0RrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC82OTVkNzEtYmJhMS00MjVkLWI5ZjMtYzI2Nzc4MDliNGE3
LzEva3lJeEx4MGh1enM0YktPcWx6ckd6U1ZMY0RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFbC8eXXB
gSgfvDuZnbPQ6/DwkIGyp2I8jw/C2tBja/c58y0cVGf5FT2kLI6+gR405oglfCQy
sJYMaTQGdwzAT2ZdXcAaJUO9M4GTG/0XUBfFpGat3o/sqGsUqqgykI/YNcih5xd4
15M96FWFgAec8de5dTBB3q7IoPJko5bCvjZREIO70v7+bT+dwJym0xwFGVK5s4HF
1w4aMzQOdg5XznKjNMJBNpNz2YlPc0SynxumOnhYi33b+sKjNxmac7Ts+tgx+8qZ
I3Z4sTGOPq8K+FHPjqolvqxnSXMrew2XrqrPtz3dTEXAq3/sGIdswBucJCIVhzi4
c0ZWvIwIb4z6qQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:45:10 2025 by rpki-client