Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/89c3e4-b613-49ec-ae25-2e75228f9261/1/KwFArTlBTE6rAqxVQitEFj7TSw8.mft
File: KwFArTlBTE6rAqxVQitEFj7TSw8.mft (raw, json)
Hash identifier: Re+GMXUaV7kEwuSKrBuUv75t+8xjRrjdMFAkX9ef9WY=
Subject key identifier: 52:62:B4:B4:58:1F:6A:DD:25:DE:39:87:3E:2A:EF:19:F3:4A:CF:D0
Authority key identifier: 2B:01:40:AD:39:41:4C:4E:AB:02:AC:55:42:2B:44:16:3E:D3:4B:0F
Certificate issuer: /CN=2b0140ad39414c4eab02ac55422b44163ed34b0f
Certificate serial: 019A1A6215D5D1C0FDE9C2F8470038120CFF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KwFArTlBTE6rAqxVQitEFj7TSw8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/89c3e4-b613-49ec-ae25-2e75228f9261/1/KwFArTlBTE6rAqxVQitEFj7TSw8.mft
Manifest number: 0448
Signing time: Sat 25 Oct 2025 08:00:26 +0000
Manifest this update: Sat 25 Oct 2025 08:00:26 +0000
Manifest next update: Sun 26 Oct 2025 08:00:26 +0000
Files and hashes: 1: KwFArTlBTE6rAqxVQitEFj7TSw8.crl (hash: c/qaselLL67O0rKcUNYc61HmHyl8ubSJDX0tTTT+vuA=)
2: OsS2avf_SCsvTL1pRqTL_5n-su8.roa (hash: q2VY8Sbvggao2o4h3H+VtLne6bMzXujw9hwcUuBVuOM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/89c3e4-b613-49ec-ae25-2e75228f9261/1/KwFArTlBTE6rAqxVQitEFj7TSw8.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/89c3e4-b613-49ec-ae25-2e75228f9261/1/KwFArTlBTE6rAqxVQitEFj7TSw8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KwFArTlBTE6rAqxVQitEFj7TSw8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 Oct 2025 08:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:1a:62:15:d5:d1:c0:fd:e9:c2:f8:47:00:38:12:0c:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b0140ad39414c4eab02ac55422b44163ed34b0f
Validity
Not Before: Oct 25 08:00:26 2025 GMT
Not After : Oct 26 08:00:26 2025 GMT
Subject: CN=5262b4b4581f6add25de39873e2aef19f34acfd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:39:8f:16:22:ce:67:7e:7f:83:f0:6e:0e:07:
72:82:38:9b:57:0f:35:a6:9f:56:4a:a7:06:46:b8:
32:c5:f5:55:02:bc:e9:f0:3b:cb:cd:d8:e3:c5:95:
b2:18:e5:0b:30:e6:ee:db:32:80:51:a1:75:b2:ef:
af:8e:52:7d:38:3e:be:50:71:c8:d1:8d:55:eb:ee:
f6:84:32:9b:ae:4f:f9:3a:24:77:b7:47:45:0d:4c:
7d:ae:11:d8:cd:51:2e:7d:d2:4e:d7:72:41:97:32:
a8:d6:e2:aa:73:bc:d3:f1:f7:35:5d:a8:f0:b6:2e:
59:bc:7c:70:98:d9:b9:51:dc:6a:b4:8e:af:99:1f:
9e:9b:19:b1:83:18:fa:df:fd:da:14:4b:11:e9:e4:
44:75:e9:22:b7:01:db:9e:c4:6b:5b:40:5f:b1:e2:
f1:0d:a0:4e:93:68:bd:d0:28:b0:e2:11:8e:b7:4a:
b4:49:a7:2c:8f:26:47:ea:a3:0c:ec:86:8c:b6:1c:
e0:25:69:57:4b:f3:fb:71:db:21:42:21:3e:e5:cc:
95:cd:86:42:83:b2:a3:7b:98:82:28:01:7f:11:8d:
2a:a2:e3:68:d9:ac:52:14:9c:69:d3:56:b3:e1:fe:
c0:2d:da:73:75:35:8c:28:a2:fc:ce:36:ee:11:71:
c9:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:62:B4:B4:58:1F:6A:DD:25:DE:39:87:3E:2A:EF:19:F3:4A:CF:D0
X509v3 Authority Key Identifier:
keyid:2B:01:40:AD:39:41:4C:4E:AB:02:AC:55:42:2B:44:16:3E:D3:4B:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KwFArTlBTE6rAqxVQitEFj7TSw8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/89c3e4-b613-49ec-ae25-2e75228f9261/1/KwFArTlBTE6rAqxVQitEFj7TSw8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/89c3e4-b613-49ec-ae25-2e75228f9261/1/KwFArTlBTE6rAqxVQitEFj7TSw8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
06:c1:9f:36:c7:b1:3a:f0:55:4e:03:57:15:ea:12:be:ff:a0:
eb:fd:58:b7:c1:f7:b6:52:2f:a3:b0:89:90:16:78:a8:18:43:
d8:d1:4e:c8:7a:a7:22:ad:4d:4c:12:01:cb:31:c2:79:0a:f3:
35:6a:e2:a6:99:ef:b2:b2:94:bd:01:c7:74:eb:62:f7:3c:75:
67:66:48:4b:79:1c:b8:6c:46:5e:1c:81:c9:b2:1a:db:93:e3:
8b:b4:cb:3d:af:6b:92:15:43:2e:a2:03:84:5e:b9:f6:43:fa:
20:91:d0:e7:1b:72:05:7b:74:12:2c:4f:76:1d:9a:b9:25:02:
a3:aa:30:f7:4e:55:72:0f:5d:d4:22:d5:bf:8a:9e:33:b5:33:
1a:e6:f7:28:57:88:3d:04:7d:d5:db:ae:64:d2:6f:9b:99:8d:
da:23:53:d8:5c:49:c5:8a:9e:e7:b9:96:7d:6b:47:55:32:1d:
ce:71:d2:b4:c5:c3:d6:02:a7:6b:a5:66:27:17:76:51:03:23:
96:6a:50:58:c2:09:df:97:c0:d1:2b:4c:13:a9:45:d4:f7:2c:
66:24:28:fb:47:08:4e:bd:23:42:02:d7:44:c7:a3:e6:d8:04:
b4:ec:55:e3:61:30:b2:d0:77:28:d2:b3:ce:2f:40:4c:34:9e:
a3:79:f3:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoaYhXV0cD96cL4RwA4Egz/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMDE0MGFkMzk0MTRjNGVhYjAyYWM1NTQyMmI0NDE2M2Vk
MzRiMGYwHhcNMjUxMDI1MDgwMDI2WhcNMjUxMDI2MDgwMDI2WjAzMTEwLwYDVQQD
Eyg1MjYyYjRiNDU4MWY2YWRkMjVkZTM5ODczZTJhZWYxOWYzNGFjZmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzmPFiLOZ35/g/BuDgdygjibVw81
pp9WSqcGRrgyxfVVArzp8DvLzdjjxZWyGOULMObu2zKAUaF1su+vjlJ9OD6+UHHI
0Y1V6+72hDKbrk/5OiR3t0dFDUx9rhHYzVEufdJO13JBlzKo1uKqc7zT8fc1Xajw
ti5ZvHxwmNm5UdxqtI6vmR+emxmxgxj63/3aFEsR6eREdekitwHbnsRrW0BfseLx
DaBOk2i90Ciw4hGOt0q0SacsjyZH6qMM7IaMthzgJWlXS/P7cdshQiE+5cyVzYZC
g7Kje5iCKAF/EY0qouNo2axSFJxp01az4f7ALdpzdTWMKKL8zjbuEXHJCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFJitLRYH2rdJd45hz4q7xnzSs/QMB8GA1UdIwQY
MBaAFCsBQK05QUxOqwKsVUIrRBY+00sPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3dGQXJUbEJURTZyQXF4VlFpdEVGajdUU3c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy84OWMzZTQtYjYxMy00OWVjLWFlMjUt
MmU3NTIyOGY5MjYxLzEvS3dGQXJUbEJURTZyQXF4VlFpdEVGajdUU3c4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy84OWMzZTQtYjYxMy00OWVjLWFlMjUtMmU3NTIyOGY5MjYx
LzEvS3dGQXJUbEJURTZyQXF4VlFpdEVGajdUU3c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABsGfNsex
OvBVTgNXFeoSvv+g6/1Yt8H3tlIvo7CJkBZ4qBhD2NFOyHqnIq1NTBIByzHCeQrz
NWrippnvsrKUvQHHdOti9zx1Z2ZIS3kcuGxGXhyBybIa25Pji7TLPa9rkhVDLqID
hF659kP6IJHQ5xtyBXt0EixPdh2auSUCo6ow905Vcg9d1CLVv4qeM7UzGub3KFeI
PQR91duuZNJvm5mN2iNT2FxJxYqe57mWfWtHVTIdznHStMXD1gKna6VmJxd2UQMj
lmpQWMIJ35fA0StME6lF1PcsZiQo+0cITr0jQgLXRMej5tgEtOxV42EwstB3KNKz
zi9ATDSeo3nz/w==
-----END CERTIFICATE-----
Generated at Sat Oct 25 16:35:12 2025 by rpki-client