Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/KkRyM2ydAqSIzdd1NNZfsUZewJo.mft
File: KkRyM2ydAqSIzdd1NNZfsUZewJo.mft (raw, json)
Hash identifier: xjFjAomMunA8iIofvWYhqoIJSrBjxrRRFeesjwkkVis=
Subject key identifier: 0B:57:1C:6B:64:CD:09:0A:F4:BD:8A:E2:AD:12:96:F3:BC:9D:E5:2E
Authority key identifier: 2A:44:72:33:6C:9D:02:A4:88:CD:D7:75:34:D6:5F:B1:46:5E:C0:9A
Certificate issuer: /CN=2a4472336c9d02a488cdd77534d65fb1465ec09a
Certificate serial: 0199345B5B814172E4760FFCE4CAEAA1E94B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KkRyM2ydAqSIzdd1NNZfsUZewJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/KkRyM2ydAqSIzdd1NNZfsUZewJo.mft
Manifest number: 167A
Signing time: Wed 10 Sep 2025 16:00:26 +0000
Manifest this update: Wed 10 Sep 2025 16:00:26 +0000
Manifest next update: Thu 11 Sep 2025 16:00:26 +0000
Files and hashes: 1: KkRyM2ydAqSIzdd1NNZfsUZewJo.crl (hash: 8EzjA1mKOfdN4MO/ECnC3pa3ZlMLK2EsuGhGf91i3yQ=)
2: NPr8_e46sz8H4JR5QlVGvECNy6k.roa (hash: z5xILP0Xt/AwC2kYkY04BjCbsF3nJbNXJ0hJj+W9BVk=)
3: _x206HZGagtA6dAvfxStsmKc3n4.roa (hash: b78aj5rvx2Xy9g+pAEN4tSwQJDBl/+csOAL8uop4FGI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/KkRyM2ydAqSIzdd1NNZfsUZewJo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/KkRyM2ydAqSIzdd1NNZfsUZewJo.mft
rsync://rpki.ripe.net/repository/DEFAULT/KkRyM2ydAqSIzdd1NNZfsUZewJo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Sep 2025 16:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:34:5b:5b:81:41:72:e4:76:0f:fc:e4:ca:ea:a1:e9:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a4472336c9d02a488cdd77534d65fb1465ec09a
Validity
Not Before: Sep 10 16:00:26 2025 GMT
Not After : Sep 11 16:00:26 2025 GMT
Subject: CN=0b571c6b64cd090af4bd8ae2ad1296f3bc9de52e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:44:40:34:24:11:ad:8a:2b:62:72:a2:89:08:
6b:a8:06:f5:a1:26:2e:8b:60:95:7a:f9:1a:bc:57:
e6:81:f9:23:52:60:f8:23:65:20:6f:5f:28:73:07:
dc:a9:b8:3b:84:86:26:3a:2a:db:39:1b:11:f9:a6:
0c:fa:22:f0:72:3d:7c:86:70:67:8f:41:7c:c1:a5:
8e:52:91:ce:b7:81:53:b0:7f:56:66:0e:7b:c6:86:
23:68:3d:d8:4b:4f:61:e0:1c:2d:92:02:09:a7:93:
b3:e3:28:4c:aa:6b:5b:56:31:b4:20:74:ba:17:ed:
c3:97:c0:4e:88:61:65:2a:99:69:97:bc:0f:64:c1:
a9:a1:95:b9:66:03:75:32:ef:01:d8:92:83:63:a6:
31:b3:7c:ed:91:9d:d6:b1:12:0f:3c:22:80:b6:e2:
69:46:f4:00:59:c1:50:85:e0:3f:33:7c:d9:ae:c2:
be:49:25:01:90:ba:46:22:bc:37:d8:a7:12:0b:4e:
94:64:b7:e5:27:5d:f7:9b:d3:9e:75:3d:69:ef:01:
6d:a6:2a:80:62:02:42:57:08:ec:10:58:51:e9:9b:
3a:67:7e:c7:7a:47:37:a2:ed:f9:3d:22:0e:4c:49:
7b:fa:5f:14:a3:63:79:48:c7:ef:c6:42:02:4d:d6:
79:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:57:1C:6B:64:CD:09:0A:F4:BD:8A:E2:AD:12:96:F3:BC:9D:E5:2E
X509v3 Authority Key Identifier:
keyid:2A:44:72:33:6C:9D:02:A4:88:CD:D7:75:34:D6:5F:B1:46:5E:C0:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KkRyM2ydAqSIzdd1NNZfsUZewJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/KkRyM2ydAqSIzdd1NNZfsUZewJo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/KkRyM2ydAqSIzdd1NNZfsUZewJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
52:bc:01:c0:08:74:98:7f:5a:f5:47:ea:1e:78:a5:da:c9:57:
72:21:56:dc:26:fa:52:cf:7c:6f:9b:83:39:99:61:41:c7:bd:
02:3f:8f:bb:80:28:f3:a3:f3:0a:55:d3:45:a7:b4:e0:f8:50:
29:05:dc:9e:73:bf:f3:a1:0d:12:1c:9d:ef:3e:ed:54:a5:23:
97:05:a4:f8:b8:bd:11:9d:db:93:85:1b:6e:a5:5b:ec:d0:b1:
65:f6:99:e2:1d:4d:c1:00:c6:ba:61:93:29:1d:dc:11:aa:1b:
86:2a:11:70:d4:8d:55:91:23:bd:ee:3b:3d:23:bb:cb:f9:32:
7c:c0:f1:b1:5e:0a:50:fd:1c:c4:a5:70:c2:55:02:7f:c7:81:
05:f8:20:85:40:53:fc:f6:a3:40:46:1f:e1:01:94:ed:df:37:
08:f7:af:f2:69:ae:cc:65:86:34:9d:64:97:cf:13:c4:40:35:
f5:79:d5:22:f3:1b:b6:5c:c5:65:ee:ac:88:15:d2:eb:23:2b:
ef:06:3a:e2:98:29:72:7a:84:64:99:0a:f9:37:1f:aa:df:77:
3c:c2:84:ee:07:44:ef:71:aa:43:ef:b3:da:a3:26:c6:ce:cc:
4d:55:36:7a:d6:26:05:70:08:ef:22:5a:2a:09:8b:d5:71:5a:
94:34:f8:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZk0W1uBQXLkdg/85MrqoelLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNDQ3MjMzNmM5ZDAyYTQ4OGNkZDc3NTM0ZDY1ZmIxNDY1
ZWMwOWEwHhcNMjUwOTEwMTYwMDI2WhcNMjUwOTExMTYwMDI2WjAzMTEwLwYDVQQD
EygwYjU3MWM2YjY0Y2QwOTBhZjRiZDhhZTJhZDEyOTZmM2JjOWRlNTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0RANCQRrYorYnKiiQhrqAb1oSYu
i2CVevkavFfmgfkjUmD4I2Ugb18ocwfcqbg7hIYmOirbORsR+aYM+iLwcj18hnBn
j0F8waWOUpHOt4FTsH9WZg57xoYjaD3YS09h4BwtkgIJp5Oz4yhMqmtbVjG0IHS6
F+3Dl8BOiGFlKplpl7wPZMGpoZW5ZgN1Mu8B2JKDY6Yxs3ztkZ3WsRIPPCKAtuJp
RvQAWcFQheA/M3zZrsK+SSUBkLpGIrw32KcSC06UZLflJ133m9OedT1p7wFtpiqA
YgJCVwjsEFhR6Zs6Z37Hekc3ou35PSIOTEl7+l8Uo2N5SMfvxkICTdZ59QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAtXHGtkzQkK9L2K4q0SlvO8neUuMB8GA1UdIwQY
MBaAFCpEcjNsnQKkiM3XdTTWX7FGXsCaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2tSeU0yeWRBcVNJemRkMU5OWmZzVVpld0pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wMWRiODItNDE3Mi00NDA1LWFiNTUt
MDA4NmQwMjM4NWQ2LzEvS2tSeU0yeWRBcVNJemRkMU5OWmZzVVpld0pvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wMWRiODItNDE3Mi00NDA1LWFiNTUtMDA4NmQwMjM4NWQ2
LzEvS2tSeU0yeWRBcVNJemRkMU5OWmZzVVpld0pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUrwBwAh0
mH9a9UfqHnil2slXciFW3Cb6Us98b5uDOZlhQce9Aj+Pu4Ao86PzClXTRae04PhQ
KQXcnnO/86ENEhyd7z7tVKUjlwWk+Li9EZ3bk4UbbqVb7NCxZfaZ4h1NwQDGumGT
KR3cEaobhioRcNSNVZEjve47PSO7y/kyfMDxsV4KUP0cxKVwwlUCf8eBBfgghUBT
/PajQEYf4QGU7d83CPev8mmuzGWGNJ1kl88TxEA19XnVIvMbtlzFZe6siBXS6yMr
7wY64pgpcnqEZJkK+Tcfqt93PMKE7gdE73GqQ++z2qMmxs7MTVU2etYmBXAI7yJa
KgmL1XFalDT4zA==
-----END CERTIFICATE-----
Generated at Wed Sep 10 22:41:23 2025 by rpki-client