Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/KkRyM2ydAqSIzdd1NNZfsUZewJo.mft
File: KkRyM2ydAqSIzdd1NNZfsUZewJo.mft (raw, json)
Hash identifier: FtzzBkKKN5Qdcy6qfWlJRnw/ZvegyR/FtAUlUa5IcFk=
Subject key identifier: 6B:C8:D5:BD:98:4F:56:0B:AC:3B:64:B6:80:8C:28:A8:F1:4A:E8:D2
Authority key identifier: 2A:44:72:33:6C:9D:02:A4:88:CD:D7:75:34:D6:5F:B1:46:5E:C0:9A
Certificate issuer: /CN=2a4472336c9d02a488cdd77534d65fb1465ec09a
Certificate serial: 019A7112F28617516228BA7ACEDC0B4C528E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KkRyM2ydAqSIzdd1NNZfsUZewJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/KkRyM2ydAqSIzdd1NNZfsUZewJo.mft
Manifest number: 171E
Signing time: Tue 11 Nov 2025 04:00:58 +0000
Manifest this update: Tue 11 Nov 2025 04:00:58 +0000
Manifest next update: Wed 12 Nov 2025 04:00:58 +0000
Files and hashes: 1: KkRyM2ydAqSIzdd1NNZfsUZewJo.crl (hash: IjZTHxZkc5IHxdR23FDIN0GGaKPOohnAlUpiGN8EHdQ=)
2: NPr8_e46sz8H4JR5QlVGvECNy6k.roa (hash: z5xILP0Xt/AwC2kYkY04BjCbsF3nJbNXJ0hJj+W9BVk=)
3: _x206HZGagtA6dAvfxStsmKc3n4.roa (hash: b78aj5rvx2Xy9g+pAEN4tSwQJDBl/+csOAL8uop4FGI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/KkRyM2ydAqSIzdd1NNZfsUZewJo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/KkRyM2ydAqSIzdd1NNZfsUZewJo.mft
rsync://rpki.ripe.net/repository/DEFAULT/KkRyM2ydAqSIzdd1NNZfsUZewJo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:12:f2:86:17:51:62:28:ba:7a:ce:dc:0b:4c:52:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a4472336c9d02a488cdd77534d65fb1465ec09a
Validity
Not Before: Nov 11 04:00:58 2025 GMT
Not After : Nov 12 04:00:58 2025 GMT
Subject: CN=6bc8d5bd984f560bac3b64b6808c28a8f14ae8d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:cb:89:72:fa:0e:9e:8b:b2:8f:70:91:8a:be:
d6:e6:2e:b9:9b:b5:29:3a:e4:cc:ed:86:25:5e:43:
1e:c4:3d:33:9e:46:24:ce:76:1e:a4:c1:6a:e2:73:
79:49:a9:45:d7:de:82:51:00:30:2d:75:dc:8f:b8:
0f:29:47:bc:d8:ef:10:f7:23:38:c3:2c:6a:3f:7c:
bf:ed:fd:c5:94:22:17:86:1f:24:b3:0d:a5:1b:67:
b5:2d:f8:a0:d6:e1:4f:4a:54:c2:15:1a:67:e9:4c:
76:8a:ac:49:98:d9:8b:a1:a6:0d:b0:a8:c0:ee:47:
04:a4:3b:05:7f:a6:64:0e:9f:ea:b9:3d:d4:9f:67:
a2:c2:a9:af:1e:68:28:77:cc:59:a3:c2:ca:74:82:
18:3a:1c:52:64:21:b5:df:5d:03:6a:05:81:40:61:
6b:11:e0:28:87:5e:c9:48:6a:c0:c9:cd:d2:f9:e2:
ec:60:3f:a5:96:f2:fc:12:b7:37:61:c2:25:8d:6c:
65:0f:ac:67:6a:54:b5:8d:38:1e:c4:3e:41:7a:8c:
37:14:9e:78:6e:e0:5c:d6:58:d8:40:48:4d:61:b2:
f3:9d:ca:88:cf:a5:34:5c:e3:21:61:84:f8:92:8f:
5a:72:b3:d7:f6:e2:61:03:57:e6:8b:3d:b5:4d:4c:
43:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:C8:D5:BD:98:4F:56:0B:AC:3B:64:B6:80:8C:28:A8:F1:4A:E8:D2
X509v3 Authority Key Identifier:
keyid:2A:44:72:33:6C:9D:02:A4:88:CD:D7:75:34:D6:5F:B1:46:5E:C0:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KkRyM2ydAqSIzdd1NNZfsUZewJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/KkRyM2ydAqSIzdd1NNZfsUZewJo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/KkRyM2ydAqSIzdd1NNZfsUZewJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
03:48:1a:54:1a:c5:fd:3d:29:aa:7e:27:06:1b:3b:17:48:d5:
fd:3c:ee:f5:3c:d2:b1:c7:38:85:54:66:d7:c7:a3:e4:89:66:
13:27:5b:02:9c:e1:cc:e6:b8:7f:96:56:50:a3:d5:ed:9f:0f:
1a:33:df:fa:8a:03:68:79:c8:a3:5b:1c:3f:f6:c5:59:f0:ed:
54:ba:84:35:b5:55:0f:8b:22:ad:96:fc:d9:98:79:39:92:9e:
34:cc:0d:7f:00:97:3c:07:21:e5:d4:cf:dc:af:a6:5c:98:29:
60:c9:62:bc:36:15:72:f5:d2:cd:46:8d:f0:ec:05:cd:ec:a0:
f7:c2:01:55:eb:51:67:08:32:d1:a6:0c:61:7d:32:a1:ce:f1:
ec:71:f6:cb:83:c6:35:2f:bf:b4:1a:e8:ae:d0:f5:55:13:d0:
ee:bf:60:06:91:01:92:2f:ed:4c:97:30:40:44:a4:8c:a8:2e:
61:bf:18:20:8f:10:9c:2a:2a:46:28:34:2b:44:0f:ec:25:30:
a3:e9:82:c4:fe:28:67:cd:72:92:df:99:b7:36:4d:4c:e6:36:
a6:d7:9c:3d:7d:ec:14:b4:a6:99:7a:c1:f3:87:67:ca:c5:b9:
5e:f1:e3:bf:e7:15:3b:0e:b6:e0:54:5a:37:0b:d7:7c:5f:60:
56:03:5f:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEvKGF1FiKLp6ztwLTFKOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNDQ3MjMzNmM5ZDAyYTQ4OGNkZDc3NTM0ZDY1ZmIxNDY1
ZWMwOWEwHhcNMjUxMTExMDQwMDU4WhcNMjUxMTEyMDQwMDU4WjAzMTEwLwYDVQQD
Eyg2YmM4ZDViZDk4NGY1NjBiYWMzYjY0YjY4MDhjMjhhOGYxNGFlOGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsuJcvoOnouyj3CRir7W5i65m7Up
OuTM7YYlXkMexD0znkYkznYepMFq4nN5SalF196CUQAwLXXcj7gPKUe82O8Q9yM4
wyxqP3y/7f3FlCIXhh8ksw2lG2e1Lfig1uFPSlTCFRpn6Ux2iqxJmNmLoaYNsKjA
7kcEpDsFf6ZkDp/quT3Un2eiwqmvHmgod8xZo8LKdIIYOhxSZCG1310DagWBQGFr
EeAoh17JSGrAyc3S+eLsYD+llvL8Erc3YcIljWxlD6xnalS1jTgexD5Beow3FJ54
buBc1ljYQEhNYbLzncqIz6U0XOMhYYT4ko9acrPX9uJhA1fmiz21TUxDBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGvI1b2YT1YLrDtktoCMKKjxSujSMB8GA1UdIwQY
MBaAFCpEcjNsnQKkiM3XdTTWX7FGXsCaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2tSeU0yeWRBcVNJemRkMU5OWmZzVVpld0pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wMWRiODItNDE3Mi00NDA1LWFiNTUt
MDA4NmQwMjM4NWQ2LzEvS2tSeU0yeWRBcVNJemRkMU5OWmZzVVpld0pvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wMWRiODItNDE3Mi00NDA1LWFiNTUtMDA4NmQwMjM4NWQ2
LzEvS2tSeU0yeWRBcVNJemRkMU5OWmZzVVpld0pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA0gaVBrF
/T0pqn4nBhs7F0jV/Tzu9TzSscc4hVRm18ej5IlmEydbApzhzOa4f5ZWUKPV7Z8P
GjPf+ooDaHnIo1scP/bFWfDtVLqENbVVD4sirZb82Zh5OZKeNMwNfwCXPAch5dTP
3K+mXJgpYMlivDYVcvXSzUaN8OwFzeyg98IBVetRZwgy0aYMYX0yoc7x7HH2y4PG
NS+/tBrortD1VRPQ7r9gBpEBki/tTJcwQESkjKguYb8YII8QnCoqRig0K0QP7CUw
o+mCxP4oZ81ykt+ZtzZNTOY2ptecPX3sFLSmmXrB84dnysW5XvHjv+cVOw624FRa
NwvXfF9gVgNfMw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:43:16 2025 by rpki-client