Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/04f474-e3b5-4595-a044-657e41c63ca9/1/KUoc22jxVM-VQYowjILY2lB3UQk.mft
File: KUoc22jxVM-VQYowjILY2lB3UQk.mft (raw, json)
Hash identifier: qDfLBka21oMcX7hpUtXjBhJg6Iohkur9v7/OVzZgd44=
Subject key identifier: 04:75:0D:3C:6B:08:C6:96:F3:84:D4:69:E8:58:7E:78:1F:3C:40:2C
Authority key identifier: 29:4A:1C:DB:68:F1:54:CF:95:41:8A:30:8C:82:D8:DA:50:77:51:09
Certificate issuer: /CN=294a1cdb68f154cf95418a308c82d8da50775109
Certificate serial: 019A21ADDA2F6D685AC0E562AA28D33E2CAB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KUoc22jxVM-VQYowjILY2lB3UQk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/04f474-e3b5-4595-a044-657e41c63ca9/1/KUoc22jxVM-VQYowjILY2lB3UQk.mft
Manifest number: 138B
Signing time: Sun 26 Oct 2025 18:00:32 +0000
Manifest this update: Sun 26 Oct 2025 18:00:32 +0000
Manifest next update: Mon 27 Oct 2025 18:00:32 +0000
Files and hashes: 1: KUoc22jxVM-VQYowjILY2lB3UQk.crl (hash: VW1KoLeb7SGAGUQ10aWp4VXKBRquxk7E1g5dycJiLNc=)
2: KZGod_BqVRdmwfNvBiSAHniE4gQ.roa (hash: 6XoOJiv494XxgxSZpKNQsumj729QUswWc6xs9n2QuB0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/04f474-e3b5-4595-a044-657e41c63ca9/1/KUoc22jxVM-VQYowjILY2lB3UQk.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/04f474-e3b5-4595-a044-657e41c63ca9/1/KUoc22jxVM-VQYowjILY2lB3UQk.mft
rsync://rpki.ripe.net/repository/DEFAULT/KUoc22jxVM-VQYowjILY2lB3UQk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 18:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:21:ad:da:2f:6d:68:5a:c0:e5:62:aa:28:d3:3e:2c:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=294a1cdb68f154cf95418a308c82d8da50775109
Validity
Not Before: Oct 26 18:00:32 2025 GMT
Not After : Oct 27 18:00:32 2025 GMT
Subject: CN=04750d3c6b08c696f384d469e8587e781f3c402c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b4:46:22:e6:d5:b6:82:f4:12:dd:13:02:dd:
6f:77:8b:f8:02:35:4d:32:8f:08:ed:f4:10:e0:4f:
6d:75:fb:69:22:c9:18:4f:a4:49:fc:18:87:cc:59:
6b:3c:d9:69:0c:41:06:0d:47:13:66:90:45:bd:ad:
23:10:12:6e:b6:80:43:8e:15:c5:18:b9:f9:5c:29:
b4:2f:ce:8b:8f:fd:59:9d:fb:35:02:30:a7:11:9c:
6f:15:61:bb:1f:0d:65:47:31:0e:8a:51:63:6e:d4:
90:d7:05:7d:d2:da:ae:86:5d:4a:06:95:b2:6f:ea:
81:68:60:ec:ec:d4:38:64:cf:31:a5:42:1e:47:68:
38:57:c7:c3:09:c2:1c:11:fc:ce:0e:c6:71:ce:35:
fb:07:82:72:d1:59:fd:ad:dd:3e:ce:80:f8:38:c2:
5e:b3:60:dd:df:e3:a2:8e:61:7a:a4:16:b6:f7:51:
b2:32:00:72:10:0f:9f:32:90:61:c5:13:74:4b:27:
58:9a:c7:71:d7:be:b0:85:18:98:fc:4b:03:da:05:
41:d0:34:e3:25:83:3b:87:b9:b5:cf:cb:e9:48:83:
b2:73:85:8b:9d:6c:b6:66:d9:e5:58:5d:68:fb:3b:
7c:39:fa:1f:a2:ce:15:09:af:0b:fa:3a:87:62:5e:
11:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:75:0D:3C:6B:08:C6:96:F3:84:D4:69:E8:58:7E:78:1F:3C:40:2C
X509v3 Authority Key Identifier:
keyid:29:4A:1C:DB:68:F1:54:CF:95:41:8A:30:8C:82:D8:DA:50:77:51:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KUoc22jxVM-VQYowjILY2lB3UQk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/04f474-e3b5-4595-a044-657e41c63ca9/1/KUoc22jxVM-VQYowjILY2lB3UQk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/04f474-e3b5-4595-a044-657e41c63ca9/1/KUoc22jxVM-VQYowjILY2lB3UQk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a1:58:d6:83:dc:12:6e:6b:9a:13:f4:10:c2:c6:c5:fa:5c:25:
99:77:b1:49:42:33:67:03:1a:15:52:4f:9b:10:ce:bc:cc:93:
24:73:21:37:6a:14:41:6d:49:1a:3c:2b:71:e2:55:8b:9d:1f:
6b:2e:3d:b4:c4:01:11:15:de:32:5c:a5:f2:2e:d9:46:0f:07:
58:bc:06:06:79:0b:52:6c:87:d4:5a:98:3e:d0:6e:e2:19:38:
9f:63:3b:85:bd:28:a1:b5:e7:3e:cd:fd:37:dd:80:83:92:a7:
ad:7c:84:12:b7:c8:c0:dc:5d:6d:22:0f:00:a8:59:f2:7d:3f:
4e:05:30:ab:6b:60:b0:9f:27:d6:52:9f:4f:f9:5e:4e:d8:e7:
76:a5:3a:55:51:84:1a:5e:d7:9d:9e:d2:79:ee:3e:c4:bf:f4:
39:51:a3:38:d5:27:e1:d7:8d:87:55:fc:1a:df:11:02:5e:ec:
94:b4:53:c9:9a:4d:14:65:6a:5b:08:a8:42:af:07:58:f4:b2:
2f:a8:c6:e2:72:ae:ab:77:26:1f:d5:07:8c:23:58:03:f8:3f:
ed:f0:0e:40:be:76:4c:2b:0e:db:81:ad:e0:62:0f:7d:ba:16:
32:64:22:51:50:e9:d0:e8:71:2a:06:ad:16:68:0b:16:b9:e7:
98:3d:45:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZohrdovbWhawOViqijTPiyrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NGExY2RiNjhmMTU0Y2Y5NTQxOGEzMDhjODJkOGRhNTA3
NzUxMDkwHhcNMjUxMDI2MTgwMDMyWhcNMjUxMDI3MTgwMDMyWjAzMTEwLwYDVQQD
EygwNDc1MGQzYzZiMDhjNjk2ZjM4NGQ0NjllODU4N2U3ODFmM2M0MDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbRGIubVtoL0Et0TAt1vd4v4AjVN
Mo8I7fQQ4E9tdftpIskYT6RJ/BiHzFlrPNlpDEEGDUcTZpBFva0jEBJutoBDjhXF
GLn5XCm0L86Lj/1Znfs1AjCnEZxvFWG7Hw1lRzEOilFjbtSQ1wV90tquhl1KBpWy
b+qBaGDs7NQ4ZM8xpUIeR2g4V8fDCcIcEfzODsZxzjX7B4Jy0Vn9rd0+zoD4OMJe
s2Dd3+OijmF6pBa291GyMgByEA+fMpBhxRN0SydYmsdx176whRiY/EsD2gVB0DTj
JYM7h7m1z8vpSIOyc4WLnWy2ZtnlWF1o+zt8Ofofos4VCa8L+jqHYl4RawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAR1DTxrCMaW84TUaehYfngfPEAsMB8GA1UdIwQY
MBaAFClKHNto8VTPlUGKMIyC2NpQd1EJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1VvYzIyanhWTS1WUVlvd2pJTFkybEIzVVFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wNGY0NzQtZTNiNS00NTk1LWEwNDQt
NjU3ZTQxYzYzY2E5LzEvS1VvYzIyanhWTS1WUVlvd2pJTFkybEIzVVFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wNGY0NzQtZTNiNS00NTk1LWEwNDQtNjU3ZTQxYzYzY2E5
LzEvS1VvYzIyanhWTS1WUVlvd2pJTFkybEIzVVFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoVjWg9wS
bmuaE/QQwsbF+lwlmXexSUIzZwMaFVJPmxDOvMyTJHMhN2oUQW1JGjwrceJVi50f
ay49tMQBERXeMlyl8i7ZRg8HWLwGBnkLUmyH1FqYPtBu4hk4n2M7hb0oobXnPs39
N92Ag5KnrXyEErfIwNxdbSIPAKhZ8n0/TgUwq2tgsJ8n1lKfT/leTtjndqU6VVGE
Gl7XnZ7See4+xL/0OVGjONUn4deNh1X8Gt8RAl7slLRTyZpNFGVqWwioQq8HWPSy
L6jG4nKuq3cmH9UHjCNYA/g/7fAOQL52TCsO24Gt4GIPfboWMmQiUVDp0OhxKgat
FmgLFrnnmD1F7g==
-----END CERTIFICATE-----
Generated at Mon Oct 27 03:54:38 2025 by rpki-client