Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft
File: kdfs8XFCs7CTX443uPfZwlPw7hk.mft (raw, json)
Hash identifier: KFJuDaqIxjGJFiWyKgnlQ8CzyLbsLI9YMMycSADrsek=
Subject key identifier: FD:7E:71:3A:FC:6D:E4:4B:CE:01:2D:2D:D4:D4:5A:41:43:97:15:07
Authority key identifier: 91:D7:EC:F1:71:42:B3:B0:93:5F:8E:37:B8:F7:D9:C2:53:F0:EE:19
Certificate issuer: /CN=91d7ecf17142b3b0935f8e37b8f7d9c253f0ee19
Certificate serial: 019A251C87CC563F0988D2A90854ACABB846
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft
Manifest number: 16FC
Signing time: Mon 27 Oct 2025 10:00:17 +0000
Manifest this update: Mon 27 Oct 2025 10:00:17 +0000
Manifest next update: Tue 28 Oct 2025 10:00:17 +0000
Files and hashes: 1: kdfs8XFCs7CTX443uPfZwlPw7hk.crl (hash: s/zQceBvW2SARhzI5L5N6NGwYoLrN+PtlGoCC/1eQQs=)
2: yaNI0_QU-og_a5wIKL7nblpP3wo.roa (hash: mocSKnatPWu2K5HO5VSBkHGD9dsGk50fbeHRajNzTSQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft
rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 08:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:25:1c:87:cc:56:3f:09:88:d2:a9:08:54:ac:ab:b8:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d7ecf17142b3b0935f8e37b8f7d9c253f0ee19
Validity
Not Before: Oct 27 10:00:17 2025 GMT
Not After : Oct 28 10:00:17 2025 GMT
Subject: CN=fd7e713afc6de44bce012d2dd4d45a4143971507
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:42:98:c7:d4:db:97:cb:2f:40:cd:3b:c3:54:
d9:82:e3:be:7a:6e:a3:66:cd:a4:7c:37:4b:b0:c0:
23:42:dc:f0:7a:89:21:fb:a8:18:f9:64:c9:84:ff:
06:ad:5a:81:a7:c5:ee:0f:3c:ec:32:69:c6:3b:38:
2b:23:fe:3a:17:17:f8:1d:c6:71:79:9e:ca:d8:a6:
0f:5e:4d:eb:d3:ce:b8:33:fb:97:df:fb:7a:c7:e5:
7d:00:27:99:f8:ba:0f:99:2b:db:39:bd:08:42:94:
51:c8:f0:bc:d6:04:99:83:6f:84:f9:1f:48:a1:6c:
d4:b1:c3:06:1d:9c:2c:8f:82:3e:23:44:23:50:63:
f8:2d:31:59:4f:fd:4b:fe:27:e6:e7:ad:97:05:c5:
0b:7a:09:e8:0f:fd:f1:1e:3e:8f:02:ba:5d:30:44:
fa:3b:d2:43:19:9c:50:a0:9b:86:c0:01:98:dd:8b:
8d:fc:2d:a9:bf:65:ed:de:56:8f:46:10:1c:b6:06:
10:f2:81:bf:8b:93:b9:e5:4f:aa:5b:6b:dd:f4:95:
6d:4f:e7:6b:31:01:1e:b2:01:e5:2e:00:a4:ce:ad:
52:6b:27:d3:e4:d6:04:9d:b0:20:7c:51:05:89:fd:
a0:77:7a:56:67:19:4d:72:22:08:35:11:8d:ad:f2:
ff:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:7E:71:3A:FC:6D:E4:4B:CE:01:2D:2D:D4:D4:5A:41:43:97:15:07
X509v3 Authority Key Identifier:
keyid:91:D7:EC:F1:71:42:B3:B0:93:5F:8E:37:B8:F7:D9:C2:53:F0:EE:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6d:36:98:8f:0a:8a:d5:82:32:ca:e3:a5:29:f1:6b:28:bd:fb:
4c:87:d9:03:59:10:54:db:e4:a8:00:30:fb:41:0e:d2:3f:85:
d5:03:24:32:6c:de:d4:a0:60:09:a8:92:a8:b8:6c:3f:ad:06:
8c:2d:88:c6:90:80:69:d4:ee:ce:e8:58:f1:ae:51:a5:c7:9e:
01:29:e3:9d:5b:01:82:7c:8b:d6:5b:c1:8f:c5:62:0b:3d:d9:
91:10:f5:f1:bb:f2:45:7b:9e:65:6b:97:bd:e6:4a:cc:cc:3c:
a3:a9:4e:4c:3a:da:f5:d7:4a:3a:8d:a2:88:fa:28:18:46:a4:
6a:25:5e:d8:7a:9d:8c:d1:85:8e:50:b0:34:c0:e3:a2:cf:ad:
c1:83:9a:02:1b:83:4c:53:7f:c4:6d:67:f4:f6:5a:3b:b1:8b:
3d:d2:d3:25:0a:0b:12:3d:0a:42:99:72:27:ca:68:86:cf:d5:
cd:13:cc:6b:b8:06:9e:04:3c:8f:8f:dc:f9:a7:f4:73:a5:47:
3f:b5:81:53:18:e1:13:d3:ef:a6:40:eb:6d:a8:64:1e:21:3e:
09:fa:bf:c1:ad:a4:fe:fc:c6:74:48:f2:f3:a7:68:2c:68:27:
91:92:8b:23:e2:d1:b0:1a:f5:49:be:07:ef:6f:13:17:be:f8:
c4:0a:3f:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZolHIfMVj8JiNKpCFSsq7hGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDdlY2YxNzE0MmIzYjA5MzVmOGUzN2I4ZjdkOWMyNTNm
MGVlMTkwHhcNMjUxMDI3MTAwMDE3WhcNMjUxMDI4MTAwMDE3WjAzMTEwLwYDVQQD
EyhmZDdlNzEzYWZjNmRlNDRiY2UwMTJkMmRkNGQ0NWE0MTQzOTcxNTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUKYx9Tbl8svQM07w1TZguO+em6j
Zs2kfDdLsMAjQtzweokh+6gY+WTJhP8GrVqBp8XuDzzsMmnGOzgrI/46Fxf4HcZx
eZ7K2KYPXk3r0864M/uX3/t6x+V9ACeZ+LoPmSvbOb0IQpRRyPC81gSZg2+E+R9I
oWzUscMGHZwsj4I+I0QjUGP4LTFZT/1L/ifm562XBcULegnoD/3xHj6PArpdMET6
O9JDGZxQoJuGwAGY3YuN/C2pv2Xt3laPRhActgYQ8oG/i5O55U+qW2vd9JVtT+dr
MQEesgHlLgCkzq1SayfT5NYEnbAgfFEFif2gd3pWZxlNciIINRGNrfL/ZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP1+cTr8beRLzgEtLdTUWkFDlxUHMB8GA1UdIwQY
MBaAFJHX7PFxQrOwk1+ON7j32cJT8O4ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9iMDhlNmUtMDgyMi00MjI0LTk1NGIt
YTZiMWFkMzRlMDhjLzEva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9iMDhlNmUtMDgyMi00MjI0LTk1NGItYTZiMWFkMzRlMDhj
LzEva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbTaYjwqK
1YIyyuOlKfFrKL37TIfZA1kQVNvkqAAw+0EO0j+F1QMkMmze1KBgCaiSqLhsP60G
jC2IxpCAadTuzuhY8a5RpceeASnjnVsBgnyL1lvBj8ViCz3ZkRD18bvyRXueZWuX
veZKzMw8o6lOTDra9ddKOo2iiPooGEakaiVe2HqdjNGFjlCwNMDjos+twYOaAhuD
TFN/xG1n9PZaO7GLPdLTJQoLEj0KQplyJ8pohs/VzRPMa7gGngQ8j4/c+af0c6VH
P7WBUxjhE9PvpkDrbahkHiE+Cfq/wa2k/vzGdEjy86doLGgnkZKLI+LRsBr1Sb4H
728TF774xAo/Sg==
-----END CERTIFICATE-----
Generated at Mon Oct 27 12:01:45 2025 by rpki-client