Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/d900b3-5462-4eb4-9c90-0e0377d4e6d6/1/kRAQDzzHh9YxUwPLf8iNniXlbqg.mft
File: kRAQDzzHh9YxUwPLf8iNniXlbqg.mft (raw, json)
Hash identifier: rPp/04M8sKUBMFK8UDdYi6atCyYtA0P7HB+kRJZOnq8=
Subject key identifier: D1:E0:0F:AF:86:7A:9C:CE:3E:9A:15:83:14:82:9D:DD:8B:B3:36:CF
Authority key identifier: 91:10:10:0F:3C:C7:87:D6:31:53:03:CB:7F:C8:8D:9E:25:E5:6E:A8
Certificate issuer: /CN=9110100f3cc787d6315303cb7fc88d9e25e56ea8
Certificate serial: 019A71B86A06CBC8536E5C41FBE78BAD9F08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kRAQDzzHh9YxUwPLf8iNniXlbqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/d900b3-5462-4eb4-9c90-0e0377d4e6d6/1/kRAQDzzHh9YxUwPLf8iNniXlbqg.mft
Manifest number: 0B33
Signing time: Tue 11 Nov 2025 07:01:42 +0000
Manifest this update: Tue 11 Nov 2025 07:01:42 +0000
Manifest next update: Wed 12 Nov 2025 07:01:42 +0000
Files and hashes: 1: bRhGJqv0p8mJ4Y5Zi3hw3lkQdsk.roa (hash: z2JalsCXdVTGdLdK888EdCX/YOon+kmiEVhkkUSf3/w=)
2: kRAQDzzHh9YxUwPLf8iNniXlbqg.crl (hash: MBOc+rWpx8QaF9w3z5w1SuBbTD2p+N5/HLY/nT2AlrA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/d900b3-5462-4eb4-9c90-0e0377d4e6d6/1/kRAQDzzHh9YxUwPLf8iNniXlbqg.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/d900b3-5462-4eb4-9c90-0e0377d4e6d6/1/kRAQDzzHh9YxUwPLf8iNniXlbqg.mft
rsync://rpki.ripe.net/repository/DEFAULT/kRAQDzzHh9YxUwPLf8iNniXlbqg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:6a:06:cb:c8:53:6e:5c:41:fb:e7:8b:ad:9f:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9110100f3cc787d6315303cb7fc88d9e25e56ea8
Validity
Not Before: Nov 11 07:01:42 2025 GMT
Not After : Nov 12 07:01:42 2025 GMT
Subject: CN=d1e00faf867a9cce3e9a158314829ddd8bb336cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:89:f3:a7:68:b2:ab:4e:d2:9f:1e:0f:1a:ed:
f4:01:aa:97:27:c3:b6:cc:52:09:4d:53:88:4e:b1:
f8:62:d2:66:19:b0:0f:7a:7a:9c:ac:ea:61:f7:3a:
eb:0c:f1:a3:55:e4:c7:25:76:24:07:8c:c5:bc:03:
2f:64:f5:9b:49:fb:aa:c8:fe:78:5f:aa:31:19:e0:
d5:29:e5:96:ef:47:7c:0a:47:76:dd:bf:32:bc:4e:
e5:97:ca:ca:c9:db:ec:bb:38:ec:c6:8f:57:78:ea:
21:87:0d:7d:51:95:d8:2a:fa:11:af:c0:51:39:de:
0c:8f:1b:0a:d7:d9:69:db:a2:f8:46:f0:d8:3b:aa:
77:28:99:11:6d:71:b6:e6:9b:43:f9:fb:e5:96:60:
09:13:6e:ad:de:be:d5:d3:ac:43:19:ff:dc:e2:9c:
68:84:68:75:10:40:91:d4:ff:1f:c5:d8:be:60:ea:
1a:9d:95:67:ee:cd:44:b3:30:5b:33:f7:ff:59:a7:
25:92:0a:e1:70:b7:d7:9c:b2:8c:33:59:92:ab:9a:
e7:89:3b:4e:e4:24:3c:99:ed:68:ae:2e:89:94:34:
e1:dd:13:5c:03:46:20:e9:5a:60:0b:7d:bc:08:4d:
98:f3:d1:81:58:46:9a:61:f6:e8:86:07:c3:e5:48:
74:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:E0:0F:AF:86:7A:9C:CE:3E:9A:15:83:14:82:9D:DD:8B:B3:36:CF
X509v3 Authority Key Identifier:
keyid:91:10:10:0F:3C:C7:87:D6:31:53:03:CB:7F:C8:8D:9E:25:E5:6E:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kRAQDzzHh9YxUwPLf8iNniXlbqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d900b3-5462-4eb4-9c90-0e0377d4e6d6/1/kRAQDzzHh9YxUwPLf8iNniXlbqg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d900b3-5462-4eb4-9c90-0e0377d4e6d6/1/kRAQDzzHh9YxUwPLf8iNniXlbqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2d:53:0a:65:65:44:2a:dc:05:96:a3:0e:6e:a1:76:b4:ba:38:
23:2e:4b:f4:19:b9:3a:32:aa:86:c6:ac:96:1f:b3:b5:0a:32:
83:76:72:59:d5:34:19:6c:de:40:d4:c2:e1:87:63:08:29:91:
dc:8f:3b:6f:7a:72:ca:d4:8b:79:7d:52:eb:66:76:14:da:bc:
de:0d:fa:ab:d9:14:97:7e:87:66:3f:5a:9b:d9:99:6d:fc:3d:
b0:99:05:2f:75:b7:f5:49:1f:9d:6f:c2:d8:1d:b8:93:3d:04:
67:7f:db:06:77:2b:07:31:25:0e:ce:54:a9:50:be:e1:b9:e3:
71:c4:67:8a:7e:a9:a2:58:40:c8:0e:8a:d8:d4:cd:01:4b:66:
fc:5e:c1:76:ae:54:14:74:e8:a5:2d:b2:96:f0:7f:b8:f4:03:
37:f0:6f:31:b7:42:25:1c:5b:72:45:16:c5:37:98:af:b3:d0:
15:62:31:e3:06:02:75:e7:ef:7f:65:88:e4:0b:d8:c9:53:4c:
42:21:b2:34:5e:0e:d3:7d:7f:64:77:57:53:e9:95:9f:bc:82:
89:ab:49:34:33:91:53:46:f5:27:68:61:0b:56:48:d1:c5:83:
48:72:6d:6b:1e:7b:ac:d5:e9:1b:af:81:12:39:b3:aa:c5:54:
8e:48:cb:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuGoGy8hTblxB++eLrZ8IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMTAxMDBmM2NjNzg3ZDYzMTUzMDNjYjdmYzg4ZDllMjVl
NTZlYTgwHhcNMjUxMTExMDcwMTQyWhcNMjUxMTEyMDcwMTQyWjAzMTEwLwYDVQQD
EyhkMWUwMGZhZjg2N2E5Y2NlM2U5YTE1ODMxNDgyOWRkZDhiYjMzNmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqonzp2iyq07Snx4PGu30AaqXJ8O2
zFIJTVOITrH4YtJmGbAPenqcrOph9zrrDPGjVeTHJXYkB4zFvAMvZPWbSfuqyP54
X6oxGeDVKeWW70d8Ckd23b8yvE7ll8rKydvsuzjsxo9XeOohhw19UZXYKvoRr8BR
Od4MjxsK19lp26L4RvDYO6p3KJkRbXG25ptD+fvllmAJE26t3r7V06xDGf/c4pxo
hGh1EECR1P8fxdi+YOoanZVn7s1EszBbM/f/WaclkgrhcLfXnLKMM1mSq5rniTtO
5CQ8me1ori6JlDTh3RNcA0Yg6VpgC328CE2Y89GBWEaaYfbohgfD5Uh0rQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNHgD6+GepzOPpoVgxSCnd2LszbPMB8GA1UdIwQY
MBaAFJEQEA88x4fWMVMDy3/IjZ4l5W6oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1JBUUR6ekhoOVl4VXdQTGY4aU5uaVhsYnFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9kOTAwYjMtNTQ2Mi00ZWI0LTljOTAt
MGUwMzc3ZDRlNmQ2LzEva1JBUUR6ekhoOVl4VXdQTGY4aU5uaVhsYnFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9kOTAwYjMtNTQ2Mi00ZWI0LTljOTAtMGUwMzc3ZDRlNmQ2
LzEva1JBUUR6ekhoOVl4VXdQTGY4aU5uaVhsYnFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALVMKZWVE
KtwFlqMObqF2tLo4Iy5L9Bm5OjKqhsaslh+ztQoyg3ZyWdU0GWzeQNTC4YdjCCmR
3I87b3pyytSLeX1S62Z2FNq83g36q9kUl36HZj9am9mZbfw9sJkFL3W39UkfnW/C
2B24kz0EZ3/bBncrBzElDs5UqVC+4bnjccRnin6polhAyA6K2NTNAUtm/F7Bdq5U
FHTopS2ylvB/uPQDN/BvMbdCJRxbckUWxTeYr7PQFWIx4wYCdefvf2WI5AvYyVNM
QiGyNF4O031/ZHdXU+mVn7yCiatJNDORU0b1J2hhC1ZI0cWDSHJtax57rNXpG6+B
EjmzqsVUjkjLAg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:51:01 2025 by rpki-client