Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
File: KRKNnU8aVulw-HRtaCesESD5Jmc.mft (raw, json)
Hash identifier: 2JRsAwZnUwSSoPF3/9KpHrnAqBnsjDj+mP390jXzRbg=
Subject key identifier: 99:7E:F9:D5:FA:E6:45:C3:12:D4:2C:3A:6B:F8:A5:E3:80:D9:01:51
Authority key identifier: 29:12:8D:9D:4F:1A:56:E9:70:F8:74:6D:68:27:AC:11:20:F9:26:67
Certificate issuer: /CN=29128d9d4f1a56e970f8746d6827ac1120f92667
Certificate serial: 019A733804506E15A3A7F3A94B7D8FE4F53C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
Manifest number: 0225
Signing time: Tue 11 Nov 2025 14:00:42 +0000
Manifest this update: Tue 11 Nov 2025 14:00:42 +0000
Manifest next update: Wed 12 Nov 2025 14:00:42 +0000
Files and hashes: 1: F89K3Q0XwdNsBMWEF-9n8HX8seQ.roa (hash: k36l/8lxtcKwAJTjrdDRO46ly7DD3aRm+mH7GwvYLjg=)
2: KRKNnU8aVulw-HRtaCesESD5Jmc.crl (hash: GCWhhLXOQSHd9Ygc8fFbY9SYdcrA4+taII3QJbP85MM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:38:04:50:6e:15:a3:a7:f3:a9:4b:7d:8f:e4:f5:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29128d9d4f1a56e970f8746d6827ac1120f92667
Validity
Not Before: Nov 11 14:00:42 2025 GMT
Not After : Nov 12 14:00:42 2025 GMT
Subject: CN=997ef9d5fae645c312d42c3a6bf8a5e380d90151
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c7:6c:33:6b:a1:47:1e:4c:53:19:b5:35:40:
49:35:b2:6b:0f:b7:7d:30:8a:2d:56:d2:0e:ad:33:
f3:db:09:aa:78:9a:c9:a4:da:61:d7:e5:d0:69:ba:
19:77:34:9c:1c:e3:2b:1a:c1:06:e9:7c:92:04:e4:
d0:19:67:af:64:d0:21:3f:2c:77:90:c2:62:2d:59:
c5:58:ee:c1:85:7c:c3:24:69:91:94:67:60:34:f9:
6c:58:69:7d:90:96:43:22:3c:84:db:16:5a:48:bc:
0d:ab:7a:88:96:40:56:40:f9:ce:74:96:a3:0b:ac:
f1:c7:ec:1e:56:fc:96:f2:8c:e6:8a:a5:0c:ba:1f:
bb:ef:1d:54:3e:c1:d2:2b:1b:e8:2a:74:3c:4c:cc:
46:74:8c:24:64:30:66:08:61:50:17:b7:cf:8f:ba:
e2:48:a1:8f:42:6d:f8:eb:f5:7f:42:10:be:df:57:
6b:11:f2:e4:16:58:70:0b:ea:2c:57:ba:10:c8:72:
25:2b:2e:b0:40:fa:8b:9b:0a:d4:cd:fb:76:b4:16:
69:0b:2e:ef:0c:2d:02:54:f9:c7:49:59:06:71:48:
c0:2f:b4:8f:15:f7:57:c9:c3:a8:27:21:84:67:12:
52:af:68:77:06:9e:18:73:78:38:dd:7e:4e:51:cf:
0c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:7E:F9:D5:FA:E6:45:C3:12:D4:2C:3A:6B:F8:A5:E3:80:D9:01:51
X509v3 Authority Key Identifier:
keyid:29:12:8D:9D:4F:1A:56:E9:70:F8:74:6D:68:27:AC:11:20:F9:26:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a1:2f:84:50:17:f8:26:e6:1d:7f:15:40:95:1a:d1:f6:15:39:
ff:3b:42:d9:c8:91:d8:81:37:85:04:b5:a2:1a:f8:87:29:d9:
0e:f4:e9:e7:6b:1e:ee:80:eb:ea:ac:f3:a3:29:87:74:c1:8e:
63:4f:c5:34:e6:54:7e:b9:27:33:df:e9:ab:68:5d:dd:b0:9f:
df:8e:a9:f4:10:e9:d8:a1:05:43:77:55:68:87:7f:17:a3:21:
a7:52:1d:1f:d0:ec:ab:e3:b4:20:4b:90:d5:02:fa:8d:d4:85:
81:ac:cb:19:34:fa:16:dd:2c:6b:3d:65:a7:c6:9b:97:04:04:
68:ef:59:dd:db:e3:31:0e:c2:89:05:e0:65:02:be:b9:88:70:
00:e8:94:d0:04:a8:62:7f:1c:5a:9c:d1:59:5f:30:22:d6:c7:
be:a0:c6:28:40:05:18:7f:9d:7d:07:84:e8:15:c5:74:d0:e3:
5c:1d:df:b4:64:ff:42:ea:7a:bd:56:1a:93:61:2e:5f:c0:89:
c1:c4:da:78:2c:63:2a:5d:96:e5:fc:94:6d:9c:a6:70:9f:b4:
14:96:30:2b:f8:c5:8f:59:d8:0d:0d:20:2b:eb:a2:2c:33:07:
07:53:8a:c0:08:1f:5b:b6:28:1f:2d:d6:df:b5:62:c1:cd:ad:
cb:16:99:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzOARQbhWjp/OpS32P5PU8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MTI4ZDlkNGYxYTU2ZTk3MGY4NzQ2ZDY4MjdhYzExMjBm
OTI2NjcwHhcNMjUxMTExMTQwMDQyWhcNMjUxMTEyMTQwMDQyWjAzMTEwLwYDVQQD
Eyg5OTdlZjlkNWZhZTY0NWMzMTJkNDJjM2E2YmY4YTVlMzgwZDkwMTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8dsM2uhRx5MUxm1NUBJNbJrD7d9
MIotVtIOrTPz2wmqeJrJpNph1+XQaboZdzScHOMrGsEG6XySBOTQGWevZNAhPyx3
kMJiLVnFWO7BhXzDJGmRlGdgNPlsWGl9kJZDIjyE2xZaSLwNq3qIlkBWQPnOdJaj
C6zxx+weVvyW8ozmiqUMuh+77x1UPsHSKxvoKnQ8TMxGdIwkZDBmCGFQF7fPj7ri
SKGPQm346/V/QhC+31drEfLkFlhwC+osV7oQyHIlKy6wQPqLmwrUzft2tBZpCy7v
DC0CVPnHSVkGcUjAL7SPFfdXycOoJyGEZxJSr2h3Bp4Yc3g43X5OUc8MCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJl++dX65kXDEtQsOmv4peOA2QFRMB8GA1UdIwQY
MBaAFCkSjZ1PGlbpcPh0bWgnrBEg+SZnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8xMTQ3N2MtODQ1Mi00YWJiLTkxNDct
ZjBiMDljMGM5MGM3LzEvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8xMTQ3N2MtODQ1Mi00YWJiLTkxNDctZjBiMDljMGM5MGM3
LzEvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoS+EUBf4
JuYdfxVAlRrR9hU5/ztC2ciR2IE3hQS1ohr4hynZDvTp52se7oDr6qzzoymHdMGO
Y0/FNOZUfrknM9/pq2hd3bCf346p9BDp2KEFQ3dVaId/F6Mhp1IdH9Dsq+O0IEuQ
1QL6jdSFgazLGTT6Ft0saz1lp8ablwQEaO9Z3dvjMQ7CiQXgZQK+uYhwAOiU0ASo
Yn8cWpzRWV8wItbHvqDGKEAFGH+dfQeE6BXFdNDjXB3ftGT/Qup6vVYak2EuX8CJ
wcTaeCxjKl2W5fyUbZymcJ+0FJYwK/jFj1nYDQ0gK+uiLDMHB1OKwAgfW7YoHy3W
37Viwc2tyxaZnw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 18:36:42 2025 by rpki-client