Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
File: KRKNnU8aVulw-HRtaCesESD5Jmc.mft (raw, json)
Hash identifier: FiRXNwySRzk8h/ZToit4AAG9jvyzw5bYrJwIX9jcsBc=
Subject key identifier: F5:BB:ED:DC:87:2B:21:F1:97:49:DA:7A:95:E2:6E:ED:AE:8E:70:9B
Authority key identifier: 29:12:8D:9D:4F:1A:56:E9:70:F8:74:6D:68:27:AC:11:20:F9:26:67
Certificate issuer: /CN=29128d9d4f1a56e970f8746d6827ac1120f92667
Certificate serial: 01992CD91620C28ED3D7F0589A1D678774FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
Manifest number: 017C
Signing time: Tue 09 Sep 2025 05:00:48 +0000
Manifest this update: Tue 09 Sep 2025 05:00:48 +0000
Manifest next update: Wed 10 Sep 2025 05:00:48 +0000
Files and hashes: 1: F89K3Q0XwdNsBMWEF-9n8HX8seQ.roa (hash: k36l/8lxtcKwAJTjrdDRO46ly7DD3aRm+mH7GwvYLjg=)
2: KRKNnU8aVulw-HRtaCesESD5Jmc.crl (hash: 7H5E/Bc48naiUfK9nkt1O0diuwEWstZM5vPvXGqVgFo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 05:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2c:d9:16:20:c2:8e:d3:d7:f0:58:9a:1d:67:87:74:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29128d9d4f1a56e970f8746d6827ac1120f92667
Validity
Not Before: Sep 9 05:00:48 2025 GMT
Not After : Sep 10 05:00:48 2025 GMT
Subject: CN=f5bbeddc872b21f19749da7a95e26eedae8e709b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:34:94:8b:6b:23:f6:55:9b:ba:37:58:d3:b2:
f3:c0:b8:66:62:92:d7:28:de:c0:49:f9:72:77:5b:
54:08:45:74:1c:f2:ed:85:9b:96:48:e0:99:93:15:
2f:8f:6d:7b:ce:e6:8e:a5:d7:4f:46:6a:45:64:34:
20:8f:1d:48:13:6b:b1:bc:a5:4e:3a:e6:18:e7:aa:
17:c0:f4:41:43:8d:4a:68:56:ff:ee:c2:c2:05:9b:
5e:03:b8:44:8c:fd:b6:91:d8:f3:b1:b3:c1:bc:98:
2e:ba:db:63:28:6b:6e:c3:4c:97:c4:ae:0f:f5:c0:
99:9b:87:9b:f8:3f:1b:4a:b5:ce:2b:d3:21:6c:b4:
54:bb:b2:b3:6e:02:15:71:05:ff:3c:28:65:bb:64:
48:9c:d7:63:0c:8f:bf:8d:fc:eb:26:45:cd:6f:5d:
d7:15:67:ca:36:ac:71:99:ee:59:3d:e5:67:0e:c3:
a4:f5:7f:e3:1f:ea:17:83:8a:05:56:76:bc:d2:d9:
86:94:63:3b:39:b5:ba:4e:78:d3:a3:ea:83:2a:72:
c4:49:43:4e:e9:87:67:4c:54:6f:a3:7a:bb:23:35:
03:4a:7e:df:29:27:83:51:b9:97:6d:9f:66:01:83:
5b:ea:99:ed:e0:04:49:46:f4:34:b8:71:37:22:7d:
d2:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:BB:ED:DC:87:2B:21:F1:97:49:DA:7A:95:E2:6E:ED:AE:8E:70:9B
X509v3 Authority Key Identifier:
keyid:29:12:8D:9D:4F:1A:56:E9:70:F8:74:6D:68:27:AC:11:20:F9:26:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
15:47:d2:5c:fd:30:ae:4c:ee:0a:07:ab:9a:9e:71:1b:8a:13:
72:0c:46:0c:7d:67:a9:4f:f7:2e:ef:3f:fa:78:59:06:8e:46:
06:48:19:d0:3a:99:8d:0c:1e:15:ac:d7:40:24:5c:87:d2:b1:
8d:9b:62:3b:ac:63:43:1c:44:b9:f0:45:e0:8d:50:7a:f5:03:
01:7c:7b:28:9c:be:17:82:63:e1:01:e3:af:eb:67:25:da:5a:
48:27:30:c3:cb:d5:35:8f:d1:71:4f:3f:e8:82:eb:ea:2a:8b:
83:bb:ee:c9:20:23:a7:43:1e:51:f2:69:ff:33:4b:ae:07:48:
e7:4a:4c:32:14:ce:03:69:ea:1a:40:d4:71:65:cc:a5:40:71:
b0:bf:47:9a:be:50:d1:22:1c:ed:78:94:8a:ad:9b:ff:f1:8b:
8a:77:b4:33:34:b4:73:5a:cb:71:9d:11:e5:44:11:88:22:35:
be:ab:f6:92:22:0a:48:18:9f:ab:73:3d:79:97:82:04:7e:d3:
c8:e6:96:56:e2:ee:3b:ad:11:9c:0f:7e:40:08:85:be:c8:7d:
47:7a:51:aa:2c:19:79:fb:87:f1:d7:f9:3e:a9:c8:f6:ef:7d:
e8:1f:1a:1b:05:7a:d9:00:fa:2b:9e:15:e2:4b:ee:dc:c9:9d:
a3:25:ac:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZks2RYgwo7T1/BYmh1nh3T7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MTI4ZDlkNGYxYTU2ZTk3MGY4NzQ2ZDY4MjdhYzExMjBm
OTI2NjcwHhcNMjUwOTA5MDUwMDQ4WhcNMjUwOTEwMDUwMDQ4WjAzMTEwLwYDVQQD
EyhmNWJiZWRkYzg3MmIyMWYxOTc0OWRhN2E5NWUyNmVlZGFlOGU3MDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2jSUi2sj9lWbujdY07LzwLhmYpLX
KN7ASflyd1tUCEV0HPLthZuWSOCZkxUvj217zuaOpddPRmpFZDQgjx1IE2uxvKVO
OuYY56oXwPRBQ41KaFb/7sLCBZteA7hEjP22kdjzsbPBvJguuttjKGtuw0yXxK4P
9cCZm4eb+D8bSrXOK9MhbLRUu7KzbgIVcQX/PChlu2RInNdjDI+/jfzrJkXNb13X
FWfKNqxxme5ZPeVnDsOk9X/jH+oXg4oFVna80tmGlGM7ObW6TnjTo+qDKnLESUNO
6YdnTFRvo3q7IzUDSn7fKSeDUbmXbZ9mAYNb6pnt4ARJRvQ0uHE3In3SLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPW77dyHKyHxl0naepXibu2ujnCbMB8GA1UdIwQY
MBaAFCkSjZ1PGlbpcPh0bWgnrBEg+SZnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8xMTQ3N2MtODQ1Mi00YWJiLTkxNDct
ZjBiMDljMGM5MGM3LzEvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8xMTQ3N2MtODQ1Mi00YWJiLTkxNDctZjBiMDljMGM5MGM3
LzEvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFUfSXP0w
rkzuCgermp5xG4oTcgxGDH1nqU/3Lu8/+nhZBo5GBkgZ0DqZjQweFazXQCRch9Kx
jZtiO6xjQxxEufBF4I1QevUDAXx7KJy+F4Jj4QHjr+tnJdpaSCcww8vVNY/RcU8/
6ILr6iqLg7vuySAjp0MeUfJp/zNLrgdI50pMMhTOA2nqGkDUcWXMpUBxsL9Hmr5Q
0SIc7XiUiq2b//GLine0MzS0c1rLcZ0R5UQRiCI1vqv2kiIKSBifq3M9eZeCBH7T
yOaWVuLuO60RnA9+QAiFvsh9R3pRqiwZefuH8df5PqnI9u996B8aGwV62QD6K54V
4kvu3MmdoyWs/g==
-----END CERTIFICATE-----
Generated at Tue Sep 9 13:45:31 2025 by rpki-client