Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft
File: KeoL3n9pK8X9wLFoumFKAnLy5k0.mft (raw, json)
Hash identifier: WZCGHzRjssiJt2qN5/csuMyPCeVwKZZvQ6DzdNreqCI=
Subject key identifier: 22:2F:46:7B:5A:9C:39:4C:5B:C4:17:56:6B:57:0F:85:E3:C5:EC:77
Authority key identifier: 29:EA:0B:DE:7F:69:2B:C5:FD:C0:B1:68:BA:61:4A:02:72:F2:E6:4D
Certificate issuer: /CN=29ea0bde7f692bc5fdc0b168ba614a0272f2e64d
Certificate serial: 019A1EAD0482459540F941880D0232FBC836
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KeoL3n9pK8X9wLFoumFKAnLy5k0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft
Manifest number: 0D5F
Signing time: Sun 26 Oct 2025 04:00:46 +0000
Manifest this update: Sun 26 Oct 2025 04:00:46 +0000
Manifest next update: Mon 27 Oct 2025 04:00:46 +0000
Files and hashes: 1: 9cEvXYVcBJeRVXoK10hhOCyNhJY.roa (hash: ihTe2JjgXGvlLA7K+HxYQQd7iWcLoXsDNyag9kYHBGk=)
2: KeoL3n9pK8X9wLFoumFKAnLy5k0.crl (hash: ZsSDvR2rosKntvYFy59QTxZ6vev8EHydViIbXiHQo5g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft
rsync://rpki.ripe.net/repository/DEFAULT/KeoL3n9pK8X9wLFoumFKAnLy5k0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 03:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:1e:ad:04:82:45:95:40:f9:41:88:0d:02:32:fb:c8:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29ea0bde7f692bc5fdc0b168ba614a0272f2e64d
Validity
Not Before: Oct 26 04:00:46 2025 GMT
Not After : Oct 27 04:00:46 2025 GMT
Subject: CN=222f467b5a9c394c5bc417566b570f85e3c5ec77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:91:98:7b:db:fe:06:17:95:1f:c1:5a:e0:6d:
bf:35:0f:db:d1:5b:70:35:43:7c:ba:73:fd:22:d5:
78:3b:5c:08:0d:28:15:bc:b1:87:84:d2:5f:7c:1a:
24:94:fb:fc:70:24:2f:56:80:7e:c6:31:61:0f:b5:
b4:cc:34:8f:d0:eb:c0:9f:2a:03:1c:d5:37:93:f8:
78:6e:be:23:20:7f:99:13:2c:27:7d:63:21:7e:f4:
f4:c9:18:f9:e6:98:60:ee:6e:a0:10:ff:f0:08:e3:
85:c4:98:5a:c4:4e:e6:9c:3a:f5:54:8a:77:68:f8:
5d:34:87:64:40:c1:d0:ca:47:c8:19:01:48:41:96:
42:57:64:2e:ab:cc:1c:b6:27:e5:70:db:b9:73:eb:
ca:25:3f:ca:61:0c:c6:be:97:ee:a8:4c:62:c4:a3:
bf:8e:02:55:e8:f5:75:c8:26:cb:ec:25:0d:53:28:
f2:d8:d2:6a:81:42:35:95:f6:85:b9:e7:d6:cc:67:
26:12:20:36:2f:bc:28:54:43:60:d3:50:24:e2:ca:
62:a3:7c:82:bc:91:fc:86:a2:06:2e:53:5d:3d:76:
1e:de:c2:31:4b:97:af:16:87:bb:85:28:3a:fb:e3:
7c:a0:d2:4e:d1:e9:97:1e:cf:3f:e7:a3:c9:92:4f:
56:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:2F:46:7B:5A:9C:39:4C:5B:C4:17:56:6B:57:0F:85:E3:C5:EC:77
X509v3 Authority Key Identifier:
keyid:29:EA:0B:DE:7F:69:2B:C5:FD:C0:B1:68:BA:61:4A:02:72:F2:E6:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KeoL3n9pK8X9wLFoumFKAnLy5k0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6d:14:e3:fe:7a:50:30:ab:c3:29:7b:1d:89:1b:89:b4:ac:ad:
ea:48:a1:66:b7:14:72:45:e6:89:0f:cf:03:e2:d6:7b:92:8a:
8e:cd:f2:c8:90:7e:4f:30:5a:82:a4:13:87:e7:ec:55:d5:c4:
ee:cd:8a:c3:d2:04:3b:bd:74:8d:65:cb:be:f7:56:3d:2b:44:
fa:44:7f:5b:36:bc:1c:0e:ea:14:e9:95:9c:43:31:ed:f7:2c:
6f:c9:e2:da:5e:d3:0c:30:74:1f:99:93:96:2c:a6:d2:34:db:
17:89:f5:b6:d9:27:b8:f5:e0:ab:8e:ff:9d:cb:a5:4b:11:90:
a8:79:98:4a:44:2e:1b:66:3f:3e:0b:00:7d:31:00:60:70:5d:
8c:dc:60:e9:d2:8d:ee:c4:e4:37:af:87:e8:f1:d3:25:6e:60:
62:70:6a:1a:34:72:34:c3:dc:e4:5f:23:59:87:47:17:59:3d:
21:ea:2d:7e:04:42:a1:ab:c7:5d:0d:23:90:05:d8:30:d7:71:
f3:db:d1:3b:bc:95:43:ca:b9:50:2b:b0:62:63:cb:da:47:f4:
c4:cb:d4:ff:7f:0f:04:f5:cd:d0:e7:09:24:eb:3a:1d:79:5a:
b8:af:74:f3:be:c0:a6:dc:98:b6:20:da:9d:23:f8:d2:61:95:
59:19:dc:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoerQSCRZVA+UGIDQIy+8g2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZWEwYmRlN2Y2OTJiYzVmZGMwYjE2OGJhNjE0YTAyNzJm
MmU2NGQwHhcNMjUxMDI2MDQwMDQ2WhcNMjUxMDI3MDQwMDQ2WjAzMTEwLwYDVQQD
EygyMjJmNDY3YjVhOWMzOTRjNWJjNDE3NTY2YjU3MGY4NWUzYzVlYzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJGYe9v+BheVH8Fa4G2/NQ/b0Vtw
NUN8unP9ItV4O1wIDSgVvLGHhNJffBoklPv8cCQvVoB+xjFhD7W0zDSP0OvAnyoD
HNU3k/h4br4jIH+ZEywnfWMhfvT0yRj55phg7m6gEP/wCOOFxJhaxE7mnDr1VIp3
aPhdNIdkQMHQykfIGQFIQZZCV2Quq8wctiflcNu5c+vKJT/KYQzGvpfuqExixKO/
jgJV6PV1yCbL7CUNUyjy2NJqgUI1lfaFuefWzGcmEiA2L7woVENg01Ak4spio3yC
vJH8hqIGLlNdPXYe3sIxS5evFoe7hSg6++N8oNJO0emXHs8/56PJkk9WeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCIvRntanDlMW8QXVmtXD4Xjxex3MB8GA1UdIwQY
MBaAFCnqC95/aSvF/cCxaLphSgJy8uZNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2VvTDNuOXBLOFg5d0xGb3VtRktBbkx5NWswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9kMmZmNWItMDAwOC00NTcyLTkzODAt
OTc2YzA0YmRmMThmLzEvS2VvTDNuOXBLOFg5d0xGb3VtRktBbkx5NWswLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9kMmZmNWItMDAwOC00NTcyLTkzODAtOTc2YzA0YmRmMThm
LzEvS2VvTDNuOXBLOFg5d0xGb3VtRktBbkx5NWswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbRTj/npQ
MKvDKXsdiRuJtKyt6kihZrcUckXmiQ/PA+LWe5KKjs3yyJB+TzBagqQTh+fsVdXE
7s2Kw9IEO710jWXLvvdWPStE+kR/Wza8HA7qFOmVnEMx7fcsb8ni2l7TDDB0H5mT
liym0jTbF4n1ttknuPXgq47/nculSxGQqHmYSkQuG2Y/PgsAfTEAYHBdjNxg6dKN
7sTkN6+H6PHTJW5gYnBqGjRyNMPc5F8jWYdHF1k9IeotfgRCoavHXQ0jkAXYMNdx
89vRO7yVQ8q5UCuwYmPL2kf0xMvU/38PBPXN0OcJJOs6HXlauK90877AptyYtiDa
nSP40mGVWRncCA==
-----END CERTIFICATE-----
Generated at Sun Oct 26 11:28:43 2025 by rpki-client