Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9d56a3-4417-4940-baa2-9e962cd9dd82/1/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.mft
File: kb1Yg8gq7SX-8bGNcNAhWwf3J9g.mft (raw, json)
Hash identifier: 4rx/MyDwt7iRvPToZUXnQb9vQjPMfgdXAEuxkzIKoB4=
Subject key identifier: A5:40:FC:78:61:C8:CE:BD:28:C6:79:27:5C:A3:E7:03:97:BD:37:80
Authority key identifier: 91:BD:58:83:C8:2A:ED:25:FE:F1:B1:8D:70:D0:21:5B:07:F7:27:D8
Certificate issuer: /CN=91bd5883c82aed25fef1b18d70d0215b07f727d8
Certificate serial: 019A70A5176F1A09DB784A13DA0BA6FE76EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9d56a3-4417-4940-baa2-9e962cd9dd82/1/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.mft
Manifest number: 0246
Signing time: Tue 11 Nov 2025 02:00:58 +0000
Manifest this update: Tue 11 Nov 2025 02:00:58 +0000
Manifest next update: Wed 12 Nov 2025 02:00:58 +0000
Files and hashes: 1: N05LSOD5G7OCVr2R2Lk3Qm3IMnc.roa (hash: 2FUijApprdSPC+yt20CbCF23SFHyPUM/peKf0m3x+RA=)
2: kb1Yg8gq7SX-8bGNcNAhWwf3J9g.crl (hash: w4679fp8BpbXgSHJmnNC2UXd4qp7k4h4PFlK3BnU3LM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/9d56a3-4417-4940-baa2-9e962cd9dd82/1/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/9d56a3-4417-4940-baa2-9e962cd9dd82/1/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 02:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:a5:17:6f:1a:09:db:78:4a:13:da:0b:a6:fe:76:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91bd5883c82aed25fef1b18d70d0215b07f727d8
Validity
Not Before: Nov 11 02:00:58 2025 GMT
Not After : Nov 12 02:00:58 2025 GMT
Subject: CN=a540fc7861c8cebd28c679275ca3e70397bd3780
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a2:4d:1c:19:93:23:76:53:ac:d5:df:7e:7e:
8c:60:9d:7f:a3:36:51:5f:da:4b:0b:b2:fd:f1:7f:
16:56:2c:bf:01:4b:7e:02:75:62:a3:51:01:f8:99:
be:f3:a2:37:08:95:4b:d0:2c:a7:6c:d9:7f:52:8a:
cc:5a:ba:f2:37:59:43:75:d0:c0:31:80:28:94:36:
52:a8:ab:0a:26:79:95:fa:4f:72:20:38:40:e2:fa:
7a:c4:86:73:d9:19:85:e6:d0:95:42:f6:82:78:71:
63:80:d9:d0:69:5f:dd:6d:57:d5:c2:b3:d2:9c:d2:
1d:34:a2:fc:2a:24:d1:45:97:0a:0f:a2:5a:7e:a1:
dc:bf:70:c9:19:81:55:b7:a9:f5:d8:71:80:25:69:
6d:7a:42:a2:5e:1a:81:65:a7:a9:bb:96:67:cc:d2:
ed:47:c9:7f:71:5e:ef:7b:55:60:c6:ec:1f:3e:df:
31:fb:11:88:e1:3f:c4:47:68:67:09:0d:cd:7d:41:
9d:12:c7:04:68:58:16:12:a2:cb:a4:dc:ab:46:f5:
ac:4e:0e:9f:43:aa:91:31:82:9d:14:e7:5c:dd:60:
88:50:7e:74:38:4b:40:c7:3a:9a:90:58:c3:85:91:
93:c5:b0:a7:cf:9d:34:25:fb:2a:f4:ec:8f:50:7f:
f6:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:40:FC:78:61:C8:CE:BD:28:C6:79:27:5C:A3:E7:03:97:BD:37:80
X509v3 Authority Key Identifier:
keyid:91:BD:58:83:C8:2A:ED:25:FE:F1:B1:8D:70:D0:21:5B:07:F7:27:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9d56a3-4417-4940-baa2-9e962cd9dd82/1/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9d56a3-4417-4940-baa2-9e962cd9dd82/1/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
75:be:f1:83:25:3d:ae:e2:58:07:12:8d:a3:4a:bd:22:17:0d:
25:3b:7f:34:25:a1:c6:85:89:6e:74:39:67:40:e6:6d:30:bc:
20:e3:08:02:cf:5d:f4:b3:d9:e8:fb:0b:34:0a:95:ac:e8:d7:
17:6e:47:42:39:37:c7:fb:6c:83:c1:56:9f:4c:58:18:9a:87:
03:2e:cd:33:94:22:2e:fd:32:f5:3d:40:2c:4f:b1:bd:2e:46:
a5:e4:ed:48:46:b5:ed:9b:f6:3a:7a:2b:4e:be:c0:1f:23:50:
6c:17:e1:32:3d:5b:7b:11:c9:3e:db:86:ea:70:aa:57:2c:1c:
6f:14:0d:72:e4:5c:ac:20:94:8d:a1:61:b4:7e:44:b9:5d:dc:
14:75:0e:9f:0e:a5:11:0b:74:d6:94:dc:55:e2:13:79:c9:d2:
35:79:6a:71:92:d5:ec:97:7c:6e:98:71:1e:96:34:aa:09:19:
4f:98:43:ff:cf:b2:29:d4:54:0f:2b:b1:b8:ec:3d:8b:00:87:
e1:a7:94:06:f0:47:0a:3a:2d:0c:62:15:98:c0:7b:c1:c7:b1:
60:38:a9:9c:4f:98:48:29:9c:1f:e2:fb:86:4b:7a:e7:fb:ac:
7d:87:90:0c:52:96:61:13:ff:d6:7a:f1:03:6f:b1:b2:11:fe:
dc:ac:b4:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpRdvGgnbeEoT2gum/nbsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYmQ1ODgzYzgyYWVkMjVmZWYxYjE4ZDcwZDAyMTViMDdm
NzI3ZDgwHhcNMjUxMTExMDIwMDU4WhcNMjUxMTEyMDIwMDU4WjAzMTEwLwYDVQQD
EyhhNTQwZmM3ODYxYzhjZWJkMjhjNjc5Mjc1Y2EzZTcwMzk3YmQzNzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqJNHBmTI3ZTrNXffn6MYJ1/ozZR
X9pLC7L98X8WViy/AUt+AnVio1EB+Jm+86I3CJVL0CynbNl/UorMWrryN1lDddDA
MYAolDZSqKsKJnmV+k9yIDhA4vp6xIZz2RmF5tCVQvaCeHFjgNnQaV/dbVfVwrPS
nNIdNKL8KiTRRZcKD6JafqHcv3DJGYFVt6n12HGAJWltekKiXhqBZaepu5ZnzNLt
R8l/cV7ve1VgxuwfPt8x+xGI4T/ER2hnCQ3NfUGdEscEaFgWEqLLpNyrRvWsTg6f
Q6qRMYKdFOdc3WCIUH50OEtAxzqakFjDhZGTxbCnz500Jfsq9OyPUH/2uQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKVA/HhhyM69KMZ5J1yj5wOXvTeAMB8GA1UdIwQY
MBaAFJG9WIPIKu0l/vGxjXDQIVsH9yfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2IxWWc4Z3E3U1gtOGJHTmNOQWhXd2YzSjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85ZDU2YTMtNDQxNy00OTQwLWJhYTIt
OWU5NjJjZDlkZDgyLzEva2IxWWc4Z3E3U1gtOGJHTmNOQWhXd2YzSjlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85ZDU2YTMtNDQxNy00OTQwLWJhYTItOWU5NjJjZDlkZDgy
LzEva2IxWWc4Z3E3U1gtOGJHTmNOQWhXd2YzSjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdb7xgyU9
ruJYBxKNo0q9IhcNJTt/NCWhxoWJbnQ5Z0DmbTC8IOMIAs9d9LPZ6PsLNAqVrOjX
F25HQjk3x/tsg8FWn0xYGJqHAy7NM5QiLv0y9T1ALE+xvS5GpeTtSEa17Zv2Onor
Tr7AHyNQbBfhMj1bexHJPtuG6nCqVywcbxQNcuRcrCCUjaFhtH5EuV3cFHUOnw6l
EQt01pTcVeITecnSNXlqcZLV7Jd8bphxHpY0qgkZT5hD/8+yKdRUDyuxuOw9iwCH
4aeUBvBHCjotDGIVmMB7wcexYDipnE+YSCmcH+L7hkt65/usfYeQDFKWYRP/1nrx
A2+xshH+3Ky0QA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:33:55 2025 by rpki-client