Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft
File: KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft (raw, json)
Hash identifier: Wyzj2K1ODiNAQ4bj9qG2AOXQb6GFXnPv/XH8qIvhu7Q=
Subject key identifier: 6B:EE:AC:9C:EB:26:2B:DB:FD:D5:8A:33:4A:A3:F8:D8:53:F6:F9:CC
Authority key identifier: 29:7A:42:29:71:4F:34:E2:9D:3D:92:B2:5F:7B:59:C7:48:F0:DF:C6
Certificate issuer: /CN=297a4229714f34e29d3d92b25f7b59c748f0dfc6
Certificate serial: 019A71B842AE9DA7D179B9DC8CB155EA0EBE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXpCKXFPNOKdPZKyX3tZx0jw38Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft
Manifest number: 09AD
Signing time: Tue 11 Nov 2025 07:01:32 +0000
Manifest this update: Tue 11 Nov 2025 07:01:32 +0000
Manifest next update: Wed 12 Nov 2025 07:01:32 +0000
Files and hashes: 1: IrS-qV3W0Ik-KE138sR-ycmjsj0.roa (hash: ZrhZqy7V3sNpl24EYUX1sc+YyDytYvN7JDm/U17ihTc=)
2: KXpCKXFPNOKdPZKyX3tZx0jw38Y.crl (hash: ILDhVvWtGFJ5EbUwS9eal64dNxUWQKyHy2t3CAH7aww=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/KXpCKXFPNOKdPZKyX3tZx0jw38Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:42:ae:9d:a7:d1:79:b9:dc:8c:b1:55:ea:0e:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297a4229714f34e29d3d92b25f7b59c748f0dfc6
Validity
Not Before: Nov 11 07:01:32 2025 GMT
Not After : Nov 12 07:01:32 2025 GMT
Subject: CN=6beeac9ceb262bdbfdd58a334aa3f8d853f6f9cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:14:78:c4:5c:ca:27:7f:81:0c:ac:7f:57:cd:
b7:04:43:d6:89:a7:b8:7b:54:f1:39:39:b5:80:41:
08:a2:2f:7f:c0:43:01:48:88:8e:b7:f8:cd:67:5c:
bc:8e:ae:6d:82:4e:09:93:14:cd:dd:67:a0:96:5d:
ee:1b:1f:b5:dd:a4:51:7d:8e:4f:25:e3:5c:c0:7a:
a7:70:c7:c4:d7:73:13:ea:d2:45:c4:74:1b:bc:f7:
d3:a2:4d:a1:64:00:0c:b7:9f:5a:5a:d7:d4:6c:ba:
c3:34:0e:d7:55:0a:af:12:41:c4:6e:1e:7d:f3:9c:
96:1d:2c:92:f0:36:ae:a1:6f:6c:7f:7b:3f:56:1a:
1d:43:28:ab:c3:30:34:66:e4:29:43:6d:a7:74:bf:
78:56:35:27:f1:50:51:a9:a2:09:9e:9d:e2:d4:9c:
99:69:6c:4d:29:6a:84:10:8c:88:68:3b:35:b2:95:
16:33:76:cf:78:9c:4b:4e:6a:41:af:6d:5d:6c:b7:
30:8e:b6:35:8d:73:63:4c:9e:d1:5f:48:2e:45:90:
9b:43:25:95:26:30:8b:9f:47:03:29:f1:98:c4:ed:
2c:6c:0f:a9:35:ba:48:bd:fb:f3:a6:f2:98:44:27:
d7:bf:7b:21:25:8d:2a:14:77:88:61:5a:94:b0:c1:
4d:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:EE:AC:9C:EB:26:2B:DB:FD:D5:8A:33:4A:A3:F8:D8:53:F6:F9:CC
X509v3 Authority Key Identifier:
keyid:29:7A:42:29:71:4F:34:E2:9D:3D:92:B2:5F:7B:59:C7:48:F0:DF:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXpCKXFPNOKdPZKyX3tZx0jw38Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ba:81:aa:b5:21:67:aa:2e:0d:d4:3b:4c:a2:22:f9:83:cb:e9:
b2:f5:74:e0:da:ef:83:65:40:6c:ed:b3:7d:ca:c8:9f:eb:8e:
da:f7:36:63:fc:0a:29:63:f8:a0:87:70:b7:5c:de:dd:72:86:
b7:f0:97:c4:77:07:67:83:ba:0c:8c:e5:bf:6e:f4:60:57:bf:
db:7c:c4:53:30:00:fc:fd:1f:8d:06:8c:cb:0a:02:f6:82:a9:
19:7d:b9:01:bf:31:92:38:f3:ca:84:d6:cd:09:55:4f:f6:6a:
fb:ed:af:74:42:43:5d:23:45:1b:ed:69:d3:89:e7:ab:c4:bb:
45:19:fb:b6:db:7e:d5:94:4d:e8:a1:e3:43:93:bb:7e:78:8c:
1c:05:d4:54:05:20:93:b6:6b:49:5b:7b:58:29:6f:09:b9:81:
96:ef:70:df:95:0b:af:e3:9e:0d:29:05:7f:c4:7c:32:95:a8:
d2:95:97:53:da:12:54:cd:04:85:43:75:f2:6e:e6:69:85:fd:
50:bf:3a:11:4c:2b:ce:3a:a6:f8:70:69:52:97:95:70:a9:e3:
8d:c4:9d:53:e9:82:fa:dc:9d:d7:47:01:c0:9e:a5:1b:85:9a:
99:89:99:7c:2a:51:2a:46:23:5f:42:f1:61:12:1d:8c:4c:9f:
c1:c1:9f:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuEKunafRebncjLFV6g6+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2E0MjI5NzE0ZjM0ZTI5ZDNkOTJiMjVmN2I1OWM3NDhm
MGRmYzYwHhcNMjUxMTExMDcwMTMyWhcNMjUxMTEyMDcwMTMyWjAzMTEwLwYDVQQD
Eyg2YmVlYWM5Y2ViMjYyYmRiZmRkNThhMzM0YWEzZjhkODUzZjZmOWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3hR4xFzKJ3+BDKx/V823BEPWiae4
e1TxOTm1gEEIoi9/wEMBSIiOt/jNZ1y8jq5tgk4JkxTN3Wegll3uGx+13aRRfY5P
JeNcwHqncMfE13MT6tJFxHQbvPfTok2hZAAMt59aWtfUbLrDNA7XVQqvEkHEbh59
85yWHSyS8DauoW9sf3s/VhodQyirwzA0ZuQpQ22ndL94VjUn8VBRqaIJnp3i1JyZ
aWxNKWqEEIyIaDs1spUWM3bPeJxLTmpBr21dbLcwjrY1jXNjTJ7RX0guRZCbQyWV
JjCLn0cDKfGYxO0sbA+pNbpIvfvzpvKYRCfXv3shJY0qFHeIYVqUsMFNDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGvurJzrJivb/dWKM0qj+NhT9vnMMB8GA1UdIwQY
MBaAFCl6QilxTzTinT2Ssl97WcdI8N/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1hwQ0tYRlBOT0tkUFpLeVgzdFp4MGp3MzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8xZDcyY2UtYmU0Yy00NDk4LWE4MjMt
M2FlYmM5ZjgxN2NlLzEvS1hwQ0tYRlBOT0tkUFpLeVgzdFp4MGp3MzhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8xZDcyY2UtYmU0Yy00NDk4LWE4MjMtM2FlYmM5ZjgxN2Nl
LzEvS1hwQ0tYRlBOT0tkUFpLeVgzdFp4MGp3MzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuoGqtSFn
qi4N1DtMoiL5g8vpsvV04Nrvg2VAbO2zfcrIn+uO2vc2Y/wKKWP4oIdwt1ze3XKG
t/CXxHcHZ4O6DIzlv270YFe/23zEUzAA/P0fjQaMywoC9oKpGX25Ab8xkjjzyoTW
zQlVT/Zq++2vdEJDXSNFG+1p04nnq8S7RRn7ttt+1ZRN6KHjQ5O7fniMHAXUVAUg
k7ZrSVt7WClvCbmBlu9w35ULr+OeDSkFf8R8MpWo0pWXU9oSVM0EhUN18m7maYX9
UL86EUwrzjqm+HBpUpeVcKnjjcSdU+mC+tyd10cBwJ6lG4WamYmZfCpRKkYjX0Lx
YRIdjEyfwcGfkQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:50:20 2025 by rpki-client