Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
File: kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft (raw, json)
Hash identifier: rvPgMbxmTDq5xkwv4+ZIejiOOozTP0blcBMrftSZbf0=
Subject key identifier: AF:AA:E7:63:E5:52:C3:CF:29:59:1C:FB:9F:39:5C:7E:1D:94:5E:E1
Authority key identifier: 91:18:8C:A6:4C:46:70:A6:EB:56:B4:2A:50:A1:05:88:AD:96:47:EE
Certificate issuer: /CN=91188ca64c4670a6eb56b42a50a10588ad9647ee
Certificate serial: 019922C3254923013640D1D9A2C48F0F50B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
Manifest number: 0B05
Signing time: Sun 07 Sep 2025 06:00:38 +0000
Manifest this update: Sun 07 Sep 2025 06:00:38 +0000
Manifest next update: Mon 08 Sep 2025 06:00:38 +0000
Files and hashes: 1: JyQo8VWrljsbu7fdBUyCLnp2fRo.roa (hash: PYNlAKDVxyxJWLdDPpsz5WMXt3MO3ZloO8y7DclxK3I=)
2: kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl (hash: v5wNU+gVt9d6o+6i5Vcyapgeak1HZ5My0zeBN+nrMUE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:c3:25:49:23:01:36:40:d1:d9:a2:c4:8f:0f:50:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91188ca64c4670a6eb56b42a50a10588ad9647ee
Validity
Not Before: Sep 7 06:00:38 2025 GMT
Not After : Sep 8 06:00:38 2025 GMT
Subject: CN=afaae763e552c3cf29591cfb9f395c7e1d945ee1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:08:09:9a:f7:45:3c:dd:9b:32:a8:c4:b6:0d:
b6:21:d7:1f:14:0f:df:73:8b:8b:f1:36:25:56:42:
32:e1:d4:f3:ab:f0:0f:f7:84:ce:78:57:22:83:ac:
6b:ca:f5:d3:0c:35:74:49:88:0c:02:db:80:f7:3f:
bf:65:49:99:52:11:11:80:96:15:4d:ad:5c:d5:53:
70:5e:15:3f:12:51:06:03:12:4d:8e:85:e8:ca:e9:
bb:bc:03:41:9a:11:d5:c6:ac:ea:1e:81:68:23:f8:
be:de:f8:fe:54:df:2d:a5:f8:2c:13:da:9c:ea:ca:
67:8e:d5:1c:4b:a9:24:ec:2f:77:2b:53:db:01:f1:
b2:06:89:f7:77:e6:6e:ef:a1:15:66:d8:e9:a9:d7:
cc:ed:9c:a6:bd:55:24:b1:bf:30:f9:17:ba:9c:a7:
14:45:ba:a9:f9:e9:86:55:0b:ec:71:7c:2c:3e:8e:
fe:7e:ca:e6:55:cc:c4:bc:be:ae:f7:03:9a:b1:89:
95:88:7e:73:86:93:f6:67:9c:4e:bc:11:4a:db:0f:
46:0f:33:a0:13:98:e6:81:88:46:da:fa:d9:91:f6:
b7:85:c7:75:d4:32:ed:6e:e3:61:6e:c0:90:e5:7a:
4c:78:70:a9:26:f5:55:63:2d:c2:31:52:c6:3c:4f:
58:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:AA:E7:63:E5:52:C3:CF:29:59:1C:FB:9F:39:5C:7E:1D:94:5E:E1
X509v3 Authority Key Identifier:
keyid:91:18:8C:A6:4C:46:70:A6:EB:56:B4:2A:50:A1:05:88:AD:96:47:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ac:56:8d:14:29:28:0e:a7:bd:fd:5b:95:9c:05:cd:13:ad:07:
d9:ef:d1:e5:ad:6a:d1:1b:9f:cd:9c:81:10:03:bb:22:60:d2:
56:0d:b1:f4:5b:4b:fc:b6:91:2b:cf:fe:50:bf:51:1e:2e:bc:
b8:3a:ff:59:06:e2:e9:61:c2:02:ba:36:a3:49:fb:f4:7f:25:
d0:f8:72:55:4e:94:40:ef:ea:e4:e9:1f:3a:2b:65:df:e1:41:
47:9f:4b:32:d5:14:e1:22:93:95:1c:b6:3a:5f:9b:9a:19:12:
da:7d:a3:ac:66:c7:0b:b5:2e:d3:8b:91:47:b2:f6:30:ae:67:
d5:23:73:97:b4:af:38:14:27:54:a4:ff:9a:be:73:21:77:74:
c8:78:86:5c:74:36:08:60:78:03:93:8f:d4:bd:84:8b:76:9d:
34:e3:bd:df:73:87:ed:53:6d:ca:68:26:d2:fd:37:ee:bc:3b:
0a:85:da:73:c9:be:c8:73:e1:90:b0:4c:cf:61:00:4e:18:38:
da:53:81:3b:87:45:65:8c:39:5c:6b:ab:c0:91:29:84:4c:2d:
a5:57:e6:04:c4:dc:55:c0:35:c8:95:9b:62:02:79:73:47:6d:
07:47:6d:f5:65:ea:ad:73:bb:f0:69:7e:49:5f:50:92:cf:68:
cb:ea:b7:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiwyVJIwE2QNHZosSPD1C5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMTg4Y2E2NGM0NjcwYTZlYjU2YjQyYTUwYTEwNTg4YWQ5
NjQ3ZWUwHhcNMjUwOTA3MDYwMDM4WhcNMjUwOTA4MDYwMDM4WjAzMTEwLwYDVQQD
EyhhZmFhZTc2M2U1NTJjM2NmMjk1OTFjZmI5ZjM5NWM3ZTFkOTQ1ZWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywgJmvdFPN2bMqjEtg22IdcfFA/f
c4uL8TYlVkIy4dTzq/AP94TOeFcig6xryvXTDDV0SYgMAtuA9z+/ZUmZUhERgJYV
Ta1c1VNwXhU/ElEGAxJNjoXoyum7vANBmhHVxqzqHoFoI/i+3vj+VN8tpfgsE9qc
6spnjtUcS6kk7C93K1PbAfGyBon3d+Zu76EVZtjpqdfM7ZymvVUksb8w+Re6nKcU
Rbqp+emGVQvscXwsPo7+fsrmVczEvL6u9wOasYmViH5zhpP2Z5xOvBFK2w9GDzOg
E5jmgYhG2vrZkfa3hcd11DLtbuNhbsCQ5XpMeHCpJvVVYy3CMVLGPE9YXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK+q52PlUsPPKVkc+585XH4dlF7hMB8GA1UdIwQY
MBaAFJEYjKZMRnCm61a0KlChBYitlkfuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8zMWQ2YzEtMTE0Ni00NTg4LTgzOGQt
MTQ3MTc3YjgzN2RlLzEva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8zMWQ2YzEtMTE0Ni00NTg4LTgzOGQtMTQ3MTc3YjgzN2Rl
LzEva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArFaNFCko
Dqe9/VuVnAXNE60H2e/R5a1q0RufzZyBEAO7ImDSVg2x9FtL/LaRK8/+UL9RHi68
uDr/WQbi6WHCAro2o0n79H8l0PhyVU6UQO/q5OkfOitl3+FBR59LMtUU4SKTlRy2
Ol+bmhkS2n2jrGbHC7Uu04uRR7L2MK5n1SNzl7SvOBQnVKT/mr5zIXd0yHiGXHQ2
CGB4A5OP1L2Ei3adNOO933OH7VNtymgm0v037rw7CoXac8m+yHPhkLBMz2EAThg4
2lOBO4dFZYw5XGurwJEphEwtpVfmBMTcVcA1yJWbYgJ5c0dtB0dt9WXqrXO78Gl+
SV9Qks9oy+q3Pw==
-----END CERTIFICATE-----
Generated at Sun Sep 7 11:52:03 2025 by rpki-client