Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
File: kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft (raw, json)
Hash identifier: HUzIo2G9npo2dI6543vQtE9YXkD5TXtxEdAPgDm08A8=
Subject key identifier: 5E:73:81:81:B7:D2:1C:A3:0B:09:35:13:65:D6:33:A5:D8:7F:9A:CD
Authority key identifier: 91:18:8C:A6:4C:46:70:A6:EB:56:B4:2A:50:A1:05:88:AD:96:47:EE
Certificate issuer: /CN=91188ca64c4670a6eb56b42a50a10588ad9647ee
Certificate serial: 019A239BCF8B6E2F36E06512905D0CEE0FD7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
Manifest number: 0B8A
Signing time: Mon 27 Oct 2025 03:00:04 +0000
Manifest this update: Mon 27 Oct 2025 03:00:04 +0000
Manifest next update: Tue 28 Oct 2025 03:00:04 +0000
Files and hashes: 1: JyQo8VWrljsbu7fdBUyCLnp2fRo.roa (hash: PYNlAKDVxyxJWLdDPpsz5WMXt3MO3ZloO8y7DclxK3I=)
2: kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl (hash: XYdGeQz8dcQAxGgTVVPl53EpAUea77JIGi/6eCj0pY0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 23:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:23:9b:cf:8b:6e:2f:36:e0:65:12:90:5d:0c:ee:0f:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91188ca64c4670a6eb56b42a50a10588ad9647ee
Validity
Not Before: Oct 27 03:00:04 2025 GMT
Not After : Oct 28 03:00:04 2025 GMT
Subject: CN=5e738181b7d21ca30b09351365d633a5d87f9acd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:76:84:7b:85:44:9a:17:1b:77:f1:fc:2e:05:
cf:3d:98:7c:46:f2:3b:a2:45:2c:bb:c4:95:9f:fd:
7f:d7:ac:9b:d4:94:df:e7:54:a9:30:79:d6:fc:cb:
d9:4a:a2:a4:9d:5a:33:bd:81:9f:57:d1:06:e4:b6:
41:1a:31:13:15:1c:c6:a7:3a:44:31:40:61:5c:d9:
d7:6d:e7:d6:b9:ac:33:ae:5c:99:4f:8b:b9:72:f8:
1f:70:3d:67:ab:5b:fc:0e:d6:e0:a6:e5:ef:e9:ed:
e7:a9:49:73:9a:42:ed:da:db:31:b8:4c:4e:11:6d:
c4:ee:f1:eb:14:ac:b4:65:1b:8a:61:33:69:73:d3:
55:39:86:9c:82:9e:12:88:b8:8e:2a:ec:50:cf:55:
43:21:bf:22:04:38:61:31:2d:ff:ce:84:86:18:4d:
b8:64:7c:06:18:ae:13:56:75:a2:4a:3a:f4:8b:72:
0b:6b:87:e0:36:16:5c:e0:e2:a2:c4:a6:d8:53:b7:
94:42:f7:ed:92:81:4c:3d:95:c8:bc:ce:f9:3f:ee:
7b:1f:8f:6f:b7:d1:1f:68:e7:99:4b:b4:10:44:4f:
97:3f:39:56:b9:d3:7c:d7:aa:96:7c:3d:53:95:1e:
dd:44:e4:2c:83:e3:9a:e6:de:8b:c9:05:4e:53:f4:
e6:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:73:81:81:B7:D2:1C:A3:0B:09:35:13:65:D6:33:A5:D8:7F:9A:CD
X509v3 Authority Key Identifier:
keyid:91:18:8C:A6:4C:46:70:A6:EB:56:B4:2A:50:A1:05:88:AD:96:47:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
01:94:7e:8b:e2:af:e0:0a:d3:f3:89:1e:c4:25:2d:06:af:d8:
40:87:37:84:68:cd:35:86:06:a7:8c:d7:04:ab:09:a5:fe:db:
c5:cf:62:30:83:c2:03:f9:6f:c9:2d:34:68:2e:44:4a:e7:b9:
c8:f0:e6:4d:3d:cc:d0:f7:2b:ac:2b:4c:11:b6:47:97:ff:05:
cd:b7:35:7a:b9:d7:4b:84:6b:c9:cd:61:5c:be:82:50:9c:9d:
cc:99:c6:4b:6d:07:99:70:7b:6b:e9:d1:89:eb:ae:35:fc:a6:
5a:ed:27:a8:92:20:0a:8e:9d:a9:ab:ec:57:3c:61:8e:10:31:
18:f1:65:e7:41:50:b6:37:df:4a:ec:d3:68:76:ca:3f:10:e4:
ef:8d:b0:e4:5e:d8:9e:39:cc:bb:eb:90:f1:39:ea:dd:f6:dd:
31:dd:b6:3d:6f:41:cd:03:ff:99:84:61:4e:45:5b:6d:6d:e4:
af:5c:24:ee:b6:2c:97:56:97:80:c4:a3:19:77:cc:61:b4:67:
58:46:4f:fa:da:6f:18:c8:1e:16:aa:d1:fb:ac:c7:96:f5:b9:
48:da:31:84:be:6a:d2:ba:7b:e4:2f:7c:12:d1:28:e8:99:cd:
20:70:3e:28:f4:e6:61:1e:8b:39:09:ff:bf:2d:02:46:25:88:
a1:0f:f4:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZojm8+Lbi824GUSkF0M7g/XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMTg4Y2E2NGM0NjcwYTZlYjU2YjQyYTUwYTEwNTg4YWQ5
NjQ3ZWUwHhcNMjUxMDI3MDMwMDA0WhcNMjUxMDI4MDMwMDA0WjAzMTEwLwYDVQQD
Eyg1ZTczODE4MWI3ZDIxY2EzMGIwOTM1MTM2NWQ2MzNhNWQ4N2Y5YWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnaEe4VEmhcbd/H8LgXPPZh8RvI7
okUsu8SVn/1/16yb1JTf51SpMHnW/MvZSqKknVozvYGfV9EG5LZBGjETFRzGpzpE
MUBhXNnXbefWuawzrlyZT4u5cvgfcD1nq1v8DtbgpuXv6e3nqUlzmkLt2tsxuExO
EW3E7vHrFKy0ZRuKYTNpc9NVOYacgp4SiLiOKuxQz1VDIb8iBDhhMS3/zoSGGE24
ZHwGGK4TVnWiSjr0i3ILa4fgNhZc4OKixKbYU7eUQvftkoFMPZXIvM75P+57H49v
t9EfaOeZS7QQRE+XPzlWudN816qWfD1TlR7dROQsg+Oa5t6LyQVOU/TmcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF5zgYG30hyjCwk1E2XWM6XYf5rNMB8GA1UdIwQY
MBaAFJEYjKZMRnCm61a0KlChBYitlkfuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8zMWQ2YzEtMTE0Ni00NTg4LTgzOGQt
MTQ3MTc3YjgzN2RlLzEva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8zMWQ2YzEtMTE0Ni00NTg4LTgzOGQtMTQ3MTc3YjgzN2Rl
LzEva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAZR+i+Kv
4ArT84kexCUtBq/YQIc3hGjNNYYGp4zXBKsJpf7bxc9iMIPCA/lvyS00aC5ESue5
yPDmTT3M0PcrrCtMEbZHl/8Fzbc1ernXS4Rryc1hXL6CUJydzJnGS20HmXB7a+nR
ieuuNfymWu0nqJIgCo6dqavsVzxhjhAxGPFl50FQtjffSuzTaHbKPxDk742w5F7Y
njnMu+uQ8Tnq3fbdMd22PW9BzQP/mYRhTkVbbW3kr1wk7rYsl1aXgMSjGXfMYbRn
WEZP+tpvGMgeFqrR+6zHlvW5SNoxhL5q0rp75C98EtEo6JnNIHA+KPTmYR6LOQn/
vy0CRiWIoQ/0kA==
-----END CERTIFICATE-----
Generated at Mon Oct 27 05:59:35 2025 by rpki-client