Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/ab5e88-d2f9-487b-bb92-a4cb1cfd00b8/1/KYlkeFHvzRmJcu09FJzLvenFXAA.mft
File: KYlkeFHvzRmJcu09FJzLvenFXAA.mft (raw, json)
Hash identifier: jCDbttq5MpMUj/B/RrT9CbbJIlRN0D9oen6t+k8dum4=
Subject key identifier: 5D:05:06:25:EB:04:FE:D2:5C:7C:FD:95:03:05:17:4C:A1:73:4A:CE
Authority key identifier: 29:89:64:78:51:EF:CD:19:89:72:ED:3D:14:9C:CB:BD:E9:C5:5C:00
Certificate issuer: /CN=2989647851efcd198972ed3d149ccbbde9c55c00
Certificate serial: 019A7112C767B5F92D5781F4BC3AB3B289E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYlkeFHvzRmJcu09FJzLvenFXAA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/ab5e88-d2f9-487b-bb92-a4cb1cfd00b8/1/KYlkeFHvzRmJcu09FJzLvenFXAA.mft
Manifest number: 0A57
Signing time: Tue 11 Nov 2025 04:00:47 +0000
Manifest this update: Tue 11 Nov 2025 04:00:47 +0000
Manifest next update: Wed 12 Nov 2025 04:00:47 +0000
Files and hashes: 1: 1ndyHQjZ22gElMY09b9UIH97Fd0.roa (hash: d9wD6lD21fFSwiL6i7e8/Tvl1y891h5uDv49+B9KB5s=)
2: KYlkeFHvzRmJcu09FJzLvenFXAA.crl (hash: d0RvLRqlQnazqgZ4guE4YNJbvGagj5MsWpwCjVcR680=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/ab5e88-d2f9-487b-bb92-a4cb1cfd00b8/1/KYlkeFHvzRmJcu09FJzLvenFXAA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/ab5e88-d2f9-487b-bb92-a4cb1cfd00b8/1/KYlkeFHvzRmJcu09FJzLvenFXAA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KYlkeFHvzRmJcu09FJzLvenFXAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:12:c7:67:b5:f9:2d:57:81:f4:bc:3a:b3:b2:89:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2989647851efcd198972ed3d149ccbbde9c55c00
Validity
Not Before: Nov 11 04:00:47 2025 GMT
Not After : Nov 12 04:00:47 2025 GMT
Subject: CN=5d050625eb04fed25c7cfd950305174ca1734ace
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:b4:34:c7:e1:02:00:68:8a:04:94:5e:39:43:
78:2b:f8:b1:ac:02:3f:53:ff:d1:2b:a6:21:6e:a6:
34:c3:c8:a2:ff:7b:07:b3:67:30:33:d5:77:ff:e8:
4e:f3:79:7c:aa:28:2f:96:25:c9:5e:86:33:9f:51:
98:6a:36:19:14:ea:b3:ff:c7:a5:14:f3:50:b1:41:
98:5d:79:c5:41:0e:96:4c:05:de:95:4a:1f:aa:bd:
b0:76:94:63:e2:87:d8:a8:04:4f:c5:eb:db:12:f0:
bd:c9:88:fd:42:75:dd:f1:d8:eb:4c:13:f3:ca:c2:
43:c2:0b:96:c3:81:bc:0f:8a:52:c2:62:0e:03:3a:
a3:02:f6:25:17:74:7b:4a:e5:49:d2:e2:07:10:e1:
68:a3:63:81:7c:c9:df:1c:e8:28:cc:3b:05:21:fa:
2e:18:80:17:fc:99:8e:05:8d:dd:4d:49:68:29:7a:
62:35:81:90:c8:a9:74:e3:78:b1:aa:3f:74:df:26:
8f:10:2a:c1:d8:75:fd:0e:25:11:f6:56:bb:40:82:
f8:5e:d6:71:da:ec:42:30:b4:38:47:bc:81:70:63:
39:3e:6c:35:b7:f0:0f:18:13:c4:07:a1:d1:1d:23:
00:88:4c:0f:a3:3a:16:27:be:8e:08:07:e3:38:4f:
8e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:05:06:25:EB:04:FE:D2:5C:7C:FD:95:03:05:17:4C:A1:73:4A:CE
X509v3 Authority Key Identifier:
keyid:29:89:64:78:51:EF:CD:19:89:72:ED:3D:14:9C:CB:BD:E9:C5:5C:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYlkeFHvzRmJcu09FJzLvenFXAA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/ab5e88-d2f9-487b-bb92-a4cb1cfd00b8/1/KYlkeFHvzRmJcu09FJzLvenFXAA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/ab5e88-d2f9-487b-bb92-a4cb1cfd00b8/1/KYlkeFHvzRmJcu09FJzLvenFXAA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9a:22:e5:f7:4a:f5:84:c7:6e:89:9d:cf:80:3e:1b:88:18:19:
63:3b:e0:38:4c:87:77:a4:9b:46:54:26:4a:b8:b7:e2:63:b4:
fa:8c:45:64:65:fb:4b:b7:b6:b2:3d:c9:4a:43:90:60:b2:b9:
5e:0a:4d:ac:25:5c:1b:a2:72:b0:08:22:a6:e8:ab:c7:b4:18:
8c:83:81:6a:82:a6:98:ef:33:73:9c:47:b8:18:2e:ed:51:a3:
e2:50:a1:5a:0b:4a:2f:4f:6d:1d:24:0b:03:26:54:a3:f2:fa:
91:48:57:96:5f:0a:12:8a:19:06:be:19:ac:6d:ac:cb:a6:02:
6f:98:bc:85:cc:15:73:40:8d:8d:ad:3d:5d:e1:cd:08:b7:6f:
fa:1a:c8:bc:e9:53:6f:8f:87:bd:0c:a9:cd:4d:0e:41:31:aa:
1e:3a:1c:2c:0b:d9:34:cd:c8:e7:8e:90:d0:00:f4:00:27:0e:
41:36:98:d9:d3:3a:44:86:86:14:9d:ae:d3:01:e5:87:d0:4a:
ed:a6:e2:04:13:e3:82:33:a2:21:55:d7:cb:2e:3e:44:8e:16:
c3:93:34:07:c5:50:c1:82:cb:a6:1b:76:4c:ba:d0:98:02:d7:
ed:52:3f:ff:b1:e2:52:a0:8d:7b:16:9a:33:28:13:87:7c:0f:
5e:c7:5a:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEsdntfktV4H0vDqzsoniMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ODk2NDc4NTFlZmNkMTk4OTcyZWQzZDE0OWNjYmJkZTlj
NTVjMDAwHhcNMjUxMTExMDQwMDQ3WhcNMjUxMTEyMDQwMDQ3WjAzMTEwLwYDVQQD
Eyg1ZDA1MDYyNWViMDRmZWQyNWM3Y2ZkOTUwMzA1MTc0Y2ExNzM0YWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLQ0x+ECAGiKBJReOUN4K/ixrAI/
U//RK6YhbqY0w8ii/3sHs2cwM9V3/+hO83l8qigvliXJXoYzn1GYajYZFOqz/8el
FPNQsUGYXXnFQQ6WTAXelUofqr2wdpRj4ofYqARPxevbEvC9yYj9QnXd8djrTBPz
ysJDwguWw4G8D4pSwmIOAzqjAvYlF3R7SuVJ0uIHEOFoo2OBfMnfHOgozDsFIfou
GIAX/JmOBY3dTUloKXpiNYGQyKl043ixqj903yaPECrB2HX9DiUR9la7QIL4XtZx
2uxCMLQ4R7yBcGM5Pmw1t/APGBPEB6HRHSMAiEwPozoWJ76OCAfjOE+OgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF0FBiXrBP7SXHz9lQMFF0yhc0rOMB8GA1UdIwQY
MBaAFCmJZHhR780ZiXLtPRScy73pxVwAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1lsa2VGSHZ6Um1KY3UwOUZKekx2ZW5GWEFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9hYjVlODgtZDJmOS00ODdiLWJiOTIt
YTRjYjFjZmQwMGI4LzEvS1lsa2VGSHZ6Um1KY3UwOUZKekx2ZW5GWEFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9hYjVlODgtZDJmOS00ODdiLWJiOTItYTRjYjFjZmQwMGI4
LzEvS1lsa2VGSHZ6Um1KY3UwOUZKekx2ZW5GWEFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmiLl90r1
hMduiZ3PgD4biBgZYzvgOEyHd6SbRlQmSri34mO0+oxFZGX7S7e2sj3JSkOQYLK5
XgpNrCVcG6JysAgipuirx7QYjIOBaoKmmO8zc5xHuBgu7VGj4lChWgtKL09tHSQL
AyZUo/L6kUhXll8KEooZBr4ZrG2sy6YCb5i8hcwVc0CNja09XeHNCLdv+hrIvOlT
b4+HvQypzU0OQTGqHjocLAvZNM3I546Q0AD0ACcOQTaY2dM6RIaGFJ2u0wHlh9BK
7abiBBPjgjOiIVXXyy4+RI4Ww5M0B8VQwYLLpht2TLrQmALX7VI//7HiUqCNexaa
MygTh3wPXsdatA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:44:30 2025 by rpki-client