Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.mft
File: KgGcraFj42jMM2J2PyBrPerE0yA.mft (raw, json)
Hash identifier: OoUMlhtSMTyBZ6t4GtlqmG4ZiUW8hTe+gPjlVR9igG4=
Subject key identifier: 45:46:0B:02:81:E2:68:55:16:70:62:71:B3:1E:46:4E:25:F5:65:5A
Authority key identifier: 2A:01:9C:AD:A1:63:E3:68:CC:33:62:76:3F:20:6B:3D:EA:C4:D3:20
Certificate issuer: /CN=2a019cada163e368cc3362763f206b3deac4d320
Certificate serial: 019A70DC02EBF701F8F17C722F629758B9D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KgGcraFj42jMM2J2PyBrPerE0yA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.mft
Manifest number: 0C8D
Signing time: Tue 11 Nov 2025 03:00:58 +0000
Manifest this update: Tue 11 Nov 2025 03:00:58 +0000
Manifest next update: Wed 12 Nov 2025 03:00:58 +0000
Files and hashes: 1: KgGcraFj42jMM2J2PyBrPerE0yA.crl (hash: HbnaWqaUw3pdgFMoshcmBmNPCqfVJJ22Cy7UEp6V0No=)
2: aZtA3Tb82BUczOl9SsTYverE7lI.roa (hash: LK8Z2BqrNCcDSNuABGRySwkLhGqKgLJf/sHl1VyEOIw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KgGcraFj42jMM2J2PyBrPerE0yA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:dc:02:eb:f7:01:f8:f1:7c:72:2f:62:97:58:b9:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a019cada163e368cc3362763f206b3deac4d320
Validity
Not Before: Nov 11 03:00:58 2025 GMT
Not After : Nov 12 03:00:58 2025 GMT
Subject: CN=45460b0281e2685516706271b31e464e25f5655a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:53:26:f2:33:6e:28:52:05:c2:9c:ca:d6:c4:
b6:27:54:62:69:87:7f:62:88:46:6a:c6:56:5a:8a:
7c:e7:b7:38:b0:ad:11:55:c7:07:db:48:d9:b0:bf:
05:fb:97:5d:db:5c:7f:84:52:69:61:42:da:e1:d8:
c7:20:ce:4b:c2:6f:d2:dd:f9:63:cf:8f:b4:18:b9:
06:0e:30:74:b6:02:7e:5c:38:b9:29:ef:54:31:d0:
fb:7e:f3:c9:31:66:61:72:44:07:9a:54:49:d2:64:
e9:8d:ac:c5:c6:88:d5:2b:fc:fb:f8:59:36:44:d8:
bc:c1:c1:9f:0f:7a:af:f2:f2:6b:fa:59:57:6d:41:
92:9b:e1:e4:fb:e2:bd:cb:f8:4a:13:ec:80:18:4f:
cf:96:6e:cf:39:bc:df:99:b8:d1:0b:08:07:ab:60:
da:c4:2b:42:ce:f9:52:38:1d:26:07:68:1c:ad:fb:
55:83:8b:26:8e:41:83:61:29:0b:2a:af:ba:07:0d:
4a:27:dc:9d:6e:f5:aa:cc:40:78:4f:08:62:f1:b4:
65:e5:ad:2f:42:e5:48:9b:78:1a:90:e7:b8:90:2f:
a1:12:75:a6:02:ca:7e:6e:36:8b:17:98:3c:a9:c4:
ac:9b:73:07:bb:1a:6c:98:5a:34:d3:ed:86:88:49:
bd:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:46:0B:02:81:E2:68:55:16:70:62:71:B3:1E:46:4E:25:F5:65:5A
X509v3 Authority Key Identifier:
keyid:2A:01:9C:AD:A1:63:E3:68:CC:33:62:76:3F:20:6B:3D:EA:C4:D3:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KgGcraFj42jMM2J2PyBrPerE0yA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:4e:75:dc:f5:c7:3e:d1:ff:89:57:5b:72:fb:c1:63:60:26:
86:fe:de:80:27:8d:70:97:21:7b:be:92:e6:b3:82:e5:ec:76:
f2:9c:c0:c5:fa:7d:e7:30:cf:39:c0:52:48:8d:35:e3:fe:f5:
33:6a:37:6e:04:dd:6a:8d:72:dc:75:96:37:ef:6d:b7:5a:32:
3a:3a:d4:f8:e3:02:ab:1a:c8:ea:b6:99:0a:34:cb:d0:24:f5:
c7:f1:09:d9:4e:f4:b5:12:b3:3a:4b:c4:a7:59:de:8a:bc:cf:
b3:14:e4:bb:3b:34:96:f3:b6:4e:b5:4e:fb:3c:8f:2c:f1:d5:
26:94:46:74:51:f7:fd:15:c6:34:97:b7:41:ac:08:81:e5:5b:
93:c3:cc:9f:9a:11:48:e5:6f:65:4e:ba:07:fc:16:41:d0:f1:
9b:5f:e6:3c:96:b4:d4:5b:94:c2:bd:87:72:63:39:59:6a:48:
ed:e2:ea:ad:4b:b1:df:b2:55:38:74:09:32:e3:c5:32:b1:01:
f4:c3:fe:43:05:23:3c:e6:19:64:01:97:04:c1:99:94:71:7e:
1e:75:75:09:ae:8c:22:fe:c5:77:c8:b5:20:59:58:4a:3d:f5:
d1:85:4b:4a:d6:48:05:dd:59:48:ac:9f:21:93:ae:99:66:f3:
12:d3:92:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3ALr9wH48XxyL2KXWLnSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMDE5Y2FkYTE2M2UzNjhjYzMzNjI3NjNmMjA2YjNkZWFj
NGQzMjAwHhcNMjUxMTExMDMwMDU4WhcNMjUxMTEyMDMwMDU4WjAzMTEwLwYDVQQD
Eyg0NTQ2MGIwMjgxZTI2ODU1MTY3MDYyNzFiMzFlNDY0ZTI1ZjU2NTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8lMm8jNuKFIFwpzK1sS2J1RiaYd/
YohGasZWWop857c4sK0RVccH20jZsL8F+5dd21x/hFJpYULa4djHIM5Lwm/S3flj
z4+0GLkGDjB0tgJ+XDi5Ke9UMdD7fvPJMWZhckQHmlRJ0mTpjazFxojVK/z7+Fk2
RNi8wcGfD3qv8vJr+llXbUGSm+Hk++K9y/hKE+yAGE/Plm7PObzfmbjRCwgHq2Da
xCtCzvlSOB0mB2gcrftVg4smjkGDYSkLKq+6Bw1KJ9ydbvWqzEB4Twhi8bRl5a0v
QuVIm3gakOe4kC+hEnWmAsp+bjaLF5g8qcSsm3MHuxpsmFo00+2GiEm9BQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEVGCwKB4mhVFnBicbMeRk4l9WVaMB8GA1UdIwQY
MBaAFCoBnK2hY+NozDNidj8gaz3qxNMgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2dHY3JhRmo0MmpNTTJKMlB5QnJQZXJFMHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi80M2E2NzItZDE1MS00YzRlLTk4MDkt
MTQ5ZjYzNjVmZmRhLzEvS2dHY3JhRmo0MmpNTTJKMlB5QnJQZXJFMHlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi80M2E2NzItZDE1MS00YzRlLTk4MDktMTQ5ZjYzNjVmZmRh
LzEvS2dHY3JhRmo0MmpNTTJKMlB5QnJQZXJFMHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZE513PXH
PtH/iVdbcvvBY2Amhv7egCeNcJche76S5rOC5ex28pzAxfp95zDPOcBSSI014/71
M2o3bgTdao1y3HWWN+9tt1oyOjrU+OMCqxrI6raZCjTL0CT1x/EJ2U70tRKzOkvE
p1neirzPsxTkuzs0lvO2TrVO+zyPLPHVJpRGdFH3/RXGNJe3QawIgeVbk8PMn5oR
SOVvZU66B/wWQdDxm1/mPJa01FuUwr2HcmM5WWpI7eLqrUux37JVOHQJMuPFMrEB
9MP+QwUjPOYZZAGXBMGZlHF+HnV1Ca6MIv7Fd8i1IFlYSj310YVLStZIBd1ZSKyf
IZOumWbzEtOSFQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:46:18 2025 by rpki-client