Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.mft
File: KANYk6JXplTz-FSVxBaevobeGNE.mft (raw, json)
Hash identifier: JxP3RM2M6mx/w/mFUSWxTRTTrtnK59sUYuTpc/dreog=
Subject key identifier: 9D:5B:8F:FE:AF:43:9B:96:2C:12:0C:1B:F2:14:32:05:59:BA:F1:90
Authority key identifier: 28:03:58:93:A2:57:A6:54:F3:F8:54:95:C4:16:9E:BE:86:DE:18:D1
Certificate issuer: /CN=28035893a257a654f3f85495c4169ebe86de18d1
Certificate serial: 019A70DC150BE2AB7B3B4905AD38AC81B709
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KANYk6JXplTz-FSVxBaevobeGNE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.mft
Manifest number: 0C5B
Signing time: Tue 11 Nov 2025 03:01:02 +0000
Manifest this update: Tue 11 Nov 2025 03:01:02 +0000
Manifest next update: Wed 12 Nov 2025 03:01:02 +0000
Files and hashes: 1: HzZn0ba7QItzyWun3HWfVhfe2Mw.roa (hash: iE4IEBeKKD6peBsX5m6y9GBML1LTBu1RqbqOosqLhr0=)
2: KANYk6JXplTz-FSVxBaevobeGNE.crl (hash: Mq4aYoO4656jjfcfKRMk9jJzvoxHokN4fr4w0U6De3o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.mft
rsync://rpki.ripe.net/repository/DEFAULT/KANYk6JXplTz-FSVxBaevobeGNE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:dc:15:0b:e2:ab:7b:3b:49:05:ad:38:ac:81:b7:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28035893a257a654f3f85495c4169ebe86de18d1
Validity
Not Before: Nov 11 03:01:02 2025 GMT
Not After : Nov 12 03:01:02 2025 GMT
Subject: CN=9d5b8ffeaf439b962c120c1bf214320559baf190
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:0c:17:ed:c1:a1:4f:6a:d2:bb:71:2b:37:f8:
36:58:93:18:12:6e:d1:9c:2c:3a:d3:32:f3:dc:b4:
0f:99:fe:c9:cf:2f:98:b9:e0:6c:a7:77:1e:cc:ed:
f4:b7:e7:c5:75:4f:bb:3b:b3:b6:55:31:f8:f1:95:
bc:11:19:a3:0b:a3:2d:3b:8a:ff:47:5a:10:59:df:
e6:d4:c3:e5:99:19:cd:0e:1f:15:c7:b1:1f:73:70:
12:70:74:2c:a8:62:47:9e:6b:9b:90:de:cb:1b:e4:
5f:86:bf:95:90:d8:b4:71:aa:19:64:a3:b0:7b:ae:
d3:22:6c:67:f4:3d:97:ea:9b:38:c4:e1:47:6c:c2:
5a:14:13:58:69:0d:00:6c:01:d8:33:c3:f4:6a:ef:
d2:1e:d3:63:65:dc:a6:e0:e1:85:e5:d1:7c:ad:39:
9e:cf:12:f1:57:ba:b6:3c:63:c3:b7:f6:24:4c:c2:
de:1d:dc:d4:4f:b4:33:46:39:f2:51:46:cf:bb:30:
34:03:3a:87:fa:41:45:6a:47:bd:f1:04:20:d7:5d:
cd:07:7a:7b:1f:7c:33:d0:49:b7:de:d1:c7:bd:bc:
11:6c:34:cd:9b:e1:fb:53:d1:9b:a5:20:b6:71:42:
f1:b4:62:2e:13:42:b3:87:77:e9:3c:0e:80:85:b0:
d0:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:5B:8F:FE:AF:43:9B:96:2C:12:0C:1B:F2:14:32:05:59:BA:F1:90
X509v3 Authority Key Identifier:
keyid:28:03:58:93:A2:57:A6:54:F3:F8:54:95:C4:16:9E:BE:86:DE:18:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KANYk6JXplTz-FSVxBaevobeGNE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
12:f0:19:b0:01:ae:56:94:39:9d:48:f0:d0:90:61:a5:ac:22:
80:20:6f:77:e5:b3:ed:8f:d5:c4:93:07:09:9c:8b:d4:9c:f9:
9b:bd:b9:16:b7:74:39:c7:e3:3f:85:47:58:c1:2e:63:d1:c4:
9f:03:51:3e:3b:07:00:88:1d:af:ba:8e:c4:0f:07:be:84:82:
26:45:7f:3b:b5:07:5d:e4:6d:e4:39:b0:35:67:68:e2:9c:d5:
08:c0:22:25:be:dc:ba:3e:72:32:ff:18:cb:ca:51:d4:8a:52:
da:58:5f:70:b6:de:9e:ee:13:a4:8a:da:2b:3b:fd:fd:06:f1:
76:08:88:24:5c:67:09:2f:d6:18:e2:60:9c:cb:2c:33:55:49:
f6:15:e8:2e:f6:1b:80:2a:c5:2c:04:76:99:fa:72:f7:89:22:
bc:ca:80:13:a1:6e:e5:b6:3b:d3:74:bf:a7:6a:03:57:6c:1e:
3a:f1:3c:4f:72:1a:2b:6b:5c:aa:b0:e4:2a:43:55:b5:03:59:
07:77:91:b9:19:82:ad:f1:ce:72:c0:cc:77:f2:ae:16:25:85:
b1:48:80:13:f3:42:ec:a2:27:6f:f2:c1:3d:d6:3d:f3:0a:c0:
6a:eb:ab:0e:63:c3:10:f7:a7:4b:1e:e2:bd:44:39:a4:e6:70:
91:f1:49:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3BUL4qt7O0kFrTisgbcJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MDM1ODkzYTI1N2E2NTRmM2Y4NTQ5NWM0MTY5ZWJlODZk
ZTE4ZDEwHhcNMjUxMTExMDMwMTAyWhcNMjUxMTEyMDMwMTAyWjAzMTEwLwYDVQQD
Eyg5ZDViOGZmZWFmNDM5Yjk2MmMxMjBjMWJmMjE0MzIwNTU5YmFmMTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5AwX7cGhT2rSu3ErN/g2WJMYEm7R
nCw60zLz3LQPmf7Jzy+YueBsp3cezO30t+fFdU+7O7O2VTH48ZW8ERmjC6MtO4r/
R1oQWd/m1MPlmRnNDh8Vx7Efc3AScHQsqGJHnmubkN7LG+Rfhr+VkNi0caoZZKOw
e67TImxn9D2X6ps4xOFHbMJaFBNYaQ0AbAHYM8P0au/SHtNjZdym4OGF5dF8rTme
zxLxV7q2PGPDt/YkTMLeHdzUT7QzRjnyUUbPuzA0AzqH+kFFake98QQg113NB3p7
H3wz0Em33tHHvbwRbDTNm+H7U9GbpSC2cULxtGIuE0Kzh3fpPA6AhbDQyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ1bj/6vQ5uWLBIMG/IUMgVZuvGQMB8GA1UdIwQY
MBaAFCgDWJOiV6ZU8/hUlcQWnr6G3hjRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0FOWWs2SlhwbFR6LUZTVnhCYWV2b2JlR05FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS85Yjc2ZTMtZTRmMS00MWEyLTlmMGUt
OTM3ZTAwZDA3MzJmLzEvS0FOWWs2SlhwbFR6LUZTVnhCYWV2b2JlR05FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS85Yjc2ZTMtZTRmMS00MWEyLTlmMGUtOTM3ZTAwZDA3MzJm
LzEvS0FOWWs2SlhwbFR6LUZTVnhCYWV2b2JlR05FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEvAZsAGu
VpQ5nUjw0JBhpawigCBvd+Wz7Y/VxJMHCZyL1Jz5m725Frd0OcfjP4VHWMEuY9HE
nwNRPjsHAIgdr7qOxA8HvoSCJkV/O7UHXeRt5DmwNWdo4pzVCMAiJb7cuj5yMv8Y
y8pR1IpS2lhfcLbenu4TpIraKzv9/QbxdgiIJFxnCS/WGOJgnMssM1VJ9hXoLvYb
gCrFLAR2mfpy94kivMqAE6Fu5bY703S/p2oDV2weOvE8T3IaK2tcqrDkKkNVtQNZ
B3eRuRmCrfHOcsDMd/KuFiWFsUiAE/NC7KInb/LBPdY98wrAauurDmPDEPenSx7i
vUQ5pOZwkfFJKQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:32:59 2025 by rpki-client