Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/KMIgKkQ1N_uPsoBWehdIXxIwxBE.mft
File: KMIgKkQ1N_uPsoBWehdIXxIwxBE.mft (raw, json)
Hash identifier: x0RH+It5cz7LVfsUr6kHZBAadiHjLKH3ti3y8Xuots4=
Subject key identifier: F4:09:8D:32:9F:98:E1:AA:24:CB:40:65:3B:4D:6F:08:57:1A:6C:7C
Authority key identifier: 28:C2:20:2A:44:35:37:FB:8F:B2:80:56:7A:17:48:5F:12:30:C4:11
Certificate issuer: /CN=28c2202a443537fb8fb280567a17485f1230c411
Certificate serial: 019A5307D6ED7476312272B366D296FB84AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KMIgKkQ1N_uPsoBWehdIXxIwxBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/KMIgKkQ1N_uPsoBWehdIXxIwxBE.mft
Manifest number: 1712
Signing time: Wed 05 Nov 2025 08:00:13 +0000
Manifest this update: Wed 05 Nov 2025 08:00:13 +0000
Manifest next update: Thu 06 Nov 2025 08:00:13 +0000
Files and hashes: 1: KMIgKkQ1N_uPsoBWehdIXxIwxBE.crl (hash: HDTgS6bd3afBr4ZenAVFSesKyKeTe4gOcHZZVNBnzbA=)
2: rzOkydR3EHFZXD3XEkRebB02-_4.roa (hash: df7jTqxQL8Sw059sbRTkyG9ltt5KtHFaW+BfP29wPTk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/KMIgKkQ1N_uPsoBWehdIXxIwxBE.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/KMIgKkQ1N_uPsoBWehdIXxIwxBE.mft
rsync://rpki.ripe.net/repository/DEFAULT/KMIgKkQ1N_uPsoBWehdIXxIwxBE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:53:07:d6:ed:74:76:31:22:72:b3:66:d2:96:fb:84:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28c2202a443537fb8fb280567a17485f1230c411
Validity
Not Before: Nov 5 08:00:13 2025 GMT
Not After : Nov 6 08:00:13 2025 GMT
Subject: CN=f4098d329f98e1aa24cb40653b4d6f08571a6c7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f1:b6:d6:fe:ee:c9:2a:e1:3b:01:47:ea:72:
a6:54:19:8c:2d:b0:f6:bf:57:5b:37:2b:ea:8d:4c:
c5:61:41:bb:8f:19:a4:34:eb:a0:00:59:96:75:c1:
37:9d:42:32:cd:e3:2f:82:a5:df:2e:f3:d8:81:e3:
f3:35:86:2d:75:dc:38:ae:04:2e:f2:15:08:60:85:
33:af:9c:fa:0a:f7:85:d5:f7:ea:6b:59:14:71:24:
48:67:34:11:dc:3e:85:b9:ca:ec:8f:c4:1d:57:0f:
55:b0:49:dd:9f:30:9b:35:7a:40:e6:e1:af:a7:81:
0d:da:08:c1:be:ee:c6:85:71:f8:de:e8:e2:ba:7c:
74:0b:86:ff:f7:c9:98:c9:58:65:c2:2a:8f:10:7e:
5c:ca:24:4b:1f:79:c5:db:d1:37:4c:9c:72:81:e6:
42:56:98:ab:93:12:9e:77:ad:87:e4:22:c3:e1:15:
e3:2d:32:ac:18:d9:a2:ce:d4:08:e1:19:66:9f:db:
10:93:11:3f:b5:af:86:c3:a7:81:c0:a6:71:25:d8:
b0:ba:2b:06:45:cd:bf:4d:9b:a0:3c:b4:ed:b4:dd:
b6:99:3e:43:74:6c:c0:ae:10:53:0a:1a:9b:1d:8f:
38:22:11:43:6a:04:dd:cf:b7:2a:b1:69:8a:5f:a7:
9e:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:09:8D:32:9F:98:E1:AA:24:CB:40:65:3B:4D:6F:08:57:1A:6C:7C
X509v3 Authority Key Identifier:
keyid:28:C2:20:2A:44:35:37:FB:8F:B2:80:56:7A:17:48:5F:12:30:C4:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMIgKkQ1N_uPsoBWehdIXxIwxBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/KMIgKkQ1N_uPsoBWehdIXxIwxBE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/KMIgKkQ1N_uPsoBWehdIXxIwxBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
84:c3:40:2a:cf:25:6c:2c:ce:9b:31:22:09:2d:74:37:21:49:
da:a1:e4:1e:ca:5c:2d:bd:0f:0a:f1:1d:87:30:6b:b6:90:9a:
21:e9:b9:3b:84:bc:ff:94:46:77:7a:98:d3:a2:1d:13:56:03:
99:ea:b9:34:fa:e6:cc:9e:14:79:79:ae:30:fe:0b:f4:8a:0a:
d1:f5:58:f7:23:22:a6:d5:96:a3:4a:8a:e6:1f:eb:bf:27:85:
ee:e6:59:e7:6e:6c:b7:79:1d:33:66:45:a5:c4:da:a9:de:49:
e4:1c:42:b4:fa:71:80:e1:26:06:14:b9:fa:03:0e:e5:88:c1:
d1:32:d1:67:20:4f:f9:4b:2b:19:07:2a:04:5e:1e:d3:a2:b6:
3a:35:59:15:0c:39:64:c9:2f:19:0c:aa:26:af:23:d6:c4:60:
67:c2:1f:9d:d1:87:40:27:3a:7e:ef:b5:73:a2:f3:a3:bf:c3:
8e:c8:7b:78:0e:25:0b:4e:6f:52:78:bc:d8:44:a9:0f:bf:95:
0a:74:a4:ee:d0:3a:29:7c:c2:33:73:d4:16:4f:fd:3b:b4:8e:
43:d7:31:17:b2:74:50:26:61:db:20:69:17:69:43:e0:20:b2:
64:c4:85:f9:bc:7f:c9:59:28:62:2f:97:03:ee:bd:cc:44:27:
dc:a3:a3:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpTB9btdHYxInKzZtKW+4SqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YzIyMDJhNDQzNTM3ZmI4ZmIyODA1NjdhMTc0ODVmMTIz
MGM0MTEwHhcNMjUxMTA1MDgwMDEzWhcNMjUxMTA2MDgwMDEzWjAzMTEwLwYDVQQD
EyhmNDA5OGQzMjlmOThlMWFhMjRjYjQwNjUzYjRkNmYwODU3MWE2YzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PG21v7uySrhOwFH6nKmVBmMLbD2
v1dbNyvqjUzFYUG7jxmkNOugAFmWdcE3nUIyzeMvgqXfLvPYgePzNYYtddw4rgQu
8hUIYIUzr5z6CveF1ffqa1kUcSRIZzQR3D6Fucrsj8QdVw9VsEndnzCbNXpA5uGv
p4EN2gjBvu7GhXH43ujiunx0C4b/98mYyVhlwiqPEH5cyiRLH3nF29E3TJxygeZC
VpirkxKed62H5CLD4RXjLTKsGNmiztQI4Rlmn9sQkxE/ta+Gw6eBwKZxJdiwuisG
Rc2/TZugPLTttN22mT5DdGzArhBTChqbHY84IhFDagTdz7cqsWmKX6eeSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPQJjTKfmOGqJMtAZTtNbwhXGmx8MB8GA1UdIwQY
MBaAFCjCICpENTf7j7KAVnoXSF8SMMQRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS01JZ0trUTFOX3VQc29CV2VoZElYeEl3eEJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9hMmNlNjQtMzNhZi00NWZlLTkwZWIt
ODlkMjYxMWE5NWRiLzEvS01JZ0trUTFOX3VQc29CV2VoZElYeEl3eEJFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9hMmNlNjQtMzNhZi00NWZlLTkwZWItODlkMjYxMWE5NWRi
LzEvS01JZ0trUTFOX3VQc29CV2VoZElYeEl3eEJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhMNAKs8l
bCzOmzEiCS10NyFJ2qHkHspcLb0PCvEdhzBrtpCaIem5O4S8/5RGd3qY06IdE1YD
meq5NPrmzJ4UeXmuMP4L9IoK0fVY9yMiptWWo0qK5h/rvyeF7uZZ525st3kdM2ZF
pcTaqd5J5BxCtPpxgOEmBhS5+gMO5YjB0TLRZyBP+UsrGQcqBF4e06K2OjVZFQw5
ZMkvGQyqJq8j1sRgZ8IfndGHQCc6fu+1c6Lzo7/Djsh7eA4lC05vUni82ESpD7+V
CnSk7tA6KXzCM3PUFk/9O7SOQ9cxF7J0UCZh2yBpF2lD4CCyZMSF+bx/yVkoYi+X
A+69zEQn3KOjCg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 11:08:54 2025 by rpki-client