Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.mft
File: KZkwB8fJLfYXjny0MYP9f1KlJtg.mft (raw, json)
Hash identifier: RS4TbxbZNajer18AEhnW1edfeAVeomI8c++GU90EYe0=
Subject key identifier: A3:CE:C3:7C:48:87:FA:5A:1F:35:70:BE:E5:71:90:C0:D9:2E:1F:2C
Authority key identifier: 29:99:30:07:C7:C9:2D:F6:17:8E:7C:B4:31:83:FD:7F:52:A5:26:D8
Certificate issuer: /CN=29993007c7c92df6178e7cb43183fd7f52a526d8
Certificate serial: 019A5119556DBD4E2AAFB863BAD4987DE083
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KZkwB8fJLfYXjny0MYP9f1KlJtg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.mft
Manifest number: 04B9
Signing time: Tue 04 Nov 2025 23:00:05 +0000
Manifest this update: Tue 04 Nov 2025 23:00:05 +0000
Manifest next update: Wed 05 Nov 2025 23:00:05 +0000
Files and hashes: 1: 4Onxw3ZyCceGdWFdrDz9GypV1To.roa (hash: rLXGfCwokEmOeP6DWTGHar2KAFcpyGY37FcoMJ/rm24=)
2: 6w2llJPr5u5R0U0gFJBhkfjASt8.roa (hash: Et1DM1KW1gT7dKyxGFfIxs38O3+sH74ZansUhbBdzew=)
3: HxZyQaGrGtOk8RKg0Mhbl06w1Co.roa (hash: T6PK192RHox/GMNjjl8t8FiOFdhRf0h3waZVXZOPKpk=)
4: KZkwB8fJLfYXjny0MYP9f1KlJtg.crl (hash: IZCFZS3TERojZu6T0DlqZz5YqxkceigRITG4bD7KIIU=)
5: PwMQ2FB61zxu5sQ2E09luTqKMvk.roa (hash: izn212mH5oYV5cpl26pTxpZxIsUMzoPkaD7C7yvNm8E=)
6: fNae6M71mV294ZXPAPike0PbceE.roa (hash: yK1vBYE3EmPb37wOJedAwxWWRQFUDScm3ZCALz4wEUs=)
7: nFiPEMhy3ZN7Kzd1c5drtsfC2Ms.roa (hash: K/fi1bP7PVVo/L+gbRw+2aDpJIZXZHh+7f96KzgbyVo=)
8: od9af71GeQfA9Hxa-pUi9HfyQbQ.roa (hash: XWeJ2o3YIDMGq+Gf7bx+E7FN5efcdXQkm09+SRPSSXw=)
9: ypFL40Xoi4y05qu3ogA3n6gvBmc.roa (hash: Osn8j8oSksWpQIeEIhv5U30zU1XAWvsewtWKW4S5v1U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KZkwB8fJLfYXjny0MYP9f1KlJtg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 23:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:51:19:55:6d:bd:4e:2a:af:b8:63:ba:d4:98:7d:e0:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29993007c7c92df6178e7cb43183fd7f52a526d8
Validity
Not Before: Nov 4 23:00:05 2025 GMT
Not After : Nov 5 23:00:05 2025 GMT
Subject: CN=a3cec37c4887fa5a1f3570bee57190c0d92e1f2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6c:10:d4:f0:25:f5:42:0a:80:5b:8f:77:01:
2b:e6:15:34:03:a5:59:f7:74:ee:f7:a8:cf:33:04:
eb:49:a2:7a:9d:5c:8f:ec:7c:28:3d:9d:5d:51:f0:
e3:ba:46:33:a4:d0:05:e6:13:b9:f6:34:d2:05:98:
43:5c:99:dd:78:48:6d:19:d6:8f:20:12:2b:82:88:
7e:f9:1c:79:72:32:ad:d9:15:38:17:4c:e6:6e:33:
38:71:c9:82:e4:cd:0b:f5:2b:d8:a3:7b:69:0b:98:
69:e0:b0:ce:59:6f:81:d3:32:a3:35:64:79:56:2c:
9f:7a:c8:3a:dd:7f:84:f6:5b:23:cb:70:e9:2b:7f:
90:b6:23:cf:3c:b8:86:83:5b:41:d2:4b:fc:ac:23:
23:ec:76:77:b8:33:45:50:2d:a2:9d:5f:a9:d1:24:
b2:1a:19:b5:e6:6b:ce:8d:f0:3e:fe:d2:e0:b2:6a:
8d:4b:a2:90:1a:2c:cb:f6:1c:28:a4:9a:7d:30:d7:
a3:5f:d8:d1:ca:5e:8a:c9:d2:84:1b:63:be:83:59:
07:68:69:3b:2c:13:3a:07:91:a3:23:aa:7b:c6:50:
7f:16:e4:ef:8f:ee:71:a1:84:57:21:48:8b:83:fd:
9a:7c:68:f0:cd:a4:cf:ef:70:f6:c1:80:fa:7d:cb:
2d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:CE:C3:7C:48:87:FA:5A:1F:35:70:BE:E5:71:90:C0:D9:2E:1F:2C
X509v3 Authority Key Identifier:
keyid:29:99:30:07:C7:C9:2D:F6:17:8E:7C:B4:31:83:FD:7F:52:A5:26:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KZkwB8fJLfYXjny0MYP9f1KlJtg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
09:55:2b:99:8a:65:75:31:e2:88:2c:76:b5:84:c7:08:35:cf:
4b:85:aa:2f:61:a5:cb:f4:02:73:17:cd:f7:89:f3:b1:87:d1:
b1:4a:d5:01:1b:7b:1a:42:6e:6a:33:60:68:1a:54:62:95:ea:
ba:b4:1a:8e:ca:ef:77:3e:ff:b1:b3:f8:82:87:1b:04:92:46:
40:ff:c6:51:d6:0a:2f:ef:44:12:84:1d:c5:3e:31:e3:b5:9e:
46:8d:a7:a1:1c:bb:a7:a3:91:46:5d:2f:71:2e:b2:99:db:77:
91:af:53:92:28:e0:27:9f:7e:a2:49:84:1e:e7:a2:64:61:b0:
d6:f5:94:21:86:55:46:91:17:28:6b:17:c5:26:c9:32:4c:2a:
c5:6e:e3:e6:af:44:d0:3f:20:90:b5:c2:aa:d7:49:e4:7d:63:
bb:cf:2e:4e:82:55:df:2b:29:b3:08:45:05:8f:03:92:14:b7:
50:a4:3b:e9:6f:17:eb:c5:6d:9b:53:7d:32:f6:b8:b2:ec:1c:
c9:60:5c:86:70:f3:75:46:26:21:87:9d:5d:b5:73:91:2a:ad:
40:67:8f:10:42:da:b0:2e:d3:93:b1:f3:c9:40:90:4a:58:62:
30:d3:c6:e9:e8:65:8a:85:a1:bc:50:6d:64:63:4c:0b:20:d0:
f1:1b:d1:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRGVVtvU4qr7hjutSYfeCDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OTkzMDA3YzdjOTJkZjYxNzhlN2NiNDMxODNmZDdmNTJh
NTI2ZDgwHhcNMjUxMTA0MjMwMDA1WhcNMjUxMTA1MjMwMDA1WjAzMTEwLwYDVQQD
EyhhM2NlYzM3YzQ4ODdmYTVhMWYzNTcwYmVlNTcxOTBjMGQ5MmUxZjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmwQ1PAl9UIKgFuPdwEr5hU0A6VZ
93Tu96jPMwTrSaJ6nVyP7HwoPZ1dUfDjukYzpNAF5hO59jTSBZhDXJndeEhtGdaP
IBIrgoh++Rx5cjKt2RU4F0zmbjM4ccmC5M0L9SvYo3tpC5hp4LDOWW+B0zKjNWR5
Viyfesg63X+E9lsjy3DpK3+QtiPPPLiGg1tB0kv8rCMj7HZ3uDNFUC2inV+p0SSy
Ghm15mvOjfA+/tLgsmqNS6KQGizL9hwopJp9MNejX9jRyl6KydKEG2O+g1kHaGk7
LBM6B5GjI6p7xlB/FuTvj+5xoYRXIUiLg/2afGjwzaTP73D2wYD6fcst3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKPOw3xIh/paHzVwvuVxkMDZLh8sMB8GA1UdIwQY
MBaAFCmZMAfHyS32F458tDGD/X9SpSbYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1prd0I4ZkpMZllYam55ME1ZUDlmMUtsSnRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9kYzliNmYtM2E2ZC00NDlmLThiODkt
MWU4MjlmZmExYzNhLzEvS1prd0I4ZkpMZllYam55ME1ZUDlmMUtsSnRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9kYzliNmYtM2E2ZC00NDlmLThiODktMWU4MjlmZmExYzNh
LzEvS1prd0I4ZkpMZllYam55ME1ZUDlmMUtsSnRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACVUrmYpl
dTHiiCx2tYTHCDXPS4WqL2Gly/QCcxfN94nzsYfRsUrVARt7GkJuajNgaBpUYpXq
urQajsrvdz7/sbP4gocbBJJGQP/GUdYKL+9EEoQdxT4x47WeRo2noRy7p6ORRl0v
cS6ymdt3ka9TkijgJ59+okmEHueiZGGw1vWUIYZVRpEXKGsXxSbJMkwqxW7j5q9E
0D8gkLXCqtdJ5H1ju88uToJV3yspswhFBY8DkhS3UKQ76W8X68Vtm1N9Mva4suwc
yWBchnDzdUYmIYedXbVzkSqtQGePEELasC7Tk7HzyUCQSlhiMNPG6ehlioWhvFBt
ZGNMCyDQ8RvROw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 09:23:29 2025 by rpki-client