Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
File: KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft (raw, json)
Hash identifier: 3byD4OY4EgJ6Lgt+M1HyZ28AC/eK2om4AZ6p7qWiydc=
Subject key identifier: F3:13:87:E5:E3:52:FB:91:C5:3E:DF:D7:9F:B1:41:58:26:73:0B:1D
Authority key identifier: 2A:21:B1:AB:E7:87:E2:54:64:39:1F:AD:61:D0:0E:3F:37:6B:98:CF
Certificate issuer: /CN=2a21b1abe787e25464391fad61d00e3f376b98cf
Certificate serial: 019A52D1E370F9AB416B4E8E7CD75AD31311
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
Manifest number: 0C2A
Signing time: Wed 05 Nov 2025 07:01:18 +0000
Manifest this update: Wed 05 Nov 2025 07:01:18 +0000
Manifest next update: Thu 06 Nov 2025 07:01:18 +0000
Files and hashes: 1: HDOhzz0jBa_Gp9AJUMy27D9Cjlg.roa (hash: lm71x5ibbc8ZUL32IG9cJWwnD/vjqa8xr80jq2AaleE=)
2: KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl (hash: EHejq4fDbp1kLN9n1CyPAnS2cMNK9PPnyA8pFtxPD0Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:d1:e3:70:f9:ab:41:6b:4e:8e:7c:d7:5a:d3:13:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a21b1abe787e25464391fad61d00e3f376b98cf
Validity
Not Before: Nov 5 07:01:18 2025 GMT
Not After : Nov 6 07:01:18 2025 GMT
Subject: CN=f31387e5e352fb91c53edfd79fb1415826730b1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:9d:50:8c:88:e4:f5:83:c5:f7:0b:57:b5:eb:
95:97:a0:f0:e5:7e:eb:9b:b7:23:cb:b6:b0:84:ff:
3e:1b:2b:b7:97:15:21:01:69:55:07:7a:4e:90:5e:
9d:cb:d9:85:ce:78:02:3b:b4:63:02:b9:8d:d5:3d:
81:51:03:26:77:94:b7:84:b1:0b:a1:12:12:1e:a8:
5b:f7:b3:98:51:3a:9e:9e:5b:44:95:22:73:ad:06:
4a:7a:cb:9e:9e:45:1d:94:c5:b5:9d:15:f5:2c:ec:
37:19:14:46:d5:96:f2:26:ee:6b:c9:05:3c:ed:6f:
06:20:63:19:54:29:a1:c8:86:9b:40:e6:66:bf:ca:
38:b1:c6:20:a5:16:ef:79:be:e5:05:3b:d4:03:bb:
7e:b1:96:17:ac:21:8d:3b:be:c9:ab:f0:35:de:ef:
73:72:bf:d7:7f:b5:86:65:a7:a1:80:90:0c:ec:0f:
8f:54:07:19:d7:d1:21:9b:47:13:50:5a:9b:75:ee:
14:65:88:64:f5:4a:3d:aa:dd:32:c4:06:6f:99:16:
6c:5d:77:67:e9:8a:8c:77:9b:7f:e0:00:5e:29:04:
06:5f:75:ea:32:67:32:06:a2:6d:d0:3c:15:3b:b2:
55:09:fc:7e:4a:98:44:28:fa:e1:b0:ae:db:aa:75:
8d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:13:87:E5:E3:52:FB:91:C5:3E:DF:D7:9F:B1:41:58:26:73:0B:1D
X509v3 Authority Key Identifier:
keyid:2A:21:B1:AB:E7:87:E2:54:64:39:1F:AD:61:D0:0E:3F:37:6B:98:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
88:87:22:5b:31:94:4a:86:0c:bb:39:bd:a9:12:96:a7:c9:ec:
f9:1c:3c:d6:43:0f:da:2e:ad:6d:cb:3a:14:5c:92:cb:60:ff:
dd:e7:86:11:9b:d4:53:2a:70:a4:56:f1:46:37:9d:0f:35:86:
15:38:31:0d:03:49:d8:85:6d:53:92:f7:81:7a:57:3e:ee:02:
4e:ed:e7:0b:13:7d:57:a6:eb:51:d3:0f:10:d7:0f:cd:0e:52:
a1:0a:0a:93:0d:44:79:19:7e:0e:01:24:6c:05:0b:84:56:b7:
4a:4a:fd:ca:2c:62:62:56:14:53:c1:a0:1c:9d:cb:05:d5:39:
26:09:9e:b9:db:b5:bb:cc:5b:2f:82:20:dd:a5:07:75:20:78:
26:57:19:7d:0d:bc:c9:b6:4a:47:06:d8:db:04:88:bd:49:24:
8e:4b:66:cb:78:ec:0d:d2:ab:f7:1a:39:d3:78:e5:a7:dd:96:
16:7a:fb:5c:00:00:22:8c:81:57:98:2f:68:87:39:92:35:3b:
39:d2:20:3f:87:52:3f:2c:d7:0b:31:55:21:5b:f2:4f:43:32:
a8:29:65:0d:26:ad:41:01:63:e3:87:13:91:00:f0:ae:50:e0:
2a:4d:f5:e8:f9:48:32:dc:cd:df:65:1b:08:5b:92:57:13:c4:
48:6a:78:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0eNw+atBa06OfNda0xMRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMjFiMWFiZTc4N2UyNTQ2NDM5MWZhZDYxZDAwZTNmMzc2
Yjk4Y2YwHhcNMjUxMTA1MDcwMTE4WhcNMjUxMTA2MDcwMTE4WjAzMTEwLwYDVQQD
EyhmMzEzODdlNWUzNTJmYjkxYzUzZWRmZDc5ZmIxNDE1ODI2NzMwYjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA251QjIjk9YPF9wtXteuVl6Dw5X7r
m7cjy7awhP8+Gyu3lxUhAWlVB3pOkF6dy9mFzngCO7RjArmN1T2BUQMmd5S3hLEL
oRISHqhb97OYUTqenltElSJzrQZKesuenkUdlMW1nRX1LOw3GRRG1ZbyJu5ryQU8
7W8GIGMZVCmhyIabQOZmv8o4scYgpRbveb7lBTvUA7t+sZYXrCGNO77Jq/A13u9z
cr/Xf7WGZaehgJAM7A+PVAcZ19Ehm0cTUFqbde4UZYhk9Uo9qt0yxAZvmRZsXXdn
6YqMd5t/4ABeKQQGX3XqMmcyBqJt0DwVO7JVCfx+SphEKPrhsK7bqnWNNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPMTh+XjUvuRxT7f15+xQVgmcwsdMB8GA1UdIwQY
MBaAFCohsavnh+JUZDkfrWHQDj83a5jPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZDA2NTQtNzI0Yy00ZTkwLTgxZmYt
OTlmNWNiN2EzY2E1LzEvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZDA2NTQtNzI0Yy00ZTkwLTgxZmYtOTlmNWNiN2EzY2E1
LzEvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiIciWzGU
SoYMuzm9qRKWp8ns+Rw81kMP2i6tbcs6FFySy2D/3eeGEZvUUypwpFbxRjedDzWG
FTgxDQNJ2IVtU5L3gXpXPu4CTu3nCxN9V6brUdMPENcPzQ5SoQoKkw1EeRl+DgEk
bAULhFa3Skr9yixiYlYUU8GgHJ3LBdU5Jgmeudu1u8xbL4Ig3aUHdSB4JlcZfQ28
ybZKRwbY2wSIvUkkjktmy3jsDdKr9xo503jlp92WFnr7XAAAIoyBV5gvaIc5kjU7
OdIgP4dSPyzXCzFVIVvyT0MyqCllDSatQQFj44cTkQDwrlDgKk316PlIMtzN32Ub
CFuSVxPESGp4Fg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 09:36:30 2025 by rpki-client