Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
File: KfFNQRwg7PxJYhX82w9D2EchkJY.mft (raw, json)
Hash identifier: 5xiVO5sEx3XHoHhUjdypVfKAiIjHc2DuBUYpu7FvT8U=
Subject key identifier: B5:48:0A:48:B8:4D:20:5E:49:D4:8D:7F:0A:B9:0C:73:E8:72:E8:BB
Authority key identifier: 29:F1:4D:41:1C:20:EC:FC:49:62:15:FC:DB:0F:43:D8:47:21:90:96
Certificate issuer: /CN=29f14d411c20ecfc496215fcdb0f43d847219096
Certificate serial: 019A4EF518ABD3772D31C16F360F12C6C457
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
Manifest number: 13A0
Signing time: Tue 04 Nov 2025 13:01:16 +0000
Manifest this update: Tue 04 Nov 2025 13:01:16 +0000
Manifest next update: Wed 05 Nov 2025 13:01:16 +0000
Files and hashes: 1: K3k_GCXnaMv59dLKq-rHfPOR6HE.roa (hash: 5Q6jyJMRb9gad/mJLct+/fYWsLJ0GiEE1wJJESuoLsM=)
2: KfFNQRwg7PxJYhX82w9D2EchkJY.crl (hash: WbJUdRLrsWVoMi8qe+5y8aUltF9RrYtvzvQ1tsDUpS4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f5:18:ab:d3:77:2d:31:c1:6f:36:0f:12:c6:c4:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29f14d411c20ecfc496215fcdb0f43d847219096
Validity
Not Before: Nov 4 13:01:16 2025 GMT
Not After : Nov 5 13:01:16 2025 GMT
Subject: CN=b5480a48b84d205e49d48d7f0ab90c73e872e8bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ff:8b:6a:85:8d:f2:19:b5:cb:22:14:54:bb:
25:cd:c4:4f:ef:6b:b6:1a:2f:0e:2b:35:5c:96:3e:
a2:a1:b3:1e:3f:8e:68:aa:79:41:fd:6f:f0:a1:36:
f4:ea:02:0a:78:86:cc:87:ca:98:03:64:fe:9a:df:
2b:d7:14:6c:6e:0c:3b:c1:2f:28:5d:76:20:3a:84:
9d:09:00:4e:80:b6:96:52:48:dc:05:ec:6f:00:b4:
60:d2:46:a6:75:ef:d7:74:44:34:c0:27:03:03:fb:
ee:2b:fc:49:64:31:f7:94:10:1c:68:cb:b7:d0:11:
45:fa:80:3f:84:aa:cc:18:6b:af:ec:1d:7c:a4:10:
b5:ff:48:03:72:6b:c1:e9:e7:4e:ed:ef:ea:1d:e9:
d9:1d:d4:47:b7:9d:0a:7c:57:e6:de:4b:93:28:bd:
c1:bc:07:07:9a:50:47:f7:fd:10:0f:c4:1b:ac:06:
fc:fa:c6:f9:67:33:eb:e7:e7:b0:73:b6:f1:76:95:
9d:25:15:3a:21:a6:a4:77:b3:2c:72:82:88:06:b9:
6e:dc:2e:e2:59:d8:8c:d4:64:28:5e:0b:5d:c0:a9:
1e:ec:76:fd:e3:5b:2d:21:60:33:cf:ba:4c:aa:1e:
c8:58:d2:08:0c:06:63:c7:06:99:3e:2e:f6:22:e7:
b5:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:48:0A:48:B8:4D:20:5E:49:D4:8D:7F:0A:B9:0C:73:E8:72:E8:BB
X509v3 Authority Key Identifier:
keyid:29:F1:4D:41:1C:20:EC:FC:49:62:15:FC:DB:0F:43:D8:47:21:90:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
38:25:a7:02:e9:48:db:86:5e:34:92:84:b5:96:9c:76:dd:15:
39:2d:80:59:1c:7b:7f:c2:74:2c:d0:7d:df:c8:42:f5:c3:72:
6a:12:22:82:c5:27:90:b1:d3:48:52:b1:b6:c4:88:df:dd:71:
c3:35:9c:ec:cf:08:52:07:d8:fc:0d:ee:00:81:74:d0:81:84:
c3:67:8a:c0:1d:c4:7b:96:f3:54:e7:25:b0:c0:d7:ef:79:cf:
38:97:d6:e6:6b:ac:7b:f9:b4:ed:f4:40:a3:88:cb:0c:d0:3c:
35:e9:f8:c4:f3:40:b7:db:70:0c:45:64:0d:b3:6d:77:ed:5c:
12:91:71:4b:5e:e5:0b:06:27:a2:71:0a:6b:71:c2:14:29:d5:
11:67:ee:d4:9d:bb:ad:77:c7:3a:25:ee:d3:e2:87:14:ec:35:
81:8c:e8:48:2c:24:9c:c4:69:87:fb:b5:36:41:6f:0a:95:a9:
0f:3d:7d:b3:06:16:c6:c5:30:20:cd:f2:0f:d0:f8:0d:4a:2f:
8b:13:38:99:c6:40:9a:1e:a2:f2:17:ab:fe:c5:e5:2f:6a:55:
73:b5:91:3b:79:f9:92:de:54:b6:ad:67:d4:45:6d:c2:a2:6a:
fa:94:ae:b1:b0:57:4d:52:72:19:cd:b4:56:fd:c8:a2:ed:b9:
8c:da:72:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9Rir03ctMcFvNg8SxsRXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZjE0ZDQxMWMyMGVjZmM0OTYyMTVmY2RiMGY0M2Q4NDcy
MTkwOTYwHhcNMjUxMTA0MTMwMTE2WhcNMjUxMTA1MTMwMTE2WjAzMTEwLwYDVQQD
EyhiNTQ4MGE0OGI4NGQyMDVlNDlkNDhkN2YwYWI5MGM3M2U4NzJlOGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2v+LaoWN8hm1yyIUVLslzcRP72u2
Gi8OKzVclj6iobMeP45oqnlB/W/woTb06gIKeIbMh8qYA2T+mt8r1xRsbgw7wS8o
XXYgOoSdCQBOgLaWUkjcBexvALRg0kamde/XdEQ0wCcDA/vuK/xJZDH3lBAcaMu3
0BFF+oA/hKrMGGuv7B18pBC1/0gDcmvB6edO7e/qHenZHdRHt50KfFfm3kuTKL3B
vAcHmlBH9/0QD8QbrAb8+sb5ZzPr5+ewc7bxdpWdJRU6Iaakd7MscoKIBrlu3C7i
WdiM1GQoXgtdwKke7Hb941stIWAzz7pMqh7IWNIIDAZjxwaZPi72Iue1HwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLVICki4TSBeSdSNfwq5DHPocui7MB8GA1UdIwQY
MBaAFCnxTUEcIOz8SWIV/NsPQ9hHIZCWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iY2YyNzItZDc1MS00NWJlLTk4NTYt
MDE4YTM3NzBkYTc3LzEvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iY2YyNzItZDc1MS00NWJlLTk4NTYtMDE4YTM3NzBkYTc3
LzEvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOCWnAulI
24ZeNJKEtZacdt0VOS2AWRx7f8J0LNB938hC9cNyahIigsUnkLHTSFKxtsSI391x
wzWc7M8IUgfY/A3uAIF00IGEw2eKwB3Ee5bzVOclsMDX73nPOJfW5muse/m07fRA
o4jLDNA8Nen4xPNAt9twDEVkDbNtd+1cEpFxS17lCwYnonEKa3HCFCnVEWfu1J27
rXfHOiXu0+KHFOw1gYzoSCwknMRph/u1NkFvCpWpDz19swYWxsUwIM3yD9D4DUov
ixM4mcZAmh6i8her/sXlL2pVc7WRO3n5kt5Utq1n1EVtwqJq+pSusbBXTVJyGc20
Vv3Iou25jNpynQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:06:16 2025 by rpki-client