Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
File: KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft (raw, json)
Hash identifier: YuAzOnUiDow0ZqAWKEGio9P9so12VFKLFe0ecI4zYkE=
Subject key identifier: A7:DA:C7:EF:4E:5D:33:52:A2:12:25:42:D5:74:93:F3:48:91:4C:D1
Authority key identifier: 28:36:24:00:7F:44:DC:AF:56:8C:37:0E:7F:71:F9:50:CB:19:40:EF
Certificate issuer: /CN=283624007f44dcaf568c370e7f71f950cb1940ef
Certificate serial: 019A4D7399C75F9AC5045D635933CC5C6ED4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
Manifest number: 0887
Signing time: Tue 04 Nov 2025 06:00:12 +0000
Manifest this update: Tue 04 Nov 2025 06:00:12 +0000
Manifest next update: Wed 05 Nov 2025 06:00:12 +0000
Files and hashes: 1: 8nNgOGtBQWNTilGRrMmNlFZZwGM.roa (hash: mOJcQQ3vA0VCC5mkB6hJglG7LUq/Vu6wljMQaBgi+dM=)
2: KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl (hash: 4yt4JzGhurOcPOmgCebqkrMFjkL7EjVDzD7wezHFs8A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 06:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:73:99:c7:5f:9a:c5:04:5d:63:59:33:cc:5c:6e:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=283624007f44dcaf568c370e7f71f950cb1940ef
Validity
Not Before: Nov 4 06:00:12 2025 GMT
Not After : Nov 5 06:00:12 2025 GMT
Subject: CN=a7dac7ef4e5d3352a2122542d57493f348914cd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:59:e1:5a:af:5e:b7:b0:2e:84:95:02:35:45:
54:18:8b:1c:ac:89:a1:5b:dd:a7:64:11:cc:d5:de:
99:9b:30:bf:fc:4c:0c:c0:54:d6:42:59:f0:0e:2f:
ef:5d:ff:ed:9e:30:03:13:40:cf:65:53:99:7b:b1:
ad:0b:64:b6:77:db:a5:08:ad:8a:09:a2:63:52:21:
5c:9f:67:93:92:10:ca:62:5b:52:25:ae:e8:61:18:
e0:3e:c6:c7:d9:ec:8a:0c:3c:d6:df:72:36:4c:aa:
5d:d2:05:01:a1:db:c5:f8:1f:ed:2c:7f:92:16:d9:
02:0e:39:1b:09:3f:58:c0:95:20:a3:47:57:0c:7c:
a9:bd:23:8e:26:1e:e2:a0:ab:a4:78:d5:f7:56:d8:
07:19:fc:30:2e:2a:ef:a2:40:99:78:b2:7d:d8:11:
33:25:79:63:da:e7:53:ef:54:d2:6e:fb:15:e5:79:
dd:dc:26:42:0d:df:13:33:bb:b2:8a:f8:cb:ab:c0:
9b:65:85:cb:8d:04:94:be:35:95:42:dd:ad:8f:31:
bc:07:2e:45:dc:08:ba:a6:92:97:df:bc:2e:c1:f2:
92:7a:ee:f1:4b:7d:95:78:77:b1:90:2a:fe:85:1a:
84:85:d3:81:fe:7a:5b:e7:72:ae:bd:66:6f:0b:e5:
bb:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:DA:C7:EF:4E:5D:33:52:A2:12:25:42:D5:74:93:F3:48:91:4C:D1
X509v3 Authority Key Identifier:
keyid:28:36:24:00:7F:44:DC:AF:56:8C:37:0E:7F:71:F9:50:CB:19:40:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
36:52:63:36:8f:d5:59:4a:90:a9:39:0f:98:41:67:d7:14:4e:
35:79:7d:7e:43:04:64:d2:ab:92:b9:14:f9:f2:55:51:b0:a4:
35:78:80:5d:2e:c4:ab:9d:5a:9c:75:12:0f:30:9c:95:51:20:
98:2e:3f:af:34:4e:e3:f2:db:ff:d4:30:84:ac:7f:93:61:e0:
a1:0b:b7:d2:37:cb:01:9e:7a:cd:70:bd:c2:26:36:21:ae:4b:
d6:24:4d:fd:37:3a:53:b9:21:80:9a:e9:c6:ea:58:fc:97:9d:
cf:6f:66:50:8b:a9:de:cc:e2:43:a2:19:76:0e:da:e5:93:65:
5f:50:6e:0f:aa:b5:71:fa:03:df:16:cc:a6:fe:a8:e3:c5:4d:
50:bb:1a:23:3f:b2:63:a8:64:72:de:b5:b5:e8:42:ec:3f:b8:
40:3c:de:b7:59:9f:15:f7:38:23:ba:45:10:97:a8:65:00:cc:
0c:9c:71:91:6d:c0:73:cf:d5:49:61:fa:a3:fb:50:8e:98:ca:
3c:f3:5e:cf:86:78:10:1a:15:8f:84:de:96:eb:5b:54:a2:b8:
24:5a:e0:f7:81:fb:ea:ac:a2:d4:d3:3f:72:a3:b9:b1:4e:5e:
93:8b:97:ba:f7:b1:c1:a1:63:69:95:e8:35:ee:3e:08:c2:e3:
a5:bc:bb:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNc5nHX5rFBF1jWTPMXG7UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MzYyNDAwN2Y0NGRjYWY1NjhjMzcwZTdmNzFmOTUwY2Ix
OTQwZWYwHhcNMjUxMTA0MDYwMDEyWhcNMjUxMTA1MDYwMDEyWjAzMTEwLwYDVQQD
EyhhN2RhYzdlZjRlNWQzMzUyYTIxMjI1NDJkNTc0OTNmMzQ4OTE0Y2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlnhWq9et7AuhJUCNUVUGIscrImh
W92nZBHM1d6ZmzC//EwMwFTWQlnwDi/vXf/tnjADE0DPZVOZe7GtC2S2d9ulCK2K
CaJjUiFcn2eTkhDKYltSJa7oYRjgPsbH2eyKDDzW33I2TKpd0gUBodvF+B/tLH+S
FtkCDjkbCT9YwJUgo0dXDHypvSOOJh7ioKukeNX3VtgHGfwwLirvokCZeLJ92BEz
JXlj2udT71TSbvsV5Xnd3CZCDd8TM7uyivjLq8CbZYXLjQSUvjWVQt2tjzG8By5F
3Ai6ppKX37wuwfKSeu7xS32VeHexkCr+hRqEhdOB/npb53KuvWZvC+W7NQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKfax+9OXTNSohIlQtV0k/NIkUzRMB8GA1UdIwQY
MBaAFCg2JAB/RNyvVow3Dn9x+VDLGUDvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82MGM3MjQtYTAwNS00NmQ3LTg0NTIt
MTZjZTMzOTAxNmEwLzEvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82MGM3MjQtYTAwNS00NmQ3LTg0NTItMTZjZTMzOTAxNmEw
LzEvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANlJjNo/V
WUqQqTkPmEFn1xRONXl9fkMEZNKrkrkU+fJVUbCkNXiAXS7Eq51anHUSDzCclVEg
mC4/rzRO4/Lb/9QwhKx/k2HgoQu30jfLAZ56zXC9wiY2Ia5L1iRN/Tc6U7khgJrp
xupY/Jedz29mUIup3sziQ6IZdg7a5ZNlX1BuD6q1cfoD3xbMpv6o48VNULsaIz+y
Y6hkct61tehC7D+4QDzet1mfFfc4I7pFEJeoZQDMDJxxkW3Ac8/VSWH6o/tQjpjK
PPNez4Z4EBoVj4TelutbVKK4JFrg94H76qyi1NM/cqO5sU5ek4uXuvexwaFjaZXo
Ne4+CMLjpby7Tg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 10:46:55 2025 by rpki-client