Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/7cc7a7-aef1-408a-a1c6-df1cce4e6950/1/KyJEyKPrSjxtd20EbOkqvwHGwi8.mft
File: KyJEyKPrSjxtd20EbOkqvwHGwi8.mft (raw, json)
Hash identifier: 9cOTZGmJz4IBLKQM/JjSPvRH1fb44sAhvvzuNiKR4ow=
Subject key identifier: B9:76:94:E2:D2:8A:07:FC:E6:10:F3:A5:18:7A:DF:79:48:E8:56:3C
Authority key identifier: 2B:22:44:C8:A3:EB:4A:3C:6D:77:6D:04:6C:E9:2A:BF:01:C6:C2:2F
Certificate issuer: /CN=2b2244c8a3eb4a3c6d776d046ce92abf01c6c22f
Certificate serial: 019A4E865258CF190A571C1DD95F2BA124C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KyJEyKPrSjxtd20EbOkqvwHGwi8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/7cc7a7-aef1-408a-a1c6-df1cce4e6950/1/KyJEyKPrSjxtd20EbOkqvwHGwi8.mft
Manifest number: 170A
Signing time: Tue 04 Nov 2025 11:00:16 +0000
Manifest this update: Tue 04 Nov 2025 11:00:16 +0000
Manifest next update: Wed 05 Nov 2025 11:00:16 +0000
Files and hashes: 1: CWGhSuH7Prq7nBeXCwJSQ8R7MLY.roa (hash: kJD3A5DYARZjtb9aiv1WyX0nnGUXwOPoDx5EHff3F+I=)
2: KyJEyKPrSjxtd20EbOkqvwHGwi8.crl (hash: E6hqngYGIKiQb04VM3FsgcPlocqKzcTM9L1lvpvSrqY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/7cc7a7-aef1-408a-a1c6-df1cce4e6950/1/KyJEyKPrSjxtd20EbOkqvwHGwi8.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/7cc7a7-aef1-408a-a1c6-df1cce4e6950/1/KyJEyKPrSjxtd20EbOkqvwHGwi8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KyJEyKPrSjxtd20EbOkqvwHGwi8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:86:52:58:cf:19:0a:57:1c:1d:d9:5f:2b:a1:24:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b2244c8a3eb4a3c6d776d046ce92abf01c6c22f
Validity
Not Before: Nov 4 11:00:16 2025 GMT
Not After : Nov 5 11:00:16 2025 GMT
Subject: CN=b97694e2d28a07fce610f3a5187adf7948e8563c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:2b:82:33:a9:9c:95:b9:ac:cd:7f:48:d1:c9:
3c:d2:2a:55:eb:44:17:c1:f0:a4:b6:ad:1c:bd:58:
54:f0:ce:29:ef:08:24:a7:94:5d:2a:24:ef:64:4a:
c5:4a:69:bb:69:eb:6b:eb:d7:b0:75:19:4b:12:0b:
15:99:e1:c5:52:80:23:32:f9:8f:9c:0f:02:d4:ec:
70:06:c7:69:23:30:f2:a7:8c:2c:6f:e6:37:d0:49:
c5:68:72:cc:b4:96:63:83:a3:53:8f:23:81:9c:40:
4b:14:58:d4:f9:42:1f:34:ef:24:75:1e:e7:3b:dc:
5f:a1:d9:be:6d:0e:59:cc:28:be:4b:f8:09:30:0b:
32:04:33:84:46:fe:e0:64:0e:40:40:79:63:eb:e2:
c4:ca:49:0f:90:29:43:61:e2:64:17:99:09:ba:46:
8d:77:e1:ff:a9:9d:44:c3:a5:2f:f4:fc:66:db:eb:
b3:38:16:45:3e:f2:46:fc:a6:45:17:80:f3:59:ba:
7d:40:04:0c:79:f0:d4:2e:77:a4:86:74:a9:ed:af:
41:cf:86:30:7c:51:b1:ce:28:ea:00:2f:d6:e4:08:
cf:e4:60:75:c7:8d:b6:33:89:6a:1f:b7:84:cc:b0:
40:b9:4c:a4:94:63:d7:18:85:f2:37:b8:48:f6:06:
6a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:76:94:E2:D2:8A:07:FC:E6:10:F3:A5:18:7A:DF:79:48:E8:56:3C
X509v3 Authority Key Identifier:
keyid:2B:22:44:C8:A3:EB:4A:3C:6D:77:6D:04:6C:E9:2A:BF:01:C6:C2:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KyJEyKPrSjxtd20EbOkqvwHGwi8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7cc7a7-aef1-408a-a1c6-df1cce4e6950/1/KyJEyKPrSjxtd20EbOkqvwHGwi8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7cc7a7-aef1-408a-a1c6-df1cce4e6950/1/KyJEyKPrSjxtd20EbOkqvwHGwi8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
99:e7:43:a9:82:e5:05:42:46:4a:7f:62:e2:e7:10:6b:45:ae:
15:f6:ac:65:cf:04:bd:1b:96:b6:dc:bc:92:c0:34:88:fd:6a:
80:03:68:d7:d3:52:4c:58:b6:34:47:9f:60:32:54:f4:b2:62:
bf:e2:71:16:de:ca:82:62:8a:2a:b1:b1:c4:14:54:47:e5:43:
5f:5c:4c:a4:6a:27:c4:a9:4d:3e:af:84:f4:07:b0:5d:6f:fb:
1c:14:d8:c1:5b:34:c7:d3:11:fa:ec:c2:6f:29:e4:3f:02:9c:
46:a3:17:5f:4b:0a:1c:59:15:04:ea:27:4d:18:c9:21:c3:0a:
c9:61:56:86:d1:ae:f1:e1:d4:41:62:d1:7a:51:b1:62:59:2c:
f4:45:94:a3:e4:56:df:8d:6c:56:89:8d:85:37:f6:37:57:e0:
ba:91:e4:3d:3d:93:a9:75:f9:08:44:47:24:dc:25:c4:de:a1:
2b:68:6b:6f:42:76:8a:30:e2:f3:09:b6:7c:a8:60:e0:72:ae:
68:3d:ba:a8:ea:ce:1e:dd:f7:d7:b6:5b:a7:ec:b8:e9:23:cf:
9d:4e:2b:ff:b8:74:ab:91:b5:13:3e:24:c5:2f:aa:d9:1c:ac:
ce:f2:5f:97:57:79:62:ad:a2:a8:df:ff:fb:47:e7:50:7a:e8:
5e:d3:ac:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOhlJYzxkKVxwd2V8roSTGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMjI0NGM4YTNlYjRhM2M2ZDc3NmQwNDZjZTkyYWJmMDFj
NmMyMmYwHhcNMjUxMTA0MTEwMDE2WhcNMjUxMTA1MTEwMDE2WjAzMTEwLwYDVQQD
EyhiOTc2OTRlMmQyOGEwN2ZjZTYxMGYzYTUxODdhZGY3OTQ4ZTg1NjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8yuCM6mclbmszX9I0ck80ipV60QX
wfCktq0cvVhU8M4p7wgkp5RdKiTvZErFSmm7aetr69ewdRlLEgsVmeHFUoAjMvmP
nA8C1OxwBsdpIzDyp4wsb+Y30EnFaHLMtJZjg6NTjyOBnEBLFFjU+UIfNO8kdR7n
O9xfodm+bQ5ZzCi+S/gJMAsyBDOERv7gZA5AQHlj6+LEykkPkClDYeJkF5kJukaN
d+H/qZ1Ew6Uv9Pxm2+uzOBZFPvJG/KZFF4DzWbp9QAQMefDULnekhnSp7a9Bz4Yw
fFGxzijqAC/W5AjP5GB1x422M4lqH7eEzLBAuUyklGPXGIXyN7hI9gZqAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLl2lOLSigf85hDzpRh633lI6FY8MB8GA1UdIwQY
MBaAFCsiRMij60o8bXdtBGzpKr8BxsIvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3lKRXlLUHJTanh0ZDIwRWJPa3F2d0hHd2k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC83Y2M3YTctYWVmMS00MDhhLWExYzYt
ZGYxY2NlNGU2OTUwLzEvS3lKRXlLUHJTanh0ZDIwRWJPa3F2d0hHd2k4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC83Y2M3YTctYWVmMS00MDhhLWExYzYtZGYxY2NlNGU2OTUw
LzEvS3lKRXlLUHJTanh0ZDIwRWJPa3F2d0hHd2k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmedDqYLl
BUJGSn9i4ucQa0WuFfasZc8EvRuWtty8ksA0iP1qgANo19NSTFi2NEefYDJU9LJi
v+JxFt7KgmKKKrGxxBRUR+VDX1xMpGonxKlNPq+E9AewXW/7HBTYwVs0x9MR+uzC
bynkPwKcRqMXX0sKHFkVBOonTRjJIcMKyWFWhtGu8eHUQWLRelGxYlks9EWUo+RW
341sVomNhTf2N1fgupHkPT2TqXX5CERHJNwlxN6hK2hrb0J2ijDi8wm2fKhg4HKu
aD26qOrOHt3317Zbp+y46SPPnU4r/7h0q5G1Ez4kxS+q2RyszvJfl1d5Yq2iqN//
+0fnUHroXtOsIw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:08:04 2025 by rpki-client