Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft
File: KL8ecjI3QqxNgTarbI6F33ujfus.mft (raw, json)
Hash identifier: HRxxgg3al/7ml0/OAilxbMgkYNU+UUbGX2M0R7ZSosc=
Subject key identifier: A6:3A:00:2C:70:A1:5F:B1:B6:80:27:4D:04:03:29:8F:B5:C9:97:AE
Authority key identifier: 28:BF:1E:72:32:37:42:AC:4D:81:36:AB:6C:8E:85:DF:7B:A3:7E:EB
Certificate issuer: /CN=28bf1e72323742ac4d8136ab6c8e85df7ba37eeb
Certificate serial: 019A4F2AF29022CE8849C66A5BAE8160BCE1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft
Manifest number: 170E
Signing time: Tue 04 Nov 2025 14:00:05 +0000
Manifest this update: Tue 04 Nov 2025 14:00:05 +0000
Manifest next update: Wed 05 Nov 2025 14:00:05 +0000
Files and hashes: 1: KL8ecjI3QqxNgTarbI6F33ujfus.crl (hash: 8LonV+zd46pKWuLSAOGaXdmNwAhmgF679eHbZtdKT00=)
2: tkt4SudQfK9uwQrgGKvvYflAjl8.roa (hash: dFUnqKo0rasEdebFDefgA9DnqivcqZmMoexL2NOUY5M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft
rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:2a:f2:90:22:ce:88:49:c6:6a:5b:ae:81:60:bc:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28bf1e72323742ac4d8136ab6c8e85df7ba37eeb
Validity
Not Before: Nov 4 14:00:05 2025 GMT
Not After : Nov 5 14:00:05 2025 GMT
Subject: CN=a63a002c70a15fb1b680274d0403298fb5c997ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:7f:bc:8c:bb:51:a3:7b:c5:1c:e5:d0:c3:ce:
95:cc:f2:35:6d:51:b6:d7:43:10:8e:05:d7:cc:e4:
f8:84:47:5e:e4:b0:8a:e7:7a:28:e4:8c:1f:6d:db:
d4:08:9c:a2:33:b1:59:d7:b0:f2:7c:2c:76:08:0f:
ba:c3:3f:45:61:be:f5:0e:80:b3:2b:ec:d7:91:8e:
c7:27:1e:13:e6:f7:0f:c7:6d:cd:f5:fc:49:12:74:
6e:c2:35:e0:67:ec:fa:17:bc:46:f1:2c:07:4b:d6:
74:88:d4:99:2f:59:b2:10:45:47:02:49:3c:91:d1:
6c:ae:c5:a8:a0:0d:77:55:54:60:b1:fb:6e:78:95:
b6:02:ec:9a:1e:8e:b6:4b:e9:a0:20:a8:db:a3:1b:
e6:6b:48:79:a2:f4:4a:69:4f:39:c3:f7:c9:aa:b4:
94:52:9c:6b:80:b0:fa:17:30:7a:13:bb:59:5b:d7:
3f:c3:53:93:3d:d9:f2:28:3e:c0:de:9f:81:5f:75:
b2:d1:c6:6e:93:4a:8b:76:06:28:82:27:58:00:20:
44:82:af:90:e2:bb:36:32:17:5e:55:b4:37:05:5a:
e5:6e:07:85:5b:ef:d2:fe:db:4a:1b:04:49:be:44:
3a:c6:c3:75:fa:06:e7:91:ae:2c:2b:ef:eb:fc:9a:
38:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:3A:00:2C:70:A1:5F:B1:B6:80:27:4D:04:03:29:8F:B5:C9:97:AE
X509v3 Authority Key Identifier:
keyid:28:BF:1E:72:32:37:42:AC:4D:81:36:AB:6C:8E:85:DF:7B:A3:7E:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1d:6d:7d:7a:f2:48:a1:6a:e0:a2:d6:7c:ae:53:7f:f8:c8:f8:
21:db:b1:23:db:e2:4a:16:ec:a5:05:7d:18:bd:5d:38:4d:af:
f5:76:89:98:97:ef:dd:ed:b2:03:35:10:38:f2:80:d6:6b:a9:
31:74:88:6d:44:90:6a:6c:95:2d:e3:64:43:a0:d0:d5:b8:fe:
41:cc:05:eb:2b:fd:49:7f:e3:85:5f:83:47:8c:bc:32:3b:08:
8d:c2:58:c5:fb:82:dc:bc:66:1d:90:29:b0:b5:e2:d4:34:4b:
87:9e:7b:b3:21:7d:8b:ca:5c:06:f9:81:bd:3e:25:90:f5:0d:
37:6c:13:cc:07:06:ce:5e:7a:0e:8b:f9:f4:46:61:fd:8a:88:
a8:fd:5c:2c:f0:3f:a9:c6:6c:52:e9:aa:cb:d0:ee:ac:c9:ba:
32:d5:b5:de:6d:84:5f:44:8f:5b:15:b2:d6:87:81:ad:6e:bb:
ef:c1:b9:5c:a9:0b:72:19:dc:bf:c8:da:6c:1e:a7:90:42:1d:
e7:44:b5:c7:d2:70:86:6a:f8:6d:75:86:2d:a8:76:c0:b4:ac:
ab:93:56:b5:4e:b8:2c:7d:f6:48:0f:49:6e:45:74:b5:20:20:
62:dc:a1:4e:87:ba:b3:03:c0:3b:3a:8b:12:1f:7a:bc:19:69:
7d:82:fb:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPKvKQIs6IScZqW66BYLzhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YmYxZTcyMzIzNzQyYWM0ZDgxMzZhYjZjOGU4NWRmN2Jh
MzdlZWIwHhcNMjUxMTA0MTQwMDA1WhcNMjUxMTA1MTQwMDA1WjAzMTEwLwYDVQQD
EyhhNjNhMDAyYzcwYTE1ZmIxYjY4MDI3NGQwNDAzMjk4ZmI1Yzk5N2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqn+8jLtRo3vFHOXQw86VzPI1bVG2
10MQjgXXzOT4hEde5LCK53oo5IwfbdvUCJyiM7FZ17DyfCx2CA+6wz9FYb71DoCz
K+zXkY7HJx4T5vcPx23N9fxJEnRuwjXgZ+z6F7xG8SwHS9Z0iNSZL1myEEVHAkk8
kdFsrsWooA13VVRgsftueJW2AuyaHo62S+mgIKjboxvma0h5ovRKaU85w/fJqrSU
UpxrgLD6FzB6E7tZW9c/w1OTPdnyKD7A3p+BX3Wy0cZuk0qLdgYogidYACBEgq+Q
4rs2MhdeVbQ3BVrlbgeFW+/S/ttKGwRJvkQ6xsN1+gbnka4sK+/r/Jo4QQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKY6ACxwoV+xtoAnTQQDKY+1yZeuMB8GA1UdIwQY
MBaAFCi/HnIyN0KsTYE2q2yOhd97o37rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9iYTZkZjctZjMyNS00MTg0LWE1NGEt
MGM0ODFmMGFkMjBlLzEvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9iYTZkZjctZjMyNS00MTg0LWE1NGEtMGM0ODFmMGFkMjBl
LzEvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHW19evJI
oWrgotZ8rlN/+Mj4IduxI9viShbspQV9GL1dOE2v9XaJmJfv3e2yAzUQOPKA1mup
MXSIbUSQamyVLeNkQ6DQ1bj+QcwF6yv9SX/jhV+DR4y8MjsIjcJYxfuC3LxmHZAp
sLXi1DRLh557syF9i8pcBvmBvT4lkPUNN2wTzAcGzl56Dov59EZh/YqIqP1cLPA/
qcZsUumqy9DurMm6MtW13m2EX0SPWxWy1oeBrW6778G5XKkLchncv8jabB6nkEId
50S1x9Jwhmr4bXWGLah2wLSsq5NWtU64LH32SA9JbkV0tSAgYtyhToe6swPAOzqL
Eh96vBlpfYL7qA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:01:29 2025 by rpki-client