Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
File: kaEXOnDkH0WTVHZpraIvDX9o81Q.mft (raw, json)
Hash identifier: T7u4WzyOogclcyDzEJu5ym9E3R7PEj6T+sF7PCYJg6I=
Subject key identifier: 5B:C9:7D:CE:87:33:9A:F6:20:F1:7E:EF:41:DF:AE:4C:56:D4:CF:8D
Authority key identifier: 91:A1:17:3A:70:E4:1F:45:93:54:76:69:AD:A2:2F:0D:7F:68:F3:54
Certificate issuer: /CN=91a1173a70e41f4593547669ada22f0d7f68f354
Certificate serial: 019A4DE19E3D5AC4277CCFFF3C4418560524
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
Manifest number: 170E
Signing time: Tue 04 Nov 2025 08:00:22 +0000
Manifest this update: Tue 04 Nov 2025 08:00:22 +0000
Manifest next update: Wed 05 Nov 2025 08:00:22 +0000
Files and hashes: 1: kaEXOnDkH0WTVHZpraIvDX9o81Q.crl (hash: +CXlQXuxPqDhzeEXmn7QUW0zbB6F/5UzG4H8IMOL5Vs=)
2: xREpLh3GVdj1ODzVkMBccz2oKXk.roa (hash: xbsUY7nQRM1AibU2b9y10o7TiQNt9Xvh0b0IzmFT71c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:e1:9e:3d:5a:c4:27:7c:cf:ff:3c:44:18:56:05:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91a1173a70e41f4593547669ada22f0d7f68f354
Validity
Not Before: Nov 4 08:00:22 2025 GMT
Not After : Nov 5 08:00:22 2025 GMT
Subject: CN=5bc97dce87339af620f17eef41dfae4c56d4cf8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c7:a9:cc:b4:00:05:3d:8e:e2:5a:0c:fe:fa:
37:72:de:8b:43:93:04:02:e8:16:66:07:5d:70:ae:
da:54:5d:1b:22:2d:52:fb:5a:30:b3:00:fc:50:e0:
9f:b9:e3:20:96:37:81:91:9d:61:7d:9e:d9:2c:58:
d1:1e:b4:e5:93:f0:06:84:f3:da:65:50:ae:26:10:
b2:75:a3:d1:49:fe:43:ed:3f:a4:ef:f8:ba:8b:2e:
84:48:0d:b3:60:f9:b7:d8:b1:f0:0c:a5:11:25:7a:
a6:4b:9c:1d:f5:38:18:22:22:3f:d2:6a:dc:dc:f4:
21:24:59:24:38:86:21:01:40:a2:44:e6:f6:7c:3e:
c9:64:46:a9:c3:0d:fd:70:e8:ad:70:3e:95:47:ce:
e6:1a:5f:58:a8:7f:fb:16:1e:d8:35:e4:e6:18:c7:
8f:24:3d:09:1a:47:1d:8f:5c:f1:77:e7:80:28:2b:
1b:0b:a2:a6:22:05:85:a8:53:de:45:8b:09:50:3e:
ff:5a:d0:f0:13:2a:97:a4:b2:cc:31:3f:ec:35:09:
24:c3:2d:9b:5b:b1:76:47:16:0b:fb:0d:e8:09:94:
57:ad:0e:20:ca:ce:be:a2:42:d6:a9:ae:da:4b:cf:
62:1e:3f:f8:00:1c:04:55:76:d0:f3:ce:28:8e:07:
aa:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:C9:7D:CE:87:33:9A:F6:20:F1:7E:EF:41:DF:AE:4C:56:D4:CF:8D
X509v3 Authority Key Identifier:
keyid:91:A1:17:3A:70:E4:1F:45:93:54:76:69:AD:A2:2F:0D:7F:68:F3:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:48:63:31:b4:df:69:dd:82:79:6c:39:42:d6:72:37:8d:fc:
1b:d8:e4:c6:cf:f3:0b:ef:7e:ba:d7:8b:ef:ce:59:d2:1f:c0:
08:0d:ca:d0:d3:65:04:41:b7:82:4e:3a:a6:31:97:3f:4d:35:
d2:e3:6a:42:28:20:cf:bd:e5:b7:fa:76:80:08:d9:7a:1d:1c:
02:d4:23:4c:dd:ad:ab:6d:d3:97:cb:a7:94:65:76:06:cc:aa:
71:57:64:7e:58:e0:0f:19:77:46:7f:3c:be:7a:8a:11:9b:be:
42:2b:72:ff:e2:aa:d8:3a:a1:ec:3b:ab:b7:ff:23:4f:a5:e5:
4a:5a:3f:10:94:8b:f5:8b:43:65:a8:33:f7:ab:49:7c:52:68:
54:f8:cb:ea:69:90:68:08:3a:85:1b:1e:e9:4c:55:a9:53:e8:
57:88:96:4f:fb:07:c5:33:0e:69:c0:d0:78:00:a5:ad:e2:61:
fe:69:e7:8a:10:bf:c9:5b:84:b7:70:98:e6:89:cc:50:7f:d6:
32:5d:12:c8:c7:7c:01:cf:b6:46:43:0c:df:0c:ae:c5:30:6d:
de:18:d2:1d:bc:88:d3:bf:3d:e1:6b:5a:13:9b:63:c0:4f:fd:
d3:a2:f9:28:b6:f0:0a:49:bf:d1:c5:ee:51:22:e7:ac:fe:97:
b3:65:41:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4Z49WsQnfM//PEQYVgUkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYTExNzNhNzBlNDFmNDU5MzU0NzY2OWFkYTIyZjBkN2Y2
OGYzNTQwHhcNMjUxMTA0MDgwMDIyWhcNMjUxMTA1MDgwMDIyWjAzMTEwLwYDVQQD
Eyg1YmM5N2RjZTg3MzM5YWY2MjBmMTdlZWY0MWRmYWU0YzU2ZDRjZjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMepzLQABT2O4loM/vo3ct6LQ5ME
AugWZgddcK7aVF0bIi1S+1owswD8UOCfueMgljeBkZ1hfZ7ZLFjRHrTlk/AGhPPa
ZVCuJhCydaPRSf5D7T+k7/i6iy6ESA2zYPm32LHwDKURJXqmS5wd9TgYIiI/0mrc
3PQhJFkkOIYhAUCiROb2fD7JZEapww39cOitcD6VR87mGl9YqH/7Fh7YNeTmGMeP
JD0JGkcdj1zxd+eAKCsbC6KmIgWFqFPeRYsJUD7/WtDwEyqXpLLMMT/sNQkkwy2b
W7F2RxYL+w3oCZRXrQ4gys6+okLWqa7aS89iHj/4ABwEVXbQ884ojgeqXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFvJfc6HM5r2IPF+70HfrkxW1M+NMB8GA1UdIwQY
MBaAFJGhFzpw5B9Fk1R2aa2iLw1/aPNUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8zNGU1M2YtNjc1OS00Y2Y1LTk4MDEt
NWQ2MzBlMjAzZmQ1LzEva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8zNGU1M2YtNjc1OS00Y2Y1LTk4MDEtNWQ2MzBlMjAzZmQ1
LzEva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG0hjMbTf
ad2CeWw5QtZyN438G9jkxs/zC+9+uteL785Z0h/ACA3K0NNlBEG3gk46pjGXP001
0uNqQiggz73lt/p2gAjZeh0cAtQjTN2tq23Tl8unlGV2BsyqcVdkfljgDxl3Rn88
vnqKEZu+Qity/+Kq2Dqh7Durt/8jT6XlSlo/EJSL9YtDZagz96tJfFJoVPjL6mmQ
aAg6hRse6UxVqVPoV4iWT/sHxTMOacDQeAClreJh/mnnihC/yVuEt3CY5onMUH/W
Ml0SyMd8Ac+2RkMM3wyuxTBt3hjSHbyI07894WtaE5tjwE/906L5KLbwCkm/0cXu
USLnrP6Xs2VBMg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:42:54 2025 by rpki-client