Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
File: KbOnF2ZaETfpncj60i4-f5jbiXM.mft (raw, json)
Hash identifier: inn71RSnD0ogiGeOAm2hlzMG2QKlxIrhH5khJ3T/Kao=
Subject key identifier: DF:E7:17:FC:1B:5C:F3:55:04:41:5C:75:DE:10:C0:9A:31:C4:3E:8E
Authority key identifier: 29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
Certificate issuer: /CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Certificate serial: 019A500753A7E2A5FEFFAA8B8F73A4D3B101
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
Manifest number: 1713
Signing time: Tue 04 Nov 2025 18:00:48 +0000
Manifest this update: Tue 04 Nov 2025 18:00:48 +0000
Manifest next update: Wed 05 Nov 2025 18:00:48 +0000
Files and hashes: 1: 0l-uuc0ta--zZGivAH1vRPmB_34.roa (hash: N3+ixN59bx1CAdzBVH5dBhTA7XSG6tSZGbX7+qQ9kkU=)
2: KbOnF2ZaETfpncj60i4-f5jbiXM.crl (hash: +4E5KMN+q0L6rHrzqveUpvLUbOPJkJkH9yl2F4GAbmU=)
3: ZjCHU3LEGq34M383f_KumGN_eB4.roa (hash: YxlGAgs8g3hAPxhoH9iP3cLnbEfE9zXQU/84spENz30=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:07:53:a7:e2:a5:fe:ff:aa:8b:8f:73:a4:d3:b1:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Validity
Not Before: Nov 4 18:00:48 2025 GMT
Not After : Nov 5 18:00:48 2025 GMT
Subject: CN=dfe717fc1b5cf35504415c75de10c09a31c43e8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:3b:6f:7c:b1:08:a5:04:c7:1a:5d:17:0d:11:
38:f0:cb:01:72:a1:63:15:c2:d3:be:83:1f:c4:2f:
5a:82:96:cf:e2:f6:1d:17:f1:93:d5:7c:14:6e:df:
49:63:f8:97:ae:7a:b3:e8:bc:ae:8c:ca:54:79:4e:
fb:06:bb:3e:c8:0a:70:92:41:be:92:49:27:48:2c:
6d:93:82:3a:4f:d6:24:da:77:8f:39:28:0c:b4:20:
39:29:11:5e:48:4b:43:8c:f4:62:79:8c:f0:2f:18:
9f:a9:49:95:66:a3:9b:56:7a:2c:ef:c1:fa:9c:8b:
81:f2:75:ad:84:a0:3c:c2:c9:14:e3:a1:25:7f:63:
48:43:37:ff:a9:cb:d7:5b:69:e7:15:9e:16:9c:26:
2a:1a:cf:87:3a:a8:8a:71:ef:9a:88:9d:1e:e3:d4:
15:79:b6:6b:82:dc:1b:e1:5c:0d:37:19:86:ba:de:
2c:96:f8:29:d0:e2:ad:c4:53:96:8c:7f:60:90:34:
07:77:93:60:69:80:8a:aa:2c:10:78:9f:44:9c:ee:
2c:1b:e5:71:64:d4:8d:55:a3:9f:c3:2c:7a:57:04:
3b:35:91:1e:d6:11:7e:b2:dc:3e:13:74:9c:73:8a:
fb:1e:1b:15:21:a4:a5:18:ee:8b:bf:cc:d7:bb:a5:
ae:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:E7:17:FC:1B:5C:F3:55:04:41:5C:75:DE:10:C0:9A:31:C4:3E:8E
X509v3 Authority Key Identifier:
keyid:29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
15:ad:ff:07:bf:b2:ff:c2:3d:ee:cc:50:bf:e8:05:7d:94:71:
63:6c:2c:b5:c9:c4:32:3b:f5:89:d9:f7:d2:bc:5e:e6:f5:90:
32:4e:0f:93:fd:16:9d:3e:b5:e4:fb:ad:41:e8:55:30:3d:63:
10:e6:75:ee:d6:11:91:1e:97:62:32:f0:80:c5:88:84:81:44:
58:6e:e4:5f:d6:a7:0e:00:8f:d2:79:a9:3e:d3:8d:10:b9:94:
4b:b2:79:ed:34:8b:26:af:be:b2:f1:ce:77:e9:61:53:0f:9a:
29:fb:1a:40:cd:0a:fd:eb:a2:4b:02:19:a5:95:7a:9b:72:c1:
a3:75:8a:dd:e9:17:6e:6d:d0:c6:41:ae:6f:37:66:63:ac:ac:
fe:d0:de:f2:67:be:17:72:50:cf:0b:c0:29:b7:c0:8d:44:71:
78:87:bf:2e:08:91:af:30:00:b4:66:64:d8:a1:ec:50:61:1f:
23:9b:4a:96:94:fe:67:92:38:39:13:13:cf:4c:18:b7:a3:b7:
6d:c5:11:64:e3:3d:7a:1f:ca:98:dd:11:86:57:51:dc:ec:e5:
64:ce:f9:1d:38:c6:89:ee:b2:ba:2d:df:78:ab:b3:4d:12:8c:
c1:77:9e:cb:bc:36:0d:0f:73:f6:74:7a:97:2b:c6:ff:e3:77:
13:6c:c4:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQB1On4qX+/6qLj3Ok07EBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YjNhNzE3NjY1YTExMzdlOTlkYzhmYWQyMmUzZTdmOThk
Yjg5NzMwHhcNMjUxMTA0MTgwMDQ4WhcNMjUxMTA1MTgwMDQ4WjAzMTEwLwYDVQQD
EyhkZmU3MTdmYzFiNWNmMzU1MDQ0MTVjNzVkZTEwYzA5YTMxYzQzZThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjtvfLEIpQTHGl0XDRE48MsBcqFj
FcLTvoMfxC9agpbP4vYdF/GT1XwUbt9JY/iXrnqz6LyujMpUeU77Brs+yApwkkG+
kkknSCxtk4I6T9Yk2nePOSgMtCA5KRFeSEtDjPRieYzwLxifqUmVZqObVnos78H6
nIuB8nWthKA8wskU46Elf2NIQzf/qcvXW2nnFZ4WnCYqGs+HOqiKce+aiJ0e49QV
ebZrgtwb4VwNNxmGut4slvgp0OKtxFOWjH9gkDQHd5NgaYCKqiwQeJ9EnO4sG+Vx
ZNSNVaOfwyx6VwQ7NZEe1hF+stw+E3Scc4r7HhsVIaSlGO6Lv8zXu6WuIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN/nF/wbXPNVBEFcdd4QwJoxxD6OMB8GA1UdIwQY
MBaAFCmzpxdmWhE36Z3I+tIuPn+Y24lzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgt
NjY5ZjdhNzYxNjMxLzEvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgtNjY5ZjdhNzYxNjMx
LzEvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFa3/B7+y
/8I97sxQv+gFfZRxY2wstcnEMjv1idn30rxe5vWQMk4Pk/0WnT615PutQehVMD1j
EOZ17tYRkR6XYjLwgMWIhIFEWG7kX9anDgCP0nmpPtONELmUS7J57TSLJq++svHO
d+lhUw+aKfsaQM0K/euiSwIZpZV6m3LBo3WK3ekXbm3QxkGubzdmY6ys/tDe8me+
F3JQzwvAKbfAjURxeIe/LgiRrzAAtGZk2KHsUGEfI5tKlpT+Z5I4ORMTz0wYt6O3
bcURZOM9eh/KmN0RhldR3OzlZM75HTjGie6yui3feKuzTRKMwXeey7w2DQ9z9nR6
lyvG/+N3E2zEwg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 01:27:51 2025 by rpki-client