Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.mft
File: kMABN-5t-utOpII7wXPDvAADHfk.mft (raw, json)
Hash identifier: ZgYSxbATKwyUGPyRH0fedvqZJnSJ9OOeU740vQQ0+JI=
Subject key identifier: 15:BC:96:D9:8B:30:29:6C:F9:C3:A8:13:22:F5:36:18:90:F4:12:A6
Authority key identifier: 90:C0:01:37:EE:6D:FA:EB:4E:A4:82:3B:C1:73:C3:BC:00:03:1D:F9
Certificate issuer: /CN=90c00137ee6dfaeb4ea4823bc173c3bc00031df9
Certificate serial: 019A52D131F2F7C55F5EED96C9542991AE6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kMABN-5t-utOpII7wXPDvAADHfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.mft
Manifest number: 06F4
Signing time: Wed 05 Nov 2025 07:00:32 +0000
Manifest this update: Wed 05 Nov 2025 07:00:32 +0000
Manifest next update: Thu 06 Nov 2025 07:00:32 +0000
Files and hashes: 1: FCW2bGoLdcM6i-Jx_GrHtMzXAlk.roa (hash: WJgWrgAT99wsdStIPz/Fl698liisGeyhumyE7tw/O7c=)
2: kMABN-5t-utOpII7wXPDvAADHfk.crl (hash: dqZLDJYnOIT+hKutwyWb62H/KuR2WNpTETI0vZJAgTY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.mft
rsync://rpki.ripe.net/repository/DEFAULT/kMABN-5t-utOpII7wXPDvAADHfk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:d1:31:f2:f7:c5:5f:5e:ed:96:c9:54:29:91:ae:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90c00137ee6dfaeb4ea4823bc173c3bc00031df9
Validity
Not Before: Nov 5 07:00:32 2025 GMT
Not After : Nov 6 07:00:32 2025 GMT
Subject: CN=15bc96d98b30296cf9c3a81322f5361890f412a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:5b:24:87:75:fb:7a:5a:a4:1b:02:4e:13:75:
de:9e:44:9c:58:b4:6d:fd:a3:4b:27:57:e3:e2:4b:
35:e6:0f:92:d5:ea:19:8c:56:82:09:30:e9:13:5f:
e2:83:ae:2e:b3:82:bc:88:6c:a1:ee:46:73:29:02:
bd:7a:c2:04:4e:2d:f3:9d:4d:51:a5:85:6d:a2:7b:
8c:93:a8:9f:32:9c:ad:e1:a0:b4:4e:0b:54:c9:16:
08:14:1e:2b:eb:04:0b:ba:1b:99:ce:74:99:01:ba:
2b:bc:21:ca:84:b3:b3:57:27:83:11:f1:9c:ee:bd:
f2:fc:64:ad:f2:ec:4d:4b:ca:05:9a:14:43:15:4b:
54:75:56:43:d0:3a:4a:a5:ec:3c:39:86:2f:3c:6b:
b8:72:47:cc:b4:7a:32:b5:5c:5a:1d:d1:d7:51:9b:
aa:75:69:e1:df:3e:77:95:10:5b:bb:c1:65:1a:45:
50:17:4b:c0:f5:61:ad:72:e7:d7:a1:69:5e:fe:4d:
5d:18:5b:2f:94:08:0a:ed:aa:29:f3:68:45:96:6c:
84:39:d5:74:50:8f:88:7d:3d:4b:dc:7b:d1:27:b8:
cb:ed:10:87:e1:93:63:e0:d9:5e:af:70:98:af:ea:
e0:a6:06:af:31:9a:45:00:3b:d9:b6:c3:62:d6:85:
5d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:BC:96:D9:8B:30:29:6C:F9:C3:A8:13:22:F5:36:18:90:F4:12:A6
X509v3 Authority Key Identifier:
keyid:90:C0:01:37:EE:6D:FA:EB:4E:A4:82:3B:C1:73:C3:BC:00:03:1D:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kMABN-5t-utOpII7wXPDvAADHfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
61:f7:9f:68:a7:49:af:88:7b:9e:46:e8:98:cd:f1:52:d0:57:
11:df:0d:4c:94:55:a1:21:fb:d1:4c:78:8c:51:6c:dc:53:48:
81:0f:11:18:88:ee:f1:f8:b3:dd:b7:8a:b4:18:53:c5:b2:cd:
7c:43:4d:f7:08:19:9d:a4:9d:ba:71:94:c1:e1:63:4e:e9:16:
9e:c1:c3:9b:f4:ac:33:b8:18:ef:81:9d:8f:3f:21:79:57:61:
e0:c3:ae:7c:c8:6e:bb:9d:9e:b7:0e:ab:f9:57:36:12:c2:c1:
0c:65:f8:6b:f6:aa:ce:06:61:e6:26:67:37:d6:71:01:aa:09:
88:60:12:0f:c1:5e:5c:01:5d:17:e4:69:57:56:30:d7:3c:ba:
f1:e7:c0:a6:f2:0f:86:ac:fd:ca:30:f5:a4:f2:52:8e:f8:6b:
1f:e9:2d:8e:a9:36:c4:99:55:86:86:31:09:0f:8d:8b:d4:26:
a9:bd:21:97:88:57:7d:90:5c:3d:bf:99:05:1a:ef:77:d0:23:
24:40:5c:24:bc:7e:c2:de:c6:92:d7:78:13:fc:37:9c:00:50:
b2:da:89:d4:40:0a:a7:37:26:bf:0b:cd:44:86:c2:ad:60:42:
f8:a5:eb:7f:21:87:82:81:7f:44:b9:96:c2:74:29:a8:50:40:
25:c1:5a:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0THy98VfXu2WyVQpka5sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYzAwMTM3ZWU2ZGZhZWI0ZWE0ODIzYmMxNzNjM2JjMDAw
MzFkZjkwHhcNMjUxMTA1MDcwMDMyWhcNMjUxMTA2MDcwMDMyWjAzMTEwLwYDVQQD
EygxNWJjOTZkOThiMzAyOTZjZjljM2E4MTMyMmY1MzYxODkwZjQxMmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1skh3X7elqkGwJOE3XenkScWLRt
/aNLJ1fj4ks15g+S1eoZjFaCCTDpE1/ig64us4K8iGyh7kZzKQK9esIETi3znU1R
pYVtonuMk6ifMpyt4aC0TgtUyRYIFB4r6wQLuhuZznSZAborvCHKhLOzVyeDEfGc
7r3y/GSt8uxNS8oFmhRDFUtUdVZD0DpKpew8OYYvPGu4ckfMtHoytVxaHdHXUZuq
dWnh3z53lRBbu8FlGkVQF0vA9WGtcufXoWle/k1dGFsvlAgK7aop82hFlmyEOdV0
UI+IfT1L3HvRJ7jL7RCH4ZNj4Nler3CYr+rgpgavMZpFADvZtsNi1oVdIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBW8ltmLMCls+cOoEyL1NhiQ9BKmMB8GA1UdIwQY
MBaAFJDAATfubfrrTqSCO8Fzw7wAAx35MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva01BQk4tNXQtdXRPcElJN3dYUER2QUFESGZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9iZTM3MGUtNjcyOS00ZGY3LWFhYmUt
MGE1MjViNjlkYjhmLzEva01BQk4tNXQtdXRPcElJN3dYUER2QUFESGZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9iZTM3MGUtNjcyOS00ZGY3LWFhYmUtMGE1MjViNjlkYjhm
LzEva01BQk4tNXQtdXRPcElJN3dYUER2QUFESGZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYfefaKdJ
r4h7nkbomM3xUtBXEd8NTJRVoSH70Ux4jFFs3FNIgQ8RGIju8fiz3beKtBhTxbLN
fENN9wgZnaSdunGUweFjTukWnsHDm/SsM7gY74Gdjz8heVdh4MOufMhuu52etw6r
+Vc2EsLBDGX4a/aqzgZh5iZnN9ZxAaoJiGASD8FeXAFdF+RpV1Yw1zy68efApvIP
hqz9yjD1pPJSjvhrH+ktjqk2xJlVhoYxCQ+Ni9Qmqb0hl4hXfZBcPb+ZBRrvd9Aj
JEBcJLx+wt7Gktd4E/w3nABQstqJ1EAKpzcmvwvNRIbCrWBC+KXrfyGHgoF/RLmW
wnQpqFBAJcFa0Q==
-----END CERTIFICATE-----
Generated at Wed Nov 5 09:09:14 2025 by rpki-client