Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.mft
File: kMABN-5t-utOpII7wXPDvAADHfk.mft (raw, json)
Hash identifier: 2BF2mbQDHGKB5Hnp6aAAeR+IQhUqZ2220RL7kQd8Z8g=
Subject key identifier: 86:80:EC:D5:AC:F1:59:AB:5F:8E:00:10:1E:DC:08:12:A0:B7:BC:74
Authority key identifier: 90:C0:01:37:EE:6D:FA:EB:4E:A4:82:3B:C1:73:C3:BC:00:03:1D:F9
Certificate issuer: /CN=90c00137ee6dfaeb4ea4823bc173c3bc00031df9
Certificate serial: 019A50E3A7538F7B39B2A8156D5A885C3DE6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kMABN-5t-utOpII7wXPDvAADHfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.mft
Manifest number: 06F3
Signing time: Tue 04 Nov 2025 22:01:28 +0000
Manifest this update: Tue 04 Nov 2025 22:01:28 +0000
Manifest next update: Wed 05 Nov 2025 22:01:28 +0000
Files and hashes: 1: FCW2bGoLdcM6i-Jx_GrHtMzXAlk.roa (hash: WJgWrgAT99wsdStIPz/Fl698liisGeyhumyE7tw/O7c=)
2: kMABN-5t-utOpII7wXPDvAADHfk.crl (hash: iiiLuiJegiKwQpsSsPZDLVrC6ZeCK4OCbOCdqz07+1Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.mft
rsync://rpki.ripe.net/repository/DEFAULT/kMABN-5t-utOpII7wXPDvAADHfk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:e3:a7:53:8f:7b:39:b2:a8:15:6d:5a:88:5c:3d:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90c00137ee6dfaeb4ea4823bc173c3bc00031df9
Validity
Not Before: Nov 4 22:01:28 2025 GMT
Not After : Nov 5 22:01:28 2025 GMT
Subject: CN=8680ecd5acf159ab5f8e00101edc0812a0b7bc74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:80:4d:cd:f6:9f:02:49:f1:96:98:f7:bc:c4:
cc:fc:f0:b8:b1:ed:04:f8:a7:cc:e4:1d:37:86:22:
72:d2:3a:71:36:07:bb:d4:53:ac:a4:0e:a7:c4:94:
60:e7:53:3d:17:98:77:a6:b9:c8:c9:93:92:53:8b:
f0:31:9f:10:6e:e1:55:db:20:a0:86:2a:28:15:7c:
8c:3f:18:22:08:70:a9:8d:49:58:92:44:2e:c6:c5:
ca:33:4e:12:25:27:ab:3a:92:46:f2:33:e3:8c:5d:
4c:b4:07:e2:6b:16:b0:d2:d8:6e:1b:1f:e7:8e:09:
b1:e9:aa:1e:dc:5a:3d:5f:21:e9:ac:02:2c:da:79:
2c:01:46:c8:a2:0f:b1:8f:3c:b3:45:7c:ac:cc:25:
fe:7b:7f:a2:c6:64:d7:2c:56:f3:d9:0a:f5:4a:2a:
0d:9a:1b:74:18:22:12:a2:14:00:bd:3f:ab:ba:a2:
0c:e8:8a:a2:be:ac:b8:ff:4b:57:22:b8:2a:2b:1f:
65:93:46:36:ee:42:5f:34:af:e5:7f:d6:fe:bb:f5:
ec:7a:ae:43:20:d7:73:8b:4b:4d:9e:d3:0e:ae:0b:
11:5c:1c:fc:4e:fb:e0:cc:bf:dd:2a:23:20:d5:4b:
fb:ad:63:56:38:c5:93:95:c8:78:5b:a2:58:1f:4a:
88:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:80:EC:D5:AC:F1:59:AB:5F:8E:00:10:1E:DC:08:12:A0:B7:BC:74
X509v3 Authority Key Identifier:
keyid:90:C0:01:37:EE:6D:FA:EB:4E:A4:82:3B:C1:73:C3:BC:00:03:1D:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kMABN-5t-utOpII7wXPDvAADHfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:ec:5f:49:59:d3:54:d9:bf:ab:69:8f:37:b4:11:24:af:bf:
59:48:1a:fb:7a:21:95:a0:ec:b1:fb:fc:88:a1:21:df:3f:ac:
68:98:8d:1d:20:e7:6e:2e:a4:fe:7b:26:cb:4d:35:f8:07:16:
7e:b4:3d:ab:64:5e:55:b9:3b:18:19:c3:34:49:01:49:ad:4a:
0a:3c:a7:ac:35:81:e7:7d:e6:75:66:3c:5a:57:7d:c8:18:86:
9e:84:24:72:e5:dd:7d:4b:b9:52:e2:5e:98:01:a4:aa:d7:19:
be:f2:df:b6:e2:bc:17:58:ac:da:bd:fa:9c:71:74:7e:7c:41:
b2:bd:8c:e0:bc:46:8c:09:c3:ed:e4:ac:85:22:8e:80:68:ae:
55:1d:b9:2c:12:c9:2f:ba:8e:87:32:52:72:af:ce:f8:2b:e8:
59:72:97:0e:da:0b:28:7a:63:c9:fd:a9:be:79:78:53:c2:06:
47:6b:bb:56:68:57:9f:bd:df:3b:f1:2b:de:71:81:80:2a:e0:
19:8a:81:dd:65:e8:6a:cd:a1:d9:8e:31:40:5f:ab:74:16:51:
3f:2d:20:c0:58:67:fe:af:54:7d:73:c9:5b:ee:bd:d9:b1:1f:
ee:5c:07:0b:60:b6:e8:b1:41:9a:46:92:6a:77:05:9a:bc:1b:
4b:55:2c:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ46dTj3s5sqgVbVqIXD3mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYzAwMTM3ZWU2ZGZhZWI0ZWE0ODIzYmMxNzNjM2JjMDAw
MzFkZjkwHhcNMjUxMTA0MjIwMTI4WhcNMjUxMTA1MjIwMTI4WjAzMTEwLwYDVQQD
Eyg4NjgwZWNkNWFjZjE1OWFiNWY4ZTAwMTAxZWRjMDgxMmEwYjdiYzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIBNzfafAknxlpj3vMTM/PC4se0E
+KfM5B03hiJy0jpxNge71FOspA6nxJRg51M9F5h3prnIyZOSU4vwMZ8QbuFV2yCg
hiooFXyMPxgiCHCpjUlYkkQuxsXKM04SJSerOpJG8jPjjF1MtAfiaxaw0thuGx/n
jgmx6aoe3Fo9XyHprAIs2nksAUbIog+xjzyzRXyszCX+e3+ixmTXLFbz2Qr1SioN
mht0GCISohQAvT+ruqIM6Iqivqy4/0tXIrgqKx9lk0Y27kJfNK/lf9b+u/Xseq5D
INdzi0tNntMOrgsRXBz8TvvgzL/dKiMg1Uv7rWNWOMWTlch4W6JYH0qIjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIaA7NWs8VmrX44AEB7cCBKgt7x0MB8GA1UdIwQY
MBaAFJDAATfubfrrTqSCO8Fzw7wAAx35MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva01BQk4tNXQtdXRPcElJN3dYUER2QUFESGZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9iZTM3MGUtNjcyOS00ZGY3LWFhYmUt
MGE1MjViNjlkYjhmLzEva01BQk4tNXQtdXRPcElJN3dYUER2QUFESGZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9iZTM3MGUtNjcyOS00ZGY3LWFhYmUtMGE1MjViNjlkYjhm
LzEva01BQk4tNXQtdXRPcElJN3dYUER2QUFESGZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh+xfSVnT
VNm/q2mPN7QRJK+/WUga+3ohlaDssfv8iKEh3z+saJiNHSDnbi6k/nsmy001+AcW
frQ9q2ReVbk7GBnDNEkBSa1KCjynrDWB533mdWY8Wld9yBiGnoQkcuXdfUu5UuJe
mAGkqtcZvvLftuK8F1is2r36nHF0fnxBsr2M4LxGjAnD7eSshSKOgGiuVR25LBLJ
L7qOhzJScq/O+CvoWXKXDtoLKHpjyf2pvnl4U8IGR2u7VmhXn73fO/Er3nGBgCrg
GYqB3WXoas2h2Y4xQF+rdBZRPy0gwFhn/q9UfXPJW+692bEf7lwHC2C26LFBmkaS
ancFmrwbS1UseQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 06:24:44 2025 by rpki-client