Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft
File: KBZKV1f91XJaYIRPKufvc7EHpMA.mft (raw, json)
Hash identifier: XuzmB8QnYh6qsbtqAHRzTnbYv9jky/Z4RdFzJSaHo8M=
Subject key identifier: D2:12:1A:3A:34:CC:36:D7:7D:08:2B:E0:34:FC:64:0A:A1:8A:91:74
Authority key identifier: 28:16:4A:57:57:FD:D5:72:5A:60:84:4F:2A:E7:EF:73:B1:07:A4:C0
Certificate issuer: /CN=28164a5757fdd5725a60844f2ae7ef73b107a4c0
Certificate serial: 019A53E42F9B4B2B2D604BBBCCA004EE7929
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft
Manifest number: 170D
Signing time: Wed 05 Nov 2025 12:00:54 +0000
Manifest this update: Wed 05 Nov 2025 12:00:54 +0000
Manifest next update: Thu 06 Nov 2025 12:00:54 +0000
Files and hashes: 1: KBZKV1f91XJaYIRPKufvc7EHpMA.crl (hash: sKoJVdY3mq2QzeEMnHmEorHyDgnBvSdQxubv0serw9g=)
2: MhHg4JFChvahbVNUw3bJFSkkmEg.roa (hash: 4DOu8CWNY1OjDP1XSPeR4I2ZieWWV4v3/yu30qnq/P4=)
3: jPXAyTxRg6IHrumUsMVZCICaKwI.roa (hash: yu/3MPqNqBbwh5Kh6v8tYgtrr60bnzQOIu7M1/9ZqhU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:53:e4:2f:9b:4b:2b:2d:60:4b:bb:cc:a0:04:ee:79:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28164a5757fdd5725a60844f2ae7ef73b107a4c0
Validity
Not Before: Nov 5 12:00:54 2025 GMT
Not After : Nov 6 12:00:54 2025 GMT
Subject: CN=d2121a3a34cc36d77d082be034fc640aa18a9174
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ed:79:04:75:85:ec:dd:bb:e9:28:b6:f7:74:
af:fb:4d:5d:1d:d2:b7:07:ab:42:57:49:47:68:92:
17:1f:27:ea:c2:49:06:a2:c6:ea:f3:6a:9f:21:67:
08:92:69:3e:e8:ee:c5:36:a8:c6:20:27:0f:e8:d4:
5e:3b:1c:3b:19:7e:79:79:e5:7c:ad:72:0b:54:8d:
fb:3c:1b:d3:53:18:99:fb:58:ff:5b:12:57:59:97:
39:52:c9:4b:60:f3:3d:b2:8e:01:cc:55:ed:9b:af:
28:9c:fc:99:54:ae:ab:23:79:fc:fa:65:99:62:5e:
5a:e9:fc:56:97:13:13:5c:b5:05:65:fb:f3:23:65:
ad:9a:80:8f:a2:6c:b3:a9:d9:ae:4f:a1:52:ed:36:
fd:3a:10:4d:0a:bf:ef:dc:fb:38:f9:3e:0e:9e:76:
67:f4:e7:b5:f0:0c:bd:72:6f:d4:ba:ff:c0:41:f0:
69:a0:25:d8:32:c4:1a:6e:7e:c8:78:05:45:cd:aa:
26:46:b1:ed:9c:44:0f:05:28:7d:96:5d:ce:e1:19:
ad:9d:12:ac:df:e3:1c:3c:5d:88:0a:b7:09:b6:09:
d6:57:64:bc:5b:24:a8:ea:54:d8:28:44:07:18:db:
7a:5e:38:77:fe:34:08:aa:35:c4:43:9c:30:97:b0:
76:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:12:1A:3A:34:CC:36:D7:7D:08:2B:E0:34:FC:64:0A:A1:8A:91:74
X509v3 Authority Key Identifier:
keyid:28:16:4A:57:57:FD:D5:72:5A:60:84:4F:2A:E7:EF:73:B1:07:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b2:9f:16:84:85:0c:d8:e3:5c:da:d6:ea:05:46:f3:6e:e9:61:
84:43:96:4b:3e:a3:96:62:cc:5a:06:c8:47:cf:77:57:a0:8c:
3e:70:e7:6f:d9:02:39:65:c5:a4:c0:69:f6:e7:29:0e:16:4e:
0b:4c:5a:49:4f:d8:e3:43:29:ed:a0:99:77:10:49:bd:be:ec:
5c:86:37:95:9c:9f:5f:55:c2:b6:5d:5c:c4:26:59:91:63:79:
75:d3:a9:2a:95:de:4f:bd:f6:d4:68:47:b6:d5:71:e1:7a:2e:
f7:10:50:92:9f:47:1b:6d:3a:4c:1e:fd:ba:49:a3:85:a7:56:
16:e9:a4:7f:f1:7c:57:a8:18:4a:a4:90:6f:87:85:6f:e8:57:
cc:b6:0d:85:be:7d:b5:a1:22:16:9a:51:65:ec:9d:2f:b4:15:
2d:fc:e4:20:6f:ac:dc:a8:a7:cd:dd:2d:d3:12:38:63:5a:e5:
ab:e1:c8:f6:18:46:ac:c7:0e:02:e9:25:f1:02:a2:b9:ad:92:
d0:e4:0e:49:77:59:bd:96:d1:64:ce:24:5e:7b:a2:cd:87:c6:
6c:5e:2e:1d:a6:15:e3:21:44:ac:b3:a8:00:34:01:e7:31:63:
49:6e:ef:99:8b:0a:b0:b2:94:8b:09:89:6e:b0:d8:18:0e:6b:
b5:74:3a:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpT5C+bSystYEu7zKAE7nkpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTY0YTU3NTdmZGQ1NzI1YTYwODQ0ZjJhZTdlZjczYjEw
N2E0YzAwHhcNMjUxMTA1MTIwMDU0WhcNMjUxMTA2MTIwMDU0WjAzMTEwLwYDVQQD
EyhkMjEyMWEzYTM0Y2MzNmQ3N2QwODJiZTAzNGZjNjQwYWExOGE5MTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAze15BHWF7N276Si293Sv+01dHdK3
B6tCV0lHaJIXHyfqwkkGosbq82qfIWcIkmk+6O7FNqjGICcP6NReOxw7GX55eeV8
rXILVI37PBvTUxiZ+1j/WxJXWZc5UslLYPM9so4BzFXtm68onPyZVK6rI3n8+mWZ
Yl5a6fxWlxMTXLUFZfvzI2WtmoCPomyzqdmuT6FS7Tb9OhBNCr/v3Ps4+T4OnnZn
9Oe18Ay9cm/Uuv/AQfBpoCXYMsQabn7IeAVFzaomRrHtnEQPBSh9ll3O4RmtnRKs
3+McPF2ICrcJtgnWV2S8WySo6lTYKEQHGNt6Xjh3/jQIqjXEQ5wwl7B2cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNISGjo0zDbXfQgr4DT8ZAqhipF0MB8GA1UdIwQY
MBaAFCgWSldX/dVyWmCETyrn73OxB6TAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85NTUzNWItZTYzMC00NTdmLThhMDEt
YWVhZTViYmMzOTIwLzEvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85NTUzNWItZTYzMC00NTdmLThhMDEtYWVhZTViYmMzOTIw
LzEvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsp8WhIUM
2ONc2tbqBUbzbulhhEOWSz6jlmLMWgbIR893V6CMPnDnb9kCOWXFpMBp9ucpDhZO
C0xaSU/Y40Mp7aCZdxBJvb7sXIY3lZyfX1XCtl1cxCZZkWN5ddOpKpXeT7321GhH
ttVx4Xou9xBQkp9HG206TB79ukmjhadWFumkf/F8V6gYSqSQb4eFb+hXzLYNhb59
taEiFppRZeydL7QVLfzkIG+s3Kinzd0t0xI4Y1rlq+HI9hhGrMcOAukl8QKiua2S
0OQOSXdZvZbRZM4kXnuizYfGbF4uHaYV4yFErLOoADQB5zFjSW7vmYsKsLKUiwmJ
brDYGA5rtXQ6cw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 19:44:13 2025 by rpki-client