
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft
File: kdDHjDCaPpncmrdPLNwEhIWedTA.mft (raw, json)
Hash identifier: 2r4X2RSNKULiF7HOkC7Cva7Mt2lgl0JUN/qdTvKemj0=
Subject key identifier: B3:E6:89:52:1C:F8:8E:2E:3F:A2:1E:70:7D:9E:76:D0:16:6C:76:74
Authority key identifier: 91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30
Certificate issuer: /CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530
Certificate serial: 019A5074D09B2477B84393CE139A639BE85E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft
Manifest number: 1226
Signing time: Tue 04 Nov 2025 20:00:24 +0000
Manifest this update: Tue 04 Nov 2025 20:00:24 +0000
Manifest next update: Wed 05 Nov 2025 20:00:24 +0000
Files and hashes: 1: 1-W_ixXGYX8sPaJagj-AVwFiwChc.roa (hash: L0D3lIfkN9efhBw5T+b3u9NkdIMxDqZ5UXxZUhgRWOs=)
2: 1wei3P__YsLq8D2DZQdx3r5Se8Q.roa (hash: mJ3sfO2t0ZrVqr8Lh/dS5cWV3uJ23FidlrzCBj85Xpg=)
3: D9OViOUA1-461O4zttxUuu7lHv0.roa (hash: 2itBNaHzhENVRyOefdMh6N1RENcyUMqY/eAvQKNqorQ=)
4: FL9fu1OvmoFGfhkDWCYg6qk3FZw.roa (hash: 4qo1m7CfLoe2e1/s3slGLhDBLmvad/IFz+DUbL4c5ro=)
5: QhTNtcmMP2d8JHj8beOVtwBfn-8.roa (hash: pGtJfsZnHgpcNHsy6MUt5rD0YLB/sQz5xjhWg8xCmoY=)
6: b_UNR9Xj_ycfuOSMA48F_QSRqts.roa (hash: V/FK04zH2Za3Nwu+0PjyuAuPUrWk9vHEnkwAOnyhoAs=)
7: bvT0XxpWvjhSrsyJnY-pHBlHicQ.roa (hash: jO921Nm2+NbwqmtR+BTndgCkDUsWuQ/tZNnxs0Ah0nM=)
8: jOvM-KkjMcocARVIZsXXSmhqwTk.roa (hash: /hlDFttzMgmj+4PtUECpeb46avxwmQavKNZsIngAs74=)
9: kdDHjDCaPpncmrdPLNwEhIWedTA.crl (hash: BHCk9Bsx4N179f7WWeJ0TPMV9rf6+DsngoQLdYpFdJE=)
10: mI6CMDbVFOggenhN7vYK1kqjlUM.roa (hash: Ix338GJteDKUBZwQ6uAO2I9vp00YeBcogG5YXz8IPLE=)
11: vUVcdpzXr2JQGsu1xtXoOvW_LHU.roa (hash: 2iN03nQJUllsMqRJ1fP7+P4h4U6MeEk1ERszIuxQ8MY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft
rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:74:d0:9b:24:77:b8:43:93:ce:13:9a:63:9b:e8:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530
Validity
Not Before: Nov 4 20:00:24 2025 GMT
Not After : Nov 5 20:00:24 2025 GMT
Subject: CN=b3e689521cf88e2e3fa21e707d9e76d0166c7674
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:33:5e:0c:f7:6e:67:be:35:cc:8f:c1:19:ba:
6b:1e:ce:c3:bd:75:e3:ba:3e:03:f9:ff:92:a4:2d:
c9:95:b2:89:3d:c4:8c:dd:0d:08:eb:6c:6a:39:41:
8a:ee:2e:1a:c9:f3:85:90:fe:f9:fc:d6:c8:1c:95:
4b:7a:8a:8b:58:89:82:74:a3:04:76:32:09:d6:f4:
b8:fb:c7:e3:8c:81:99:0a:02:da:1c:78:6c:d8:7e:
32:10:c9:bb:ad:6f:10:70:d3:e1:1b:47:6a:14:0a:
49:5c:fd:1a:bb:42:8b:9a:37:12:84:69:d7:93:02:
f4:49:74:e0:d8:82:a3:04:c3:5d:ae:1a:fa:0d:db:
d2:67:66:28:7c:f3:ee:a8:7d:19:ae:7e:7c:ee:a3:
2d:77:21:2c:cf:59:a1:69:02:b8:f0:75:1e:cc:ba:
20:9b:bc:0a:94:aa:1a:13:c2:7f:13:fd:1e:08:7d:
3c:7e:ff:b7:60:a6:c8:d7:c9:b0:18:bb:9c:39:f2:
44:8a:8b:f0:c8:bc:b2:d0:ea:08:0f:40:21:ca:32:
e1:3c:ba:60:50:44:b5:db:f0:0e:3a:52:2e:78:f2:
39:98:a1:1f:20:d6:18:28:21:39:4b:f1:f4:2f:aa:
31:df:bd:67:33:14:33:8a:80:d7:21:08:fc:ff:fd:
1d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:E6:89:52:1C:F8:8E:2E:3F:A2:1E:70:7D:9E:76:D0:16:6C:76:74
X509v3 Authority Key Identifier:
keyid:91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
d2:73:fe:e3:19:97:5a:75:33:f0:2f:97:69:ad:3d:03:f4:2c:
cf:4c:c3:f9:38:ca:1c:bb:3a:8a:88:32:6a:ff:f0:8c:a9:7f:
b4:3f:d1:01:d3:29:88:f2:90:30:10:51:81:4d:7b:5a:97:8b:
34:cd:64:d5:d5:5b:1b:c1:b0:79:0e:eb:15:99:67:62:4f:84:
df:31:5c:d1:a5:ce:c2:8d:c1:38:bb:d4:e7:a5:ce:14:eb:56:
35:74:27:05:49:d7:68:e2:02:86:41:a2:84:82:bb:9c:8a:4b:
61:81:ce:d6:f7:f6:7a:8d:ba:74:27:03:52:1f:d4:a5:b7:1c:
1d:6a:63:58:77:8c:68:ab:30:d2:d6:06:da:f3:2e:61:50:f5:
c9:fa:c6:4e:15:5f:04:8d:ac:68:43:7f:3b:88:7b:ff:54:18:
3a:1e:10:10:ea:23:98:4c:d9:c9:7d:26:6b:71:4a:a2:32:40:
63:42:cd:c1:27:c2:44:3a:ae:85:63:80:d0:92:01:0c:8c:8e:
10:4f:e3:1b:a9:f0:8c:69:15:73:23:8a:d7:65:cb:f0:c3:2b:
95:31:81:02:f1:54:8c:ec:df:88:6f:89:6b:24:68:ff:9b:21:
85:70:43:7d:32:2f:9b:c5:6f:ab:85:b2:47:0e:ba:4f:71:58:
e2:46:ff:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQdNCbJHe4Q5POE5pjm+heMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDBjNzhjMzA5YTNlOTlkYzlhYjc0ZjJjZGMwNDg0ODU5
ZTc1MzAwHhcNMjUxMTA0MjAwMDI0WhcNMjUxMTA1MjAwMDI0WjAzMTEwLwYDVQQD
EyhiM2U2ODk1MjFjZjg4ZTJlM2ZhMjFlNzA3ZDllNzZkMDE2NmM3Njc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojNeDPduZ741zI/BGbprHs7DvXXj
uj4D+f+SpC3JlbKJPcSM3Q0I62xqOUGK7i4ayfOFkP75/NbIHJVLeoqLWImCdKME
djIJ1vS4+8fjjIGZCgLaHHhs2H4yEMm7rW8QcNPhG0dqFApJXP0au0KLmjcShGnX
kwL0SXTg2IKjBMNdrhr6DdvSZ2YofPPuqH0Zrn587qMtdyEsz1mhaQK48HUezLog
m7wKlKoaE8J/E/0eCH08fv+3YKbI18mwGLucOfJEiovwyLyy0OoID0AhyjLhPLpg
UES12/AOOlIuePI5mKEfINYYKCE5S/H0L6ox371nMxQzioDXIQj8//0dxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLPmiVIc+I4uP6IecH2edtAWbHZ0MB8GA1UdIwQY
MBaAFJHQx4wwmj6Z3Jq3TyzcBISFnnUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEt
NDg1MmM4ZmY4YWYyLzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEtNDg1MmM4ZmY4YWYy
LzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0nP+4xmX
WnUz8C+Xaa09A/Qsz0zD+TjKHLs6iogyav/wjKl/tD/RAdMpiPKQMBBRgU17WpeL
NM1k1dVbG8GweQ7rFZlnYk+E3zFc0aXOwo3BOLvU56XOFOtWNXQnBUnXaOIChkGi
hIK7nIpLYYHO1vf2eo26dCcDUh/UpbccHWpjWHeMaKsw0tYG2vMuYVD1yfrGThVf
BI2saEN/O4h7/1QYOh4QEOojmEzZyX0ma3FKojJAY0LNwSfCRDquhWOA0JIBDIyO
EE/jG6nwjGkVcyOK12XL8MMrlTGBAvFUjOzfiG+JayRo/5shhXBDfTIvm8Vvq4Wy
Rw66T3FY4kb/VQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 02:55:29 2025 by rpki-client