Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft
File: kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft (raw, json)
Hash identifier: K7admXk7/pXh33h/gBac8hSQLYSw8xUC8bAMAJlPu2U=
Subject key identifier: B6:52:77:1B:D6:E4:D2:86:2C:56:DD:EF:96:5B:64:4F:12:E9:89:13
Authority key identifier: 91:C1:C8:5B:F5:C5:34:71:A9:97:EF:9F:A9:99:D0:C1:6B:E8:54:44
Certificate issuer: /CN=91c1c85bf5c53471a997ef9fa999d0c16be85444
Certificate serial: 019A52D1B7AC7ED0D7AFABD0417036929DE5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft
Manifest number: 1719
Signing time: Wed 05 Nov 2025 07:01:07 +0000
Manifest this update: Wed 05 Nov 2025 07:01:07 +0000
Manifest next update: Thu 06 Nov 2025 07:01:07 +0000
Files and hashes: 1: Lx4QL8l0KgaffC4QXEWzVHcEawc.roa (hash: DxG2rV8lArm7XTxrRaRlBv42lE1FblGks/y6Gbm7tWY=)
2: kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl (hash: beYfVYaEiatRKMNtrWYjSTDkchoSKxU9durN3p27SY4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:d1:b7:ac:7e:d0:d7:af:ab:d0:41:70:36:92:9d:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91c1c85bf5c53471a997ef9fa999d0c16be85444
Validity
Not Before: Nov 5 07:01:07 2025 GMT
Not After : Nov 6 07:01:07 2025 GMT
Subject: CN=b652771bd6e4d2862c56ddef965b644f12e98913
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:44:1b:75:62:74:7c:3c:1d:aa:35:25:30:45:
28:5e:f1:a3:ac:0b:56:53:95:ca:d8:01:8b:8d:95:
42:75:76:61:56:a6:70:f5:96:58:bd:d6:b7:6f:01:
2b:8f:a7:43:bc:d1:87:5b:19:3c:1a:11:ba:99:65:
93:c9:5c:3a:34:21:f9:e9:83:e4:d1:d0:74:4c:29:
11:88:ea:12:e3:8c:b5:ad:4a:ac:cc:db:b4:af:e5:
4c:f5:bd:dc:36:04:80:dc:06:d4:f7:0a:44:63:82:
5a:4d:38:dc:9d:40:0a:36:9a:ec:8b:6d:c2:c9:b7:
00:21:ab:d3:49:3e:11:e1:07:56:02:05:03:f7:db:
df:4e:49:2c:58:25:57:f1:c7:a6:04:44:2a:07:ae:
31:8c:f9:a1:6a:47:66:7d:99:e6:0f:79:32:04:b3:
3d:6f:f2:a5:50:5f:79:4e:7f:08:9c:ac:db:2b:59:
ee:26:3c:52:f8:a3:00:73:99:f9:4f:8b:73:cd:1b:
86:65:0b:3e:f4:2e:cb:92:67:f8:7c:dd:4b:56:7c:
fa:32:b7:11:0c:4f:a5:94:ae:51:52:5a:8b:00:39:
40:b8:96:82:89:43:09:dd:8b:ee:16:ef:ae:54:ec:
b2:ef:5a:92:8d:61:4d:a3:66:58:9c:31:b7:8e:73:
dd:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:52:77:1B:D6:E4:D2:86:2C:56:DD:EF:96:5B:64:4F:12:E9:89:13
X509v3 Authority Key Identifier:
keyid:91:C1:C8:5B:F5:C5:34:71:A9:97:EF:9F:A9:99:D0:C1:6B:E8:54:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
16:90:19:91:fc:d7:4a:66:3d:32:df:9a:66:6e:14:9a:ad:2c:
f7:bb:1d:ac:c8:0d:a0:46:df:fb:5c:3e:a4:fa:ae:20:cb:5a:
94:e6:ab:c4:d7:5b:00:44:1c:17:ea:9e:d4:d3:2c:60:e2:82:
60:ec:32:fc:97:2e:cc:04:0f:97:f1:7c:b4:4b:6e:6f:64:ef:
1b:b6:ba:da:3c:94:c6:7a:57:ed:2a:69:0f:f5:bc:af:5f:f3:
58:93:1e:7c:d5:01:b1:d5:7f:e9:ea:fc:f7:6f:e7:2c:0e:ab:
80:37:44:d2:ea:4c:60:46:c7:dc:61:67:02:64:1f:79:18:8b:
59:4c:e7:3c:ee:91:79:0a:a1:b2:e2:6a:e7:dc:2a:14:53:34:
28:06:90:31:85:48:a3:6f:57:db:8d:56:35:37:99:92:e2:a8:
9f:b9:aa:fc:a9:f5:80:3d:1a:63:79:b5:dc:36:90:a0:a1:0c:
69:af:aa:c4:b1:cc:ca:16:d5:f2:f7:cb:f6:5c:ae:fc:17:2a:
3a:55:cf:5c:96:3d:52:40:c5:30:92:b1:69:16:7d:21:10:af:
2f:e5:08:e3:09:1a:72:7e:8e:e2:a2:07:4d:a2:00:45:ee:5c:
74:0d:13:83:48:35:48:b2:ec:b6:e5:df:ad:c0:4d:d5:3c:fd:
db:9a:36:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0besftDXr6vQQXA2kp3lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYzFjODViZjVjNTM0NzFhOTk3ZWY5ZmE5OTlkMGMxNmJl
ODU0NDQwHhcNMjUxMTA1MDcwMTA3WhcNMjUxMTA2MDcwMTA3WjAzMTEwLwYDVQQD
EyhiNjUyNzcxYmQ2ZTRkMjg2MmM1NmRkZWY5NjViNjQ0ZjEyZTk4OTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0QbdWJ0fDwdqjUlMEUoXvGjrAtW
U5XK2AGLjZVCdXZhVqZw9ZZYvda3bwErj6dDvNGHWxk8GhG6mWWTyVw6NCH56YPk
0dB0TCkRiOoS44y1rUqszNu0r+VM9b3cNgSA3AbU9wpEY4JaTTjcnUAKNprsi23C
ybcAIavTST4R4QdWAgUD99vfTkksWCVX8cemBEQqB64xjPmhakdmfZnmD3kyBLM9
b/KlUF95Tn8InKzbK1nuJjxS+KMAc5n5T4tzzRuGZQs+9C7Lkmf4fN1LVnz6MrcR
DE+llK5RUlqLADlAuJaCiUMJ3YvuFu+uVOyy71qSjWFNo2ZYnDG3jnPd3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLZSdxvW5NKGLFbd75ZbZE8S6YkTMB8GA1UdIwQY
MBaAFJHByFv1xTRxqZfvn6mZ0MFr6FREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wMzQ3ZDMtZTU0Yy00NGMwLThmN2Et
NDUxNDM3NGU2ZmZhLzEva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wMzQ3ZDMtZTU0Yy00NGMwLThmN2EtNDUxNDM3NGU2ZmZh
LzEva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFpAZkfzX
SmY9Mt+aZm4Umq0s97sdrMgNoEbf+1w+pPquIMtalOarxNdbAEQcF+qe1NMsYOKC
YOwy/JcuzAQPl/F8tEtub2TvG7a62jyUxnpX7SppD/W8r1/zWJMefNUBsdV/6er8
92/nLA6rgDdE0upMYEbH3GFnAmQfeRiLWUznPO6ReQqhsuJq59wqFFM0KAaQMYVI
o29X241WNTeZkuKon7mq/Kn1gD0aY3m13DaQoKEMaa+qxLHMyhbV8vfL9lyu/Bcq
OlXPXJY9UkDFMJKxaRZ9IRCvL+UI4wkacn6O4qIHTaIARe5cdA0Tg0g1SLLstuXf
rcBN1Tz925o2Ew==
-----END CERTIFICATE-----
Generated at Wed Nov 5 10:09:55 2025 by rpki-client