Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
File: kpbYTmTVXsgSR2-4BvD-daCL-ys.mft (raw, json)
Hash identifier: l2xRkyKcC+UBjsUb8XvUQKSEmXN9do3iRjJuOhTusaI=
Subject key identifier: 38:4B:90:6D:DB:C7:5B:B3:62:F1:B9:9A:3F:EE:A2:6C:9D:76:F1:3F
Authority key identifier: 92:96:D8:4E:64:D5:5E:C8:12:47:6F:B8:06:F0:FE:75:A0:8B:FB:2B
Certificate issuer: /CN=9296d84e64d55ec812476fb806f0fe75a08bfb2b
Certificate serial: 019A54BFEBC5FDE53833B72E24E93B865770
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
Manifest number: 1711
Signing time: Wed 05 Nov 2025 16:00:55 +0000
Manifest this update: Wed 05 Nov 2025 16:00:55 +0000
Manifest next update: Thu 06 Nov 2025 16:00:55 +0000
Files and hashes: 1: kpbYTmTVXsgSR2-4BvD-daCL-ys.crl (hash: JzmfgvUuasAYXy5RYNaAhEIR7ePdF1yLqxcNVt0AW64=)
2: r4bjJ2cCOInhIlG1f9hIdTm3g6M.roa (hash: aZToxg96BEY8Qvj4uVJxCXKyOgQmRt2zg6OKjNY/eQ0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:54:bf:eb:c5:fd:e5:38:33:b7:2e:24:e9:3b:86:57:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9296d84e64d55ec812476fb806f0fe75a08bfb2b
Validity
Not Before: Nov 5 16:00:55 2025 GMT
Not After : Nov 6 16:00:55 2025 GMT
Subject: CN=384b906ddbc75bb362f1b99a3feea26c9d76f13f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ff:4b:1f:2a:89:ac:45:73:89:bb:2a:c4:6e:
d0:51:6f:1f:38:57:3d:3c:ae:f5:58:5b:7e:4e:cd:
ba:1d:01:e8:98:e6:29:1b:cf:b3:d9:3a:c2:37:61:
5e:85:32:08:52:5a:30:4b:28:4b:15:0d:89:a6:00:
9b:55:98:17:71:68:9c:68:1c:d7:f3:82:39:07:97:
99:f1:e4:f7:67:a1:a9:35:0e:a8:25:2d:fe:15:07:
8e:34:bb:6d:44:c9:ab:61:0c:58:3f:20:73:b8:ed:
b2:0e:80:4d:ef:fc:8d:f7:bf:00:62:d3:dc:fe:89:
74:13:d9:eb:fd:36:dc:9d:5f:b4:23:ab:02:b4:55:
7d:03:6b:9b:1d:54:5b:f5:22:12:19:1d:da:d9:d8:
00:26:5a:a8:a8:4a:f8:30:d5:ae:40:d3:16:1b:fc:
cd:7d:2a:96:4c:69:03:cb:6b:2d:c4:67:61:23:f4:
a4:cf:0e:90:fb:f3:c3:5a:9c:8f:58:ad:ac:7e:fc:
7b:d7:58:b1:fa:bf:a1:46:e3:1f:42:89:73:96:ad:
fb:75:27:7d:4a:5f:f6:80:b5:72:82:8c:0f:2b:19:
49:82:c2:c1:7a:5e:66:e8:a7:25:0f:ba:af:84:c5:
f3:e6:45:c5:6f:fc:8e:f7:55:02:b8:e3:8e:10:b8:
a8:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:4B:90:6D:DB:C7:5B:B3:62:F1:B9:9A:3F:EE:A2:6C:9D:76:F1:3F
X509v3 Authority Key Identifier:
keyid:92:96:D8:4E:64:D5:5E:C8:12:47:6F:B8:06:F0:FE:75:A0:8B:FB:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9c:21:64:2f:ce:33:2b:0c:d8:2a:be:2b:97:0c:ed:fe:e0:ce:
3c:22:cd:ad:86:5d:01:85:07:af:0a:55:d1:19:6f:97:18:2e:
c1:d9:84:6f:8b:8a:37:56:e6:16:3f:89:ff:1a:c4:ae:6d:66:
9c:14:e3:99:d1:b0:f5:66:dd:13:36:2d:b2:16:47:29:21:14:
7f:cc:bb:14:f7:10:4a:6d:7a:a7:61:4d:a4:ad:8e:66:27:d2:
04:7c:e8:dc:77:74:b6:a1:a4:15:13:7b:1b:6c:61:50:52:8e:
06:ae:42:79:a9:8a:5d:5d:5d:1f:1b:5b:d2:b5:8c:b6:95:7d:
8c:2f:71:9f:19:2b:71:ec:bb:96:8c:b2:7c:00:2a:67:3a:4a:
40:73:65:a2:04:f0:22:3a:d2:66:78:da:31:89:00:c3:42:9a:
ba:e6:29:44:41:17:6c:09:9a:9e:f8:e1:8a:6d:98:8d:f1:95:
6b:50:dd:ea:44:5b:61:23:66:d0:58:81:17:b2:19:20:5c:42:
a7:c8:32:8b:3d:9a:3a:d5:3a:06:36:38:e8:92:d5:62:50:69:
19:7e:53:03:3f:52:b0:fa:28:ca:0d:f4:56:40:9c:5e:53:0d:
17:e8:0b:ee:60:ef:20:15:ff:24:a0:ae:c5:24:24:b8:14:bd:
e4:41:89:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpUv+vF/eU4M7cuJOk7hldwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTZkODRlNjRkNTVlYzgxMjQ3NmZiODA2ZjBmZTc1YTA4
YmZiMmIwHhcNMjUxMTA1MTYwMDU1WhcNMjUxMTA2MTYwMDU1WjAzMTEwLwYDVQQD
EygzODRiOTA2ZGRiYzc1YmIzNjJmMWI5OWEzZmVlYTI2YzlkNzZmMTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyP9LHyqJrEVzibsqxG7QUW8fOFc9
PK71WFt+Ts26HQHomOYpG8+z2TrCN2FehTIIUlowSyhLFQ2JpgCbVZgXcWicaBzX
84I5B5eZ8eT3Z6GpNQ6oJS3+FQeONLttRMmrYQxYPyBzuO2yDoBN7/yN978AYtPc
/ol0E9nr/TbcnV+0I6sCtFV9A2ubHVRb9SISGR3a2dgAJlqoqEr4MNWuQNMWG/zN
fSqWTGkDy2stxGdhI/Skzw6Q+/PDWpyPWK2sfvx711ix+r+hRuMfQolzlq37dSd9
Sl/2gLVygowPKxlJgsLBel5m6KclD7qvhMXz5kXFb/yO91UCuOOOELiobQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDhLkG3bx1uzYvG5mj/uomyddvE/MB8GA1UdIwQY
MBaAFJKW2E5k1V7IEkdvuAbw/nWgi/srMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9hNTRlYjEtMzNkZS00MDFmLTkzNWEt
ZjM0OTI4NDUwOWI3LzEva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9hNTRlYjEtMzNkZS00MDFmLTkzNWEtZjM0OTI4NDUwOWI3
LzEva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnCFkL84z
KwzYKr4rlwzt/uDOPCLNrYZdAYUHrwpV0RlvlxguwdmEb4uKN1bmFj+J/xrErm1m
nBTjmdGw9WbdEzYtshZHKSEUf8y7FPcQSm16p2FNpK2OZifSBHzo3Hd0tqGkFRN7
G2xhUFKOBq5CeamKXV1dHxtb0rWMtpV9jC9xnxkrcey7loyyfAAqZzpKQHNlogTw
IjrSZnjaMYkAw0KauuYpREEXbAmanvjhim2YjfGVa1Dd6kRbYSNm0FiBF7IZIFxC
p8gyiz2aOtU6BjY46JLVYlBpGX5TAz9SsPooyg30VkCcXlMNF+gL7mDvIBX/JKCu
xSQkuBS95EGJmw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 17:55:24 2025 by rpki-client