Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
File: kpbYTmTVXsgSR2-4BvD-daCL-ys.mft (raw, json)
Hash identifier: v/92ycobbjQN25WUS6qs1Pku26E4mcwatthfbMBu36k=
Subject key identifier: 6C:09:CA:71:6A:4C:82:68:91:16:44:7E:B0:B8:54:71:CF:65:FA:CC
Authority key identifier: 92:96:D8:4E:64:D5:5E:C8:12:47:6F:B8:06:F0:FE:75:A0:8B:FB:2B
Certificate issuer: /CN=9296d84e64d55ec812476fb806f0fe75a08bfb2b
Certificate serial: 019A52D21E84E2D9DA34E820773F76ED564D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
Manifest number: 1710
Signing time: Wed 05 Nov 2025 07:01:33 +0000
Manifest this update: Wed 05 Nov 2025 07:01:33 +0000
Manifest next update: Thu 06 Nov 2025 07:01:33 +0000
Files and hashes: 1: kpbYTmTVXsgSR2-4BvD-daCL-ys.crl (hash: /6LGv2q4sLt4HfGKPEHdetQEoFfr4gqbvlP7YfNhdXI=)
2: r4bjJ2cCOInhIlG1f9hIdTm3g6M.roa (hash: aZToxg96BEY8Qvj4uVJxCXKyOgQmRt2zg6OKjNY/eQ0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 07:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:d2:1e:84:e2:d9:da:34:e8:20:77:3f:76:ed:56:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9296d84e64d55ec812476fb806f0fe75a08bfb2b
Validity
Not Before: Nov 5 07:01:33 2025 GMT
Not After : Nov 6 07:01:33 2025 GMT
Subject: CN=6c09ca716a4c82689116447eb0b85471cf65facc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:6c:01:95:3f:36:bb:62:6a:58:6a:1e:10:71:
cb:c8:38:bd:80:75:3a:1e:70:22:53:c8:ff:8b:e9:
cb:cb:2a:bb:e5:50:5b:d5:34:ed:8c:5a:9d:9a:de:
8c:1b:2c:72:12:18:4c:65:58:b5:52:c1:b3:98:41:
ab:8f:cd:06:e2:8b:f7:e6:38:17:28:34:0b:80:ce:
36:eb:4a:7b:76:03:5c:1d:15:6a:ea:62:0c:f9:c0:
19:62:10:60:34:cc:4b:75:a5:8c:58:b2:fa:60:5e:
aa:9c:47:83:22:4d:fc:20:d1:1f:47:84:1c:f9:f1:
64:67:dc:65:1c:64:99:aa:43:40:66:be:b0:4c:35:
17:fb:9d:82:cd:96:57:1f:2d:29:cf:b0:98:91:a4:
4d:52:ab:54:c4:7c:25:65:d1:b9:75:c5:f3:02:46:
78:64:60:1c:d2:27:eb:cc:f3:1c:32:11:02:b7:6a:
32:fa:3e:dd:db:ef:d0:a4:57:f6:1a:d7:3f:d4:2e:
27:ba:e0:57:ce:fd:02:3b:f8:db:d5:98:59:07:00:
4d:8f:01:eb:8c:3f:be:ef:50:db:00:19:00:3a:c3:
70:c8:a8:05:68:28:02:3e:a2:76:73:b2:a6:1c:21:
4f:c1:ca:8e:23:6d:52:e4:ec:64:e8:7e:51:31:3d:
d7:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:09:CA:71:6A:4C:82:68:91:16:44:7E:B0:B8:54:71:CF:65:FA:CC
X509v3 Authority Key Identifier:
keyid:92:96:D8:4E:64:D5:5E:C8:12:47:6F:B8:06:F0:FE:75:A0:8B:FB:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3e:17:38:82:1e:0c:17:af:f4:e7:dc:57:9d:33:45:9f:99:65:
62:d0:79:c2:e2:61:7f:09:8e:6e:4c:a8:50:2c:8a:2f:46:e2:
99:22:14:5e:d6:2e:2a:51:5d:8d:96:31:2a:41:3c:df:85:ff:
14:90:af:5c:3c:3a:14:a9:bd:ba:66:79:07:10:cc:af:57:82:
26:26:67:04:70:eb:4e:1b:fb:a3:60:81:49:da:32:c7:b2:8d:
b1:f7:ff:2e:26:3f:e2:5e:ba:20:e7:24:a2:5f:bd:fe:e9:35:
90:57:89:d6:42:11:f3:95:a1:6a:ef:c5:a4:20:3f:25:d3:f8:
32:01:0c:bc:98:51:43:76:cc:51:f0:4b:55:bf:45:da:17:82:
c5:4f:2e:ca:61:31:1f:39:63:46:49:d9:96:3a:cb:7e:28:18:
8a:81:cf:73:64:98:24:bf:17:d5:51:5b:99:64:c1:ec:89:9b:
f1:b3:c2:6a:1a:14:12:ed:49:7b:bf:f8:fb:a6:22:b0:0b:1c:
e6:af:d5:fe:b2:90:bb:3b:53:87:ff:fd:86:85:62:de:0e:5f:
4f:be:c8:5e:dd:96:67:8b:f0:d4:5c:fe:b4:eb:76:8d:7a:22:
66:cc:ee:e3:4b:6f:42:df:6e:21:d5:5a:93:4f:a7:ca:9b:ed:
50:21:b7:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0h6E4tnaNOggdz927VZNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTZkODRlNjRkNTVlYzgxMjQ3NmZiODA2ZjBmZTc1YTA4
YmZiMmIwHhcNMjUxMTA1MDcwMTMzWhcNMjUxMTA2MDcwMTMzWjAzMTEwLwYDVQQD
Eyg2YzA5Y2E3MTZhNGM4MjY4OTExNjQ0N2ViMGI4NTQ3MWNmNjVmYWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmwBlT82u2JqWGoeEHHLyDi9gHU6
HnAiU8j/i+nLyyq75VBb1TTtjFqdmt6MGyxyEhhMZVi1UsGzmEGrj80G4ov35jgX
KDQLgM4260p7dgNcHRVq6mIM+cAZYhBgNMxLdaWMWLL6YF6qnEeDIk38INEfR4Qc
+fFkZ9xlHGSZqkNAZr6wTDUX+52CzZZXHy0pz7CYkaRNUqtUxHwlZdG5dcXzAkZ4
ZGAc0ifrzPMcMhECt2oy+j7d2+/QpFf2Gtc/1C4nuuBXzv0CO/jb1ZhZBwBNjwHr
jD++71DbABkAOsNwyKgFaCgCPqJ2c7KmHCFPwcqOI21S5Oxk6H5RMT3XbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGwJynFqTIJokRZEfrC4VHHPZfrMMB8GA1UdIwQY
MBaAFJKW2E5k1V7IEkdvuAbw/nWgi/srMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9hNTRlYjEtMzNkZS00MDFmLTkzNWEt
ZjM0OTI4NDUwOWI3LzEva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9hNTRlYjEtMzNkZS00MDFmLTkzNWEtZjM0OTI4NDUwOWI3
LzEva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPhc4gh4M
F6/059xXnTNFn5llYtB5wuJhfwmObkyoUCyKL0bimSIUXtYuKlFdjZYxKkE834X/
FJCvXDw6FKm9umZ5BxDMr1eCJiZnBHDrThv7o2CBSdoyx7KNsff/LiY/4l66IOck
ol+9/uk1kFeJ1kIR85Whau/FpCA/JdP4MgEMvJhRQ3bMUfBLVb9F2heCxU8uymEx
HzljRknZljrLfigYioHPc2SYJL8X1VFbmWTB7Imb8bPCahoUEu1Je7/4+6YisAsc
5q/V/rKQuztTh//9hoVi3g5fT77IXt2WZ4vw1Fz+tOt2jXoiZszu40tvQt9uIdVa
k0+nypvtUCG3AA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 16:37:19 2025 by rpki-client