Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
File: KYXMQ9gGohtjMwIZ62OLsbpJroA.mft (raw, json)
Hash identifier: yobtZFOqiYol4xLV40x1cgRFjG+r43sgkxo/7T7tYHo=
Subject key identifier: 6E:E6:6D:B3:9D:FB:EC:D6:15:2B:74:E9:BD:6D:02:3D:92:CD:D4:4F
Authority key identifier: 29:85:CC:43:D8:06:A2:1B:63:33:02:19:EB:63:8B:B1:BA:49:AE:80
Certificate issuer: /CN=2985cc43d806a21b63330219eb638bb1ba49ae80
Certificate serial: 019A5074EF901C64B1871D408BA40E677E35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
Manifest number: 04F7
Signing time: Tue 04 Nov 2025 20:00:31 +0000
Manifest this update: Tue 04 Nov 2025 20:00:31 +0000
Manifest next update: Wed 05 Nov 2025 20:00:31 +0000
Files and hashes: 1: 2Erepc7c7P1VRx_bLNiYu7weRzk.roa (hash: k2SMyfwtPMsgu8pAJX36t6HmVMk0LqM07DF6s7B27wo=)
2: KYXMQ9gGohtjMwIZ62OLsbpJroA.crl (hash: rvZhfD4b9GY4K8caWBkplluVcdhWCpVpqybX09Z8x08=)
3: L_UMuGgef__KCIxYo719-pYnMY0.roa (hash: qQUOKChy81kdhWvOW3DW3K7T6hbp7d9kPXUCB0/Qv9Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 20:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:74:ef:90:1c:64:b1:87:1d:40:8b:a4:0e:67:7e:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2985cc43d806a21b63330219eb638bb1ba49ae80
Validity
Not Before: Nov 4 20:00:31 2025 GMT
Not After : Nov 5 20:00:31 2025 GMT
Subject: CN=6ee66db39dfbecd6152b74e9bd6d023d92cdd44f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7b:b2:f6:12:e6:69:73:1a:96:fe:71:e8:86:
7f:d1:1b:bc:cd:c9:e6:5c:c1:71:e8:f8:23:9b:d1:
aa:64:52:b7:5a:b6:ac:e6:82:7c:36:5c:45:ef:17:
25:98:ab:7b:d8:cf:4a:50:ba:45:be:57:8c:26:cc:
07:c9:19:9e:6b:8c:76:fd:c9:78:8b:a2:e4:2d:3d:
a0:e2:74:17:53:c6:61:16:ba:bf:2f:ad:bf:7d:1b:
40:93:f2:38:84:83:30:0d:5e:e1:24:a9:1c:f2:3a:
bf:ac:85:5e:5c:70:86:05:a7:ab:f4:82:b6:4d:61:
56:58:9c:78:58:68:e9:7c:37:95:e6:5e:a3:37:81:
b3:f3:cb:6e:f6:f0:36:aa:18:e0:92:47:74:7e:91:
21:24:ec:70:8a:bd:25:e6:97:75:33:24:0c:92:bd:
20:0c:63:dd:de:a0:7c:bf:fc:ee:d0:ed:fc:b8:75:
8c:bc:7d:59:c9:11:9b:d4:4c:c3:c2:10:ee:21:14:
b8:39:47:47:2a:09:5b:ef:cd:c1:e5:a3:af:fd:33:
53:11:34:d8:67:8c:f3:e3:33:9f:87:9c:1b:84:e6:
04:31:a2:1c:9f:89:bd:a1:a8:ec:76:46:a6:90:9d:
05:c2:bd:4c:22:55:9e:f7:53:ef:dc:e1:5a:0d:b4:
84:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:E6:6D:B3:9D:FB:EC:D6:15:2B:74:E9:BD:6D:02:3D:92:CD:D4:4F
X509v3 Authority Key Identifier:
keyid:29:85:CC:43:D8:06:A2:1B:63:33:02:19:EB:63:8B:B1:BA:49:AE:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0a:bb:99:95:51:cd:7b:57:36:1a:26:dc:e5:e2:5e:91:5d:e6:
d9:15:55:b8:31:a7:cd:32:c5:8f:99:65:40:e2:15:4d:d3:23:
14:93:2f:e5:57:92:b9:8a:a8:77:d0:cb:62:94:78:93:3c:63:
e6:46:93:d3:1b:01:94:c9:24:71:4b:bb:e2:3a:47:d4:17:fc:
38:67:3c:c1:27:b5:59:8d:45:90:8c:8a:91:49:7d:35:9f:ed:
34:0a:4d:3b:13:fd:0c:4b:82:f8:9b:ab:ba:fc:3a:a0:31:bd:
e8:75:22:aa:9c:1e:5c:7a:2a:1e:56:e9:d3:5f:39:18:55:f1:
be:3a:cb:dc:ac:50:fa:b5:ac:e0:53:ae:3c:ae:c0:37:f4:71:
28:54:8f:4b:d2:7f:a5:3b:f4:ce:3e:6d:00:93:c9:3e:4c:ec:
f9:33:ce:4b:f3:39:0f:d6:62:20:81:44:ad:9e:b5:a3:32:76:
c3:53:98:8c:b7:72:22:4e:01:ba:3f:94:6f:12:ea:ea:cc:b2:
e0:14:22:fc:1e:ec:d6:d6:0f:3f:69:7e:9f:36:0a:fe:bd:a1:
df:ce:53:bc:f5:ba:12:35:8c:91:9a:d0:d8:01:96:f5:1e:1f:
a0:fe:b3:2f:6f:6e:15:75:75:59:88:41:64:55:98:cf:25:4c:
8f:19:83:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQdO+QHGSxhx1Ai6QOZ341MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ODVjYzQzZDgwNmEyMWI2MzMzMDIxOWViNjM4YmIxYmE0
OWFlODAwHhcNMjUxMTA0MjAwMDMxWhcNMjUxMTA1MjAwMDMxWjAzMTEwLwYDVQQD
Eyg2ZWU2NmRiMzlkZmJlY2Q2MTUyYjc0ZTliZDZkMDIzZDkyY2RkNDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXuy9hLmaXMalv5x6IZ/0Ru8zcnm
XMFx6Pgjm9GqZFK3Wras5oJ8NlxF7xclmKt72M9KULpFvleMJswHyRmea4x2/cl4
i6LkLT2g4nQXU8ZhFrq/L62/fRtAk/I4hIMwDV7hJKkc8jq/rIVeXHCGBaer9IK2
TWFWWJx4WGjpfDeV5l6jN4Gz88tu9vA2qhjgkkd0fpEhJOxwir0l5pd1MyQMkr0g
DGPd3qB8v/zu0O38uHWMvH1ZyRGb1EzDwhDuIRS4OUdHKglb783B5aOv/TNTETTY
Z4zz4zOfh5wbhOYEMaIcn4m9oajsdkamkJ0Fwr1MIlWe91Pv3OFaDbSEYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG7mbbOd++zWFSt06b1tAj2SzdRPMB8GA1UdIwQY
MBaAFCmFzEPYBqIbYzMCGetji7G6Sa6AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9mM2ZlZjQtNDVkYS00YjQzLTk4YzIt
NGRmODg0MGVmYjE3LzEvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9mM2ZlZjQtNDVkYS00YjQzLTk4YzItNGRmODg0MGVmYjE3
LzEvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACruZlVHN
e1c2Gibc5eJekV3m2RVVuDGnzTLFj5llQOIVTdMjFJMv5VeSuYqod9DLYpR4kzxj
5kaT0xsBlMkkcUu74jpH1Bf8OGc8wSe1WY1FkIyKkUl9NZ/tNApNOxP9DEuC+Jur
uvw6oDG96HUiqpweXHoqHlbp0185GFXxvjrL3KxQ+rWs4FOuPK7AN/RxKFSPS9J/
pTv0zj5tAJPJPkzs+TPOS/M5D9ZiIIFErZ61ozJ2w1OYjLdyIk4Buj+UbxLq6syy
4BQi/B7s1tYPP2l+nzYK/r2h385TvPW6EjWMkZrQ2AGW9R4foP6zL29uFXV1WYhB
ZFWYzyVMjxmDyQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:09:58 2025 by rpki-client