Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft
File: kdfs8XFCs7CTX443uPfZwlPw7hk.mft (raw, json)
Hash identifier: 8R/pMqVl6NvrSoCL89STFvPN7W45EyQXV2PNwzSRVvU=
Subject key identifier: AA:C4:D9:CE:3A:23:0E:5F:6B:81:01:AB:96:23:3D:94:9B:E8:16:B7
Authority key identifier: 91:D7:EC:F1:71:42:B3:B0:93:5F:8E:37:B8:F7:D9:C2:53:F0:EE:19
Certificate issuer: /CN=91d7ecf17142b3b0935f8e37b8f7d9c253f0ee19
Certificate serial: 019A4DAA9A678ED843B65D3C81BA27F99F9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft
Manifest number: 1711
Signing time: Tue 04 Nov 2025 07:00:17 +0000
Manifest this update: Tue 04 Nov 2025 07:00:17 +0000
Manifest next update: Wed 05 Nov 2025 07:00:17 +0000
Files and hashes: 1: kdfs8XFCs7CTX443uPfZwlPw7hk.crl (hash: dew+Zen919ySJ3n9mE/fHmWi60oHwcYb21Rs11k/ucM=)
2: yaNI0_QU-og_a5wIKL7nblpP3wo.roa (hash: mocSKnatPWu2K5HO5VSBkHGD9dsGk50fbeHRajNzTSQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft
rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:aa:9a:67:8e:d8:43:b6:5d:3c:81:ba:27:f9:9f:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d7ecf17142b3b0935f8e37b8f7d9c253f0ee19
Validity
Not Before: Nov 4 07:00:17 2025 GMT
Not After : Nov 5 07:00:17 2025 GMT
Subject: CN=aac4d9ce3a230e5f6b8101ab96233d949be816b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:41:15:c0:21:b0:43:56:af:7a:7a:6d:8b:87:
56:7f:a8:fe:06:35:52:b7:e8:cc:05:c3:4a:fe:d9:
c4:51:55:92:d4:90:31:c3:81:02:9f:07:02:52:b5:
09:c1:53:75:3d:52:6e:ba:96:26:04:1b:ed:e8:05:
39:b4:4b:16:12:fe:17:a6:b7:e6:35:59:9f:76:ad:
a0:49:bc:61:4b:1f:b0:0b:5a:c1:84:40:38:47:0f:
eb:c7:6c:20:eb:e1:9d:78:39:ae:2c:12:ee:c6:b6:
d7:f3:31:f5:98:dc:78:be:fb:52:e3:5b:90:22:96:
2f:96:8b:b3:37:d6:ff:4e:df:50:11:a3:94:40:e4:
83:5f:22:75:ce:48:80:8a:fd:78:42:97:8c:22:be:
d4:95:0b:06:4e:3f:fb:f1:8b:ab:cc:a2:66:de:f7:
0d:e2:b6:d5:da:a5:42:fa:6f:ee:77:f6:c5:5a:f7:
d0:09:fc:98:8a:67:03:fb:e4:e7:e8:4e:ed:d4:23:
4e:86:cf:66:c0:4b:8c:92:3f:b7:f6:a7:aa:d9:3e:
55:b2:b4:86:53:fe:d1:e0:8d:d0:f1:4a:61:d5:16:
e0:02:33:00:1e:3a:d7:be:31:02:3a:d1:17:e1:c2:
61:77:56:6b:34:be:eb:f4:94:b5:71:2b:20:db:c1:
44:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:C4:D9:CE:3A:23:0E:5F:6B:81:01:AB:96:23:3D:94:9B:E8:16:B7
X509v3 Authority Key Identifier:
keyid:91:D7:EC:F1:71:42:B3:B0:93:5F:8E:37:B8:F7:D9:C2:53:F0:EE:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6f:91:d9:c6:4a:61:07:65:32:24:ae:c1:1e:5c:40:6f:fb:65:
6e:a2:f5:c8:2a:6d:f2:d0:81:60:8d:4c:99:65:df:2c:9a:7b:
58:b9:9d:b4:4b:d0:14:af:a0:08:c9:83:02:73:c4:f6:3c:97:
07:0d:01:c8:27:cf:9e:ed:af:84:b8:cc:9b:89:70:ef:d2:ac:
60:2c:ad:db:8f:71:d9:db:b1:fa:b1:56:36:a1:9c:f2:00:d5:
2a:d0:c9:6d:5b:74:af:1d:46:82:8f:e8:f0:c6:5f:4d:6a:e2:
aa:44:46:22:a9:a8:9e:32:9a:96:cb:62:b6:e1:07:27:62:ee:
c8:fe:a3:26:99:bd:f5:44:5e:0f:7d:fc:1f:93:6e:ce:fd:54:
0f:b8:3d:00:2b:05:d2:4a:ad:c4:c0:0b:20:8e:1c:c2:57:53:
b4:72:f9:2c:a0:e4:63:5c:22:56:18:59:31:21:f7:c0:2b:90:
3b:c3:10:0a:e9:24:37:a5:7d:9d:fc:71:4c:3d:27:e2:12:5f:
93:75:ef:95:5c:63:32:4f:d8:e7:60:21:5b:1d:a5:dc:22:12:
83:20:6c:4f:7c:ae:c6:28:7e:e5:a8:5b:b4:2f:a7:c0:7c:d1:
7a:51:4b:62:90:4a:88:3f:b1:03:26:95:d2:ea:1c:5f:bd:9b:
7d:b7:a4:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNqppnjthDtl08gbon+Z+cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDdlY2YxNzE0MmIzYjA5MzVmOGUzN2I4ZjdkOWMyNTNm
MGVlMTkwHhcNMjUxMTA0MDcwMDE3WhcNMjUxMTA1MDcwMDE3WjAzMTEwLwYDVQQD
EyhhYWM0ZDljZTNhMjMwZTVmNmI4MTAxYWI5NjIzM2Q5NDliZTgxNmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUEVwCGwQ1avenpti4dWf6j+BjVS
t+jMBcNK/tnEUVWS1JAxw4ECnwcCUrUJwVN1PVJuupYmBBvt6AU5tEsWEv4Xprfm
NVmfdq2gSbxhSx+wC1rBhEA4Rw/rx2wg6+GdeDmuLBLuxrbX8zH1mNx4vvtS41uQ
IpYvlouzN9b/Tt9QEaOUQOSDXyJ1zkiAiv14QpeMIr7UlQsGTj/78YurzKJm3vcN
4rbV2qVC+m/ud/bFWvfQCfyYimcD++Tn6E7t1CNOhs9mwEuMkj+39qeq2T5VsrSG
U/7R4I3Q8Uph1RbgAjMAHjrXvjECOtEX4cJhd1ZrNL7r9JS1cSsg28FEmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKrE2c46Iw5fa4EBq5YjPZSb6Ba3MB8GA1UdIwQY
MBaAFJHX7PFxQrOwk1+ON7j32cJT8O4ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9iMDhlNmUtMDgyMi00MjI0LTk1NGIt
YTZiMWFkMzRlMDhjLzEva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9iMDhlNmUtMDgyMi00MjI0LTk1NGItYTZiMWFkMzRlMDhj
LzEva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb5HZxkph
B2UyJK7BHlxAb/tlbqL1yCpt8tCBYI1MmWXfLJp7WLmdtEvQFK+gCMmDAnPE9jyX
Bw0ByCfPnu2vhLjMm4lw79KsYCyt249x2dux+rFWNqGc8gDVKtDJbVt0rx1Ggo/o
8MZfTWriqkRGIqmonjKalstituEHJ2LuyP6jJpm99UReD338H5Nuzv1UD7g9ACsF
0kqtxMALII4cwldTtHL5LKDkY1wiVhhZMSH3wCuQO8MQCukkN6V9nfxxTD0n4hJf
k3XvlVxjMk/Y52AhWx2l3CISgyBsT3yuxih+5ahbtC+nwHzRelFLYpBKiD+xAyaV
0uocX72bfbekOw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 10:43:38 2025 by rpki-client