Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
File: KRKNnU8aVulw-HRtaCesESD5Jmc.mft (raw, json)
Hash identifier: cvZIr6FDkqtkfo1Oat+3+SLIaMlSMYVBXoQgiO1oEr4=
Subject key identifier: 3C:71:3C:C2:10:FD:4F:CF:CD:20:76:56:B0:3F:98:E4:6C:80:37:74
Authority key identifier: 29:12:8D:9D:4F:1A:56:E9:70:F8:74:6D:68:27:AC:11:20:F9:26:67
Certificate issuer: /CN=29128d9d4f1a56e970f8746d6827ac1120f92667
Certificate serial: 019A5263489CCB24F174DB1E1F17CF6BC4EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
Manifest number: 0214
Signing time: Wed 05 Nov 2025 05:00:29 +0000
Manifest this update: Wed 05 Nov 2025 05:00:29 +0000
Manifest next update: Thu 06 Nov 2025 05:00:29 +0000
Files and hashes: 1: F89K3Q0XwdNsBMWEF-9n8HX8seQ.roa (hash: k36l/8lxtcKwAJTjrdDRO46ly7DD3aRm+mH7GwvYLjg=)
2: KRKNnU8aVulw-HRtaCesESD5Jmc.crl (hash: r+zSI1ZwYiVWqoeIAjeQOqvP4esdMhCppJVV1F3AlAg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 05:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:63:48:9c:cb:24:f1:74:db:1e:1f:17:cf:6b:c4:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29128d9d4f1a56e970f8746d6827ac1120f92667
Validity
Not Before: Nov 5 05:00:29 2025 GMT
Not After : Nov 6 05:00:29 2025 GMT
Subject: CN=3c713cc210fd4fcfcd207656b03f98e46c803774
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f5:12:d1:43:32:c9:2f:1b:72:13:1e:3c:97:
09:66:e1:de:dc:e7:43:86:80:13:43:c5:6f:74:4e:
a3:d7:84:23:c1:32:7b:ee:03:74:de:99:4b:00:e1:
7f:6c:00:5b:96:ee:59:2a:3d:b9:97:ed:a1:6b:04:
2d:88:c3:31:b8:8e:bb:d3:31:a8:97:8f:8b:26:af:
70:ea:0f:6d:c5:84:f5:7e:c7:87:8b:d4:7b:cb:4f:
a3:1c:99:15:78:d8:bd:0f:ef:da:1f:08:6e:ff:31:
0b:04:7f:89:3e:6b:47:aa:95:52:e9:4b:a3:93:75:
00:a3:3b:77:d9:a9:be:cf:e2:16:2f:ac:30:c5:8b:
3f:01:ab:84:35:34:6a:9e:d0:a7:c9:96:79:df:18:
7d:e4:64:d9:f8:e0:ff:b0:b2:f8:e4:8b:26:38:2e:
90:ec:e7:71:9a:ac:ea:67:3c:f1:db:cd:7f:40:1e:
c5:16:70:d7:7f:aa:a3:12:27:b4:be:e8:7d:fb:b8:
c3:35:fd:a2:91:37:d6:e3:a7:67:03:51:e7:dd:f7:
cb:32:35:90:b2:57:c0:45:b4:77:3d:f2:a5:44:f6:
04:b6:26:ed:05:b0:89:e1:a9:64:3b:a9:5a:10:f0:
a6:8e:19:d6:ed:22:63:df:8e:02:f3:a4:14:bb:a9:
71:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:71:3C:C2:10:FD:4F:CF:CD:20:76:56:B0:3F:98:E4:6C:80:37:74
X509v3 Authority Key Identifier:
keyid:29:12:8D:9D:4F:1A:56:E9:70:F8:74:6D:68:27:AC:11:20:F9:26:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:d0:29:b0:b2:30:54:64:15:4e:76:b2:82:dc:eb:5b:c1:c4:
95:a9:8a:e3:e9:3e:04:3a:39:ed:1e:94:2a:27:c6:d6:58:77:
fb:cc:56:22:b8:02:a6:5c:01:20:d9:e1:cf:33:cf:7f:2c:11:
37:02:30:57:c9:9f:8f:82:2b:50:9b:ea:02:e4:00:58:70:45:
59:31:3f:a9:52:90:1f:2d:a4:7b:13:a9:35:ff:97:b9:73:4e:
fc:5c:e8:2d:ad:7f:54:66:4b:1d:b2:38:e5:6b:2c:47:f1:a9:
86:b9:02:89:17:57:9a:c2:48:02:3e:72:bc:3c:dc:30:28:ff:
bd:6a:49:98:69:1d:e0:78:41:72:00:4e:d6:b2:35:5f:ba:2c:
6e:b2:6f:c9:e0:8a:75:96:11:c2:33:3a:a1:e8:72:e0:4f:14:
7b:b8:ae:4a:83:74:a7:d7:22:db:ce:b4:64:2c:3f:b1:1b:62:
7a:57:02:03:4e:e4:03:88:74:bd:45:5f:13:90:4a:0d:8b:a9:
cc:dc:46:61:35:52:65:bf:ef:c9:c5:1f:72:fd:a2:d3:04:e1:
5b:3c:ae:c7:f2:5f:eb:25:d6:bc:e1:4e:57:c9:2a:83:9d:40:
7f:d8:96:56:0f:b7:a5:b2:6c:25:58:50:df:12:7b:c1:c9:c2:
75:c4:e5:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpSY0icyyTxdNseHxfPa8TvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MTI4ZDlkNGYxYTU2ZTk3MGY4NzQ2ZDY4MjdhYzExMjBm
OTI2NjcwHhcNMjUxMTA1MDUwMDI5WhcNMjUxMTA2MDUwMDI5WjAzMTEwLwYDVQQD
EygzYzcxM2NjMjEwZmQ0ZmNmY2QyMDc2NTZiMDNmOThlNDZjODAzNzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvUS0UMyyS8bchMePJcJZuHe3OdD
hoATQ8VvdE6j14QjwTJ77gN03plLAOF/bABblu5ZKj25l+2hawQtiMMxuI670zGo
l4+LJq9w6g9txYT1fseHi9R7y0+jHJkVeNi9D+/aHwhu/zELBH+JPmtHqpVS6Uuj
k3UAozt32am+z+IWL6wwxYs/AauENTRqntCnyZZ53xh95GTZ+OD/sLL45IsmOC6Q
7OdxmqzqZzzx281/QB7FFnDXf6qjEie0vuh9+7jDNf2ikTfW46dnA1Hn3ffLMjWQ
slfARbR3PfKlRPYEtibtBbCJ4alkO6laEPCmjhnW7SJj344C86QUu6lxAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDxxPMIQ/U/PzSB2VrA/mORsgDd0MB8GA1UdIwQY
MBaAFCkSjZ1PGlbpcPh0bWgnrBEg+SZnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8xMTQ3N2MtODQ1Mi00YWJiLTkxNDct
ZjBiMDljMGM5MGM3LzEvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8xMTQ3N2MtODQ1Mi00YWJiLTkxNDctZjBiMDljMGM5MGM3
LzEvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADtApsLIw
VGQVTnaygtzrW8HElamK4+k+BDo57R6UKifG1lh3+8xWIrgCplwBINnhzzPPfywR
NwIwV8mfj4IrUJvqAuQAWHBFWTE/qVKQHy2kexOpNf+XuXNO/FzoLa1/VGZLHbI4
5WssR/GphrkCiRdXmsJIAj5yvDzcMCj/vWpJmGkd4HhBcgBO1rI1X7osbrJvyeCK
dZYRwjM6oehy4E8Ue7iuSoN0p9ci2860ZCw/sRtielcCA07kA4h0vUVfE5BKDYup
zNxGYTVSZb/vycUfcv2i0wThWzyux/Jf6yXWvOFOV8kqg51Af9iWVg+3pbJsJVhQ
3xJ7wcnCdcTl1A==
-----END CERTIFICATE-----
Generated at Wed Nov 5 14:46:58 2025 by rpki-client