Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft
File: KeoL3n9pK8X9wLFoumFKAnLy5k0.mft (raw, json)
Hash identifier: Zl/RJoQBRYdvJu8yEQcqF1e1PxB1hPeuRHNod98I6ws=
Subject key identifier: B3:0B:C2:C7:52:EE:5D:E3:01:25:91:2C:B6:8A:1B:19:66:16:BE:5A
Authority key identifier: 29:EA:0B:DE:7F:69:2B:C5:FD:C0:B1:68:BA:61:4A:02:72:F2:E6:4D
Certificate issuer: /CN=29ea0bde7f692bc5fdc0b168ba614a0272f2e64d
Certificate serial: 019A4EF4C452EEE9B273A3EC2116A4132B57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KeoL3n9pK8X9wLFoumFKAnLy5k0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft
Manifest number: 0D78
Signing time: Tue 04 Nov 2025 13:00:55 +0000
Manifest this update: Tue 04 Nov 2025 13:00:55 +0000
Manifest next update: Wed 05 Nov 2025 13:00:55 +0000
Files and hashes: 1: 9cEvXYVcBJeRVXoK10hhOCyNhJY.roa (hash: ihTe2JjgXGvlLA7K+HxYQQd7iWcLoXsDNyag9kYHBGk=)
2: KeoL3n9pK8X9wLFoumFKAnLy5k0.crl (hash: dvENP+wbgltq9jayLhnh3jXq/A0lXFCIV1D1sNqPw4E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft
rsync://rpki.ripe.net/repository/DEFAULT/KeoL3n9pK8X9wLFoumFKAnLy5k0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f4:c4:52:ee:e9:b2:73:a3:ec:21:16:a4:13:2b:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29ea0bde7f692bc5fdc0b168ba614a0272f2e64d
Validity
Not Before: Nov 4 13:00:55 2025 GMT
Not After : Nov 5 13:00:55 2025 GMT
Subject: CN=b30bc2c752ee5de30125912cb68a1b196616be5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:96:77:16:b7:70:7f:da:b1:fb:4f:ce:a6:ac:
38:cc:b1:bb:18:31:53:51:5b:34:45:f9:3c:44:e1:
02:89:22:6b:99:f2:5f:13:b9:ff:3f:3a:31:25:e5:
b1:24:16:c2:30:23:8d:69:e6:3a:45:b9:47:58:9a:
34:66:3e:49:f7:33:05:91:e1:e9:cc:30:f1:1d:ad:
c8:0e:f0:bd:28:f6:cb:d8:0b:08:11:8b:47:a0:4a:
44:39:76:fe:46:58:df:c3:ba:62:df:d5:3e:c9:72:
8a:c1:64:66:bd:61:18:58:3c:d5:0a:81:ca:b3:44:
ad:d0:85:1d:70:22:7a:c3:94:8a:2f:69:ba:92:4d:
89:45:78:8d:98:bd:27:54:ce:fa:01:6b:22:c9:98:
a3:bf:0b:19:cf:73:dd:c6:6e:0a:f7:95:f9:0e:95:
ad:ee:e7:2d:17:f9:a8:00:48:df:f3:c6:43:e6:bd:
cf:a5:4e:f2:72:17:68:f7:7f:a0:af:d6:b1:02:53:
6f:c2:fc:c4:67:db:64:05:d7:eb:65:2e:fc:75:33:
72:b0:9d:ce:00:3b:8e:cb:45:cc:78:d4:8c:4f:e0:
51:d4:80:8a:16:eb:ef:91:04:88:00:2f:a7:56:43:
fa:ed:ce:9c:bf:99:6f:0a:c7:ad:36:9d:a2:bc:70:
40:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:0B:C2:C7:52:EE:5D:E3:01:25:91:2C:B6:8A:1B:19:66:16:BE:5A
X509v3 Authority Key Identifier:
keyid:29:EA:0B:DE:7F:69:2B:C5:FD:C0:B1:68:BA:61:4A:02:72:F2:E6:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KeoL3n9pK8X9wLFoumFKAnLy5k0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
03:23:8d:b0:03:f7:46:cf:90:c6:34:18:91:0e:c3:1a:77:6b:
19:a6:47:3f:7b:f0:22:45:e4:05:64:ba:48:31:43:88:3d:cb:
c5:57:d6:f9:e1:22:78:fc:51:30:88:7d:df:62:c3:f6:9a:99:
c1:25:15:7d:7c:af:39:b3:f5:16:d1:d0:ed:30:34:46:22:ae:
ad:3f:10:40:e2:f7:40:db:fb:33:47:d5:17:70:95:81:53:e6:
e3:ac:2a:e7:ec:66:9a:2c:c5:b7:0a:3c:ae:9c:c2:eb:06:f3:
10:13:8a:79:1f:b1:84:f3:fa:f5:c7:aa:da:e2:4a:87:c4:04:
24:14:36:3a:f4:ae:52:69:67:00:7f:8a:24:04:2c:66:1b:7b:
a2:59:b7:a0:b7:38:23:65:a0:cf:43:84:30:ba:37:c0:8c:07:
85:fd:9c:f3:76:60:ce:ec:57:e3:00:67:97:ba:86:f9:56:ea:
09:52:91:5b:04:62:33:f1:e3:9c:52:b8:83:44:d3:41:8c:01:
c2:2b:70:6a:70:c9:ab:71:2c:0f:7c:1a:88:b5:1a:50:48:53:
fe:92:d2:12:58:22:bc:6e:98:c0:4a:ba:78:92:90:5b:3b:cd:
83:05:18:85:ed:39:6e:43:79:63:ac:c9:0e:96:47:13:85:82:
91:a1:3d:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9MRS7umyc6PsIRakEytXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZWEwYmRlN2Y2OTJiYzVmZGMwYjE2OGJhNjE0YTAyNzJm
MmU2NGQwHhcNMjUxMTA0MTMwMDU1WhcNMjUxMTA1MTMwMDU1WjAzMTEwLwYDVQQD
EyhiMzBiYzJjNzUyZWU1ZGUzMDEyNTkxMmNiNjhhMWIxOTY2MTZiZTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJZ3Frdwf9qx+0/Opqw4zLG7GDFT
UVs0Rfk8ROECiSJrmfJfE7n/PzoxJeWxJBbCMCONaeY6RblHWJo0Zj5J9zMFkeHp
zDDxHa3IDvC9KPbL2AsIEYtHoEpEOXb+Rljfw7pi39U+yXKKwWRmvWEYWDzVCoHK
s0St0IUdcCJ6w5SKL2m6kk2JRXiNmL0nVM76AWsiyZijvwsZz3Pdxm4K95X5DpWt
7uctF/moAEjf88ZD5r3PpU7ychdo93+gr9axAlNvwvzEZ9tkBdfrZS78dTNysJ3O
ADuOy0XMeNSMT+BR1ICKFuvvkQSIAC+nVkP67c6cv5lvCsetNp2ivHBAjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLMLwsdS7l3jASWRLLaKGxlmFr5aMB8GA1UdIwQY
MBaAFCnqC95/aSvF/cCxaLphSgJy8uZNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2VvTDNuOXBLOFg5d0xGb3VtRktBbkx5NWswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9kMmZmNWItMDAwOC00NTcyLTkzODAt
OTc2YzA0YmRmMThmLzEvS2VvTDNuOXBLOFg5d0xGb3VtRktBbkx5NWswLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9kMmZmNWItMDAwOC00NTcyLTkzODAtOTc2YzA0YmRmMThm
LzEvS2VvTDNuOXBLOFg5d0xGb3VtRktBbkx5NWswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAyONsAP3
Rs+QxjQYkQ7DGndrGaZHP3vwIkXkBWS6SDFDiD3LxVfW+eEiePxRMIh932LD9pqZ
wSUVfXyvObP1FtHQ7TA0RiKurT8QQOL3QNv7M0fVF3CVgVPm46wq5+xmmizFtwo8
rpzC6wbzEBOKeR+xhPP69ceq2uJKh8QEJBQ2OvSuUmlnAH+KJAQsZht7olm3oLc4
I2Wgz0OEMLo3wIwHhf2c83ZgzuxX4wBnl7qG+VbqCVKRWwRiM/HjnFK4g0TTQYwB
witwanDJq3EsD3waiLUaUEhT/pLSElgivG6YwEq6eJKQWzvNgwUYhe05bkN5Y6zJ
DpZHE4WCkaE9rA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:57:10 2025 by rpki-client