Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/e6632b-1fbf-496f-b355-1536fc78385d/1/KMtfP7lXJRqtS6CdC6tzUrdLsH0.mft
File: KMtfP7lXJRqtS6CdC6tzUrdLsH0.mft (raw, json)
Hash identifier: 4XSNb4d9Cczd2qIt3TKA6ZkG9/w0d18bnwbsErc/MlI=
Subject key identifier: D5:7D:9B:16:8E:6E:8F:1A:1E:63:30:FA:52:F6:A9:1A:26:5D:41:5C
Authority key identifier: 28:CB:5F:3F:B9:57:25:1A:AD:4B:A0:9D:0B:AB:73:52:B7:4B:B0:7D
Certificate issuer: /CN=28cb5f3fb957251aad4ba09d0bab7352b74bb07d
Certificate serial: 019A4EF5946F0C90BDCA397EDA27A8D1784C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KMtfP7lXJRqtS6CdC6tzUrdLsH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/e6632b-1fbf-496f-b355-1536fc78385d/1/KMtfP7lXJRqtS6CdC6tzUrdLsH0.mft
Manifest number: 0BF3
Signing time: Tue 04 Nov 2025 13:01:48 +0000
Manifest this update: Tue 04 Nov 2025 13:01:48 +0000
Manifest next update: Wed 05 Nov 2025 13:01:48 +0000
Files and hashes: 1: 0i9Bsr9ABLnx3mgPWtu21_vME3g.roa (hash: TMrcqTSOi1Ov7CcLLSWohgeiaaCi8xEADwSrQIF/DCo=)
2: KMtfP7lXJRqtS6CdC6tzUrdLsH0.crl (hash: MD5kWgJRMacUTRdWga17Z06XaBWwJg4IInntvz9yf9I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/e6632b-1fbf-496f-b355-1536fc78385d/1/KMtfP7lXJRqtS6CdC6tzUrdLsH0.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/e6632b-1fbf-496f-b355-1536fc78385d/1/KMtfP7lXJRqtS6CdC6tzUrdLsH0.mft
rsync://rpki.ripe.net/repository/DEFAULT/KMtfP7lXJRqtS6CdC6tzUrdLsH0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f5:94:6f:0c:90:bd:ca:39:7e:da:27:a8:d1:78:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28cb5f3fb957251aad4ba09d0bab7352b74bb07d
Validity
Not Before: Nov 4 13:01:48 2025 GMT
Not After : Nov 5 13:01:48 2025 GMT
Subject: CN=d57d9b168e6e8f1a1e6330fa52f6a91a265d415c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:75:d3:e9:65:ed:45:c0:f4:1d:93:b4:63:d1:
8b:77:99:5c:8c:1b:b8:e6:82:2c:f9:c8:1c:f3:78:
fa:12:15:dd:d9:14:ac:97:45:81:42:e7:ff:40:a8:
e6:09:43:9a:15:ce:55:c4:c9:ac:9a:54:4c:18:6f:
56:71:f3:83:03:4c:25:cb:e6:a3:58:4d:c7:78:6c:
ec:8f:43:5c:5a:b2:7b:80:72:0c:5e:ac:48:20:f1:
d6:b0:4c:5b:2e:1f:6a:bb:d1:2d:99:71:31:e0:e1:
cc:2b:58:fc:25:3f:3d:87:c0:7f:3f:24:8d:37:8c:
b2:9c:b3:5e:80:4f:83:0e:9d:74:a0:9d:6a:be:1f:
5a:b1:ae:74:73:1a:19:2e:68:28:ff:36:fa:72:63:
91:0f:81:3f:77:78:07:fe:a3:22:bf:a1:d6:b0:c4:
33:10:2c:37:e1:9c:03:f3:e5:a7:93:34:76:1b:51:
27:88:7e:74:4b:5d:e4:aa:2a:39:e3:98:12:34:2f:
87:ec:2a:b7:2f:a3:16:65:fe:0d:33:ae:4c:e7:3a:
19:63:53:f0:eb:c6:ea:de:40:8a:4e:d1:fb:da:57:
9b:5d:79:ea:3c:d8:da:89:35:2c:ef:e3:be:f6:41:
de:3c:5c:ab:cc:77:4e:65:04:8f:86:8c:6b:d2:44:
a9:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:7D:9B:16:8E:6E:8F:1A:1E:63:30:FA:52:F6:A9:1A:26:5D:41:5C
X509v3 Authority Key Identifier:
keyid:28:CB:5F:3F:B9:57:25:1A:AD:4B:A0:9D:0B:AB:73:52:B7:4B:B0:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMtfP7lXJRqtS6CdC6tzUrdLsH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/e6632b-1fbf-496f-b355-1536fc78385d/1/KMtfP7lXJRqtS6CdC6tzUrdLsH0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/e6632b-1fbf-496f-b355-1536fc78385d/1/KMtfP7lXJRqtS6CdC6tzUrdLsH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
82:67:c0:d0:a0:2f:87:b9:7e:e7:6b:0e:7b:f9:c7:2f:7c:47:
2e:ac:ee:34:da:e9:00:f6:28:df:f4:db:36:ca:37:67:d8:f4:
f8:66:68:17:31:46:e9:a8:2b:67:47:bc:46:32:40:30:b7:48:
e8:c9:81:65:25:e4:b4:3e:ec:57:03:e3:65:ad:42:bd:cc:68:
8f:b5:8b:00:88:df:70:1c:1e:40:8d:cd:46:d6:0f:6e:82:e7:
ca:2c:51:fb:11:1f:e9:b8:3a:ab:08:d6:c3:f5:28:d9:14:d0:
ce:29:a2:b7:43:91:33:69:42:e3:68:f5:48:2e:b9:7b:d4:27:
40:37:4d:fd:a4:40:22:46:9b:bc:ef:59:05:42:3f:91:dc:d9:
62:78:20:cc:91:47:a2:6d:a1:54:22:e9:5f:d0:7b:b1:dc:17:
b9:c8:2e:03:60:d3:4a:b4:0b:f4:86:d7:fc:d0:00:3d:f9:01:
88:8a:de:ea:24:25:cb:f2:dd:f8:dc:21:36:3a:62:51:e6:d7:
94:1e:78:74:1d:10:be:35:1b:0c:73:db:5c:6c:26:b8:dd:cb:
7b:f3:55:a4:7f:c5:f2:b9:67:98:cb:5b:79:6e:c0:92:99:fd:
92:13:a8:52:b0:f1:31:25:c5:fa:4e:8c:6d:3b:66:39:fc:77:
94:50:49:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9ZRvDJC9yjl+2ieo0XhMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4Y2I1ZjNmYjk1NzI1MWFhZDRiYTA5ZDBiYWI3MzUyYjc0
YmIwN2QwHhcNMjUxMTA0MTMwMTQ4WhcNMjUxMTA1MTMwMTQ4WjAzMTEwLwYDVQQD
EyhkNTdkOWIxNjhlNmU4ZjFhMWU2MzMwZmE1MmY2YTkxYTI2NWQ0MTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4XXT6WXtRcD0HZO0Y9GLd5lcjBu4
5oIs+cgc83j6EhXd2RSsl0WBQuf/QKjmCUOaFc5VxMmsmlRMGG9WcfODA0wly+aj
WE3HeGzsj0NcWrJ7gHIMXqxIIPHWsExbLh9qu9EtmXEx4OHMK1j8JT89h8B/PySN
N4yynLNegE+DDp10oJ1qvh9asa50cxoZLmgo/zb6cmORD4E/d3gH/qMiv6HWsMQz
ECw34ZwD8+WnkzR2G1EniH50S13kqio545gSNC+H7Cq3L6MWZf4NM65M5zoZY1Pw
68bq3kCKTtH72lebXXnqPNjaiTUs7+O+9kHePFyrzHdOZQSPhoxr0kSpvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNV9mxaObo8aHmMw+lL2qRomXUFcMB8GA1UdIwQY
MBaAFCjLXz+5VyUarUugnQurc1K3S7B9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS010ZlA3bFhKUnF0UzZDZEM2dHpVcmRMc0gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9lNjYzMmItMWZiZi00OTZmLWIzNTUt
MTUzNmZjNzgzODVkLzEvS010ZlA3bFhKUnF0UzZDZEM2dHpVcmRMc0gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9lNjYzMmItMWZiZi00OTZmLWIzNTUtMTUzNmZjNzgzODVk
LzEvS010ZlA3bFhKUnF0UzZDZEM2dHpVcmRMc0gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgmfA0KAv
h7l+52sOe/nHL3xHLqzuNNrpAPYo3/TbNso3Z9j0+GZoFzFG6agrZ0e8RjJAMLdI
6MmBZSXktD7sVwPjZa1Cvcxoj7WLAIjfcBweQI3NRtYPboLnyixR+xEf6bg6qwjW
w/Uo2RTQzimit0ORM2lC42j1SC65e9QnQDdN/aRAIkabvO9ZBUI/kdzZYnggzJFH
om2hVCLpX9B7sdwXucguA2DTSrQL9IbX/NAAPfkBiIre6iQly/Ld+NwhNjpiUebX
lB54dB0QvjUbDHPbXGwmuN3Le/NVpH/F8rlnmMtbeW7Akpn9khOoUrDxMSXF+k6M
bTtmOfx3lFBJ+Q==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:48:13 2025 by rpki-client