Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
File: kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft (raw, json)
Hash identifier: aGw6f2xERs2qhQKyZKsAR9nr/x/Jx7yhvr+vWOyq2S0=
Subject key identifier: 64:89:8D:92:0E:72:6D:8E:DA:DD:95:1B:41:D0:3B:FE:94:EB:AA:FA
Authority key identifier: 91:18:8C:A6:4C:46:70:A6:EB:56:B4:2A:50:A1:05:88:AD:96:47:EE
Certificate issuer: /CN=91188ca64c4670a6eb56b42a50a10588ad9647ee
Certificate serial: 019A51F5B0D1F6D19B7716B746A8582A8094
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
Manifest number: 0BA2
Signing time: Wed 05 Nov 2025 03:00:47 +0000
Manifest this update: Wed 05 Nov 2025 03:00:47 +0000
Manifest next update: Thu 06 Nov 2025 03:00:47 +0000
Files and hashes: 1: JyQo8VWrljsbu7fdBUyCLnp2fRo.roa (hash: PYNlAKDVxyxJWLdDPpsz5WMXt3MO3ZloO8y7DclxK3I=)
2: kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl (hash: K4v72ThMrwn+c/Iyf/aLp/tJBUhrmw5Y/IUaNPsx2bw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:51:f5:b0:d1:f6:d1:9b:77:16:b7:46:a8:58:2a:80:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91188ca64c4670a6eb56b42a50a10588ad9647ee
Validity
Not Before: Nov 5 03:00:47 2025 GMT
Not After : Nov 6 03:00:47 2025 GMT
Subject: CN=64898d920e726d8edadd951b41d03bfe94ebaafa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:4e:ce:de:f8:e3:51:bb:10:db:ba:08:fb:9f:
2a:a9:46:54:36:ca:31:38:1c:55:5b:a9:64:9a:68:
16:2d:f9:b6:a8:fc:0f:b6:9e:18:f8:26:ae:07:cd:
70:39:b2:20:68:c5:66:70:81:ac:b4:30:07:54:fb:
de:88:f8:e1:a7:d8:5c:06:0d:ed:d1:41:c1:2c:26:
74:ea:8c:74:a1:7a:70:8d:eb:ee:75:20:14:00:53:
aa:8b:f2:e2:37:92:ce:10:4e:c5:5d:9c:f9:74:cb:
9a:9a:8c:f7:89:67:37:db:0c:49:87:91:3c:d2:63:
63:00:f6:4f:1a:28:b3:ab:64:7b:2a:a5:92:a0:6d:
25:31:25:03:e5:16:0e:5d:50:6b:fc:97:96:80:8d:
a5:2c:6b:2e:ce:de:74:5b:f4:6b:96:af:7d:42:0d:
5a:bf:92:f2:aa:2f:db:6d:c2:01:6b:bc:77:1f:10:
d2:38:07:27:ba:87:a8:24:73:84:88:a6:d5:09:58:
60:60:e4:76:aa:bc:60:41:04:2d:51:a9:a6:4d:cc:
e6:07:4d:51:e8:c3:0d:fb:61:c6:42:7b:22:18:65:
83:32:02:0f:e9:2b:62:18:8d:bc:dc:7c:91:3c:05:
dc:75:70:9c:e7:08:38:1b:14:0c:e1:fa:5f:17:be:
d5:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:89:8D:92:0E:72:6D:8E:DA:DD:95:1B:41:D0:3B:FE:94:EB:AA:FA
X509v3 Authority Key Identifier:
keyid:91:18:8C:A6:4C:46:70:A6:EB:56:B4:2A:50:A1:05:88:AD:96:47:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8c:80:22:2a:d3:77:78:14:46:cc:d4:9f:0d:c6:5b:b6:85:b9:
db:ce:51:dd:85:ba:c5:24:ae:6d:8d:b5:1d:53:fc:74:73:97:
d9:b7:c4:f2:87:91:05:df:ff:6c:30:1b:7d:07:67:cc:be:ad:
e4:f1:f3:eb:0a:0a:e1:c3:33:6c:b0:b7:22:58:88:5c:b6:a9:
62:c1:08:cb:e4:8a:56:04:59:f7:22:0c:73:0e:73:bd:42:a4:
29:21:33:22:a1:2e:c3:fe:af:64:53:6a:ef:cf:ff:13:6a:40:
1b:4c:ee:16:67:68:a3:33:ab:19:85:91:1a:4c:e2:de:e5:54:
f8:7c:5a:1c:97:a6:1b:11:c7:90:1f:6d:74:12:d4:5e:97:fb:
a4:28:29:e0:7d:ef:64:2e:13:5c:d4:1e:e4:1a:a3:3d:31:94:
e1:5a:00:7c:7b:ea:f1:de:d2:33:7f:7c:98:a5:1d:17:dd:1f:
bf:79:57:0c:16:e5:6c:76:18:ca:b1:11:3b:3a:3d:76:4a:a0:
a4:8a:f7:e0:52:e9:80:88:20:89:25:a7:4d:04:d2:06:50:07:
76:49:f3:ee:41:e2:73:80:ea:05:87:37:67:b9:64:d6:cf:44:
29:3c:af:c5:34:3e:d6:7c:1f:21:27:ae:90:c8:1c:83:1e:d6:
34:b3:e0:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpR9bDR9tGbdxa3RqhYKoCUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMTg4Y2E2NGM0NjcwYTZlYjU2YjQyYTUwYTEwNTg4YWQ5
NjQ3ZWUwHhcNMjUxMTA1MDMwMDQ3WhcNMjUxMTA2MDMwMDQ3WjAzMTEwLwYDVQQD
Eyg2NDg5OGQ5MjBlNzI2ZDhlZGFkZDk1MWI0MWQwM2JmZTk0ZWJhYWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz07O3vjjUbsQ27oI+58qqUZUNsox
OBxVW6lkmmgWLfm2qPwPtp4Y+CauB81wObIgaMVmcIGstDAHVPveiPjhp9hcBg3t
0UHBLCZ06ox0oXpwjevudSAUAFOqi/LiN5LOEE7FXZz5dMuamoz3iWc32wxJh5E8
0mNjAPZPGiizq2R7KqWSoG0lMSUD5RYOXVBr/JeWgI2lLGsuzt50W/Rrlq99Qg1a
v5Lyqi/bbcIBa7x3HxDSOAcnuoeoJHOEiKbVCVhgYOR2qrxgQQQtUammTczmB01R
6MMN+2HGQnsiGGWDMgIP6StiGI283HyRPAXcdXCc5wg4GxQM4fpfF77VRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGSJjZIOcm2O2t2VG0HQO/6U66r6MB8GA1UdIwQY
MBaAFJEYjKZMRnCm61a0KlChBYitlkfuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8zMWQ2YzEtMTE0Ni00NTg4LTgzOGQt
MTQ3MTc3YjgzN2RlLzEva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8zMWQ2YzEtMTE0Ni00NTg4LTgzOGQtMTQ3MTc3YjgzN2Rl
LzEva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjIAiKtN3
eBRGzNSfDcZbtoW5285R3YW6xSSubY21HVP8dHOX2bfE8oeRBd//bDAbfQdnzL6t
5PHz6woK4cMzbLC3IliIXLapYsEIy+SKVgRZ9yIMcw5zvUKkKSEzIqEuw/6vZFNq
78//E2pAG0zuFmdoozOrGYWRGkzi3uVU+HxaHJemGxHHkB9tdBLUXpf7pCgp4H3v
ZC4TXNQe5BqjPTGU4VoAfHvq8d7SM398mKUdF90fv3lXDBblbHYYyrEROzo9dkqg
pIr34FLpgIggiSWnTQTSBlAHdknz7kHic4DqBYc3Z7lk1s9EKTyvxTQ+1nwfISeu
kMgcgx7WNLPgEw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:24:54 2025 by rpki-client