Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/9bc2d8-9320-4a31-a7d4-1156690a43b5/1/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.mft
File: KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.mft (raw, json)
Hash identifier: RPolLZxIjMf5oxYqkZWk/PdrCi9k2PxKbAR9hxVgyMg=
Subject key identifier: E1:6D:AC:07:2F:0A:41:2F:41:46:FE:A9:D2:87:F4:CF:2E:14:78:78
Authority key identifier: 2A:52:75:AD:89:C9:97:6B:51:03:0C:5B:D2:56:79:9B:79:26:56:0C
Certificate issuer: /CN=2a5275ad89c9976b51030c5bd256799b7926560c
Certificate serial: 019A4EBD5365996E31AD13C3B84D97DE5A8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/9bc2d8-9320-4a31-a7d4-1156690a43b5/1/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.mft
Manifest number: 0ABD
Signing time: Tue 04 Nov 2025 12:00:21 +0000
Manifest this update: Tue 04 Nov 2025 12:00:21 +0000
Manifest next update: Wed 05 Nov 2025 12:00:21 +0000
Files and hashes: 1: KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.crl (hash: YNYj52vBwh1Vry+NrOPuvO64OpchaMKwCvxQPgSmYPY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/9bc2d8-9320-4a31-a7d4-1156690a43b5/1/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/9bc2d8-9320-4a31-a7d4-1156690a43b5/1/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.mft
rsync://rpki.ripe.net/repository/DEFAULT/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:bd:53:65:99:6e:31:ad:13:c3:b8:4d:97:de:5a:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a5275ad89c9976b51030c5bd256799b7926560c
Validity
Not Before: Nov 4 12:00:21 2025 GMT
Not After : Nov 5 12:00:21 2025 GMT
Subject: CN=e16dac072f0a412f4146fea9d287f4cf2e147878
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:66:c6:f1:11:d0:d7:01:f2:85:60:a4:82:68:
06:b6:e0:7a:53:0d:6d:21:ec:0a:a1:32:98:49:cb:
9b:10:5b:78:1b:ea:3f:c3:2c:d7:03:fa:00:d1:ca:
25:b9:8e:a7:74:bf:65:c0:be:6b:77:4d:5a:f5:99:
5f:f0:79:af:6f:95:5b:45:87:f6:b7:47:e3:0c:f1:
52:f8:ca:6d:b7:8e:cb:c0:b0:ea:05:e0:a9:b4:79:
56:69:01:6c:90:5d:7e:ab:c2:c2:59:22:8a:85:03:
28:c2:a3:2c:c0:ee:ce:db:94:b8:fa:fc:31:23:96:
37:eb:22:23:40:13:65:ce:fb:69:85:cc:96:fc:da:
d8:8e:13:65:a3:56:1a:48:cb:94:23:f7:80:b6:a7:
db:1e:34:d5:27:59:cc:92:6a:62:b9:de:62:88:37:
f9:9c:a3:1e:75:a1:cb:59:bd:92:07:35:e1:34:9b:
88:31:ea:48:c2:27:8f:2d:49:be:6b:73:a4:d0:0b:
1a:3e:98:7a:d9:c5:05:f7:56:da:26:6b:88:ec:db:
31:92:a5:01:a2:05:83:6d:99:c6:81:32:40:0d:da:
67:40:73:4a:7c:b8:c7:56:f4:dc:8c:01:f8:a3:00:
97:c3:50:95:e3:67:c8:50:19:a5:b9:78:75:f2:51:
06:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:6D:AC:07:2F:0A:41:2F:41:46:FE:A9:D2:87:F4:CF:2E:14:78:78
X509v3 Authority Key Identifier:
keyid:2A:52:75:AD:89:C9:97:6B:51:03:0C:5B:D2:56:79:9B:79:26:56:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/9bc2d8-9320-4a31-a7d4-1156690a43b5/1/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/9bc2d8-9320-4a31-a7d4-1156690a43b5/1/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
91:2d:7e:37:7f:4c:e8:3a:dc:4c:30:5f:9d:5a:aa:f9:29:7d:
de:be:46:24:dc:4e:7e:a9:7c:36:9b:5c:4e:30:16:06:6e:bf:
a4:e8:72:f5:77:e0:7a:9a:fd:f3:ea:40:a1:13:8a:13:f1:3d:
2b:6d:d7:7c:68:68:5a:7f:21:0d:af:fd:5e:b6:1c:99:37:d8:
0f:d4:7a:2d:5b:d8:2c:66:eb:13:3f:c2:c5:e7:f4:9d:80:5a:
76:56:3b:80:4b:e6:ff:16:48:4e:f4:99:f3:a3:cb:62:0c:aa:
2d:d1:5a:08:7e:ea:df:c5:9d:16:e1:9b:3f:36:40:5f:dc:e2:
f5:85:de:f7:ab:90:bd:a6:04:d4:f8:be:53:07:61:a9:0b:a1:
8d:14:6e:d8:b2:8c:58:08:79:a7:c9:12:47:c1:2c:a0:cd:be:
1b:9f:2d:e4:ab:62:08:e6:df:ec:ab:5d:18:3b:75:5d:96:f2:
ae:4f:e0:e4:fa:ba:8b:1c:38:bc:50:23:60:a8:24:10:f7:1b:
33:4f:10:68:50:29:e7:ab:f4:8e:6d:c6:9e:ce:72:74:c9:61:
33:74:14:de:9a:81:86:53:31:00:11:f0:d2:b0:bf:01:64:2e:
eb:a7:34:af:68:23:0d:c4:18:f0:65:41:ef:c0:8a:5a:bd:3c:
13:8d:88:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOvVNlmW4xrRPDuE2X3lqPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNTI3NWFkODljOTk3NmI1MTAzMGM1YmQyNTY3OTliNzky
NjU2MGMwHhcNMjUxMTA0MTIwMDIxWhcNMjUxMTA1MTIwMDIxWjAzMTEwLwYDVQQD
EyhlMTZkYWMwNzJmMGE0MTJmNDE0NmZlYTlkMjg3ZjRjZjJlMTQ3ODc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmbG8RHQ1wHyhWCkgmgGtuB6Uw1t
IewKoTKYScubEFt4G+o/wyzXA/oA0coluY6ndL9lwL5rd01a9Zlf8Hmvb5VbRYf2
t0fjDPFS+Mptt47LwLDqBeCptHlWaQFskF1+q8LCWSKKhQMowqMswO7O25S4+vwx
I5Y36yIjQBNlzvtphcyW/NrYjhNlo1YaSMuUI/eAtqfbHjTVJ1nMkmpiud5iiDf5
nKMedaHLWb2SBzXhNJuIMepIwiePLUm+a3Ok0AsaPph62cUF91baJmuI7NsxkqUB
ogWDbZnGgTJADdpnQHNKfLjHVvTcjAH4owCXw1CV42fIUBmluXh18lEGHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOFtrAcvCkEvQUb+qdKH9M8uFHh4MB8GA1UdIwQY
MBaAFCpSda2JyZdrUQMMW9JWeZt5JlYMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2xKMXJZbkpsMnRSQXd4YjBsWjVtM2ttVmd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC85YmMyZDgtOTMyMC00YTMxLWE3ZDQt
MTE1NjY5MGE0M2I1LzEvS2xKMXJZbkpsMnRSQXd4YjBsWjVtM2ttVmd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC85YmMyZDgtOTMyMC00YTMxLWE3ZDQtMTE1NjY5MGE0M2I1
LzEvS2xKMXJZbkpsMnRSQXd4YjBsWjVtM2ttVmd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkS1+N39M
6DrcTDBfnVqq+Sl93r5GJNxOfql8NptcTjAWBm6/pOhy9Xfgepr98+pAoROKE/E9
K23XfGhoWn8hDa/9XrYcmTfYD9R6LVvYLGbrEz/Cxef0nYBadlY7gEvm/xZITvSZ
86PLYgyqLdFaCH7q38WdFuGbPzZAX9zi9YXe96uQvaYE1Pi+UwdhqQuhjRRu2LKM
WAh5p8kSR8EsoM2+G58t5KtiCObf7KtdGDt1XZbyrk/g5Pq6ixw4vFAjYKgkEPcb
M08QaFAp56v0jm3Gns5ydMlhM3QU3pqBhlMxABHw0rC/AWQu66c0r2gjDcQY8GVB
78CKWr08E42IHw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:55:39 2025 by rpki-client