Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
File: KMID1l3y1lvbzzyINELdq1WjvN4.mft (raw, json)
Hash identifier: CwS2tHpBJ/M/34WA+yTS/6/vyIp126lS7XxwylNy8pE=
Subject key identifier: 92:A3:E8:F5:58:53:E8:0B:86:A0:A1:5A:1C:8E:AC:F2:1E:0A:B4:89
Authority key identifier: 28:C2:03:D6:5D:F2:D6:5B:DB:CF:3C:88:34:42:DD:AB:55:A3:BC:DE
Certificate issuer: /CN=28c203d65df2d65bdbcf3c883442ddab55a3bcde
Certificate serial: 019A4F2B96D6D5D4365848C0F7F096D8B524
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KMID1l3y1lvbzzyINELdq1WjvN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
Manifest number: 0CFB
Signing time: Tue 04 Nov 2025 14:00:47 +0000
Manifest this update: Tue 04 Nov 2025 14:00:47 +0000
Manifest next update: Wed 05 Nov 2025 14:00:47 +0000
Files and hashes: 1: KMID1l3y1lvbzzyINELdq1WjvN4.crl (hash: HGH9XCnULQZc+MhqNPsbPs8VW2aolzXPM0RDkzXSVw8=)
2: eEe-w2donDCxX-tAzaEpFb0UtVY.roa (hash: g2d5FELl0EWl1pKF09WRuqqNzRt0N8/ZzyiwDHce4Xk=)
3: kA_OSzYdIA2vmO2YYor5kHVNHTQ.roa (hash: na+fNS4+KPnZVKtvI9VPkmEDxvmlZJBhohUxDwUJWbE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
rsync://rpki.ripe.net/repository/DEFAULT/KMID1l3y1lvbzzyINELdq1WjvN4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 14:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:2b:96:d6:d5:d4:36:58:48:c0:f7:f0:96:d8:b5:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28c203d65df2d65bdbcf3c883442ddab55a3bcde
Validity
Not Before: Nov 4 14:00:47 2025 GMT
Not After : Nov 5 14:00:47 2025 GMT
Subject: CN=92a3e8f55853e80b86a0a15a1c8eacf21e0ab489
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2c:77:a8:ac:8f:a6:11:c1:95:3a:2d:45:31:
4c:38:b0:06:80:18:0b:3f:e4:ed:36:cf:48:0c:08:
0d:e8:e4:73:8b:9d:a2:b5:24:5b:d5:20:9e:b0:b0:
bd:c0:69:10:9a:40:af:59:60:b9:49:9d:0e:1f:07:
6f:b5:df:a1:33:42:a7:05:ec:8e:63:fb:85:e3:b7:
0d:88:e0:df:e8:7a:a7:ac:fa:41:49:41:31:5b:ac:
f2:eb:90:b8:15:e5:c9:a8:41:3a:e9:b7:55:3f:47:
a7:21:7d:3b:89:80:a6:19:c9:00:ad:de:22:51:6c:
6d:a4:35:32:d1:e6:48:f1:9e:d8:14:19:e1:94:b6:
e0:b2:c9:05:56:c3:52:3e:6a:3c:84:7b:6e:d2:a4:
b2:e6:1a:8f:35:1b:05:cd:a3:2e:0e:d2:69:e2:a0:
2e:98:a3:c3:b6:f6:7c:d2:8b:21:5a:67:73:a7:cc:
32:a4:62:84:af:f0:cb:57:e1:80:68:ab:96:d9:34:
43:8b:7d:80:85:a1:a0:27:20:a4:9f:67:6e:05:44:
9a:30:24:3e:c8:81:ac:a6:24:65:d8:8b:cf:fd:33:
da:1c:83:2b:c6:48:7a:fe:5d:54:c1:b1:cf:4f:ab:
7b:0b:83:27:b0:62:32:3b:85:b8:fa:7b:55:b6:e3:
f5:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:A3:E8:F5:58:53:E8:0B:86:A0:A1:5A:1C:8E:AC:F2:1E:0A:B4:89
X509v3 Authority Key Identifier:
keyid:28:C2:03:D6:5D:F2:D6:5B:DB:CF:3C:88:34:42:DD:AB:55:A3:BC:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMID1l3y1lvbzzyINELdq1WjvN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a0:3e:a9:5f:60:7b:dc:a4:a6:41:a6:f5:29:ff:28:ed:e0:df:
1d:93:77:e5:63:00:69:5c:2b:cf:4e:60:6c:fd:85:7b:38:9b:
72:f8:be:7c:e9:c4:93:71:16:bf:2b:d0:f1:bc:7c:8b:3f:cd:
11:f9:a0:fb:4c:c1:52:18:42:ac:e3:cf:af:96:b9:6c:b6:f6:
11:1c:1f:de:8a:e2:af:db:da:54:48:ed:b7:d7:e5:3c:13:75:
42:4f:a5:a8:dd:1b:a5:14:38:c2:0c:89:9e:86:19:8f:3c:a0:
79:1c:06:15:13:32:52:d8:20:2c:8e:e1:7d:c5:41:4c:60:fd:
fe:54:4a:67:9e:79:5b:40:8d:aa:a4:8c:99:da:27:7d:18:b6:
ee:4c:15:5a:b0:d8:15:68:cb:ad:20:6f:17:fd:a5:06:03:02:
df:3e:16:f1:ce:58:78:99:cf:9a:e2:f3:2f:66:3f:bf:a3:c7:
9f:df:68:c3:53:7e:d3:c5:f3:67:65:bb:f7:ee:6a:03:00:92:
76:07:3d:45:2d:e9:aa:05:01:8a:25:3a:42:50:b8:59:d3:5e:
f5:1e:6a:5e:dc:95:05:45:fc:40:cd:2c:8e:24:5d:11:01:74:
31:62:eb:72:a2:c5:a4:1d:86:70:22:5f:6f:51:ff:ea:ed:79:
96:2d:72:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPK5bW1dQ2WEjA9/CW2LUkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YzIwM2Q2NWRmMmQ2NWJkYmNmM2M4ODM0NDJkZGFiNTVh
M2JjZGUwHhcNMjUxMTA0MTQwMDQ3WhcNMjUxMTA1MTQwMDQ3WjAzMTEwLwYDVQQD
Eyg5MmEzZThmNTU4NTNlODBiODZhMGExNWExYzhlYWNmMjFlMGFiNDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCx3qKyPphHBlTotRTFMOLAGgBgL
P+TtNs9IDAgN6ORzi52itSRb1SCesLC9wGkQmkCvWWC5SZ0OHwdvtd+hM0KnBeyO
Y/uF47cNiODf6HqnrPpBSUExW6zy65C4FeXJqEE66bdVP0enIX07iYCmGckArd4i
UWxtpDUy0eZI8Z7YFBnhlLbgsskFVsNSPmo8hHtu0qSy5hqPNRsFzaMuDtJp4qAu
mKPDtvZ80oshWmdzp8wypGKEr/DLV+GAaKuW2TRDi32AhaGgJyCkn2duBUSaMCQ+
yIGspiRl2IvP/TPaHIMrxkh6/l1UwbHPT6t7C4MnsGIyO4W4+ntVtuP1kwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJKj6PVYU+gLhqChWhyOrPIeCrSJMB8GA1UdIwQY
MBaAFCjCA9Zd8tZb2888iDRC3atVo7zeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS01JRDFsM3kxbHZienp5SU5FTGRxMVdqdk40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS80OWMzZTEtMWY3Zi00ZTU4LWIwMmIt
ODg1OTIwNDMwMjZmLzEvS01JRDFsM3kxbHZienp5SU5FTGRxMVdqdk40Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS80OWMzZTEtMWY3Zi00ZTU4LWIwMmItODg1OTIwNDMwMjZm
LzEvS01JRDFsM3kxbHZienp5SU5FTGRxMVdqdk40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoD6pX2B7
3KSmQab1Kf8o7eDfHZN35WMAaVwrz05gbP2Fezibcvi+fOnEk3EWvyvQ8bx8iz/N
Efmg+0zBUhhCrOPPr5a5bLb2ERwf3orir9vaVEjtt9flPBN1Qk+lqN0bpRQ4wgyJ
noYZjzygeRwGFRMyUtggLI7hfcVBTGD9/lRKZ555W0CNqqSMmdonfRi27kwVWrDY
FWjLrSBvF/2lBgMC3z4W8c5YeJnPmuLzL2Y/v6PHn99ow1N+08XzZ2W79+5qAwCS
dgc9RS3pqgUBiiU6QlC4WdNe9R5qXtyVBUX8QM0sjiRdEQF0MWLrcqLFpB2GcCJf
b1H/6u15li1yOQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:44:34 2025 by rpki-client