Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.mft
File: KXNk9QJTTodxoMYll5TCbibUvKQ.mft (raw, json)
Hash identifier: WREOiHQqcq9FpBvwxIxVW4wLWN/zvawmhpw43saidqc=
Subject key identifier: 9D:08:F0:B3:0E:2A:33:CB:3E:00:C7:0D:BA:75:0E:DE:1F:50:47:68
Authority key identifier: 29:73:64:F5:02:53:4E:87:71:A0:C6:25:97:94:C2:6E:26:D4:BC:A4
Certificate issuer: /CN=297364f502534e8771a0c6259794c26e26d4bca4
Certificate serial: 019A01B53DA6A73046143D56548369218D5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXNk9QJTTodxoMYll5TCbibUvKQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.mft
Manifest number: 1550
Signing time: Mon 20 Oct 2025 13:00:46 +0000
Manifest this update: Mon 20 Oct 2025 13:00:46 +0000
Manifest next update: Tue 21 Oct 2025 13:00:46 +0000
Files and hashes: 1: 2Cp_JC-1gSdENPjM_UWn9lNVG7o.roa (hash: +35xjqek9Nhlc/Z0+VDCYx/DAJw10REdvRuvu6t5M3s=)
2: 30p15OIB4xzHle9tD78XYhbRDYI.roa (hash: 9HVb43mRInURyExw74+VWFanW5TCiRHL7zKkRNQfWwc=)
3: 46l3zcDNK_2V63AreaLMsQrAgaE.roa (hash: yY63fb353nPGfB15WkNs5SfqIg+XAt04c2yklxwzqUk=)
4: DrQJgIgCadGbo__38qvLm4f2buQ.roa (hash: Wx23py7fw++y8qecqXEe1C97qUaOVg6INU3OjKvg+YE=)
5: KXNk9QJTTodxoMYll5TCbibUvKQ.crl (hash: pOd9T+jZHowZVbV4x/7QJoE9DIcepECyY35rQgyOG3I=)
6: Kc-1Z4R9k1b9QbprK1lrnIRFuzo.roa (hash: mIf5b4mKVeZgEr7VsdotpcNIdYch/DFkBdwgO8kit9A=)
7: lTAav4yQpZ87qw_zIchzIsq-5gM.roa (hash: 3b9+qDTSwpfJP/SrqHspJoxR/TN3seQEWvBLhEVGMW0=)
8: x8RX4rKBNmZcMpsvt4Nm7APSjAM.roa (hash: zc30VoGi96Z1iHoOnbaFFXszAPpJE3UJpyJWRy15Byo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/KXNk9QJTTodxoMYll5TCbibUvKQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:01:b5:3d:a6:a7:30:46:14:3d:56:54:83:69:21:8d:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297364f502534e8771a0c6259794c26e26d4bca4
Validity
Not Before: Oct 20 13:00:46 2025 GMT
Not After : Oct 21 13:00:46 2025 GMT
Subject: CN=9d08f0b30e2a33cb3e00c70dba750ede1f504768
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:d2:ff:ba:f1:58:c2:1b:13:b9:0d:d2:7d:6d:
be:da:60:3b:f1:01:d6:f1:eb:10:0f:ac:ac:17:09:
04:7b:e2:5b:26:87:9e:10:69:4e:11:5c:c4:9a:77:
eb:d2:f0:0c:bb:06:dd:79:1c:43:6a:58:f3:94:87:
60:13:f8:42:cb:09:8a:e3:ba:57:00:3f:da:7e:ca:
15:64:94:53:88:de:17:00:39:10:bf:2d:9a:5a:ec:
b2:34:16:7b:85:0a:ea:19:6a:a1:92:ec:8e:88:d5:
56:93:a8:2b:86:cd:51:16:a7:e2:77:ad:b9:31:19:
9d:e4:dd:55:33:56:aa:00:bf:38:d8:0a:c1:4b:ba:
92:6f:e3:64:ba:be:b0:7d:b5:2e:b8:65:9e:1d:77:
db:17:8c:9f:b6:99:69:31:2d:71:16:4d:11:78:14:
27:d4:0f:d4:da:47:e1:ec:2e:06:5d:07:71:0e:4a:
cd:9b:62:83:d9:81:1e:da:87:fb:9f:32:b0:ba:46:
6b:f8:e5:be:aa:ea:41:b0:14:45:1d:0f:3a:9c:56:
a5:9e:25:15:0f:2c:6e:98:f8:80:70:f5:48:1d:c8:
82:ab:c7:dd:3d:9b:85:0f:17:d0:fa:50:53:01:f5:
79:25:6f:3e:73:06:ee:fc:ec:4a:29:43:48:21:e0:
09:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:08:F0:B3:0E:2A:33:CB:3E:00:C7:0D:BA:75:0E:DE:1F:50:47:68
X509v3 Authority Key Identifier:
keyid:29:73:64:F5:02:53:4E:87:71:A0:C6:25:97:94:C2:6E:26:D4:BC:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXNk9QJTTodxoMYll5TCbibUvKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4a:63:29:c6:6c:3b:7c:0d:d2:6f:4c:be:93:73:df:98:d0:f5:
cc:ce:13:9c:d4:d3:1b:57:c8:87:99:41:9b:66:ec:3a:47:0f:
25:6d:d5:91:3d:71:89:68:7b:70:ac:a3:f3:d7:6a:79:b4:3a:
5f:de:49:3d:f4:34:7a:38:45:be:dd:66:8b:1d:79:f1:a6:97:
af:7b:30:6f:84:bd:fb:be:d7:f0:3d:68:7f:43:5f:7d:59:65:
10:7c:ac:69:1d:8e:b3:64:31:fb:fc:be:29:2a:19:3c:ab:64:
f7:68:24:b7:40:41:e5:d7:b0:fb:41:b8:0c:df:40:76:bf:ac:
cc:f7:a4:50:f8:d8:a4:48:74:39:c6:5c:2f:cf:27:40:32:3d:
df:4d:8a:a4:96:a9:60:da:50:33:73:31:41:16:02:65:73:eb:
c7:50:55:36:ff:c6:a1:dd:89:a9:8e:e5:e6:bc:9f:ec:17:79:
c4:3b:79:87:9d:f1:85:f7:12:fb:02:d0:27:b2:24:ec:a1:56:
fa:cf:b8:eb:aa:d5:7f:a5:49:1e:57:f8:ce:c3:60:14:8d:6d:
2a:bf:83:af:f4:a1:83:f0:79:81:76:52:ba:56:dc:99:6b:a7:
9f:54:c6:0b:ef:c1:c2:bb:e7:a7:ee:ee:f8:6b:72:36:60:fd:
56:21:bc:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBtT2mpzBGFD1WVINpIY1eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NzM2NGY1MDI1MzRlODc3MWEwYzYyNTk3OTRjMjZlMjZk
NGJjYTQwHhcNMjUxMDIwMTMwMDQ2WhcNMjUxMDIxMTMwMDQ2WjAzMTEwLwYDVQQD
Eyg5ZDA4ZjBiMzBlMmEzM2NiM2UwMGM3MGRiYTc1MGVkZTFmNTA0NzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6NL/uvFYwhsTuQ3SfW2+2mA78QHW
8esQD6ysFwkEe+JbJoeeEGlOEVzEmnfr0vAMuwbdeRxDaljzlIdgE/hCywmK47pX
AD/afsoVZJRTiN4XADkQvy2aWuyyNBZ7hQrqGWqhkuyOiNVWk6grhs1RFqfid625
MRmd5N1VM1aqAL842ArBS7qSb+Nkur6wfbUuuGWeHXfbF4yftplpMS1xFk0ReBQn
1A/U2kfh7C4GXQdxDkrNm2KD2YEe2of7nzKwukZr+OW+qupBsBRFHQ86nFalniUV
DyxumPiAcPVIHciCq8fdPZuFDxfQ+lBTAfV5JW8+cwbu/OxKKUNIIeAJUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ0I8LMOKjPLPgDHDbp1Dt4fUEdoMB8GA1UdIwQY
MBaAFClzZPUCU06HcaDGJZeUwm4m1LykMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1hOazlRSlRUb2R4b01ZbGw1VENiaWJVdktRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wNDU4MjAtMzU0Ni00MDdjLTgzYTUt
MGEwZjNlNzhhNDkzLzEvS1hOazlRSlRUb2R4b01ZbGw1VENiaWJVdktRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wNDU4MjAtMzU0Ni00MDdjLTgzYTUtMGEwZjNlNzhhNDkz
LzEvS1hOazlRSlRUb2R4b01ZbGw1VENiaWJVdktRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASmMpxmw7
fA3Sb0y+k3PfmND1zM4TnNTTG1fIh5lBm2bsOkcPJW3VkT1xiWh7cKyj89dqebQ6
X95JPfQ0ejhFvt1mix158aaXr3swb4S9+77X8D1of0NffVllEHysaR2Os2Qx+/y+
KSoZPKtk92gkt0BB5dew+0G4DN9Adr+szPekUPjYpEh0OcZcL88nQDI9302KpJap
YNpQM3MxQRYCZXPrx1BVNv/God2JqY7l5ryf7Bd5xDt5h53xhfcS+wLQJ7Ik7KFW
+s+466rVf6VJHlf4zsNgFI1tKr+Dr/Shg/B5gXZSulbcmWunn1TGC+/Bwrvnp+7u
+GtyNmD9ViG8pw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 16:15:04 2025 by rpki-client