
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
File: KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft (raw, json)
Hash identifier: fuV8txaW50HpOpAqbERZuMk12nptjTxqZ61yr0XKQyw=
Subject key identifier: EF:D1:96:08:0D:DF:75:FF:04:C5:48:83:32:60:E5:39:90:D1:35:18
Authority key identifier: 2A:21:B1:AB:E7:87:E2:54:64:39:1F:AD:61:D0:0E:3F:37:6B:98:CF
Certificate issuer: /CN=2a21b1abe787e25464391fad61d00e3f376b98cf
Certificate serial: 0199FBEB6E53BC50CC3008B14076D6B5F949
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
Manifest number: 0BFD
Signing time: Sun 19 Oct 2025 10:02:14 +0000
Manifest this update: Sun 19 Oct 2025 10:02:14 +0000
Manifest next update: Mon 20 Oct 2025 10:02:14 +0000
Files and hashes: 1: HDOhzz0jBa_Gp9AJUMy27D9Cjlg.roa (hash: lm71x5ibbc8ZUL32IG9cJWwnD/vjqa8xr80jq2AaleE=)
2: KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl (hash: hBEPO+la9ZgSKUSe+ap7VNnbL9nspUgpP1L99o5kOso=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 10:02:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:eb:6e:53:bc:50:cc:30:08:b1:40:76:d6:b5:f9:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a21b1abe787e25464391fad61d00e3f376b98cf
Validity
Not Before: Oct 19 10:02:14 2025 GMT
Not After : Oct 20 10:02:14 2025 GMT
Subject: CN=efd196080ddf75ff04c548833260e53990d13518
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ef:6e:f3:82:14:71:ec:24:bd:a1:51:27:34:
e3:e4:e7:3a:35:d3:92:16:9e:b1:1b:5e:38:a5:77:
bc:e7:ff:f4:d3:83:92:9e:4b:6c:34:e3:86:e0:43:
1e:5c:34:c7:dd:82:a1:d6:c1:67:43:c6:54:74:32:
9d:17:17:07:0a:60:fc:19:3b:2f:70:c0:a6:4c:a1:
c3:2b:85:f4:53:08:eb:e9:27:96:a6:b1:67:95:e3:
74:7b:95:db:64:6d:06:d0:29:10:2d:c8:a4:e5:ca:
e0:07:9c:7e:5d:56:cd:ef:71:65:fb:46:2c:b3:cc:
76:19:de:51:f0:5f:e4:f2:04:ec:82:38:cb:9e:6e:
83:f5:a0:75:29:20:4f:83:94:9c:c6:00:e2:04:6f:
90:ab:e7:bf:12:85:ae:e8:2d:5a:90:e2:f1:09:d5:
76:02:32:eb:1d:8a:4a:78:49:aa:a5:5a:81:73:cd:
1d:43:6c:e3:08:2a:a1:92:35:dc:1a:17:8f:f9:25:
6d:38:23:a7:dd:15:f1:00:23:aa:cf:17:ac:35:2c:
2c:e5:5f:9b:bc:64:9f:23:39:9e:1d:7b:e1:76:9f:
0c:ea:fe:92:43:28:8a:da:86:bd:36:6c:0b:64:63:
39:23:73:92:50:b9:5f:fc:01:bc:7b:e5:5e:23:b8:
76:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:D1:96:08:0D:DF:75:FF:04:C5:48:83:32:60:E5:39:90:D1:35:18
X509v3 Authority Key Identifier:
keyid:2A:21:B1:AB:E7:87:E2:54:64:39:1F:AD:61:D0:0E:3F:37:6B:98:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:36:fe:f1:5f:0e:0f:d7:4c:f8:00:cb:96:d0:9f:75:2e:b1:
55:90:ec:22:9c:ed:a4:e2:13:a7:2b:35:1c:ec:d4:90:03:09:
8e:3c:82:7b:5e:6d:ea:86:07:59:44:3b:c3:fd:18:37:04:3a:
77:aa:ab:0f:ae:37:1d:db:1d:bb:bc:a6:dc:0f:00:a7:11:be:
f4:ae:0a:aa:53:ac:f0:d0:cc:6c:86:1f:58:c4:4f:6c:39:4d:
34:32:8d:ce:04:cf:20:f0:bd:2e:08:6b:a5:07:76:32:b3:ca:
73:7d:52:bc:cf:04:c1:db:bd:18:6f:1c:d7:51:e3:2e:de:83:
b2:5e:70:ec:ed:d8:4d:19:cd:86:a4:67:7d:b2:7d:8a:01:52:
6d:4d:01:93:bb:86:32:33:4b:6f:db:66:ef:7d:bf:f5:bd:25:
1a:29:d8:c4:8e:54:a0:7b:79:5a:f1:d5:11:21:88:88:12:23:
fd:cc:fe:eb:c5:f0:63:ff:73:28:22:5e:85:3b:18:3a:bf:da:
8c:d7:c3:d2:70:b5:ce:58:32:b1:18:f0:00:e2:9d:d6:30:66:
63:26:30:a9:8f:cd:36:79:80:74:2c:ba:4b:e0:0b:72:93:18:
48:91:e3:be:8a:ab:16:96:77:69:2a:71:4a:f9:b6:65:12:f7:
1c:bf:2e:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7625TvFDMMAixQHbWtflJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMjFiMWFiZTc4N2UyNTQ2NDM5MWZhZDYxZDAwZTNmMzc2
Yjk4Y2YwHhcNMjUxMDE5MTAwMjE0WhcNMjUxMDIwMTAwMjE0WjAzMTEwLwYDVQQD
EyhlZmQxOTYwODBkZGY3NWZmMDRjNTQ4ODMzMjYwZTUzOTkwZDEzNTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsu9u84IUcewkvaFRJzTj5Oc6NdOS
Fp6xG144pXe85//004OSnktsNOOG4EMeXDTH3YKh1sFnQ8ZUdDKdFxcHCmD8GTsv
cMCmTKHDK4X0Uwjr6SeWprFnleN0e5XbZG0G0CkQLcik5crgB5x+XVbN73Fl+0Ys
s8x2Gd5R8F/k8gTsgjjLnm6D9aB1KSBPg5ScxgDiBG+Qq+e/EoWu6C1akOLxCdV2
AjLrHYpKeEmqpVqBc80dQ2zjCCqhkjXcGheP+SVtOCOn3RXxACOqzxesNSws5V+b
vGSfIzmeHXvhdp8M6v6SQyiK2oa9NmwLZGM5I3OSULlf/AG8e+VeI7h2pQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO/RlggN33X/BMVIgzJg5TmQ0TUYMB8GA1UdIwQY
MBaAFCohsavnh+JUZDkfrWHQDj83a5jPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZDA2NTQtNzI0Yy00ZTkwLTgxZmYt
OTlmNWNiN2EzY2E1LzEvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZDA2NTQtNzI0Yy00ZTkwLTgxZmYtOTlmNWNiN2EzY2E1
LzEvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACzb+8V8O
D9dM+ADLltCfdS6xVZDsIpztpOITpys1HOzUkAMJjjyCe15t6oYHWUQ7w/0YNwQ6
d6qrD643Hdsdu7ym3A8ApxG+9K4KqlOs8NDMbIYfWMRPbDlNNDKNzgTPIPC9Lghr
pQd2MrPKc31SvM8Ewdu9GG8c11HjLt6Dsl5w7O3YTRnNhqRnfbJ9igFSbU0Bk7uG
MjNLb9tm732/9b0lGinYxI5UoHt5WvHVESGIiBIj/cz+68XwY/9zKCJehTsYOr/a
jNfD0nC1zlgysRjwAOKd1jBmYyYwqY/NNnmAdCy6S+ALcpMYSJHjvoqrFpZ3aSpx
Svm2ZRL3HL8uGQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:47:10 2025 by rpki-client