Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
File: KfFNQRwg7PxJYhX82w9D2EchkJY.mft (raw, json)
Hash identifier: PuHeOHdfW+prHpuhMaZ17Oi37FhohajlqSWVJSv+4uw=
Subject key identifier: 75:DC:CE:3C:31:2C:F1:B5:F6:0D:36:19:59:66:EE:EF:90:02:AD:79
Authority key identifier: 29:F1:4D:41:1C:20:EC:FC:49:62:15:FC:DB:0F:43:D8:47:21:90:96
Certificate issuer: /CN=29f14d411c20ecfc496215fcdb0f43d847219096
Certificate serial: 0199FBEAC22DB89CD4E47B12B47146B29455
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
Manifest number: 1375
Signing time: Sun 19 Oct 2025 10:01:30 +0000
Manifest this update: Sun 19 Oct 2025 10:01:30 +0000
Manifest next update: Mon 20 Oct 2025 10:01:30 +0000
Files and hashes: 1: K3k_GCXnaMv59dLKq-rHfPOR6HE.roa (hash: 5Q6jyJMRb9gad/mJLct+/fYWsLJ0GiEE1wJJESuoLsM=)
2: KfFNQRwg7PxJYhX82w9D2EchkJY.crl (hash: 9cf7Bql8uVBDQpGHYs1c1wwO05yCzguSuM0JVkiwaH8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 10:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:ea:c2:2d:b8:9c:d4:e4:7b:12:b4:71:46:b2:94:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29f14d411c20ecfc496215fcdb0f43d847219096
Validity
Not Before: Oct 19 10:01:30 2025 GMT
Not After : Oct 20 10:01:30 2025 GMT
Subject: CN=75dcce3c312cf1b5f60d36195966eeef9002ad79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:69:79:13:ba:46:d1:91:23:bc:05:48:24:ee:
c0:3d:24:bb:90:9e:02:d2:2a:fd:bb:09:b9:01:0f:
a2:ea:b0:07:72:cd:fa:81:ed:2e:f6:d7:0c:09:f8:
46:27:26:9b:97:df:24:72:24:60:6d:e4:1f:27:76:
12:93:96:94:bc:6a:21:34:c7:65:89:fb:0c:19:75:
7a:f3:c6:41:30:58:ea:2e:fe:b2:c1:ad:ed:5c:47:
ba:34:f0:cc:a7:61:87:0b:45:72:bc:40:cd:01:fb:
b3:1a:5e:8d:7b:ef:ae:e3:a4:ac:84:82:1b:07:a8:
31:cc:d0:be:55:c4:f5:4a:bf:ed:a2:91:4d:0c:60:
00:02:c0:19:3b:a5:e3:ae:28:5f:1e:7e:d2:b7:a7:
9a:ca:69:84:92:3d:91:fa:1c:6c:1a:63:cd:50:12:
ab:f9:3d:46:c6:f8:1d:2d:04:b5:c8:98:50:bf:91:
97:fe:44:5f:42:1a:e2:95:34:a6:ab:35:ea:58:a6:
76:a0:8e:1e:fc:7d:fb:99:36:f1:87:f1:6c:47:d7:
4d:f2:7e:a1:b3:99:f5:ea:c5:54:c8:97:65:9e:0a:
ca:62:9a:8b:77:df:dd:b8:9e:b8:d6:80:0c:0f:fe:
79:41:58:bf:f7:4e:78:72:3c:0a:e1:01:b7:00:de:
34:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:DC:CE:3C:31:2C:F1:B5:F6:0D:36:19:59:66:EE:EF:90:02:AD:79
X509v3 Authority Key Identifier:
keyid:29:F1:4D:41:1C:20:EC:FC:49:62:15:FC:DB:0F:43:D8:47:21:90:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
22:fc:1c:ce:1e:7c:fc:5b:25:be:89:da:d8:3c:76:7a:52:44:
33:6b:c6:c6:8b:72:51:5c:ce:61:22:91:61:96:8e:50:82:57:
59:ab:db:b9:1c:89:12:5f:b1:45:7f:00:86:f3:26:80:89:99:
03:4b:1b:97:ee:ad:bc:2e:fb:e3:5f:83:78:8a:b0:d2:0f:07:
69:11:fe:0c:7c:b7:df:e2:88:89:8b:94:19:f4:b9:dc:42:bb:
8f:25:eb:2d:de:df:43:70:ae:6d:34:98:c7:c9:d8:99:97:e6:
62:ad:f4:a8:73:64:40:3c:c9:0b:10:1d:1b:dd:cc:10:c4:92:
2b:29:84:00:54:f8:a0:8d:f9:8c:ab:f6:5f:21:83:f6:6f:6e:
01:e9:a1:06:a5:53:2c:8c:02:1f:e8:df:90:8e:89:31:f0:17:
f1:4a:b2:25:db:52:d4:a0:59:74:3f:f2:09:a1:f3:88:9d:ea:
69:c1:a2:26:6b:87:45:10:2c:a5:65:53:1a:41:b9:10:75:a2:
39:e6:f8:e0:e8:8d:a8:87:49:d5:c9:e7:1d:27:e4:ca:ec:f0:
cb:08:64:3a:cf:7d:4a:f5:40:c9:51:c2:d5:71:f3:33:19:d2:
b3:dd:3e:06:10:9d:a3:af:d5:ee:d2:a7:e6:6b:e3:a1:99:d1:
fd:4a:74:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76sItuJzU5HsStHFGspRVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZjE0ZDQxMWMyMGVjZmM0OTYyMTVmY2RiMGY0M2Q4NDcy
MTkwOTYwHhcNMjUxMDE5MTAwMTMwWhcNMjUxMDIwMTAwMTMwWjAzMTEwLwYDVQQD
Eyg3NWRjY2UzYzMxMmNmMWI1ZjYwZDM2MTk1OTY2ZWVlZjkwMDJhZDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2l5E7pG0ZEjvAVIJO7APSS7kJ4C
0ir9uwm5AQ+i6rAHcs36ge0u9tcMCfhGJyabl98kciRgbeQfJ3YSk5aUvGohNMdl
ifsMGXV688ZBMFjqLv6ywa3tXEe6NPDMp2GHC0VyvEDNAfuzGl6Ne++u46SshIIb
B6gxzNC+VcT1Sr/topFNDGAAAsAZO6XjrihfHn7St6eaymmEkj2R+hxsGmPNUBKr
+T1GxvgdLQS1yJhQv5GX/kRfQhrilTSmqzXqWKZ2oI4e/H37mTbxh/FsR9dN8n6h
s5n16sVUyJdlngrKYpqLd9/duJ641oAMD/55QVi/9054cjwK4QG3AN40XQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHXczjwxLPG19g02GVlm7u+QAq15MB8GA1UdIwQY
MBaAFCnxTUEcIOz8SWIV/NsPQ9hHIZCWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iY2YyNzItZDc1MS00NWJlLTk4NTYt
MDE4YTM3NzBkYTc3LzEvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iY2YyNzItZDc1MS00NWJlLTk4NTYtMDE4YTM3NzBkYTc3
LzEvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIvwczh58
/Fslvona2Dx2elJEM2vGxotyUVzOYSKRYZaOUIJXWavbuRyJEl+xRX8AhvMmgImZ
A0sbl+6tvC7741+DeIqw0g8HaRH+DHy33+KIiYuUGfS53EK7jyXrLd7fQ3CubTSY
x8nYmZfmYq30qHNkQDzJCxAdG93MEMSSKymEAFT4oI35jKv2XyGD9m9uAemhBqVT
LIwCH+jfkI6JMfAX8UqyJdtS1KBZdD/yCaHziJ3qacGiJmuHRRAspWVTGkG5EHWi
Oeb44OiNqIdJ1cnnHSfkyuzwywhkOs99SvVAyVHC1XHzMxnSs90+BhCdo6/V7tKn
5mvjoZnR/Up0RA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:24:31 2025 by rpki-client