Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
File: KqPjBJdiCGjhestHhoLOegvRNTQ.mft (raw, json)
Hash identifier: ouJcCm4ZmiFw7615LYIOdnsX+Le+Q6bqMw6Byp24yTo=
Subject key identifier: 5B:1E:2E:26:E7:4B:B0:6F:06:5C:08:5E:B3:3C:B7:AB:8F:BF:A1:FE
Authority key identifier: 2A:A3:E3:04:97:62:08:68:E1:7A:CB:47:86:82:CE:7A:0B:D1:35:34
Certificate issuer: /CN=2aa3e30497620868e17acb478682ce7a0bd13534
Certificate serial: 0199FC58E1711CAC8260804A5967071E5266
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
Manifest number: 16E1
Signing time: Sun 19 Oct 2025 12:01:47 +0000
Manifest this update: Sun 19 Oct 2025 12:01:47 +0000
Manifest next update: Mon 20 Oct 2025 12:01:47 +0000
Files and hashes: 1: KqPjBJdiCGjhestHhoLOegvRNTQ.crl (hash: vjsY8jwigKED+ZCegcf69L6g9L/S45q5k+oL7BBy9sU=)
2: _F5YjzIp4N7IiS5lXnJMJsPMLEU.roa (hash: HX+68oJeKBQGUaK3TL3s9cs53fsCINCeh8CnxLw+JsM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:58:e1:71:1c:ac:82:60:80:4a:59:67:07:1e:52:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2aa3e30497620868e17acb478682ce7a0bd13534
Validity
Not Before: Oct 19 12:01:47 2025 GMT
Not After : Oct 20 12:01:47 2025 GMT
Subject: CN=5b1e2e26e74bb06f065c085eb33cb7ab8fbfa1fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:66:b3:88:70:15:79:6d:ab:cd:33:a9:a0:c1:
f4:f6:c0:21:f5:64:ce:6b:98:8a:b4:ca:2d:66:0b:
63:ce:13:21:7e:e9:ba:98:48:eb:50:03:3d:65:58:
33:fb:0d:6b:1b:2d:d6:0a:64:72:72:27:5c:e0:3e:
22:5e:7d:51:63:64:d4:bf:f4:0b:ea:6c:aa:f6:99:
23:b6:30:48:ff:38:a4:5e:5d:9e:4f:d7:ff:83:da:
ae:4e:e2:b5:e6:f4:62:22:6c:35:6f:3d:09:23:27:
da:7f:44:0c:f6:f6:48:98:da:99:bc:ab:df:c0:1b:
3f:d7:e8:3a:34:f1:40:33:88:a4:94:65:70:ac:9d:
b4:9f:af:e1:7c:a4:83:68:84:75:eb:b3:a6:93:a0:
b1:fa:c3:33:1e:a6:59:56:71:f1:99:9d:b3:8c:10:
99:aa:24:bc:d0:f2:93:c2:59:99:a3:f4:ce:75:e6:
02:31:cb:c4:0d:0f:fd:5b:9a:70:1e:e1:e2:70:a9:
e2:c3:98:f2:dd:67:6a:9d:70:30:79:fa:f1:fe:c2:
f9:b9:7c:37:cd:e6:db:ca:2b:66:b0:f4:40:cb:e5:
10:f5:3d:6f:3e:7d:f2:36:b4:f1:2d:ac:49:55:71:
6e:e2:9f:6e:17:89:4d:b2:61:b9:b9:10:ca:b3:71:
10:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:1E:2E:26:E7:4B:B0:6F:06:5C:08:5E:B3:3C:B7:AB:8F:BF:A1:FE
X509v3 Authority Key Identifier:
keyid:2A:A3:E3:04:97:62:08:68:E1:7A:CB:47:86:82:CE:7A:0B:D1:35:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
19:56:df:e1:9b:1f:53:35:7f:4f:ac:3b:0e:46:90:20:8f:2d:
3b:d1:a2:c9:30:c0:9d:68:2d:23:24:d3:15:eb:6f:83:42:a3:
e9:8c:66:20:b1:ed:c1:3d:a8:7f:78:1e:47:56:ac:8d:b7:0b:
6c:bf:2d:71:6d:63:6f:00:a3:08:82:aa:8a:d0:d5:0c:51:49:
3b:94:3c:de:10:d7:c7:e2:94:57:9e:b2:f5:4b:b2:7f:72:d1:
be:61:ef:8f:b2:84:ea:7f:c5:82:ea:f4:9e:2e:40:49:26:b7:
02:a2:de:9e:69:15:49:be:38:f8:4c:d0:85:40:ee:cb:d0:74:
33:79:3b:f4:c5:48:e7:57:a0:a8:d3:6c:8e:77:34:86:01:7a:
5e:8a:e6:69:ad:0f:0f:93:01:b4:51:3f:6e:cc:89:19:af:c0:
65:d5:e8:20:69:05:fb:84:a6:59:80:ff:f2:77:b1:28:30:bf:
79:10:92:27:7e:70:55:aa:f2:65:80:6b:2f:39:22:b4:c4:8c:
42:53:d0:07:ce:c5:3f:b6:5d:2f:78:e3:3b:db:c6:3a:fa:5f:
a4:7e:72:62:9a:f6:cb:82:a3:73:b6:b3:67:47:a6:13:de:7c:
59:ae:74:2f:8f:4d:93:6e:3b:56:77:6a:6e:29:f9:7a:c8:ea:
97:41:58:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WOFxHKyCYIBKWWcHHlJmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYTNlMzA0OTc2MjA4NjhlMTdhY2I0Nzg2ODJjZTdhMGJk
MTM1MzQwHhcNMjUxMDE5MTIwMTQ3WhcNMjUxMDIwMTIwMTQ3WjAzMTEwLwYDVQQD
Eyg1YjFlMmUyNmU3NGJiMDZmMDY1YzA4NWViMzNjYjdhYjhmYmZhMWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGaziHAVeW2rzTOpoMH09sAh9WTO
a5iKtMotZgtjzhMhfum6mEjrUAM9ZVgz+w1rGy3WCmRycidc4D4iXn1RY2TUv/QL
6myq9pkjtjBI/zikXl2eT9f/g9quTuK15vRiImw1bz0JIyfaf0QM9vZImNqZvKvf
wBs/1+g6NPFAM4iklGVwrJ20n6/hfKSDaIR167Omk6Cx+sMzHqZZVnHxmZ2zjBCZ
qiS80PKTwlmZo/TOdeYCMcvEDQ/9W5pwHuHicKniw5jy3WdqnXAwefrx/sL5uXw3
zebbyitmsPRAy+UQ9T1vPn3yNrTxLaxJVXFu4p9uF4lNsmG5uRDKs3EQmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFseLibnS7BvBlwIXrM8t6uPv6H+MB8GA1UdIwQY
MBaAFCqj4wSXYgho4XrLR4aCznoL0TU0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS85ODdiM2MtZjM0NS00MTEyLTkyNDAt
YTRjMGFiYTliYmViLzEvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS85ODdiM2MtZjM0NS00MTEyLTkyNDAtYTRjMGFiYTliYmVi
LzEvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGVbf4Zsf
UzV/T6w7DkaQII8tO9GiyTDAnWgtIyTTFetvg0Kj6YxmILHtwT2of3geR1asjbcL
bL8tcW1jbwCjCIKqitDVDFFJO5Q83hDXx+KUV56y9Uuyf3LRvmHvj7KE6n/Fgur0
ni5ASSa3AqLenmkVSb44+EzQhUDuy9B0M3k79MVI51egqNNsjnc0hgF6Xormaa0P
D5MBtFE/bsyJGa/AZdXoIGkF+4SmWYD/8nexKDC/eRCSJ35wVaryZYBrLzkitMSM
QlPQB87FP7ZdL3jjO9vGOvpfpH5yYpr2y4Kjc7azZ0emE958Wa50L49Nk247Vndq
bin5esjql0FYJg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:39:08 2025 by rpki-client