
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft
File: KL8ecjI3QqxNgTarbI6F33ujfus.mft (raw, json)
Hash identifier: DpEbas3cySiPAlG3tmtImF9TFnryJ/CeQrnxH8xtgbE=
Subject key identifier: 11:4E:4D:08:E0:75:16:C9:DA:74:35:E2:D6:22:64:A5:87:90:BF:84
Authority key identifier: 28:BF:1E:72:32:37:42:AC:4D:81:36:AB:6C:8E:85:DF:7B:A3:7E:EB
Certificate issuer: /CN=28bf1e72323742ac4d8136ab6c8e85df7ba37eeb
Certificate serial: 019A01EB8509AE5F28589B77CE166DC5C6A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft
Manifest number: 16E6
Signing time: Mon 20 Oct 2025 14:00:03 +0000
Manifest this update: Mon 20 Oct 2025 14:00:03 +0000
Manifest next update: Tue 21 Oct 2025 14:00:03 +0000
Files and hashes: 1: KL8ecjI3QqxNgTarbI6F33ujfus.crl (hash: 3EY3WcYi8ixUwG6yOGZDyasYkSsouhpvgQzcsJtiM5E=)
2: tkt4SudQfK9uwQrgGKvvYflAjl8.roa (hash: dFUnqKo0rasEdebFDefgA9DnqivcqZmMoexL2NOUY5M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft
rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:01:eb:85:09:ae:5f:28:58:9b:77:ce:16:6d:c5:c6:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28bf1e72323742ac4d8136ab6c8e85df7ba37eeb
Validity
Not Before: Oct 20 14:00:03 2025 GMT
Not After : Oct 21 14:00:03 2025 GMT
Subject: CN=114e4d08e07516c9da7435e2d62264a58790bf84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:43:21:dd:bb:d2:e5:50:d9:aa:34:23:c4:25:
fb:e3:df:d8:79:a4:72:5a:49:a1:07:4e:cd:1f:a3:
86:65:ba:67:ec:9b:26:08:7d:41:db:45:ea:05:1c:
7c:6d:e7:4f:16:a5:97:42:bd:36:ad:f9:63:d9:bd:
e7:6a:f6:aa:fe:5a:4d:5a:13:e8:53:af:ba:a2:3d:
d3:78:41:05:5d:20:16:31:7f:3f:2b:12:f5:74:9b:
69:6c:8a:2f:82:44:ee:93:7e:71:fa:01:3b:84:90:
9d:1e:33:e5:04:c2:c7:42:5b:b9:ba:1e:50:02:9f:
70:08:22:53:d2:94:9c:28:12:cb:c1:6f:53:2f:f6:
ff:e5:ec:57:13:11:67:5f:b5:31:2e:34:1b:1e:ea:
8f:6e:96:97:a1:08:ed:68:9c:10:18:54:09:f2:d6:
6d:9b:8f:88:35:d9:37:44:c9:a8:9f:75:4d:d5:c3:
f5:1c:d4:96:8a:8c:44:ce:9b:ab:3e:00:d7:b6:66:
bf:e1:b0:1c:af:20:e9:ac:66:9d:2e:d6:ac:57:8e:
e9:32:7b:4f:4c:8d:ff:32:39:8d:5d:06:68:89:33:
7b:29:b1:80:bf:1e:59:2e:7a:d5:75:32:d4:06:f5:
a8:69:98:11:93:c9:07:78:53:46:3e:8f:c7:30:3d:
ad:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:4E:4D:08:E0:75:16:C9:DA:74:35:E2:D6:22:64:A5:87:90:BF:84
X509v3 Authority Key Identifier:
keyid:28:BF:1E:72:32:37:42:AC:4D:81:36:AB:6C:8E:85:DF:7B:A3:7E:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
31:8b:7c:15:cb:78:7f:e0:e0:45:30:69:52:12:d2:3b:34:5e:
eb:58:cd:ec:50:49:b4:eb:86:e2:50:c6:5b:b5:0b:b7:f6:8d:
95:0f:f5:23:bb:df:31:97:40:3a:be:5a:43:f6:96:cf:91:a4:
f1:9c:b7:6e:9d:37:06:1d:f7:35:74:6b:ef:8f:b1:65:4b:6a:
a2:a3:b9:ba:48:f6:1d:55:78:97:4a:09:25:99:61:1d:ae:16:
31:50:b6:09:cf:e5:de:2f:a3:9a:1e:6b:90:78:ad:6e:e2:04:
ea:4b:69:6c:a4:83:be:e5:a2:03:47:5e:69:03:39:0f:80:71:
4a:52:cc:55:77:ee:84:48:c6:95:32:06:6a:63:b3:76:13:f7:
f4:49:82:cb:d3:fd:7a:29:44:51:fb:a7:c6:92:68:96:d5:ad:
bc:97:07:0d:94:5b:32:6a:ab:08:40:92:6c:00:3b:b6:d3:c7:
d9:e5:7b:f3:59:63:9a:9d:15:3f:d7:c5:a1:6e:8c:00:cb:73:
f6:c2:87:2c:db:bd:7f:89:db:ea:1a:60:5d:05:88:83:54:d8:
4d:a7:8f:6c:1a:e2:03:cb:81:73:2a:c5:6f:56:e2:7e:aa:de:
fd:b0:2a:64:53:f2:89:a0:49:3f:7c:d9:51:05:2d:2f:fa:22:
0f:12:74:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoB64UJrl8oWJt3zhZtxcalMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YmYxZTcyMzIzNzQyYWM0ZDgxMzZhYjZjOGU4NWRmN2Jh
MzdlZWIwHhcNMjUxMDIwMTQwMDAzWhcNMjUxMDIxMTQwMDAzWjAzMTEwLwYDVQQD
EygxMTRlNGQwOGUwNzUxNmM5ZGE3NDM1ZTJkNjIyNjRhNTg3OTBiZjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEMh3bvS5VDZqjQjxCX749/YeaRy
WkmhB07NH6OGZbpn7JsmCH1B20XqBRx8bedPFqWXQr02rflj2b3navaq/lpNWhPo
U6+6oj3TeEEFXSAWMX8/KxL1dJtpbIovgkTuk35x+gE7hJCdHjPlBMLHQlu5uh5Q
Ap9wCCJT0pScKBLLwW9TL/b/5exXExFnX7UxLjQbHuqPbpaXoQjtaJwQGFQJ8tZt
m4+INdk3RMmon3VN1cP1HNSWioxEzpurPgDXtma/4bAcryDprGadLtasV47pMntP
TI3/MjmNXQZoiTN7KbGAvx5ZLnrVdTLUBvWoaZgRk8kHeFNGPo/HMD2tWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBFOTQjgdRbJ2nQ14tYiZKWHkL+EMB8GA1UdIwQY
MBaAFCi/HnIyN0KsTYE2q2yOhd97o37rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9iYTZkZjctZjMyNS00MTg0LWE1NGEt
MGM0ODFmMGFkMjBlLzEvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9iYTZkZjctZjMyNS00MTg0LWE1NGEtMGM0ODFmMGFkMjBl
LzEvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMYt8Fct4
f+DgRTBpUhLSOzRe61jN7FBJtOuG4lDGW7ULt/aNlQ/1I7vfMZdAOr5aQ/aWz5Gk
8Zy3bp03Bh33NXRr74+xZUtqoqO5ukj2HVV4l0oJJZlhHa4WMVC2Cc/l3i+jmh5r
kHitbuIE6ktpbKSDvuWiA0deaQM5D4BxSlLMVXfuhEjGlTIGamOzdhP39EmCy9P9
eilEUfunxpJoltWtvJcHDZRbMmqrCECSbAA7ttPH2eV781ljmp0VP9fFoW6MAMtz
9sKHLNu9f4nb6hpgXQWIg1TYTaePbBriA8uBcyrFb1bifqre/bAqZFPyiaBJP3zZ
UQUtL/oiDxJ0Bw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 22:28:16 2025 by rpki-client