Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
File: kaEXOnDkH0WTVHZpraIvDX9o81Q.mft (raw, json)
Hash identifier: 4NUguFK3DOssJYO9z1LEXPOKP/z5dQZ4/h1rYaBIaok=
Subject key identifier: A2:38:3A:97:01:A8:CD:91:FA:C0:C6:0A:D2:5E:DD:3A:CC:6F:67:A1
Authority key identifier: 91:A1:17:3A:70:E4:1F:45:93:54:76:69:AD:A2:2F:0D:7F:68:F3:54
Certificate issuer: /CN=91a1173a70e41f4593547669ada22f0d7f68f354
Certificate serial: 0199FCC6362A79596E14025B9B699C3473BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
Manifest number: 16E4
Signing time: Sun 19 Oct 2025 14:01:12 +0000
Manifest this update: Sun 19 Oct 2025 14:01:12 +0000
Manifest next update: Mon 20 Oct 2025 14:01:12 +0000
Files and hashes: 1: kaEXOnDkH0WTVHZpraIvDX9o81Q.crl (hash: m6EzXhcnGDkFAUZICl5vkspUD01SqYZqWLVAXWDHcJQ=)
2: xREpLh3GVdj1ODzVkMBccz2oKXk.roa (hash: xbsUY7nQRM1AibU2b9y10o7TiQNt9Xvh0b0IzmFT71c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 14:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:c6:36:2a:79:59:6e:14:02:5b:9b:69:9c:34:73:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91a1173a70e41f4593547669ada22f0d7f68f354
Validity
Not Before: Oct 19 14:01:12 2025 GMT
Not After : Oct 20 14:01:12 2025 GMT
Subject: CN=a2383a9701a8cd91fac0c60ad25edd3acc6f67a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:65:f8:25:aa:aa:9d:39:2e:0b:f3:5d:5e:38:
38:bb:19:41:16:6d:58:6d:27:27:cc:90:e0:21:c0:
1d:9c:6a:69:58:f7:30:56:5d:c2:23:f6:92:1f:72:
35:7a:29:2c:20:80:3b:34:44:52:10:9e:46:f0:1a:
e9:ca:50:78:ba:74:8e:b3:2b:3b:7c:5c:8a:f8:d9:
2a:9f:e4:c0:a6:ab:8b:49:e8:c3:00:18:22:5a:54:
ac:5a:14:43:b3:1c:2a:25:8e:c9:43:fc:d4:71:b6:
a3:e2:fe:18:df:d1:8c:fb:92:18:7e:56:cb:cc:9c:
a1:f4:3e:3a:9c:86:c4:f9:0b:04:26:47:d3:18:2d:
54:da:9e:c5:97:27:7e:d7:5f:0a:1f:4e:57:c0:3d:
6e:8b:89:22:45:3e:4d:e9:dd:e2:9e:ab:da:01:6c:
9c:11:7c:7f:ce:b9:63:7c:f5:d6:d6:83:7b:c9:ff:
b4:3b:8b:77:c7:94:ff:81:fa:87:4f:f0:1c:eb:3b:
9f:65:17:a2:df:3a:fd:61:45:4e:82:cc:f0:20:a5:
37:4f:3e:f8:90:69:f4:6c:a4:d7:6e:e2:0a:18:fd:
72:87:4a:f4:de:94:68:0f:b8:7c:ec:c9:40:c2:28:
36:b4:8d:7e:57:1a:b0:62:48:98:00:0b:c0:cf:52:
37:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:38:3A:97:01:A8:CD:91:FA:C0:C6:0A:D2:5E:DD:3A:CC:6F:67:A1
X509v3 Authority Key Identifier:
keyid:91:A1:17:3A:70:E4:1F:45:93:54:76:69:AD:A2:2F:0D:7F:68:F3:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
45:b1:da:72:a8:cd:61:1c:a4:d9:c1:91:62:47:ca:4c:72:42:
8b:c8:e1:08:70:58:32:26:4c:b0:6d:83:0b:02:f6:95:e0:87:
e4:07:96:0c:1f:5a:cb:79:da:e9:4d:61:d6:df:71:d0:5a:5b:
d1:19:24:ed:f5:b8:ae:23:b2:a8:68:49:87:fb:1c:86:55:61:
0f:28:cd:17:f7:b8:8e:fb:49:b7:a3:4f:af:cf:c1:4a:7d:c2:
84:73:c4:ab:79:ac:46:d6:ff:bc:7b:b7:7c:a2:e0:cf:d6:5b:
84:6e:53:3d:56:02:70:81:80:59:e2:3b:89:bb:c8:a3:ab:73:
ca:32:d7:31:3a:d3:a9:ee:2d:70:79:7c:3a:59:d2:ad:e9:14:
60:4c:27:ae:40:79:8b:9a:56:8a:04:d1:77:6a:a6:b2:85:2b:
02:a3:bc:d4:91:a9:f4:2f:12:f9:bc:3e:08:9d:08:a7:a4:c1:
78:e0:93:b9:6e:f9:ef:4b:e4:7a:c8:67:af:41:82:31:05:5a:
3a:02:e4:30:d4:d0:06:c3:57:25:1f:eb:d4:80:28:ad:41:82:
2e:c6:86:2d:69:24:b3:1b:af:fa:a4:d0:93:6f:14:a2:12:28:
64:cc:7b:11:24:06:84:d0:a0:ac:10:38:76:5c:45:5e:4e:4c:
ac:f5:84:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xjYqeVluFAJbm2mcNHO7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYTExNzNhNzBlNDFmNDU5MzU0NzY2OWFkYTIyZjBkN2Y2
OGYzNTQwHhcNMjUxMDE5MTQwMTEyWhcNMjUxMDIwMTQwMTEyWjAzMTEwLwYDVQQD
EyhhMjM4M2E5NzAxYThjZDkxZmFjMGM2MGFkMjVlZGQzYWNjNmY2N2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmX4JaqqnTkuC/NdXjg4uxlBFm1Y
bScnzJDgIcAdnGppWPcwVl3CI/aSH3I1eiksIIA7NERSEJ5G8BrpylB4unSOsys7
fFyK+Nkqn+TApquLSejDABgiWlSsWhRDsxwqJY7JQ/zUcbaj4v4Y39GM+5IYflbL
zJyh9D46nIbE+QsEJkfTGC1U2p7Flyd+118KH05XwD1ui4kiRT5N6d3inqvaAWyc
EXx/zrljfPXW1oN7yf+0O4t3x5T/gfqHT/Ac6zufZRei3zr9YUVOgszwIKU3Tz74
kGn0bKTXbuIKGP1yh0r03pRoD7h87MlAwig2tI1+VxqwYkiYAAvAz1I3GwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKI4OpcBqM2R+sDGCtJe3TrMb2ehMB8GA1UdIwQY
MBaAFJGhFzpw5B9Fk1R2aa2iLw1/aPNUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8zNGU1M2YtNjc1OS00Y2Y1LTk4MDEt
NWQ2MzBlMjAzZmQ1LzEva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8zNGU1M2YtNjc1OS00Y2Y1LTk4MDEtNWQ2MzBlMjAzZmQ1
LzEva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARbHacqjN
YRyk2cGRYkfKTHJCi8jhCHBYMiZMsG2DCwL2leCH5AeWDB9ay3na6U1h1t9x0Fpb
0Rkk7fW4riOyqGhJh/schlVhDyjNF/e4jvtJt6NPr8/BSn3ChHPEq3msRtb/vHu3
fKLgz9ZbhG5TPVYCcIGAWeI7ibvIo6tzyjLXMTrTqe4tcHl8OlnSrekUYEwnrkB5
i5pWigTRd2qmsoUrAqO81JGp9C8S+bw+CJ0Ip6TBeOCTuW7570vkeshnr0GCMQVa
OgLkMNTQBsNXJR/r1IAorUGCLsaGLWkksxuv+qTQk28UohIoZMx7ESQGhNCgrBA4
dlxFXk5MrPWEUA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:36:14 2025 by rpki-client