Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
File: KbOnF2ZaETfpncj60i4-f5jbiXM.mft (raw, json)
Hash identifier: IQwIR+GjDDoho4p0ct4Nzn9A+E1FpTyJrfIVQ+5/m8w=
Subject key identifier: 49:B9:00:C2:A0:40:EB:C9:4B:62:6B:82:B8:04:54:A9:D7:A6:94:43
Authority key identifier: 29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
Certificate issuer: /CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Certificate serial: 0199FCFD35C0005B2306E5FC3C58039B3C3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
Manifest number: 16E8
Signing time: Sun 19 Oct 2025 15:01:16 +0000
Manifest this update: Sun 19 Oct 2025 15:01:16 +0000
Manifest next update: Mon 20 Oct 2025 15:01:16 +0000
Files and hashes: 1: 0l-uuc0ta--zZGivAH1vRPmB_34.roa (hash: N3+ixN59bx1CAdzBVH5dBhTA7XSG6tSZGbX7+qQ9kkU=)
2: KbOnF2ZaETfpncj60i4-f5jbiXM.crl (hash: V4VIjnS+aU/XfrNYKwnZSx1OizxCdF3w4R+rbdaIj8c=)
3: ZjCHU3LEGq34M383f_KumGN_eB4.roa (hash: YxlGAgs8g3hAPxhoH9iP3cLnbEfE9zXQU/84spENz30=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:fd:35:c0:00:5b:23:06:e5:fc:3c:58:03:9b:3c:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Validity
Not Before: Oct 19 15:01:16 2025 GMT
Not After : Oct 20 15:01:16 2025 GMT
Subject: CN=49b900c2a040ebc94b626b82b80454a9d7a69443
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a2:52:ec:69:5b:d2:ed:9c:ab:e2:dc:4a:1d:
81:eb:d3:0b:f6:ee:05:09:73:e0:00:4d:cf:ed:1e:
ff:3d:c9:77:0e:8e:c9:37:c8:fa:51:43:cd:4b:6b:
c3:48:e1:e8:a5:82:47:91:af:4f:3f:41:af:6a:cc:
6a:f7:f3:fe:7c:f3:06:95:f9:3c:63:6a:7f:96:f3:
b8:52:95:68:e3:a3:28:49:56:18:dd:68:91:a0:b4:
1f:1a:8a:32:84:15:e5:e4:72:37:2b:c0:fb:13:79:
5f:94:89:35:12:00:42:02:d7:8a:78:ba:54:b3:63:
50:a5:7b:51:bd:fe:90:dd:81:14:0d:e4:3d:e8:e7:
7f:57:e0:de:75:96:f6:29:7a:6d:7a:12:57:4e:16:
87:64:a4:cc:7b:83:45:a3:da:0e:0c:18:42:27:b0:
ca:cf:d3:4e:46:6c:60:91:2b:e4:88:ee:a3:d7:87:
e3:b3:7c:e2:3d:1a:3e:43:30:a7:e9:41:95:9b:53:
c2:64:89:92:23:59:e7:d2:5d:24:51:ee:a4:74:c5:
f4:23:db:6e:60:6b:4a:ec:b7:d8:2c:4a:e2:57:50:
cf:3f:86:9e:d8:d4:76:05:88:c1:3d:4c:23:3e:15:
1f:d5:dc:8b:74:fc:8b:d4:e9:d3:96:ff:81:74:91:
96:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:B9:00:C2:A0:40:EB:C9:4B:62:6B:82:B8:04:54:A9:D7:A6:94:43
X509v3 Authority Key Identifier:
keyid:29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4e:aa:fa:ea:22:99:2a:42:3b:7a:e0:0f:fd:a6:cf:80:8d:27:
46:95:75:75:a1:0c:ce:b6:45:b3:9e:a4:76:53:8e:25:ed:ff:
56:1b:f5:6b:66:bf:c2:00:d6:bc:17:ba:bb:63:c3:fe:a2:7e:
d4:af:a3:a4:6b:00:1d:94:bc:96:38:f9:d7:a4:20:0e:df:3f:
8c:61:44:25:00:62:3e:c3:0e:96:fb:c6:d6:cb:c0:d8:76:45:
47:04:d6:04:71:bc:94:e2:a3:af:28:1c:88:f8:17:a4:82:b8:
ff:53:30:f8:96:5c:0e:88:b7:5d:1e:5f:09:b2:a4:84:9c:09:
f9:09:37:ee:2a:76:82:d1:13:46:fd:87:b3:b8:1d:18:8a:c5:
b9:ba:1c:a1:9d:89:96:f0:91:d9:61:b4:7f:f2:47:68:b7:62:
db:bf:98:f6:23:16:1a:7c:15:73:0f:8f:60:11:93:d5:5a:4b:
21:e2:d0:46:0f:9c:ac:51:fb:3b:8a:ea:ce:50:d2:a7:1c:ed:
c3:e8:0e:04:23:de:22:93:ee:ac:00:2c:fd:bc:5b:35:94:d9:
b5:01:c3:bb:11:bf:0d:b7:2a:a2:ad:71:6f:74:83:b3:de:f6:
6a:78:a4:e5:65:51:21:30:41:8f:90:bc:cf:bc:02:94:1a:21:
0c:06:98:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8/TXAAFsjBuX8PFgDmzw7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YjNhNzE3NjY1YTExMzdlOTlkYzhmYWQyMmUzZTdmOThk
Yjg5NzMwHhcNMjUxMDE5MTUwMTE2WhcNMjUxMDIwMTUwMTE2WjAzMTEwLwYDVQQD
Eyg0OWI5MDBjMmEwNDBlYmM5NGI2MjZiODJiODA0NTRhOWQ3YTY5NDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaJS7Glb0u2cq+LcSh2B69ML9u4F
CXPgAE3P7R7/Pcl3Do7JN8j6UUPNS2vDSOHopYJHka9PP0Gvasxq9/P+fPMGlfk8
Y2p/lvO4UpVo46MoSVYY3WiRoLQfGooyhBXl5HI3K8D7E3lflIk1EgBCAteKeLpU
s2NQpXtRvf6Q3YEUDeQ96Od/V+DedZb2KXptehJXThaHZKTMe4NFo9oODBhCJ7DK
z9NORmxgkSvkiO6j14fjs3ziPRo+QzCn6UGVm1PCZImSI1nn0l0kUe6kdMX0I9tu
YGtK7LfYLEriV1DPP4ae2NR2BYjBPUwjPhUf1dyLdPyL1OnTlv+BdJGWawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEm5AMKgQOvJS2JrgrgEVKnXppRDMB8GA1UdIwQY
MBaAFCmzpxdmWhE36Z3I+tIuPn+Y24lzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgt
NjY5ZjdhNzYxNjMxLzEvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgtNjY5ZjdhNzYxNjMx
LzEvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATqr66iKZ
KkI7euAP/abPgI0nRpV1daEMzrZFs56kdlOOJe3/Vhv1a2a/wgDWvBe6u2PD/qJ+
1K+jpGsAHZS8ljj516QgDt8/jGFEJQBiPsMOlvvG1svA2HZFRwTWBHG8lOKjrygc
iPgXpIK4/1Mw+JZcDoi3XR5fCbKkhJwJ+Qk37ip2gtETRv2Hs7gdGIrFubocoZ2J
lvCR2WG0f/JHaLdi27+Y9iMWGnwVcw+PYBGT1VpLIeLQRg+crFH7O4rqzlDSpxzt
w+gOBCPeIpPurAAs/bxbNZTZtQHDuxG/Dbcqoq1xb3SDs972anik5WVRITBBj5C8
z7wClBohDAaYxg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:10:52 2025 by rpki-client