Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c90a34-0afd-49b9-bbd6-a297c1408085/1/KCA97NCL1H2KkWKm4XQvPFPqPHQ.mft
File: KCA97NCL1H2KkWKm4XQvPFPqPHQ.mft (raw, json)
Hash identifier: RpmIrH2H7pMxeQGSz7cTDLKns6xmeufREdIoG5biYX8=
Subject key identifier: 32:79:CB:BE:9F:F7:61:FC:7D:A6:67:89:58:6D:2B:1D:58:79:B3:BD
Authority key identifier: 28:20:3D:EC:D0:8B:D4:7D:8A:91:62:A6:E1:74:2F:3C:53:EA:3C:74
Certificate issuer: /CN=28203decd08bd47d8a9162a6e1742f3c53ea3c74
Certificate serial: 0199FFC8D3321B797DC7D73B5F74CAE4B52E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KCA97NCL1H2KkWKm4XQvPFPqPHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c90a34-0afd-49b9-bbd6-a297c1408085/1/KCA97NCL1H2KkWKm4XQvPFPqPHQ.mft
Manifest number: 0961
Signing time: Mon 20 Oct 2025 04:02:55 +0000
Manifest this update: Mon 20 Oct 2025 04:02:55 +0000
Manifest next update: Tue 21 Oct 2025 04:02:55 +0000
Files and hashes: 1: Ep5Q_paEMkoQ8JMNVQev_VtcdmY.roa (hash: Bu1EiGDnBTDp8uoDAPAoyCI9ib5FJjnia2bO4NVERCs=)
2: KCA97NCL1H2KkWKm4XQvPFPqPHQ.crl (hash: zAs/jKFZVYjYh0IXrs5VXPb7sM4YfUXC8K9YgOkZYiM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/c90a34-0afd-49b9-bbd6-a297c1408085/1/KCA97NCL1H2KkWKm4XQvPFPqPHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/c90a34-0afd-49b9-bbd6-a297c1408085/1/KCA97NCL1H2KkWKm4XQvPFPqPHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/KCA97NCL1H2KkWKm4XQvPFPqPHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:c8:d3:32:1b:79:7d:c7:d7:3b:5f:74:ca:e4:b5:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28203decd08bd47d8a9162a6e1742f3c53ea3c74
Validity
Not Before: Oct 20 04:02:55 2025 GMT
Not After : Oct 21 04:02:55 2025 GMT
Subject: CN=3279cbbe9ff761fc7da66789586d2b1d5879b3bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b1:7e:1d:03:2a:d4:63:ef:18:be:22:b0:ec:
81:b1:1e:ce:a4:2d:de:fd:c3:04:62:53:1b:5e:61:
4e:13:22:a5:2d:dc:bc:a9:3a:69:d3:9e:46:c7:fd:
e0:22:0d:76:61:8e:0c:30:aa:8c:2e:6c:ec:77:18:
2c:90:83:61:7b:49:10:95:0e:da:47:0d:64:2a:78:
cc:71:f5:58:f2:ee:43:9e:65:e0:9f:e1:24:b9:8a:
91:0a:18:cf:54:4c:98:81:c6:c9:5f:d3:3d:f8:73:
8d:c5:d5:91:81:a8:91:0f:2b:9f:60:00:c0:00:cc:
ea:f5:45:e1:10:01:c2:5e:f1:3a:83:e9:40:83:6e:
28:5b:21:e8:da:48:aa:42:84:fd:4d:08:ac:d3:39:
37:e4:db:a4:83:c7:51:5d:23:bc:93:3d:b1:a1:ce:
27:06:4b:d4:6e:98:11:80:d7:fe:e7:30:f1:22:bf:
b4:86:16:89:ce:b8:5f:51:c9:06:76:3a:03:4b:39:
74:a2:f5:07:f5:3c:09:60:cf:1f:e6:50:17:67:1e:
bc:4b:9a:2b:43:a9:91:f6:0a:87:16:a5:ae:b3:e5:
52:d1:e2:90:2b:a6:e9:86:d0:35:a9:c7:83:46:01:
50:e2:c7:41:b2:32:64:0e:d0:f5:5c:95:bd:ef:68:
3d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:79:CB:BE:9F:F7:61:FC:7D:A6:67:89:58:6D:2B:1D:58:79:B3:BD
X509v3 Authority Key Identifier:
keyid:28:20:3D:EC:D0:8B:D4:7D:8A:91:62:A6:E1:74:2F:3C:53:EA:3C:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KCA97NCL1H2KkWKm4XQvPFPqPHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c90a34-0afd-49b9-bbd6-a297c1408085/1/KCA97NCL1H2KkWKm4XQvPFPqPHQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c90a34-0afd-49b9-bbd6-a297c1408085/1/KCA97NCL1H2KkWKm4XQvPFPqPHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2a:43:00:fb:f5:d2:45:13:00:9d:4a:3f:b3:e9:bb:12:6e:f2:
c9:33:ad:78:aa:df:87:28:f4:22:1f:b9:51:8b:24:a3:03:09:
e2:bc:41:a3:7c:3a:76:c4:ae:10:b9:ac:1e:ae:5f:f1:b2:e5:
bd:c8:3b:3a:76:4e:2c:2a:7a:42:25:3c:dd:9d:40:a9:d8:38:
f5:56:4a:7b:5c:34:bf:59:f4:31:fe:88:56:bb:e7:59:f5:12:
b6:d1:84:50:7d:f2:ca:0e:bc:af:16:46:75:d0:53:4d:26:26:
0c:45:4f:cc:17:ab:97:c3:df:a0:e7:59:f6:17:1b:21:2d:fb:
ce:34:a4:60:f4:e2:c2:ee:3b:24:ce:b2:f4:1e:ee:e7:a6:8d:
b5:2e:b2:fa:c4:db:06:0d:d5:e9:90:81:60:52:6c:95:98:0f:
91:ea:5f:ab:71:e6:76:2f:f3:ad:16:70:ac:0e:58:87:a8:96:
d6:be:7b:32:88:83:74:c7:b7:6e:a8:0a:e5:f4:ed:29:49:9c:
eb:5f:e6:13:57:7d:7a:e3:98:4c:3b:18:e5:bb:53:89:cc:d6:
78:ff:c0:8a:47:48:32:89:a2:b8:f9:01:b7:91:53:be:2a:53:
c0:85:44:58:11:ce:d1:fe:31:73:ea:6d:a7:b0:1e:0c:aa:b3:
c1:35:f7:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yNMyG3l9x9c7X3TK5LUuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MjAzZGVjZDA4YmQ0N2Q4YTkxNjJhNmUxNzQyZjNjNTNl
YTNjNzQwHhcNMjUxMDIwMDQwMjU1WhcNMjUxMDIxMDQwMjU1WjAzMTEwLwYDVQQD
EygzMjc5Y2JiZTlmZjc2MWZjN2RhNjY3ODk1ODZkMmIxZDU4NzliM2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLF+HQMq1GPvGL4isOyBsR7OpC3e
/cMEYlMbXmFOEyKlLdy8qTpp055Gx/3gIg12YY4MMKqMLmzsdxgskINhe0kQlQ7a
Rw1kKnjMcfVY8u5DnmXgn+EkuYqRChjPVEyYgcbJX9M9+HONxdWRgaiRDyufYADA
AMzq9UXhEAHCXvE6g+lAg24oWyHo2kiqQoT9TQis0zk35Nukg8dRXSO8kz2xoc4n
BkvUbpgRgNf+5zDxIr+0hhaJzrhfUckGdjoDSzl0ovUH9TwJYM8f5lAXZx68S5or
Q6mR9gqHFqWus+VS0eKQK6bphtA1qceDRgFQ4sdBsjJkDtD1XJW972g9XQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDJ5y76f92H8faZniVhtKx1YebO9MB8GA1UdIwQY
MBaAFCggPezQi9R9ipFipuF0LzxT6jx0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0NBOTdOQ0wxSDJLa1dLbTRYUXZQRlBxUEhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jOTBhMzQtMGFmZC00OWI5LWJiZDYt
YTI5N2MxNDA4MDg1LzEvS0NBOTdOQ0wxSDJLa1dLbTRYUXZQRlBxUEhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jOTBhMzQtMGFmZC00OWI5LWJiZDYtYTI5N2MxNDA4MDg1
LzEvS0NBOTdOQ0wxSDJLa1dLbTRYUXZQRlBxUEhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKkMA+/XS
RRMAnUo/s+m7Em7yyTOteKrfhyj0Ih+5UYskowMJ4rxBo3w6dsSuELmsHq5f8bLl
vcg7OnZOLCp6QiU83Z1Aqdg49VZKe1w0v1n0Mf6IVrvnWfUSttGEUH3yyg68rxZG
ddBTTSYmDEVPzBerl8PfoOdZ9hcbIS37zjSkYPTiwu47JM6y9B7u56aNtS6y+sTb
Bg3V6ZCBYFJslZgPkepfq3Hmdi/zrRZwrA5Yh6iW1r57MoiDdMe3bqgK5fTtKUmc
61/mE1d9euOYTDsY5btTiczWeP/AikdIMomiuPkBt5FTvipTwIVEWBHO0f4xc+pt
p7AeDKqzwTX31w==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:45:56 2025 by rpki-client