Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
File: kpbYTmTVXsgSR2-4BvD-daCL-ys.mft (raw, json)
Hash identifier: b9MhbZ9SwjrhZWkT1o1bBhi9E3UGl6P3HqUmmAGyznk=
Subject key identifier: 22:DC:7A:F4:2B:27:B9:F5:B2:2D:06:CE:2F:D5:44:AE:82:59:DA:7C
Authority key identifier: 92:96:D8:4E:64:D5:5E:C8:12:47:6F:B8:06:F0:FE:75:A0:8B:FB:2B
Certificate issuer: /CN=9296d84e64d55ec812476fb806f0fe75a08bfb2b
Certificate serial: 0199FDDA38E82DC8A10DB5692EF1C27E2A2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
Manifest number: 16E4
Signing time: Sun 19 Oct 2025 19:02:40 +0000
Manifest this update: Sun 19 Oct 2025 19:02:40 +0000
Manifest next update: Mon 20 Oct 2025 19:02:40 +0000
Files and hashes: 1: kpbYTmTVXsgSR2-4BvD-daCL-ys.crl (hash: W6clU/WyPswoGzwxHsH40RESfAZ86+3pIlqwYaedX08=)
2: r4bjJ2cCOInhIlG1f9hIdTm3g6M.roa (hash: aZToxg96BEY8Qvj4uVJxCXKyOgQmRt2zg6OKjNY/eQ0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:da:38:e8:2d:c8:a1:0d:b5:69:2e:f1:c2:7e:2a:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9296d84e64d55ec812476fb806f0fe75a08bfb2b
Validity
Not Before: Oct 19 19:02:40 2025 GMT
Not After : Oct 20 19:02:40 2025 GMT
Subject: CN=22dc7af42b27b9f5b22d06ce2fd544ae8259da7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:d7:25:59:93:ab:de:68:53:3a:43:b3:1f:a9:
37:91:68:12:51:6c:07:35:9e:a5:a4:f3:2b:e4:31:
b5:a4:78:c5:02:16:6d:13:fc:fb:ba:63:82:bb:3a:
d5:58:a6:5a:ee:ee:72:3a:e2:32:c3:21:10:89:e6:
9a:e7:a4:48:28:33:3d:02:77:b5:4b:90:bc:88:ec:
7b:0c:15:3f:01:9e:ea:87:9a:20:ad:d8:16:80:85:
21:fa:d8:66:c7:6b:d1:ee:59:dd:0c:2f:a5:e9:c1:
33:30:f3:3e:21:53:c1:6a:fe:cd:1e:14:7d:98:b3:
60:27:68:69:ed:20:d7:73:70:dd:94:f5:cb:26:09:
09:32:a2:38:db:5c:2a:64:c7:6a:7a:d2:8e:b9:80:
7e:ca:7a:4f:08:09:e1:53:6a:8d:43:40:3d:99:1c:
d9:cf:58:99:b1:85:bb:f3:59:32:c9:ba:77:69:c8:
28:ab:1b:25:08:c3:75:49:81:c6:69:a8:1b:aa:d6:
58:6f:fc:90:d3:c7:c4:62:26:9d:8a:d2:e9:54:ef:
d8:89:54:a1:6b:63:d6:ca:ee:79:81:13:2a:86:ff:
61:78:7f:a7:26:f2:21:be:5c:29:d1:ab:02:3f:6d:
76:cb:a5:e2:8d:68:ba:56:3e:f6:5e:4e:88:98:09:
2e:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:DC:7A:F4:2B:27:B9:F5:B2:2D:06:CE:2F:D5:44:AE:82:59:DA:7C
X509v3 Authority Key Identifier:
keyid:92:96:D8:4E:64:D5:5E:C8:12:47:6F:B8:06:F0:FE:75:A0:8B:FB:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2c:e8:16:38:ea:5d:cc:b5:8d:df:e4:1a:7a:15:15:45:00:98:
ae:77:9d:70:75:75:ef:7a:13:79:b4:8b:b9:8a:49:9d:0f:76:
20:bf:42:5a:15:fe:0d:e8:36:fb:1b:61:7b:8f:15:c2:2b:a2:
d9:fb:1a:23:23:64:37:14:90:09:29:1b:2b:09:1c:d1:54:8d:
e9:09:c3:12:a6:07:09:0f:af:1f:7c:9e:86:1b:c1:d2:1e:24:
25:d4:1c:09:18:a8:5c:14:10:e7:10:1c:ec:51:f9:bb:5c:34:
14:c9:52:6c:cf:18:15:63:a2:fb:c8:5b:c2:38:a8:ec:02:a6:
d7:97:55:10:a8:b7:d4:65:f9:75:64:c3:89:f9:34:37:07:9a:
a1:9a:15:85:9d:86:c6:66:15:73:98:23:31:f8:58:2a:46:1c:
2b:df:16:7d:a9:4d:2b:69:37:c2:f3:c5:85:ce:30:9f:60:16:
8b:11:f7:40:1e:01:e0:d9:d4:36:27:45:1c:b6:05:2d:d1:25:
92:c8:9c:b2:e8:d1:9c:69:20:e2:7b:91:83:9f:83:01:e0:cb:
ee:8b:c8:72:ba:40:82:52:c5:d1:83:62:4f:6d:af:19:b0:70:
68:63:8d:df:ab:74:5e:02:7b:68:30:08:78:16:19:cb:32:2d:
73:eb:b9:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92jjoLcihDbVpLvHCfioqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTZkODRlNjRkNTVlYzgxMjQ3NmZiODA2ZjBmZTc1YTA4
YmZiMmIwHhcNMjUxMDE5MTkwMjQwWhcNMjUxMDIwMTkwMjQwWjAzMTEwLwYDVQQD
EygyMmRjN2FmNDJiMjdiOWY1YjIyZDA2Y2UyZmQ1NDRhZTgyNTlkYTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA79clWZOr3mhTOkOzH6k3kWgSUWwH
NZ6lpPMr5DG1pHjFAhZtE/z7umOCuzrVWKZa7u5yOuIywyEQieaa56RIKDM9Ane1
S5C8iOx7DBU/AZ7qh5ogrdgWgIUh+thmx2vR7lndDC+l6cEzMPM+IVPBav7NHhR9
mLNgJ2hp7SDXc3DdlPXLJgkJMqI421wqZMdqetKOuYB+ynpPCAnhU2qNQ0A9mRzZ
z1iZsYW781kyybp3acgoqxslCMN1SYHGaagbqtZYb/yQ08fEYiaditLpVO/YiVSh
a2PWyu55gRMqhv9heH+nJvIhvlwp0asCP212y6XijWi6Vj72Xk6ImAkuSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCLcevQrJ7n1si0Gzi/VRK6CWdp8MB8GA1UdIwQY
MBaAFJKW2E5k1V7IEkdvuAbw/nWgi/srMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9hNTRlYjEtMzNkZS00MDFmLTkzNWEt
ZjM0OTI4NDUwOWI3LzEva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9hNTRlYjEtMzNkZS00MDFmLTkzNWEtZjM0OTI4NDUwOWI3
LzEva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALOgWOOpd
zLWN3+QaehUVRQCYrnedcHV173oTebSLuYpJnQ92IL9CWhX+Deg2+xthe48Vwiui
2fsaIyNkNxSQCSkbKwkc0VSN6QnDEqYHCQ+vH3yehhvB0h4kJdQcCRioXBQQ5xAc
7FH5u1w0FMlSbM8YFWOi+8hbwjio7AKm15dVEKi31GX5dWTDifk0NweaoZoVhZ2G
xmYVc5gjMfhYKkYcK98WfalNK2k3wvPFhc4wn2AWixH3QB4B4NnUNidFHLYFLdEl
ksicsujRnGkg4nuRg5+DAeDL7ovIcrpAglLF0YNiT22vGbBwaGON36t0XgJ7aDAI
eBYZyzItc+u59g==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:42:28 2025 by rpki-client