Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
File: KYXMQ9gGohtjMwIZ62OLsbpJroA.mft (raw, json)
Hash identifier: Hm2SYZKJsYE18KIWrEB7F5AnV7eIuTNjhZCg9hUArCY=
Subject key identifier: D7:44:FE:D4:83:D5:5F:57:FD:DB:1C:BE:75:E4:99:D1:C5:0E:2A:24
Authority key identifier: 29:85:CC:43:D8:06:A2:1B:63:33:02:19:EB:63:8B:B1:BA:49:AE:80
Certificate issuer: /CN=2985cc43d806a21b63330219eb638bb1ba49ae80
Certificate serial: 0199FD6AF93B3DA8B179220C86AD1DD8E4E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
Manifest number: 04CC
Signing time: Sun 19 Oct 2025 17:01:10 +0000
Manifest this update: Sun 19 Oct 2025 17:01:10 +0000
Manifest next update: Mon 20 Oct 2025 17:01:10 +0000
Files and hashes: 1: 2Erepc7c7P1VRx_bLNiYu7weRzk.roa (hash: k2SMyfwtPMsgu8pAJX36t6HmVMk0LqM07DF6s7B27wo=)
2: KYXMQ9gGohtjMwIZ62OLsbpJroA.crl (hash: HHfePWsA+HedBU9TYzodEyH5ULDwRUyFo3ecR4a29lA=)
3: L_UMuGgef__KCIxYo719-pYnMY0.roa (hash: qQUOKChy81kdhWvOW3DW3K7T6hbp7d9kPXUCB0/Qv9Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:6a:f9:3b:3d:a8:b1:79:22:0c:86:ad:1d:d8:e4:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2985cc43d806a21b63330219eb638bb1ba49ae80
Validity
Not Before: Oct 19 17:01:10 2025 GMT
Not After : Oct 20 17:01:10 2025 GMT
Subject: CN=d744fed483d55f57fddb1cbe75e499d1c50e2a24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:81:b2:aa:82:c9:d5:af:f2:76:4d:8c:2b:ff:
e9:a7:70:72:9d:a7:e1:69:71:6d:26:5d:c4:91:89:
2c:11:fe:68:77:eb:f1:c9:bf:5b:03:16:95:96:03:
7f:15:5e:67:2d:45:a7:24:67:3a:c5:3a:15:3b:c6:
f8:91:35:9c:fe:2f:ee:15:f1:d8:0a:08:f1:5d:aa:
38:a7:2b:4a:a3:30:35:c7:36:e6:48:e8:18:b8:7a:
15:dc:a1:b8:d6:11:e5:f3:96:af:45:32:40:ce:a0:
66:e8:6b:d7:08:c2:06:0d:c4:e2:04:bd:42:09:ea:
1e:c6:c8:29:3c:bd:45:17:6e:d0:ec:34:33:78:82:
34:19:11:b4:a7:00:e8:cc:cd:23:ef:99:17:27:92:
66:46:98:9b:a2:ff:8d:4e:5c:85:62:79:87:54:76:
64:56:97:ee:ea:f4:a8:eb:29:ed:ba:da:52:cd:a6:
74:77:2e:98:2b:19:00:b5:8f:c7:3e:ba:40:52:23:
29:e4:4f:9e:e8:33:39:3d:19:5b:0d:98:2a:f4:67:
b9:03:03:42:f7:91:60:c8:14:4a:59:d8:37:95:c8:
8f:3f:b7:dc:16:2e:57:22:ba:f2:3a:b0:eb:f7:3c:
2c:1b:1f:5e:6e:69:91:98:86:9c:fa:30:a7:5f:62:
02:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:44:FE:D4:83:D5:5F:57:FD:DB:1C:BE:75:E4:99:D1:C5:0E:2A:24
X509v3 Authority Key Identifier:
keyid:29:85:CC:43:D8:06:A2:1B:63:33:02:19:EB:63:8B:B1:BA:49:AE:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:0e:2d:bc:11:a2:c1:1b:57:29:a2:44:49:75:c7:bf:33:b9:
88:80:fc:c4:c2:b7:38:0a:40:e2:d8:3f:17:42:9f:3e:b8:05:
e9:fc:9c:75:ec:50:5c:cb:7b:ea:bf:d6:7a:39:5c:01:bd:82:
fa:a6:be:86:f7:1f:06:25:78:8a:77:ab:2a:29:69:b3:34:52:
b8:84:43:e1:43:88:cd:fe:50:39:42:0e:c0:9d:65:df:32:8f:
a7:0f:fe:bd:d8:f2:f4:c9:6a:71:66:ee:88:b2:67:51:da:59:
cc:42:22:8a:f4:5f:61:cb:e9:16:6e:ec:98:31:f3:42:8e:f0:
4c:1b:fa:b8:74:e8:ab:9f:66:03:1f:75:54:d5:d8:76:11:69:
f5:9c:8c:f2:a1:20:86:6c:a3:a1:28:6f:dc:c5:ea:8f:ac:6a:
aa:ef:87:dd:ee:6d:1f:99:a3:fa:13:a3:96:45:7b:90:29:10:
47:cc:b8:2b:12:fd:9c:42:d8:04:be:5e:5b:12:71:b5:1a:bb:
82:d3:1d:37:cd:12:34:d6:81:d7:16:10:c4:f4:57:3e:0a:e9:
c1:56:42:55:c2:d2:ea:1d:45:d1:45:ec:8b:f1:b1:ed:17:d8:
b1:4f:e6:45:17:a3:79:ba:ea:3f:8c:35:87:d0:96:d4:53:bd:
f6:55:a9:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9avk7PaixeSIMhq0d2OTjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ODVjYzQzZDgwNmEyMWI2MzMzMDIxOWViNjM4YmIxYmE0
OWFlODAwHhcNMjUxMDE5MTcwMTEwWhcNMjUxMDIwMTcwMTEwWjAzMTEwLwYDVQQD
EyhkNzQ0ZmVkNDgzZDU1ZjU3ZmRkYjFjYmU3NWU0OTlkMWM1MGUyYTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2IGyqoLJ1a/ydk2MK//pp3Bynafh
aXFtJl3EkYksEf5od+vxyb9bAxaVlgN/FV5nLUWnJGc6xToVO8b4kTWc/i/uFfHY
CgjxXao4pytKozA1xzbmSOgYuHoV3KG41hHl85avRTJAzqBm6GvXCMIGDcTiBL1C
CeoexsgpPL1FF27Q7DQzeII0GRG0pwDozM0j75kXJ5JmRpibov+NTlyFYnmHVHZk
Vpfu6vSo6yntutpSzaZ0dy6YKxkAtY/HPrpAUiMp5E+e6DM5PRlbDZgq9Ge5AwNC
95FgyBRKWdg3lciPP7fcFi5XIrryOrDr9zwsGx9ebmmRmIac+jCnX2ICUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNdE/tSD1V9X/dscvnXkmdHFDiokMB8GA1UdIwQY
MBaAFCmFzEPYBqIbYzMCGetji7G6Sa6AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9mM2ZlZjQtNDVkYS00YjQzLTk4YzIt
NGRmODg0MGVmYjE3LzEvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9mM2ZlZjQtNDVkYS00YjQzLTk4YzItNGRmODg0MGVmYjE3
LzEvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApA4tvBGi
wRtXKaJESXXHvzO5iID8xMK3OApA4tg/F0KfPrgF6fycdexQXMt76r/WejlcAb2C
+qa+hvcfBiV4inerKilpszRSuIRD4UOIzf5QOUIOwJ1l3zKPpw/+vdjy9MlqcWbu
iLJnUdpZzEIiivRfYcvpFm7smDHzQo7wTBv6uHToq59mAx91VNXYdhFp9ZyM8qEg
hmyjoShv3MXqj6xqqu+H3e5tH5mj+hOjlkV7kCkQR8y4KxL9nELYBL5eWxJxtRq7
gtMdN80SNNaB1xYQxPRXPgrpwVZCVcLS6h1F0UXsi/Gx7RfYsU/mRRejebrqP4w1
h9CW1FO99lWpHQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:39:22 2025 by rpki-client