
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/67caee-4c11-4a6f-bf63-5518b0e86566/1/KpTH34VXtlNEfD4G-0s3LVEgoiI.mft
File: KpTH34VXtlNEfD4G-0s3LVEgoiI.mft (raw, json)
Hash identifier: k4EeiV/IgleEN2rBx1P+zrDE3Jij40kNeWjJpeLZ1Zg=
Subject key identifier: A4:A0:20:CA:84:9D:E6:7F:07:20:E9:FF:F6:B5:C0:AD:34:7A:FE:D5
Authority key identifier: 2A:94:C7:DF:85:57:B6:53:44:7C:3E:06:FB:4B:37:2D:51:20:A2:22
Certificate issuer: /CN=2a94c7df8557b653447c3e06fb4b372d5120a222
Certificate serial: 0199FBEB2A8D799F121013FB0488F2D5DC34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KpTH34VXtlNEfD4G-0s3LVEgoiI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/67caee-4c11-4a6f-bf63-5518b0e86566/1/KpTH34VXtlNEfD4G-0s3LVEgoiI.mft
Manifest number: 16DF
Signing time: Sun 19 Oct 2025 10:01:56 +0000
Manifest this update: Sun 19 Oct 2025 10:01:56 +0000
Manifest next update: Mon 20 Oct 2025 10:01:56 +0000
Files and hashes: 1: KpTH34VXtlNEfD4G-0s3LVEgoiI.crl (hash: SXYzWnSlKDdwYNuEdvdEnNJFvmWJ3iMW4I02zkRO3IQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/67caee-4c11-4a6f-bf63-5518b0e86566/1/KpTH34VXtlNEfD4G-0s3LVEgoiI.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/67caee-4c11-4a6f-bf63-5518b0e86566/1/KpTH34VXtlNEfD4G-0s3LVEgoiI.mft
rsync://rpki.ripe.net/repository/DEFAULT/KpTH34VXtlNEfD4G-0s3LVEgoiI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:eb:2a:8d:79:9f:12:10:13:fb:04:88:f2:d5:dc:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94c7df8557b653447c3e06fb4b372d5120a222
Validity
Not Before: Oct 19 10:01:56 2025 GMT
Not After : Oct 20 10:01:56 2025 GMT
Subject: CN=a4a020ca849de67f0720e9fff6b5c0ad347afed5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:18:12:d0:ab:99:2a:6b:4e:7f:76:fa:22:a8:
13:23:51:65:a8:47:dd:84:59:aa:73:91:61:bf:21:
bd:02:e3:83:19:aa:11:31:ff:03:ad:40:4c:e8:54:
45:d0:30:a9:96:8e:8d:de:41:b1:56:36:0a:fc:45:
4d:ff:9f:82:bd:a3:60:7c:75:db:ef:b9:41:39:70:
a0:e4:87:b4:d5:78:b8:17:ba:be:8a:44:00:9f:95:
3f:30:c1:22:6a:07:51:b0:d7:d3:02:2e:c8:71:6e:
d1:b2:e7:6b:3b:39:15:d4:00:bb:c9:f1:41:c8:83:
1b:05:71:8e:6b:66:e4:86:0d:05:6d:5f:2f:25:e8:
36:ce:ba:4c:61:1a:4c:88:3b:48:2c:1f:53:d6:89:
45:39:95:79:cf:5b:23:74:f7:d3:ea:ea:36:78:f9:
79:3b:be:da:73:ab:ed:bf:fd:d4:fa:a4:98:c3:90:
98:9f:f2:5d:d2:5d:ef:85:f9:25:9a:ad:c2:c3:f7:
da:08:af:e9:1b:37:f0:77:bf:9c:2e:18:f9:59:15:
52:d2:2b:66:a1:a8:84:3f:bb:ff:e0:0d:96:62:19:
1d:58:0a:ff:bd:a7:e9:b8:55:5b:39:2a:7a:0a:c9:
cd:48:6f:29:5f:48:2a:33:a8:75:b2:f3:ec:93:a6:
77:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:A0:20:CA:84:9D:E6:7F:07:20:E9:FF:F6:B5:C0:AD:34:7A:FE:D5
X509v3 Authority Key Identifier:
keyid:2A:94:C7:DF:85:57:B6:53:44:7C:3E:06:FB:4B:37:2D:51:20:A2:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KpTH34VXtlNEfD4G-0s3LVEgoiI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/67caee-4c11-4a6f-bf63-5518b0e86566/1/KpTH34VXtlNEfD4G-0s3LVEgoiI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/67caee-4c11-4a6f-bf63-5518b0e86566/1/KpTH34VXtlNEfD4G-0s3LVEgoiI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
28:85:da:e6:18:d6:9b:2c:88:c1:63:26:0d:48:25:a7:0a:b1:
17:6d:af:f7:10:58:89:19:fc:5e:f5:dc:e4:0e:12:e9:ff:f2:
28:6b:e9:81:8b:bc:4d:90:2a:ee:e7:21:c1:3a:82:d8:c2:49:
20:6b:85:0e:84:d6:51:b5:9c:8f:a0:d2:75:6e:d9:69:9b:29:
54:ef:e0:be:46:91:bd:5f:b1:42:4b:91:29:af:9c:4c:87:bd:
1d:6c:48:42:0e:c7:93:c7:49:96:e0:d9:a8:63:7b:f7:9b:bf:
54:b1:15:7c:e3:5e:03:d5:a6:8d:f8:4f:d9:29:7a:7f:dc:94:
9d:f1:54:dc:e2:1b:8d:73:cc:35:c2:9e:89:ae:21:d3:45:15:
b8:ac:83:a2:71:51:44:df:27:3a:07:36:64:fb:3d:6f:8d:77:
4b:61:04:d7:dc:7b:e8:21:14:c1:2a:57:35:fc:15:e5:be:c9:
3f:14:7b:5b:f4:82:50:fa:a6:ae:bb:1f:93:eb:da:9a:39:aa:
de:65:79:16:c4:62:67:06:63:b7:4f:cf:a0:de:90:4a:6f:25:
33:2b:b7:1a:f0:fc:52:ea:62:48:09:9a:ca:86:b8:7b:3b:c7:
6b:60:07:40:12:66:bc:f2:ae:ea:15:04:cd:52:97:6a:10:1c:
84:3f:45:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76yqNeZ8SEBP7BIjy1dw0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRjN2RmODU1N2I2NTM0NDdjM2UwNmZiNGIzNzJkNTEy
MGEyMjIwHhcNMjUxMDE5MTAwMTU2WhcNMjUxMDIwMTAwMTU2WjAzMTEwLwYDVQQD
EyhhNGEwMjBjYTg0OWRlNjdmMDcyMGU5ZmZmNmI1YzBhZDM0N2FmZWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxgS0KuZKmtOf3b6IqgTI1FlqEfd
hFmqc5FhvyG9AuODGaoRMf8DrUBM6FRF0DCplo6N3kGxVjYK/EVN/5+CvaNgfHXb
77lBOXCg5Ie01Xi4F7q+ikQAn5U/MMEiagdRsNfTAi7IcW7RsudrOzkV1AC7yfFB
yIMbBXGOa2bkhg0FbV8vJeg2zrpMYRpMiDtILB9T1olFOZV5z1sjdPfT6uo2ePl5
O77ac6vtv/3U+qSYw5CYn/Jd0l3vhfklmq3Cw/faCK/pGzfwd7+cLhj5WRVS0itm
oaiEP7v/4A2WYhkdWAr/vafpuFVbOSp6CsnNSG8pX0gqM6h1svPsk6Z3SwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKSgIMqEneZ/ByDp//a1wK00ev7VMB8GA1UdIwQY
MBaAFCqUx9+FV7ZTRHw+BvtLNy1RIKIiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3BUSDM0Vlh0bE5FZkQ0Ry0wczNMVkVnb2lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC82N2NhZWUtNGMxMS00YTZmLWJmNjMt
NTUxOGIwZTg2NTY2LzEvS3BUSDM0Vlh0bE5FZkQ0Ry0wczNMVkVnb2lJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC82N2NhZWUtNGMxMS00YTZmLWJmNjMtNTUxOGIwZTg2NTY2
LzEvS3BUSDM0Vlh0bE5FZkQ0Ry0wczNMVkVnb2lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKIXa5hjW
myyIwWMmDUglpwqxF22v9xBYiRn8XvXc5A4S6f/yKGvpgYu8TZAq7uchwTqC2MJJ
IGuFDoTWUbWcj6DSdW7ZaZspVO/gvkaRvV+xQkuRKa+cTIe9HWxIQg7Hk8dJluDZ
qGN795u/VLEVfONeA9WmjfhP2Sl6f9yUnfFU3OIbjXPMNcKeia4h00UVuKyDonFR
RN8nOgc2ZPs9b413S2EE19x76CEUwSpXNfwV5b7JPxR7W/SCUPqmrrsfk+vamjmq
3mV5FsRiZwZjt0/PoN6QSm8lMyu3GvD8UupiSAmayoa4ezvHa2AHQBJmvPKu6hUE
zVKXahAchD9FtA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:22:24 2025 by rpki-client