Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.mft
File: KYm1iRINOeoU_1OWO_IxV9Mkleo.mft (raw, json)
Hash identifier: ZN8S7lyNND9cr4lV8mNGGi4ObNAiRA8cFg9XKLYm9n0=
Subject key identifier: F0:D7:C5:2B:7D:B8:38:E4:58:32:5E:33:B8:2A:33:B4:4A:08:84:D7
Authority key identifier: 29:89:B5:89:12:0D:39:EA:14:FF:53:96:3B:F2:31:57:D3:24:95:EA
Certificate issuer: /CN=2989b589120d39ea14ff53963bf23157d32495ea
Certificate serial: 0199FD3467247B6A41D8625DD959F4421B07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYm1iRINOeoU_1OWO_IxV9Mkleo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.mft
Manifest number: 16E0
Signing time: Sun 19 Oct 2025 16:01:33 +0000
Manifest this update: Sun 19 Oct 2025 16:01:33 +0000
Manifest next update: Mon 20 Oct 2025 16:01:33 +0000
Files and hashes: 1: KYm1iRINOeoU_1OWO_IxV9Mkleo.crl (hash: s4epC9T1Sws5hZsTkmNMOGfGtiSfwisB3P6+Ey+oJGA=)
2: qCYAPp7Dim0U2WN8VdnzBt9dUOY.roa (hash: A0zVfMWFcmAvQiJtyOik4/Esuwb1ukoj8nbTE0+n850=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.mft
rsync://rpki.ripe.net/repository/DEFAULT/KYm1iRINOeoU_1OWO_IxV9Mkleo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:34:67:24:7b:6a:41:d8:62:5d:d9:59:f4:42:1b:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2989b589120d39ea14ff53963bf23157d32495ea
Validity
Not Before: Oct 19 16:01:33 2025 GMT
Not After : Oct 20 16:01:33 2025 GMT
Subject: CN=f0d7c52b7db838e458325e33b82a33b44a0884d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:4e:b9:bb:92:9c:b2:7f:bb:8b:c7:09:46:64:
11:3d:17:50:80:a1:88:76:58:71:14:67:f3:7d:71:
8e:c4:07:88:dc:b1:ae:f8:ad:ea:41:8b:cd:cc:fd:
bb:ba:bc:55:c7:cc:72:bc:9d:a2:59:38:73:ba:9b:
42:1a:5e:d8:e6:d3:90:d4:c3:eb:3e:91:bf:c7:70:
37:cf:46:63:ce:13:9a:06:37:7d:40:7f:f3:98:8e:
3c:f9:06:96:17:88:7d:28:d7:3c:d3:82:6d:ed:f7:
be:4d:32:8c:db:44:94:bf:80:3b:b1:16:ef:3a:e5:
4b:49:1c:84:f8:cf:e9:bf:4f:a0:bf:48:3c:35:8e:
0f:66:c2:aa:5d:d7:0e:be:d5:f3:4f:62:0e:b0:13:
4d:aa:48:d3:c9:06:fe:21:dc:69:13:71:5b:e5:6c:
9f:84:a0:d1:05:38:6a:69:6b:00:a7:ad:fb:50:18:
c3:3f:ae:15:24:b1:c4:46:00:bf:76:27:67:b2:b5:
de:d3:7d:09:53:a3:dc:97:d7:63:9d:1a:7f:f3:2e:
28:d0:9d:fe:be:61:df:65:b4:5c:db:7f:1e:94:6a:
6f:d6:f7:b9:b3:e1:0a:c5:80:02:60:18:7e:c5:63:
86:b2:40:b2:6a:cc:85:06:5f:f6:0e:8a:5d:6e:bf:
1f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:D7:C5:2B:7D:B8:38:E4:58:32:5E:33:B8:2A:33:B4:4A:08:84:D7
X509v3 Authority Key Identifier:
keyid:29:89:B5:89:12:0D:39:EA:14:FF:53:96:3B:F2:31:57:D3:24:95:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYm1iRINOeoU_1OWO_IxV9Mkleo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
48:9c:83:b1:e5:b5:30:fb:3c:51:9b:d4:c9:7f:8e:ec:b6:fd:
00:c1:dd:ab:0a:e5:68:cf:47:5d:83:e4:55:df:b1:cf:35:b5:
fd:61:80:9b:27:81:a2:90:82:e6:f3:4d:cd:ca:ef:41:34:b7:
a7:6f:23:5a:d9:65:4a:49:65:37:f0:9e:ca:8d:74:bf:80:07:
b7:37:fc:18:38:0a:06:1c:de:5d:0d:cb:82:e7:b8:75:d7:2e:
db:f1:54:83:c4:9f:3d:3a:21:d3:2f:fe:d8:97:0a:55:8f:69:
69:c3:f7:95:ff:ef:de:c9:a4:5c:a2:d3:4f:4e:c2:14:6f:5b:
4d:78:e0:6b:94:d3:67:a6:f6:6f:64:de:f1:93:2a:d0:86:78:
a0:28:e8:23:86:46:2f:5c:79:0a:02:87:9f:a3:13:08:fe:c8:
da:8e:3e:c9:92:98:ab:0c:79:22:f0:0f:3b:73:59:5a:a9:35:
55:2c:63:bf:85:60:f7:a2:b3:6a:24:20:0b:13:f5:1c:c4:fa:
a7:31:9d:83:b8:7e:9f:9a:b8:2f:46:05:5d:1e:3d:7f:bd:0c:
b3:26:58:f6:a3:18:9e:9f:13:36:e1:f1:84:8f:d7:e0:2a:8d:
02:84:fd:36:a4:76:a3:5b:56:31:68:14:22:db:ba:a0:b7:5a:
a6:17:b8:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NGcke2pB2GJd2Vn0QhsHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ODliNTg5MTIwZDM5ZWExNGZmNTM5NjNiZjIzMTU3ZDMy
NDk1ZWEwHhcNMjUxMDE5MTYwMTMzWhcNMjUxMDIwMTYwMTMzWjAzMTEwLwYDVQQD
EyhmMGQ3YzUyYjdkYjgzOGU0NTgzMjVlMzNiODJhMzNiNDRhMDg4NGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlk65u5Kcsn+7i8cJRmQRPRdQgKGI
dlhxFGfzfXGOxAeI3LGu+K3qQYvNzP27urxVx8xyvJ2iWThzuptCGl7Y5tOQ1MPr
PpG/x3A3z0ZjzhOaBjd9QH/zmI48+QaWF4h9KNc804Jt7fe+TTKM20SUv4A7sRbv
OuVLSRyE+M/pv0+gv0g8NY4PZsKqXdcOvtXzT2IOsBNNqkjTyQb+IdxpE3Fb5Wyf
hKDRBThqaWsAp637UBjDP64VJLHERgC/didnsrXe030JU6Pcl9djnRp/8y4o0J3+
vmHfZbRc238elGpv1ve5s+EKxYACYBh+xWOGskCyasyFBl/2Dopdbr8fbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPDXxSt9uDjkWDJeM7gqM7RKCITXMB8GA1UdIwQY
MBaAFCmJtYkSDTnqFP9TljvyMVfTJJXqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1ltMWlSSU5PZW9VXzFPV09fSXhWOU1rbGVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9mMDgxNzAtOGQ5Mi00Y2ZhLWI3MzMt
ZmJkYmU1MTRkZjVhLzEvS1ltMWlSSU5PZW9VXzFPV09fSXhWOU1rbGVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9mMDgxNzAtOGQ5Mi00Y2ZhLWI3MzMtZmJkYmU1MTRkZjVh
LzEvS1ltMWlSSU5PZW9VXzFPV09fSXhWOU1rbGVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASJyDseW1
MPs8UZvUyX+O7Lb9AMHdqwrlaM9HXYPkVd+xzzW1/WGAmyeBopCC5vNNzcrvQTS3
p28jWtllSkllN/Ceyo10v4AHtzf8GDgKBhzeXQ3Lgue4ddcu2/FUg8SfPToh0y/+
2JcKVY9pacP3lf/v3smkXKLTT07CFG9bTXjga5TTZ6b2b2Te8ZMq0IZ4oCjoI4ZG
L1x5CgKHn6MTCP7I2o4+yZKYqwx5IvAPO3NZWqk1VSxjv4Vg96KzaiQgCxP1HMT6
pzGdg7h+n5q4L0YFXR49f70MsyZY9qMYnp8TNuHxhI/X4CqNAoT9NqR2o1tWMWgU
Itu6oLdaphe4jg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:30:15 2025 by rpki-client