Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.mft
File: kHb3fahBt7lCFbb6wtQaccIVFgE.mft (raw, json)
Hash identifier: D6xh2qInVIA0oG6ihf7LxlI+Rh/L6UC5qJnZ4lWC16U=
Subject key identifier: 5B:38:85:6C:CD:A6:CE:4E:C5:54:27:6B:8E:D2:EC:D6:76:2B:CD:6A
Authority key identifier: 90:76:F7:7D:A8:41:B7:B9:42:15:B6:FA:C2:D4:1A:71:C2:15:16:01
Certificate issuer: /CN=9076f77da841b7b94215b6fac2d41a71c2151601
Certificate serial: 0199FDD96D34E04C08FD7B50835BF9CFCBB5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kHb3fahBt7lCFbb6wtQaccIVFgE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.mft
Manifest number: 1073
Signing time: Sun 19 Oct 2025 19:01:48 +0000
Manifest this update: Sun 19 Oct 2025 19:01:48 +0000
Manifest next update: Mon 20 Oct 2025 19:01:48 +0000
Files and hashes: 1: 79LYqjKNTJN0ouKGzdcbqvTlAUQ.roa (hash: ql/wdfFz1qsER0EkZDThbVWptAlBg9mw+jziuKWlZyc=)
2: kHb3fahBt7lCFbb6wtQaccIVFgE.crl (hash: +AUd0if4TEak4Yb7Hs+HnGi9UhHRK9sbBgbhGg3P8Ao=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.mft
rsync://rpki.ripe.net/repository/DEFAULT/kHb3fahBt7lCFbb6wtQaccIVFgE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:d9:6d:34:e0:4c:08:fd:7b:50:83:5b:f9:cf:cb:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9076f77da841b7b94215b6fac2d41a71c2151601
Validity
Not Before: Oct 19 19:01:48 2025 GMT
Not After : Oct 20 19:01:48 2025 GMT
Subject: CN=5b38856ccda6ce4ec554276b8ed2ecd6762bcd6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b0:16:fd:79:c2:61:e4:4a:3d:e3:72:99:12:
94:f6:3b:9f:99:e1:36:9b:cb:6b:63:a4:2b:ba:28:
9e:9a:c4:68:79:b1:ab:96:d7:ba:13:69:47:95:fc:
22:7e:29:93:52:7a:f2:6a:bb:9e:d7:75:37:99:b2:
5b:25:f1:7c:74:b5:ce:d7:52:7a:50:00:51:b7:57:
d8:b7:84:2d:03:57:91:4e:9f:66:25:bc:2d:69:0e:
c8:42:d0:af:82:ec:d2:fb:88:f1:a3:36:c3:d7:de:
29:b1:a6:d4:e7:86:71:c0:24:c5:97:6d:25:7d:11:
f6:4b:af:b7:60:0b:9d:b4:c8:f4:3d:8f:39:8b:b6:
8f:df:fa:40:7f:28:f2:82:fe:5f:43:1e:4e:8a:25:
11:4b:5d:dc:dd:45:c8:50:b7:b8:24:6f:78:61:a6:
af:b3:ac:30:68:67:51:05:0a:0a:57:98:3f:d9:df:
4a:28:e3:5a:ae:70:02:65:8c:44:cb:70:11:ef:dd:
0e:92:c4:57:3a:a0:1b:0a:90:d1:4c:05:1e:24:06:
fe:23:0c:64:e4:e3:27:af:6b:bd:1b:49:bf:f3:00:
3f:5d:b9:25:de:c7:d0:4f:7c:38:3e:63:7e:6a:fa:
e0:eb:35:40:a7:04:03:8c:7b:0d:53:80:a5:48:4d:
52:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:38:85:6C:CD:A6:CE:4E:C5:54:27:6B:8E:D2:EC:D6:76:2B:CD:6A
X509v3 Authority Key Identifier:
keyid:90:76:F7:7D:A8:41:B7:B9:42:15:B6:FA:C2:D4:1A:71:C2:15:16:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kHb3fahBt7lCFbb6wtQaccIVFgE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c9:e4:ad:7f:aa:c1:5a:67:f2:ba:76:a0:3d:11:54:98:00:c5:
98:77:fb:1d:5d:57:6d:95:b9:be:73:f1:8e:f0:af:fa:d4:25:
cb:45:7c:26:13:7c:2c:39:c8:05:95:38:4e:99:91:1d:17:33:
86:7c:93:05:e9:15:dc:0b:fe:3d:ed:12:20:f0:7e:6b:eb:a4:
c4:1c:c2:92:8e:29:6c:0a:6f:67:a5:72:d9:f4:a0:d5:6b:35:
aa:61:07:63:81:ff:36:76:51:b9:4d:37:7a:92:ed:99:fb:e3:
03:53:76:32:38:0d:09:21:57:f4:05:0d:71:10:35:4c:6d:ba:
54:d1:84:0e:e7:9b:b4:e8:cc:81:ff:4a:b9:ce:c6:18:ed:8b:
32:11:40:87:a8:b6:1b:5d:bb:fb:84:92:62:0d:eb:6d:38:ce:
01:46:45:e2:90:37:4b:5e:d1:d1:da:2b:ea:2d:e2:ed:43:5d:
3b:56:5b:ae:2b:fa:7c:4a:70:cc:e9:a5:0b:5b:c5:68:3b:c4:
94:db:6e:27:c0:e5:26:ed:0e:37:4b:ed:4a:ed:5e:7a:bc:21:
d0:ed:b8:53:22:e7:cf:1f:d7:b5:73:4d:10:cc:e3:87:87:4a:
28:b2:0e:e0:de:25:f9:e6:d8:d2:60:65:8c:1f:57:ab:c4:52:
72:73:4d:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92W004EwI/XtQg1v5z8u1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNzZmNzdkYTg0MWI3Yjk0MjE1YjZmYWMyZDQxYTcxYzIx
NTE2MDEwHhcNMjUxMDE5MTkwMTQ4WhcNMjUxMDIwMTkwMTQ4WjAzMTEwLwYDVQQD
Eyg1YjM4ODU2Y2NkYTZjZTRlYzU1NDI3NmI4ZWQyZWNkNjc2MmJjZDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLAW/XnCYeRKPeNymRKU9jufmeE2
m8trY6QruiiemsRoebGrlte6E2lHlfwifimTUnryarue13U3mbJbJfF8dLXO11J6
UABRt1fYt4QtA1eRTp9mJbwtaQ7IQtCvguzS+4jxozbD194psabU54ZxwCTFl20l
fRH2S6+3YAudtMj0PY85i7aP3/pAfyjygv5fQx5OiiURS13c3UXIULe4JG94Yaav
s6wwaGdRBQoKV5g/2d9KKONarnACZYxEy3AR790OksRXOqAbCpDRTAUeJAb+Iwxk
5OMnr2u9G0m/8wA/Xbkl3sfQT3w4PmN+avrg6zVApwQDjHsNU4ClSE1SHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFs4hWzNps5OxVQna47S7NZ2K81qMB8GA1UdIwQY
MBaAFJB2932oQbe5QhW2+sLUGnHCFRYBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0hiM2ZhaEJ0N2xDRmJiNnd0UWFjY0lWRmdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9lMWQ2YjctNTU1Yy00ZDliLWFmZTEt
ZTYzY2U1NTM3MGViLzEva0hiM2ZhaEJ0N2xDRmJiNnd0UWFjY0lWRmdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9lMWQ2YjctNTU1Yy00ZDliLWFmZTEtZTYzY2U1NTM3MGVi
LzEva0hiM2ZhaEJ0N2xDRmJiNnd0UWFjY0lWRmdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyeStf6rB
WmfyunagPRFUmADFmHf7HV1XbZW5vnPxjvCv+tQly0V8JhN8LDnIBZU4TpmRHRcz
hnyTBekV3Av+Pe0SIPB+a+ukxBzCko4pbApvZ6Vy2fSg1Ws1qmEHY4H/NnZRuU03
epLtmfvjA1N2MjgNCSFX9AUNcRA1TG26VNGEDuebtOjMgf9Kuc7GGO2LMhFAh6i2
G127+4SSYg3rbTjOAUZF4pA3S17R0dor6i3i7UNdO1Zbriv6fEpwzOmlC1vFaDvE
lNtuJ8DlJu0ON0vtSu1eerwh0O24UyLnzx/XtXNNEMzjh4dKKLIO4N4l+ebY0mBl
jB9Xq8RScnNN4A==
-----END CERTIFICATE-----
Generated at Mon Oct 20 00:07:40 2025 by rpki-client