Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft
File: KrmiSem1jILhRV6yM5RVsDHn3d8.mft (raw, json)
Hash identifier: 91ii5ZSXZKujUotxwfIFNmG9Qc1ur54BAJQcoUvrPc4=
Subject key identifier: 59:01:7D:E0:6A:A6:D8:5E:11:94:F1:FD:42:A1:64:5A:3C:93:8C:1C
Authority key identifier: 2A:B9:A2:49:E9:B5:8C:82:E1:45:5E:B2:33:94:55:B0:31:E7:DD:DF
Certificate issuer: /CN=2ab9a249e9b58c82e1455eb2339455b031e7dddf
Certificate serial: 019A0035A2DF4E631E65FDB44F82809FE56B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft
Manifest number: 16E1
Signing time: Mon 20 Oct 2025 06:01:46 +0000
Manifest this update: Mon 20 Oct 2025 06:01:46 +0000
Manifest next update: Tue 21 Oct 2025 06:01:46 +0000
Files and hashes: 1: KrmiSem1jILhRV6yM5RVsDHn3d8.crl (hash: QexHDb4D2iJ4MS7YRvtBKqZCWs0b2bt2t7bzx/9ssJo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 06:01:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:00:35:a2:df:4e:63:1e:65:fd:b4:4f:82:80:9f:e5:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ab9a249e9b58c82e1455eb2339455b031e7dddf
Validity
Not Before: Oct 20 06:01:46 2025 GMT
Not After : Oct 21 06:01:46 2025 GMT
Subject: CN=59017de06aa6d85e1194f1fd42a1645a3c938c1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:72:5f:fb:2e:11:a0:b0:ad:67:41:58:e5:c7:
75:bf:80:8a:3b:35:46:95:ba:83:a6:37:87:92:b0:
7a:1c:9d:64:2e:8f:54:01:f5:ab:10:95:66:97:20:
2a:8c:66:d5:6b:a9:cf:d2:ef:b8:45:0e:b9:73:a8:
63:94:b7:5b:9d:51:8c:3b:d4:9f:86:a0:e1:ba:7e:
c0:0f:87:67:b5:27:7b:82:4a:bb:b1:5e:4e:35:dc:
2a:24:1d:6a:ac:fb:91:92:99:7c:19:4d:82:f5:12:
8f:0f:04:0c:37:80:9c:56:a1:6b:05:4a:e1:3a:08:
7a:95:b4:b1:6b:65:76:b2:09:25:ed:9c:2f:a2:43:
bc:90:92:50:42:ed:78:8c:fe:df:24:da:73:30:f7:
ab:7c:bb:ef:74:a4:31:6a:a4:6b:55:7f:6a:d4:27:
cb:6c:3d:fb:0a:4b:80:67:2c:17:5b:08:1c:d8:cb:
7a:33:d3:01:83:5a:32:17:0b:ca:ac:52:fd:37:d0:
4a:17:6f:53:9e:8a:58:e2:15:43:96:d2:c1:23:96:
a8:50:48:f9:dd:54:6d:40:22:6c:ea:80:53:10:51:
16:d1:9a:11:04:72:c6:6e:42:d5:2c:a8:a9:09:af:
b3:10:f7:de:76:c1:1f:7a:e1:5a:cd:e6:9a:34:c2:
13:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:01:7D:E0:6A:A6:D8:5E:11:94:F1:FD:42:A1:64:5A:3C:93:8C:1C
X509v3 Authority Key Identifier:
keyid:2A:B9:A2:49:E9:B5:8C:82:E1:45:5E:B2:33:94:55:B0:31:E7:DD:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
01:9c:f2:bf:4f:c2:1a:43:42:ac:b0:38:f8:56:ec:8d:03:64:
9a:3e:ab:b4:20:36:90:93:ed:91:bd:17:83:a3:15:40:9f:13:
79:ec:c4:a0:e2:c2:b8:a2:43:40:de:77:96:7c:80:0c:53:16:
7e:9d:e2:25:5c:1c:68:33:63:19:00:35:a4:ff:20:3d:0c:51:
67:9d:99:2f:9c:53:1f:31:75:b1:34:11:f4:76:fd:93:0e:49:
fd:67:35:c1:e4:f6:f0:b2:90:9a:8c:84:2e:42:1d:1d:1e:34:
85:f6:1c:bf:34:42:37:4f:e4:bd:2d:0b:e9:58:f2:8a:af:36:
e3:e4:37:ab:71:a2:10:c0:89:3e:ca:cb:90:d4:d1:bf:dc:46:
0e:ad:06:fe:85:23:43:bd:a7:f3:76:11:5a:43:47:06:82:ed:
ac:ac:c7:3c:70:77:ff:be:13:7c:ea:f0:12:1e:e3:91:55:ad:
33:a2:62:14:9e:ae:ba:78:33:f2:3a:fc:f3:d5:a0:94:95:90:
02:1e:58:1b:89:57:2e:ac:41:a8:09:8a:00:37:cc:21:5e:81:
cc:76:09:b4:0f:50:77:11:81:00:2e:2b:ca:64:3b:c6:76:b0:
49:eb:8f:20:de:c6:bc:9c:69:42:c3:5b:18:33:df:bb:ff:49:
36:a3:8d:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoANaLfTmMeZf20T4KAn+VrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYjlhMjQ5ZTliNThjODJlMTQ1NWViMjMzOTQ1NWIwMzFl
N2RkZGYwHhcNMjUxMDIwMDYwMTQ2WhcNMjUxMDIxMDYwMTQ2WjAzMTEwLwYDVQQD
Eyg1OTAxN2RlMDZhYTZkODVlMTE5NGYxZmQ0MmExNjQ1YTNjOTM4YzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHJf+y4RoLCtZ0FY5cd1v4CKOzVG
lbqDpjeHkrB6HJ1kLo9UAfWrEJVmlyAqjGbVa6nP0u+4RQ65c6hjlLdbnVGMO9Sf
hqDhun7AD4dntSd7gkq7sV5ONdwqJB1qrPuRkpl8GU2C9RKPDwQMN4CcVqFrBUrh
Ogh6lbSxa2V2sgkl7ZwvokO8kJJQQu14jP7fJNpzMPerfLvvdKQxaqRrVX9q1CfL
bD37CkuAZywXWwgc2Mt6M9MBg1oyFwvKrFL9N9BKF29TnopY4hVDltLBI5aoUEj5
3VRtQCJs6oBTEFEW0ZoRBHLGbkLVLKipCa+zEPfedsEfeuFazeaaNMITkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFkBfeBqptheEZTx/UKhZFo8k4wcMB8GA1UdIwQY
MBaAFCq5oknptYyC4UVesjOUVbAx593fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85ZWFiNmQtNmIzNS00YTVhLWFmYjEt
MjUxZjIyMDkzZDA0LzEvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85ZWFiNmQtNmIzNS00YTVhLWFmYjEtMjUxZjIyMDkzZDA0
LzEvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAZzyv0/C
GkNCrLA4+FbsjQNkmj6rtCA2kJPtkb0Xg6MVQJ8TeezEoOLCuKJDQN53lnyADFMW
fp3iJVwcaDNjGQA1pP8gPQxRZ52ZL5xTHzF1sTQR9Hb9kw5J/Wc1weT28LKQmoyE
LkIdHR40hfYcvzRCN0/kvS0L6Vjyiq824+Q3q3GiEMCJPsrLkNTRv9xGDq0G/oUj
Q72n83YRWkNHBoLtrKzHPHB3/74TfOrwEh7jkVWtM6JiFJ6uungz8jr889WglJWQ
Ah5YG4lXLqxBqAmKADfMIV6BzHYJtA9QdxGBAC4rymQ7xnawSeuPIN7GvJxpQsNb
GDPfu/9JNqONFA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 11:59:47 2025 by rpki-client