Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/89c3e4-b613-49ec-ae25-2e75228f9261/1/KwFArTlBTE6rAqxVQitEFj7TSw8.mft
File: KwFArTlBTE6rAqxVQitEFj7TSw8.mft (raw, json)
Hash identifier: 1z6TEDzYlTucbtma1AGRaA2FSREcE+OBp5eYk99egRo=
Subject key identifier: FE:DB:25:07:0A:38:7C:B2:53:25:53:74:90:E5:E9:CE:66:B8:32:13
Authority key identifier: 2B:01:40:AD:39:41:4C:4E:AB:02:AC:55:42:2B:44:16:3E:D3:4B:0F
Certificate issuer: /CN=2b0140ad39414c4eab02ac55422b44163ed34b0f
Certificate serial: 0199FB7C9145F1D1400B8A40D915ACACECC3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KwFArTlBTE6rAqxVQitEFj7TSw8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/89c3e4-b613-49ec-ae25-2e75228f9261/1/KwFArTlBTE6rAqxVQitEFj7TSw8.mft
Manifest number: 0438
Signing time: Sun 19 Oct 2025 08:01:08 +0000
Manifest this update: Sun 19 Oct 2025 08:01:08 +0000
Manifest next update: Mon 20 Oct 2025 08:01:08 +0000
Files and hashes: 1: KwFArTlBTE6rAqxVQitEFj7TSw8.crl (hash: mFXWbnooAvAlUpOwIZbwYSCXqJM2kmItX6vvgJTd5Uk=)
2: OsS2avf_SCsvTL1pRqTL_5n-su8.roa (hash: q2VY8Sbvggao2o4h3H+VtLne6bMzXujw9hwcUuBVuOM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/89c3e4-b613-49ec-ae25-2e75228f9261/1/KwFArTlBTE6rAqxVQitEFj7TSw8.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/89c3e4-b613-49ec-ae25-2e75228f9261/1/KwFArTlBTE6rAqxVQitEFj7TSw8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KwFArTlBTE6rAqxVQitEFj7TSw8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 08:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:7c:91:45:f1:d1:40:0b:8a:40:d9:15:ac:ac:ec:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b0140ad39414c4eab02ac55422b44163ed34b0f
Validity
Not Before: Oct 19 08:01:08 2025 GMT
Not After : Oct 20 08:01:08 2025 GMT
Subject: CN=fedb25070a387cb25325537490e5e9ce66b83213
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:32:75:93:6f:f9:63:a6:b3:88:0d:9e:cf:7a:
fe:bc:b7:62:ab:89:ab:0c:36:3b:e5:18:e7:a1:91:
1c:f7:94:e4:83:51:b3:46:1d:50:f7:65:2d:46:4c:
7e:7e:71:be:1b:61:f9:e2:cb:06:70:a9:8a:e2:4d:
b9:69:a3:5f:b2:88:cc:37:d8:7a:5f:05:4b:1f:4b:
73:b8:3a:3d:38:cd:c6:12:4c:53:2f:8f:33:a2:d4:
cf:5b:6a:67:b1:23:2c:50:72:18:75:49:8f:a8:a8:
ca:46:91:57:61:96:bd:10:6c:40:cf:8d:f2:65:cd:
b8:f0:16:b8:37:6d:b8:26:ac:67:94:b1:e0:a2:ae:
5b:ee:d2:19:27:e8:ac:74:4c:4a:ef:3d:19:64:b2:
86:42:83:24:25:3e:3c:a5:db:05:a6:ab:0b:fc:9e:
7d:c3:84:fc:9f:34:69:d9:4d:38:ec:70:94:01:a4:
d8:87:33:c6:ce:c4:53:36:86:97:d6:bc:e8:4d:ad:
59:d4:3c:9e:64:14:4e:82:e6:61:d7:d7:68:26:7a:
e7:54:64:f1:ee:b9:ab:6e:9d:5e:e9:ac:36:7d:90:
4c:14:fc:73:af:a1:29:be:7f:e4:33:f4:dc:4d:9e:
37:2e:93:c6:41:6d:45:d4:6a:5b:66:a9:72:1d:4a:
55:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:DB:25:07:0A:38:7C:B2:53:25:53:74:90:E5:E9:CE:66:B8:32:13
X509v3 Authority Key Identifier:
keyid:2B:01:40:AD:39:41:4C:4E:AB:02:AC:55:42:2B:44:16:3E:D3:4B:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KwFArTlBTE6rAqxVQitEFj7TSw8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/89c3e4-b613-49ec-ae25-2e75228f9261/1/KwFArTlBTE6rAqxVQitEFj7TSw8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/89c3e4-b613-49ec-ae25-2e75228f9261/1/KwFArTlBTE6rAqxVQitEFj7TSw8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
39:0c:28:1f:31:01:39:f2:21:44:b0:f9:90:bb:9e:4c:74:f1:
fc:89:14:1b:5a:c7:d9:e1:f3:36:9f:c7:d0:66:b7:04:d1:f4:
61:26:e4:70:e3:cf:c9:a3:c7:59:62:4c:7a:71:7a:68:11:4a:
b1:2e:4b:c8:1d:eb:f1:7d:94:52:ed:a6:07:f8:c8:83:44:e8:
79:0d:7b:e8:08:63:6a:7e:63:dd:5b:12:c1:37:38:18:03:57:
09:e1:85:1d:f0:62:b6:42:0f:5d:05:40:7c:72:dd:4c:d1:89:
b3:6a:c1:c6:23:7a:3b:49:d8:bd:1d:73:79:75:94:fc:3a:4d:
17:8b:29:00:2e:db:ef:32:71:f2:51:78:5f:d1:59:3f:1c:57:
42:ca:ce:24:92:53:52:75:d5:ce:d7:9b:60:a7:fb:7e:6d:e0:
31:79:f4:30:9f:6d:42:38:c0:43:df:71:a2:1d:8a:20:d1:af:
2f:42:50:53:9d:e8:aa:99:ce:0b:68:60:bc:a4:e7:84:85:c6:
c6:58:0b:b4:b2:a1:c7:fe:c2:2b:2f:02:2a:ac:1b:58:43:88:
cf:b9:a0:e0:d2:7d:28:44:dd:32:cd:be:d2:c4:fb:c9:28:25:
f1:3a:db:da:24:0f:b1:4b:98:d7:76:31:35:cf:54:c9:f5:92:
98:5a:43:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7fJFF8dFAC4pA2RWsrOzDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMDE0MGFkMzk0MTRjNGVhYjAyYWM1NTQyMmI0NDE2M2Vk
MzRiMGYwHhcNMjUxMDE5MDgwMTA4WhcNMjUxMDIwMDgwMTA4WjAzMTEwLwYDVQQD
EyhmZWRiMjUwNzBhMzg3Y2IyNTMyNTUzNzQ5MGU1ZTljZTY2YjgzMjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjJ1k2/5Y6aziA2ez3r+vLdiq4mr
DDY75RjnoZEc95Tkg1GzRh1Q92UtRkx+fnG+G2H54ssGcKmK4k25aaNfsojMN9h6
XwVLH0tzuDo9OM3GEkxTL48zotTPW2pnsSMsUHIYdUmPqKjKRpFXYZa9EGxAz43y
Zc248Ba4N224JqxnlLHgoq5b7tIZJ+isdExK7z0ZZLKGQoMkJT48pdsFpqsL/J59
w4T8nzRp2U047HCUAaTYhzPGzsRTNoaX1rzoTa1Z1DyeZBROguZh19doJnrnVGTx
7rmrbp1e6aw2fZBMFPxzr6Epvn/kM/TcTZ43LpPGQW1F1GpbZqlyHUpVXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP7bJQcKOHyyUyVTdJDl6c5muDITMB8GA1UdIwQY
MBaAFCsBQK05QUxOqwKsVUIrRBY+00sPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3dGQXJUbEJURTZyQXF4VlFpdEVGajdUU3c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy84OWMzZTQtYjYxMy00OWVjLWFlMjUt
MmU3NTIyOGY5MjYxLzEvS3dGQXJUbEJURTZyQXF4VlFpdEVGajdUU3c4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy84OWMzZTQtYjYxMy00OWVjLWFlMjUtMmU3NTIyOGY5MjYx
LzEvS3dGQXJUbEJURTZyQXF4VlFpdEVGajdUU3c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOQwoHzEB
OfIhRLD5kLueTHTx/IkUG1rH2eHzNp/H0Ga3BNH0YSbkcOPPyaPHWWJMenF6aBFK
sS5LyB3r8X2UUu2mB/jIg0ToeQ176Ahjan5j3VsSwTc4GANXCeGFHfBitkIPXQVA
fHLdTNGJs2rBxiN6O0nYvR1zeXWU/DpNF4spAC7b7zJx8lF4X9FZPxxXQsrOJJJT
UnXVztebYKf7fm3gMXn0MJ9tQjjAQ99xoh2KINGvL0JQU53oqpnOC2hgvKTnhIXG
xlgLtLKhx/7CKy8CKqwbWEOIz7mg4NJ9KETdMs2+0sT7ySgl8Trb2iQPsUuY13Yx
Nc9UyfWSmFpDMQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:06:07 2025 by rpki-client