Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
File: KRKNnU8aVulw-HRtaCesESD5Jmc.mft (raw, json)
Hash identifier: ipi7qUV/X5vWRhLapWCO0bY9h1kD4cYC/tWjan1KLhY=
Subject key identifier: FC:17:63:BD:D7:A0:9D:45:AD:46:75:82:25:1A:95:96:33:0E:0E:C5
Authority key identifier: 29:12:8D:9D:4F:1A:56:E9:70:F8:74:6D:68:27:AC:11:20:F9:26:67
Certificate issuer: /CN=29128d9d4f1a56e970f8746d6827ac1120f92667
Certificate serial: 0199FB7C6FA64791D1B191E6E35CDE8A1651
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
Manifest number: 01E7
Signing time: Sun 19 Oct 2025 08:01:00 +0000
Manifest this update: Sun 19 Oct 2025 08:01:00 +0000
Manifest next update: Mon 20 Oct 2025 08:01:00 +0000
Files and hashes: 1: F89K3Q0XwdNsBMWEF-9n8HX8seQ.roa (hash: k36l/8lxtcKwAJTjrdDRO46ly7DD3aRm+mH7GwvYLjg=)
2: KRKNnU8aVulw-HRtaCesESD5Jmc.crl (hash: oPsxA3LUn98OgIWc2wEEnsuJ4LgJzNsxugKJTpDJ3Ek=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:7c:6f:a6:47:91:d1:b1:91:e6:e3:5c:de:8a:16:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29128d9d4f1a56e970f8746d6827ac1120f92667
Validity
Not Before: Oct 19 08:01:00 2025 GMT
Not After : Oct 20 08:01:00 2025 GMT
Subject: CN=fc1763bdd7a09d45ad467582251a9596330e0ec5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:30:1a:35:e1:9a:3b:26:01:64:dc:c7:cb:47:
3e:ab:6e:7b:69:0e:a6:44:80:f9:4b:fa:2d:4e:b4:
b5:4f:02:fc:bb:6b:f1:dc:c6:87:1d:c3:bf:84:8a:
70:94:b4:33:45:94:48:92:b9:b3:a0:98:3e:07:fb:
88:0b:2e:bc:8b:6a:50:b7:6a:3e:65:3b:21:71:4e:
31:11:21:f9:76:eb:cf:9a:2f:70:b3:8e:f6:dd:ce:
f2:74:66:45:9d:62:48:a2:ea:90:a2:7c:bd:62:19:
32:e2:c9:36:3b:2f:01:3d:66:2c:af:f1:57:2e:97:
6d:ec:40:b0:2f:c5:50:a3:98:00:83:c9:d7:e1:c2:
ca:07:9d:b0:29:f1:f3:eb:70:62:24:2d:e4:cc:f5:
a6:8f:00:67:d7:b7:a4:94:eb:0f:cb:e8:c4:d7:49:
53:ec:4a:04:6b:45:0c:33:29:ff:8f:90:04:e8:b7:
4c:7d:77:76:f4:bf:27:a1:d7:5a:9e:1e:50:52:ed:
68:c0:06:3b:6b:02:13:cb:6c:f8:ef:42:a9:b7:0b:
4e:f4:9f:8f:19:f7:52:ac:7b:03:70:d5:14:a2:56:
3b:bd:04:1b:f3:7f:46:51:e8:a6:71:b0:44:18:58:
b0:8c:0f:3e:63:49:98:22:24:b0:41:37:6a:92:b4:
0f:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:17:63:BD:D7:A0:9D:45:AD:46:75:82:25:1A:95:96:33:0E:0E:C5
X509v3 Authority Key Identifier:
keyid:29:12:8D:9D:4F:1A:56:E9:70:F8:74:6D:68:27:AC:11:20:F9:26:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a8:32:1d:32:e3:82:32:6c:1c:d6:15:f9:81:ef:03:2d:f8:30:
c7:34:a1:61:b4:7e:3d:ff:7a:bc:60:3b:19:f1:df:8d:6f:7f:
87:bb:a5:c6:13:42:b3:60:ec:0b:96:21:a0:3f:2e:bb:62:12:
6a:b2:0b:9e:e7:60:cc:45:4a:0e:89:02:c3:cf:5a:10:71:fd:
0c:d8:96:64:bc:98:90:b9:aa:d8:04:ae:6a:ef:09:c3:2e:6c:
4e:d2:f6:0c:89:54:95:0b:53:ff:02:e7:30:33:cd:4f:ce:d6:
e2:7f:5f:26:e7:45:af:1c:84:a5:7e:f6:f3:6d:1a:99:8b:19:
20:1e:66:b6:a2:a3:9b:be:5b:fa:f0:33:7a:c9:be:95:48:07:
6b:27:10:8f:75:b5:b9:de:98:b8:f8:0d:bf:0f:4e:de:24:0e:
cf:d8:88:b0:11:2f:92:44:85:6e:d4:b6:27:55:49:47:f8:e5:
c7:be:bb:4b:85:5f:c6:ad:c4:0f:7d:28:91:c0:35:e7:66:09:
ec:ea:f8:d4:15:8b:e5:85:a5:a4:b8:26:56:79:f3:35:a9:8e:
e6:13:06:20:89:d5:bb:b4:6e:b9:d6:83:d3:24:30:a5:69:5c:
cb:06:0b:10:a2:88:c5:fb:66:33:38:bd:f6:72:fa:d0:24:1c:
d9:10:8f:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7fG+mR5HRsZHm41zeihZRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MTI4ZDlkNGYxYTU2ZTk3MGY4NzQ2ZDY4MjdhYzExMjBm
OTI2NjcwHhcNMjUxMDE5MDgwMTAwWhcNMjUxMDIwMDgwMTAwWjAzMTEwLwYDVQQD
EyhmYzE3NjNiZGQ3YTA5ZDQ1YWQ0Njc1ODIyNTFhOTU5NjMzMGUwZWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDAaNeGaOyYBZNzHy0c+q257aQ6m
RID5S/otTrS1TwL8u2vx3MaHHcO/hIpwlLQzRZRIkrmzoJg+B/uICy68i2pQt2o+
ZTshcU4xESH5duvPmi9ws4723c7ydGZFnWJIouqQony9Yhky4sk2Oy8BPWYsr/FX
Lpdt7ECwL8VQo5gAg8nX4cLKB52wKfHz63BiJC3kzPWmjwBn17eklOsPy+jE10lT
7EoEa0UMMyn/j5AE6LdMfXd29L8noddanh5QUu1owAY7awITy2z470KptwtO9J+P
GfdSrHsDcNUUolY7vQQb839GUeimcbBEGFiwjA8+Y0mYIiSwQTdqkrQP5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPwXY73XoJ1FrUZ1giUalZYzDg7FMB8GA1UdIwQY
MBaAFCkSjZ1PGlbpcPh0bWgnrBEg+SZnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8xMTQ3N2MtODQ1Mi00YWJiLTkxNDct
ZjBiMDljMGM5MGM3LzEvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8xMTQ3N2MtODQ1Mi00YWJiLTkxNDctZjBiMDljMGM5MGM3
LzEvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqDIdMuOC
Mmwc1hX5ge8DLfgwxzShYbR+Pf96vGA7GfHfjW9/h7ulxhNCs2DsC5YhoD8uu2IS
arILnudgzEVKDokCw89aEHH9DNiWZLyYkLmq2ASuau8Jwy5sTtL2DIlUlQtT/wLn
MDPNT87W4n9fJudFrxyEpX72820amYsZIB5mtqKjm75b+vAzesm+lUgHaycQj3W1
ud6YuPgNvw9O3iQOz9iIsBEvkkSFbtS2J1VJR/jlx767S4Vfxq3ED30okcA152YJ
7Or41BWL5YWlpLgmVnnzNamO5hMGIInVu7RuudaD0yQwpWlcywYLEKKIxftmMzi9
9nL60CQc2RCP/w==
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:02:06 2025 by rpki-client