Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
File: KMID1l3y1lvbzzyINELdq1WjvN4.mft (raw, json)
Hash identifier: pgHPS/ieJBDXZUBrZN03H2joonZ+Ap19GmscyKN+tSc=
Subject key identifier: 26:57:FA:27:73:04:E0:EA:EE:5F:2C:3F:5A:0C:1D:F4:EA:FE:5F:EF
Authority key identifier: 28:C2:03:D6:5D:F2:D6:5B:DB:CF:3C:88:34:42:DD:AB:55:A3:BC:DE
Certificate issuer: /CN=28c203d65df2d65bdbcf3c883442ddab55a3bcde
Certificate serial: 0199FC2168DA5046B18FAD8B0ABCA767C05C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KMID1l3y1lvbzzyINELdq1WjvN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
Manifest number: 0CD0
Signing time: Sun 19 Oct 2025 11:01:11 +0000
Manifest this update: Sun 19 Oct 2025 11:01:11 +0000
Manifest next update: Mon 20 Oct 2025 11:01:11 +0000
Files and hashes: 1: KMID1l3y1lvbzzyINELdq1WjvN4.crl (hash: 6/WHjk1K1UbUbpTWHjzc2ojkkghJliHl0Mhd7ihtEQ0=)
2: eEe-w2donDCxX-tAzaEpFb0UtVY.roa (hash: g2d5FELl0EWl1pKF09WRuqqNzRt0N8/ZzyiwDHce4Xk=)
3: kA_OSzYdIA2vmO2YYor5kHVNHTQ.roa (hash: na+fNS4+KPnZVKtvI9VPkmEDxvmlZJBhohUxDwUJWbE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
rsync://rpki.ripe.net/repository/DEFAULT/KMID1l3y1lvbzzyINELdq1WjvN4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:21:68:da:50:46:b1:8f:ad:8b:0a:bc:a7:67:c0:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28c203d65df2d65bdbcf3c883442ddab55a3bcde
Validity
Not Before: Oct 19 11:01:11 2025 GMT
Not After : Oct 20 11:01:11 2025 GMT
Subject: CN=2657fa277304e0eaee5f2c3f5a0c1df4eafe5fef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:b4:44:7c:b4:af:de:5e:78:cf:dd:80:b0:71:
a8:75:64:62:0e:68:cb:4c:ce:56:55:c0:b4:60:ae:
0e:f5:76:96:08:fc:78:12:2b:2c:d3:90:8e:ff:61:
33:0b:98:e0:8a:03:b8:eb:4c:9b:f7:2c:a1:dd:11:
20:01:d3:1c:99:df:a9:a3:61:45:07:1c:c6:61:35:
f6:c9:10:4a:f5:78:5a:3a:86:4b:e2:a5:f2:36:cf:
bf:7b:83:a6:f0:0f:83:02:34:b2:4a:56:12:8d:34:
db:27:97:9b:00:a6:1b:ad:00:da:f5:65:d0:cd:77:
33:78:c9:b9:71:52:88:3b:bf:f0:3e:c2:c5:6c:61:
65:42:d8:5e:66:97:44:c7:60:a7:a1:b6:d6:cc:14:
39:e6:55:97:dc:b2:68:4a:80:d3:af:62:63:39:99:
47:9e:e8:49:53:6b:7b:3f:77:f7:34:6c:d6:16:3b:
34:f0:07:59:cb:5b:a2:b8:2e:3d:b1:b4:0e:e6:12:
c7:d3:41:a1:28:49:5e:1d:fe:da:7a:77:64:da:55:
cd:a3:24:3e:e8:76:82:cb:14:71:bc:e1:e5:03:2e:
6b:61:e2:0c:db:c2:36:c4:6b:90:8b:13:e9:c5:a9:
f2:9d:bb:64:73:03:a3:03:9d:42:f4:03:df:25:9c:
e3:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:57:FA:27:73:04:E0:EA:EE:5F:2C:3F:5A:0C:1D:F4:EA:FE:5F:EF
X509v3 Authority Key Identifier:
keyid:28:C2:03:D6:5D:F2:D6:5B:DB:CF:3C:88:34:42:DD:AB:55:A3:BC:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMID1l3y1lvbzzyINELdq1WjvN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:e3:09:77:0d:e8:b8:98:45:7e:77:19:82:f2:20:35:a7:c9:
60:52:b8:8f:ef:8f:ec:cc:e9:98:a1:e7:64:ef:6b:ed:67:00:
a6:68:0b:70:4f:7e:fc:c6:9f:f4:51:e9:75:05:50:bf:f3:a9:
49:45:dd:8f:d6:18:64:29:20:2d:fc:5f:6c:7a:b1:8d:d0:26:
78:d4:5d:a2:fd:68:a4:ab:ba:96:d8:57:54:47:db:c3:df:5f:
1a:a3:c9:13:2e:84:0d:84:3a:05:b3:d7:bb:01:8b:e8:6c:1a:
e2:54:2b:11:ed:1d:eb:96:23:ab:63:6c:7c:78:af:16:29:63:
b0:d1:f7:0c:67:39:84:bd:dd:88:f6:66:48:85:2b:0b:90:bd:
e3:ba:a4:98:eb:f1:4c:6c:b6:7e:75:4d:31:b1:d4:65:4b:bc:
a0:da:c7:3b:ba:3b:11:17:2a:ec:9e:f4:2a:cb:b9:69:c1:34:
68:81:b0:5a:f0:fc:d6:8a:1a:c8:05:93:2e:31:b9:e6:58:1d:
f4:30:ba:28:d5:70:80:b3:46:16:c4:32:6c:57:4c:88:c1:e2:
ec:1e:ea:2d:33:d6:23:23:35:87:7c:f7:5b:87:88:56:0b:68:
5e:45:17:38:75:d5:82:e7:1d:05:e1:0f:86:84:73:25:b9:9d:
ae:1f:1c:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8IWjaUEaxj62LCrynZ8BcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YzIwM2Q2NWRmMmQ2NWJkYmNmM2M4ODM0NDJkZGFiNTVh
M2JjZGUwHhcNMjUxMDE5MTEwMTExWhcNMjUxMDIwMTEwMTExWjAzMTEwLwYDVQQD
EygyNjU3ZmEyNzczMDRlMGVhZWU1ZjJjM2Y1YTBjMWRmNGVhZmU1ZmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/bREfLSv3l54z92AsHGodWRiDmjL
TM5WVcC0YK4O9XaWCPx4Eiss05CO/2EzC5jgigO460yb9yyh3REgAdMcmd+po2FF
BxzGYTX2yRBK9XhaOoZL4qXyNs+/e4Om8A+DAjSySlYSjTTbJ5ebAKYbrQDa9WXQ
zXczeMm5cVKIO7/wPsLFbGFlQtheZpdEx2CnobbWzBQ55lWX3LJoSoDTr2JjOZlH
nuhJU2t7P3f3NGzWFjs08AdZy1uiuC49sbQO5hLH00GhKEleHf7aendk2lXNoyQ+
6HaCyxRxvOHlAy5rYeIM28I2xGuQixPpxanynbtkcwOjA51C9APfJZzj4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCZX+idzBODq7l8sP1oMHfTq/l/vMB8GA1UdIwQY
MBaAFCjCA9Zd8tZb2888iDRC3atVo7zeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS01JRDFsM3kxbHZienp5SU5FTGRxMVdqdk40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS80OWMzZTEtMWY3Zi00ZTU4LWIwMmIt
ODg1OTIwNDMwMjZmLzEvS01JRDFsM3kxbHZienp5SU5FTGRxMVdqdk40Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS80OWMzZTEtMWY3Zi00ZTU4LWIwMmItODg1OTIwNDMwMjZm
LzEvS01JRDFsM3kxbHZienp5SU5FTGRxMVdqdk40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYOMJdw3o
uJhFfncZgvIgNafJYFK4j++P7MzpmKHnZO9r7WcApmgLcE9+/Maf9FHpdQVQv/Op
SUXdj9YYZCkgLfxfbHqxjdAmeNRdov1opKu6lthXVEfbw99fGqPJEy6EDYQ6BbPX
uwGL6Gwa4lQrEe0d65Yjq2NsfHivFiljsNH3DGc5hL3diPZmSIUrC5C947qkmOvx
TGy2fnVNMbHUZUu8oNrHO7o7ERcq7J70Ksu5acE0aIGwWvD81ooayAWTLjG55lgd
9DC6KNVwgLNGFsQybFdMiMHi7B7qLTPWIyM1h3z3W4eIVgtoXkUXOHXVgucdBeEP
hoRzJbmdrh8cIg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:12:09 2025 by rpki-client