Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.mft
File: KANYk6JXplTz-FSVxBaevobeGNE.mft (raw, json)
Hash identifier: Lk1f/LWasnka0Vz4TG38wYhsvCMfIZo2OTcp8mJYpi0=
Subject key identifier: F7:3D:3F:AD:2A:CF:BD:5B:9E:F0:7D:64:A3:BD:FC:7D:45:B2:74:87
Authority key identifier: 28:03:58:93:A2:57:A6:54:F3:F8:54:95:C4:16:9E:BE:86:DE:18:D1
Certificate issuer: /CN=28035893a257a654f3f85495c4169ebe86de18d1
Certificate serial: 0199FCFD4E93F3EC0CE2384E473CFB5EDFC6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KANYk6JXplTz-FSVxBaevobeGNE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.mft
Manifest number: 0C1F
Signing time: Sun 19 Oct 2025 15:01:23 +0000
Manifest this update: Sun 19 Oct 2025 15:01:23 +0000
Manifest next update: Mon 20 Oct 2025 15:01:23 +0000
Files and hashes: 1: HzZn0ba7QItzyWun3HWfVhfe2Mw.roa (hash: iE4IEBeKKD6peBsX5m6y9GBML1LTBu1RqbqOosqLhr0=)
2: KANYk6JXplTz-FSVxBaevobeGNE.crl (hash: YIHMM8jXCnOVARxAYKOrM8bALfikgvvlzv4pJIwksuw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.mft
rsync://rpki.ripe.net/repository/DEFAULT/KANYk6JXplTz-FSVxBaevobeGNE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:fd:4e:93:f3:ec:0c:e2:38:4e:47:3c:fb:5e:df:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28035893a257a654f3f85495c4169ebe86de18d1
Validity
Not Before: Oct 19 15:01:23 2025 GMT
Not After : Oct 20 15:01:23 2025 GMT
Subject: CN=f73d3fad2acfbd5b9ef07d64a3bdfc7d45b27487
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:c7:84:3b:85:ac:8d:25:4e:75:52:c5:a4:40:
f3:ab:24:ed:2f:4c:9c:3a:e0:14:ca:e7:71:95:78:
69:f9:57:b4:36:75:c6:f2:0f:47:4f:61:eb:62:9f:
35:0a:88:52:66:9e:bf:25:2c:74:aa:8a:5d:a1:c4:
56:41:a2:fc:16:19:e5:6f:1d:90:6c:7b:c9:d7:b9:
77:31:76:07:b0:3a:02:1e:72:a1:27:ab:15:9c:af:
3f:cb:4b:38:cf:10:09:2d:0a:c7:ca:fc:66:a0:79:
52:36:9b:38:c7:30:43:1c:e7:8d:e0:a1:fd:6f:77:
0f:a5:c2:a8:13:7b:4b:ed:90:15:95:dd:c7:4d:7f:
a0:01:9d:95:a6:d8:12:38:fc:a1:eb:71:b6:e5:ba:
8a:23:50:8e:f2:c3:72:4e:4b:a6:3b:61:cc:cf:01:
a3:cc:a5:9d:01:19:57:cf:48:ed:01:00:11:9b:21:
f6:0d:54:39:2b:35:56:80:eb:e3:1c:ba:b7:11:52:
12:3f:f0:8b:cb:0f:41:d7:d0:97:72:8b:de:e2:07:
a3:e3:b6:8e:80:f1:2c:93:75:8c:ac:2b:1a:81:b7:
78:64:5f:3a:94:8e:b5:37:2d:ef:d6:64:da:0d:c9:
ff:0a:b6:17:16:0a:96:c1:9b:cf:aa:0e:dc:36:d2:
a1:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:3D:3F:AD:2A:CF:BD:5B:9E:F0:7D:64:A3:BD:FC:7D:45:B2:74:87
X509v3 Authority Key Identifier:
keyid:28:03:58:93:A2:57:A6:54:F3:F8:54:95:C4:16:9E:BE:86:DE:18:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KANYk6JXplTz-FSVxBaevobeGNE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a5:bd:4a:84:82:a5:44:ba:2a:8a:1b:0b:d8:f5:0c:5e:12:6a:
a9:73:ed:34:61:21:2b:6d:98:f2:27:fa:19:9a:2d:53:20:43:
79:f2:d2:ef:82:b4:a9:e0:6b:c9:2b:64:b0:c1:b9:66:61:e3:
66:35:03:98:3c:51:38:82:18:ea:aa:ab:54:d4:97:78:86:81:
cc:59:88:b5:fb:da:59:c9:7f:f4:c2:e0:4f:69:d7:81:3a:2e:
a1:6e:9d:29:a2:65:a8:07:e7:58:90:c1:3c:c6:c0:e3:2c:58:
4e:cb:d5:1f:b0:f3:7f:4e:be:db:97:86:49:3b:23:ad:8e:a6:
31:de:4e:27:69:31:0d:27:09:a8:c7:2c:5c:70:6c:39:70:6e:
22:ed:8b:62:e0:cc:ba:e0:e8:ee:e2:00:a0:04:c4:6a:aa:3a:
39:fe:36:4c:c5:cc:6c:ab:f9:86:93:9c:7c:75:e1:05:7b:f4:
57:ab:7c:db:d2:ce:98:28:bd:bf:ff:84:ec:6d:2b:e7:a6:74:
20:c3:fd:40:1d:b3:d1:35:e6:f3:e3:a1:67:98:70:26:82:39:
be:d1:72:a1:ff:62:6f:bf:ed:8c:08:a0:b4:cc:07:40:31:7e:
b9:32:47:68:18:e0:02:c3:e9:43:20:5a:8d:33:95:da:75:0e:
46:3c:a6:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8/U6T8+wM4jhORzz7Xt/GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MDM1ODkzYTI1N2E2NTRmM2Y4NTQ5NWM0MTY5ZWJlODZk
ZTE4ZDEwHhcNMjUxMDE5MTUwMTIzWhcNMjUxMDIwMTUwMTIzWjAzMTEwLwYDVQQD
EyhmNzNkM2ZhZDJhY2ZiZDViOWVmMDdkNjRhM2JkZmM3ZDQ1YjI3NDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3MeEO4WsjSVOdVLFpEDzqyTtL0yc
OuAUyudxlXhp+Ve0NnXG8g9HT2HrYp81CohSZp6/JSx0qopdocRWQaL8Fhnlbx2Q
bHvJ17l3MXYHsDoCHnKhJ6sVnK8/y0s4zxAJLQrHyvxmoHlSNps4xzBDHOeN4KH9
b3cPpcKoE3tL7ZAVld3HTX+gAZ2VptgSOPyh63G25bqKI1CO8sNyTkumO2HMzwGj
zKWdARlXz0jtAQARmyH2DVQ5KzVWgOvjHLq3EVISP/CLyw9B19CXcove4gej47aO
gPEsk3WMrCsagbd4ZF86lI61Ny3v1mTaDcn/CrYXFgqWwZvPqg7cNtKhjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPc9P60qz71bnvB9ZKO9/H1FsnSHMB8GA1UdIwQY
MBaAFCgDWJOiV6ZU8/hUlcQWnr6G3hjRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0FOWWs2SlhwbFR6LUZTVnhCYWV2b2JlR05FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS85Yjc2ZTMtZTRmMS00MWEyLTlmMGUt
OTM3ZTAwZDA3MzJmLzEvS0FOWWs2SlhwbFR6LUZTVnhCYWV2b2JlR05FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS85Yjc2ZTMtZTRmMS00MWEyLTlmMGUtOTM3ZTAwZDA3MzJm
LzEvS0FOWWs2SlhwbFR6LUZTVnhCYWV2b2JlR05FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApb1KhIKl
RLoqihsL2PUMXhJqqXPtNGEhK22Y8if6GZotUyBDefLS74K0qeBryStksMG5ZmHj
ZjUDmDxROIIY6qqrVNSXeIaBzFmItfvaWcl/9MLgT2nXgTouoW6dKaJlqAfnWJDB
PMbA4yxYTsvVH7Dzf06+25eGSTsjrY6mMd5OJ2kxDScJqMcsXHBsOXBuIu2LYuDM
uuDo7uIAoATEaqo6Of42TMXMbKv5hpOcfHXhBXv0V6t829LOmCi9v/+E7G0r56Z0
IMP9QB2z0TXm8+OhZ5hwJoI5vtFyof9ib7/tjAigtMwHQDF+uTJHaBjgAsPpQyBa
jTOV2nUORjymMQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:48:39 2025 by rpki-client