Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/KMIgKkQ1N_uPsoBWehdIXxIwxBE.mft
File: KMIgKkQ1N_uPsoBWehdIXxIwxBE.mft (raw, json)
Hash identifier: NNaaXjftvr8lRcruEyuDYGTC9JtwdV2+Sh91wxnV2us=
Subject key identifier: DB:49:72:21:8C:F3:9B:56:EE:5E:96:2E:60:A0:BF:A4:E4:46:71:54
Authority key identifier: 28:C2:20:2A:44:35:37:FB:8F:B2:80:56:7A:17:48:5F:12:30:C4:11
Certificate issuer: /CN=28c2202a443537fb8fb280567a17485f1230c411
Certificate serial: 01967C0E00C44AEB926DF2144F0A2957F25B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KMIgKkQ1N_uPsoBWehdIXxIwxBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/KMIgKkQ1N_uPsoBWehdIXxIwxBE.mft
Manifest number: 1515
Signing time: Mon 28 Apr 2025 11:00:14 +0000
Manifest this update: Mon 28 Apr 2025 11:00:14 +0000
Manifest next update: Tue 29 Apr 2025 11:00:14 +0000
Files and hashes: 1: KMIgKkQ1N_uPsoBWehdIXxIwxBE.crl (hash: nKj7LsSSbsMcGLPDlAVreGn7+Gmz6q9ic4YG4s1z838=)
2: rzOkydR3EHFZXD3XEkRebB02-_4.roa (hash: df7jTqxQL8Sw059sbRTkyG9ltt5KtHFaW+BfP29wPTk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/KMIgKkQ1N_uPsoBWehdIXxIwxBE.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/KMIgKkQ1N_uPsoBWehdIXxIwxBE.mft
rsync://rpki.ripe.net/repository/DEFAULT/KMIgKkQ1N_uPsoBWehdIXxIwxBE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7c:0e:00:c4:4a:eb:92:6d:f2:14:4f:0a:29:57:f2:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28c2202a443537fb8fb280567a17485f1230c411
Validity
Not Before: Apr 28 11:00:14 2025 GMT
Not After : Apr 29 11:00:14 2025 GMT
Subject: CN=db4972218cf39b56ee5e962e60a0bfa4e4467154
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:fb:eb:6f:cf:ba:a2:98:d3:fb:f1:85:4a:e2:
80:32:91:17:48:80:46:47:bc:6f:2f:3b:58:fe:ba:
16:55:18:15:0e:8e:cd:1f:99:4d:8d:76:91:35:27:
d9:36:98:99:7b:d8:7a:6a:e4:9e:46:87:27:b5:53:
30:a5:77:b0:51:a7:0b:3b:a4:a6:ef:e1:5b:4a:9f:
da:7c:a6:63:3c:af:03:81:ce:a6:27:b1:4b:55:62:
45:8e:5f:36:96:74:61:74:24:ef:4d:8c:97:7e:89:
23:02:64:a1:b0:e0:ec:a4:64:00:5c:71:7d:49:88:
41:80:9c:8e:ae:54:bd:0a:4c:37:1e:25:45:e1:13:
72:fa:fd:ac:d4:00:76:37:5e:23:28:d8:63:d0:86:
ed:95:c8:4c:24:17:7f:5f:be:5f:d0:24:b0:f3:9c:
dc:43:a6:a8:e1:d2:4f:d4:e1:1f:9d:42:4c:cd:dd:
67:b7:e3:64:d6:a6:04:ca:3c:29:0c:c7:ad:40:67:
5f:a1:74:81:a3:fa:ed:bc:39:09:ea:39:75:3f:ec:
08:73:67:f8:83:cc:6e:99:ea:43:99:37:25:88:31:
ed:82:e6:46:73:70:28:d0:14:8d:da:f6:17:29:41:
47:c2:33:7a:b2:57:8f:d4:4b:a8:30:d1:96:fe:bb:
27:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:49:72:21:8C:F3:9B:56:EE:5E:96:2E:60:A0:BF:A4:E4:46:71:54
X509v3 Authority Key Identifier:
keyid:28:C2:20:2A:44:35:37:FB:8F:B2:80:56:7A:17:48:5F:12:30:C4:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMIgKkQ1N_uPsoBWehdIXxIwxBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/KMIgKkQ1N_uPsoBWehdIXxIwxBE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/KMIgKkQ1N_uPsoBWehdIXxIwxBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
97:5e:b3:dd:6b:8b:8c:61:09:45:20:ca:48:72:ef:7d:3e:68:
f7:58:90:bf:70:de:3f:c5:9d:18:57:74:e8:ea:ce:ee:65:aa:
8a:f2:13:20:28:37:ec:d7:66:8b:4f:c6:05:99:40:2a:ab:2d:
c5:4a:fc:59:55:a1:f9:2d:79:cf:95:31:23:20:38:54:5f:91:
1c:a7:e5:dd:68:6e:ff:d4:0b:fb:17:28:7e:d9:8d:7b:aa:c9:
af:61:89:55:4c:5c:5e:e7:55:69:dd:3f:eb:43:58:10:54:8e:
f6:d2:55:64:5f:65:3c:44:39:d6:f4:d3:28:93:92:e5:39:fd:
c7:65:00:48:28:70:ae:12:44:86:4c:00:fb:aa:7d:91:cd:ff:
c8:e4:8f:5a:6a:a5:92:7d:1c:03:6b:f2:04:79:55:76:14:51:
43:12:46:2b:ca:69:71:0e:41:c1:d0:f0:ec:07:f2:aa:ee:b6:
4d:7a:7d:8e:c6:27:bd:3e:a9:2b:2b:4f:92:ee:d4:7e:b3:9b:
58:1a:b3:53:4c:23:6a:fe:77:95:bd:91:6d:f2:7d:f9:ac:a5:
5e:f3:b2:c1:4f:91:7c:ce:a9:0c:8d:b7:ae:bc:e3:a6:8e:eb:
b6:30:2f:01:72:d7:13:0b:0e:ea:c8:4d:f7:e4:85:95:ab:05:
fa:9f:bc:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ8DgDESuuSbfIUTwopV/JbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YzIyMDJhNDQzNTM3ZmI4ZmIyODA1NjdhMTc0ODVmMTIz
MGM0MTEwHhcNMjUwNDI4MTEwMDE0WhcNMjUwNDI5MTEwMDE0WjAzMTEwLwYDVQQD
EyhkYjQ5NzIyMThjZjM5YjU2ZWU1ZTk2MmU2MGEwYmZhNGU0NDY3MTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5/vrb8+6opjT+/GFSuKAMpEXSIBG
R7xvLztY/roWVRgVDo7NH5lNjXaRNSfZNpiZe9h6auSeRocntVMwpXewUacLO6Sm
7+FbSp/afKZjPK8Dgc6mJ7FLVWJFjl82lnRhdCTvTYyXfokjAmShsODspGQAXHF9
SYhBgJyOrlS9Ckw3HiVF4RNy+v2s1AB2N14jKNhj0IbtlchMJBd/X75f0CSw85zc
Q6ao4dJP1OEfnUJMzd1nt+Nk1qYEyjwpDMetQGdfoXSBo/rtvDkJ6jl1P+wIc2f4
g8xumepDmTcliDHtguZGc3Ao0BSN2vYXKUFHwjN6sleP1EuoMNGW/rsnYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNtJciGM85tW7l6WLmCgv6TkRnFUMB8GA1UdIwQY
MBaAFCjCICpENTf7j7KAVnoXSF8SMMQRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS01JZ0trUTFOX3VQc29CV2VoZElYeEl3eEJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9hMmNlNjQtMzNhZi00NWZlLTkwZWIt
ODlkMjYxMWE5NWRiLzEvS01JZ0trUTFOX3VQc29CV2VoZElYeEl3eEJFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9hMmNlNjQtMzNhZi00NWZlLTkwZWItODlkMjYxMWE5NWRi
LzEvS01JZ0trUTFOX3VQc29CV2VoZElYeEl3eEJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl16z3WuL
jGEJRSDKSHLvfT5o91iQv3DeP8WdGFd06OrO7mWqivITICg37Ndmi0/GBZlAKqst
xUr8WVWh+S15z5UxIyA4VF+RHKfl3Whu/9QL+xcoftmNe6rJr2GJVUxcXudVad0/
60NYEFSO9tJVZF9lPEQ51vTTKJOS5Tn9x2UASChwrhJEhkwA+6p9kc3/yOSPWmql
kn0cA2vyBHlVdhRRQxJGK8ppcQ5BwdDw7Afyqu62TXp9jsYnvT6pKytPku7UfrOb
WBqzU0wjav53lb2RbfJ9+aylXvOywU+RfM6pDI23rrzjpo7rtjAvAXLXEwsO6shN
9+SFlasF+p+8jw==
-----END CERTIFICATE-----
Generated at Mon Apr 28 15:24:44 2025 by rpki-client