Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.mft
File: KZkwB8fJLfYXjny0MYP9f1KlJtg.mft (raw, json)
Hash identifier: 0k/x411L6TP+OhRKv6lbfP0sm4BsNrbPVPAETj+IDhY=
Subject key identifier: 69:53:2F:76:F9:E2:EE:E7:21:08:5D:28:B4:94:B2:EB:2B:CC:5D:14
Authority key identifier: 29:99:30:07:C7:C9:2D:F6:17:8E:7C:B4:31:83:FD:7F:52:A5:26:D8
Certificate issuer: /CN=29993007c7c92df6178e7cb43183fd7f52a526d8
Certificate serial: 0196760C966E9DA5BD983947EAF1B3E0523E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KZkwB8fJLfYXjny0MYP9f1KlJtg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.mft
Manifest number: 02B9
Signing time: Sun 27 Apr 2025 07:00:58 +0000
Manifest this update: Sun 27 Apr 2025 07:00:58 +0000
Manifest next update: Mon 28 Apr 2025 07:00:58 +0000
Files and hashes: 1: 4Onxw3ZyCceGdWFdrDz9GypV1To.roa (hash: rLXGfCwokEmOeP6DWTGHar2KAFcpyGY37FcoMJ/rm24=)
2: 6w2llJPr5u5R0U0gFJBhkfjASt8.roa (hash: Et1DM1KW1gT7dKyxGFfIxs38O3+sH74ZansUhbBdzew=)
3: KZkwB8fJLfYXjny0MYP9f1KlJtg.crl (hash: ExDkiUQe0eeBa6CZdTu6nlIUzTJj3HQ9nG6I729UcIg=)
4: OdjteK9gKG4YNaSPtAZxPfbKTlg.roa (hash: C1n8BPEFHA0rRgZVDgK4q8CBrVeD5FeMnjLcyYE1XMw=)
5: fNae6M71mV294ZXPAPike0PbceE.roa (hash: yK1vBYE3EmPb37wOJedAwxWWRQFUDScm3ZCALz4wEUs=)
6: nFiPEMhy3ZN7Kzd1c5drtsfC2Ms.roa (hash: K/fi1bP7PVVo/L+gbRw+2aDpJIZXZHh+7f96KzgbyVo=)
7: xTf5pi1O1OBOL8Roy41K3aIww6Y.roa (hash: S2VqtYqj28mSbHWyl9+CNpKvGeC5wqTzL6SGHQbpvl4=)
8: ypFL40Xoi4y05qu3ogA3n6gvBmc.roa (hash: Osn8j8oSksWpQIeEIhv5U30zU1XAWvsewtWKW4S5v1U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KZkwB8fJLfYXjny0MYP9f1KlJtg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 07:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:76:0c:96:6e:9d:a5:bd:98:39:47:ea:f1:b3:e0:52:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29993007c7c92df6178e7cb43183fd7f52a526d8
Validity
Not Before: Apr 27 07:00:58 2025 GMT
Not After : Apr 28 07:00:58 2025 GMT
Subject: CN=69532f76f9e2eee721085d28b494b2eb2bcc5d14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:44:94:f3:e4:52:c0:26:5a:07:ad:b4:cf:6e:
c3:24:d6:a6:a7:ec:0d:29:ea:89:47:0d:b6:71:a4:
a1:bf:54:04:6b:7b:d7:ce:4a:cb:30:4e:cc:b3:8a:
4f:28:85:e1:33:37:3c:ca:18:6f:b0:2f:4b:5d:11:
40:c3:c0:9d:db:33:44:bc:4d:8a:06:7d:67:e5:31:
72:e9:79:f0:e2:8d:04:dd:dd:fa:92:c8:39:fc:1a:
41:27:f4:b5:49:a6:1c:79:41:30:32:eb:dc:76:09:
b6:df:68:ed:73:0b:54:9c:e7:43:8c:62:4e:a5:17:
57:4f:43:73:eb:a5:86:c3:dc:b7:50:99:81:21:81:
1b:8e:e6:36:3b:b9:d0:93:8f:2a:e4:68:e8:73:d9:
d1:fb:0e:85:47:21:79:da:dd:46:77:a1:b3:85:e0:
48:64:24:ba:fd:1a:d8:a5:c5:a5:c3:cd:03:b8:eb:
96:2a:2c:1d:ff:63:b8:13:49:a7:00:7e:e4:c1:82:
06:ec:dd:74:83:3e:71:39:03:a8:57:b1:22:ec:14:
b9:c1:66:3b:70:f4:39:85:45:65:a1:d9:36:14:7c:
e2:11:a6:6f:bb:19:58:2b:80:02:0f:04:54:ce:93:
43:5f:21:a1:d1:78:17:19:45:70:f1:5a:49:75:c6:
8d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:53:2F:76:F9:E2:EE:E7:21:08:5D:28:B4:94:B2:EB:2B:CC:5D:14
X509v3 Authority Key Identifier:
keyid:29:99:30:07:C7:C9:2D:F6:17:8E:7C:B4:31:83:FD:7F:52:A5:26:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KZkwB8fJLfYXjny0MYP9f1KlJtg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
02:dc:0c:c8:22:da:2d:0e:c9:88:e6:54:0d:32:70:25:1b:24:
06:d8:19:df:8c:63:3a:a5:0c:77:bd:20:f9:6d:3b:c5:13:9d:
a9:e3:b4:c4:3f:28:e5:70:ae:ee:ec:79:2a:02:8a:17:a7:c9:
f5:f4:57:22:c4:b4:32:9e:1c:20:69:49:0a:84:96:69:e2:a5:
10:a0:9e:2a:3d:12:d0:ba:cf:87:d4:3f:86:44:0b:b5:9f:a7:
1d:bb:bb:24:d9:0f:29:2b:c5:60:71:55:62:db:dd:92:71:29:
05:f7:ca:cb:b0:f9:66:b3:8a:52:72:d7:9e:10:04:82:bd:cc:
84:29:f7:34:eb:06:ff:16:5f:05:10:7e:9a:67:20:99:5b:4f:
e5:7e:53:8c:dd:89:15:f2:58:c1:a6:6d:38:9a:09:53:53:0b:
04:b9:89:30:7b:c4:98:df:a8:75:69:9e:21:97:b5:73:52:bf:
cc:4b:88:24:d1:b2:b7:90:f5:39:7c:e7:40:9f:ef:fd:51:cc:
d7:f8:e0:1d:b9:59:9c:51:f1:bf:68:f5:f7:f6:fb:00:11:ae:
8f:58:6a:4d:54:bd:3c:9a:42:b6:c2:85:d4:6c:77:41:ca:28:
19:74:96:12:83:47:b1:c0:24:c8:05:56:b1:35:0b:b2:9d:7b:
36:35:6c:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2DJZunaW9mDlH6vGz4FI+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OTkzMDA3YzdjOTJkZjYxNzhlN2NiNDMxODNmZDdmNTJh
NTI2ZDgwHhcNMjUwNDI3MDcwMDU4WhcNMjUwNDI4MDcwMDU4WjAzMTEwLwYDVQQD
Eyg2OTUzMmY3NmY5ZTJlZWU3MjEwODVkMjhiNDk0YjJlYjJiY2M1ZDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwESU8+RSwCZaB620z27DJNamp+wN
KeqJRw22caShv1QEa3vXzkrLME7Ms4pPKIXhMzc8yhhvsC9LXRFAw8Cd2zNEvE2K
Bn1n5TFy6Xnw4o0E3d36ksg5/BpBJ/S1SaYceUEwMuvcdgm232jtcwtUnOdDjGJO
pRdXT0Nz66WGw9y3UJmBIYEbjuY2O7nQk48q5Gjoc9nR+w6FRyF52t1Gd6GzheBI
ZCS6/RrYpcWlw80DuOuWKiwd/2O4E0mnAH7kwYIG7N10gz5xOQOoV7Ei7BS5wWY7
cPQ5hUVlodk2FHziEaZvuxlYK4ACDwRUzpNDXyGh0XgXGUVw8VpJdcaNIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGlTL3b54u7nIQhdKLSUsusrzF0UMB8GA1UdIwQY
MBaAFCmZMAfHyS32F458tDGD/X9SpSbYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1prd0I4ZkpMZllYam55ME1ZUDlmMUtsSnRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9kYzliNmYtM2E2ZC00NDlmLThiODkt
MWU4MjlmZmExYzNhLzEvS1prd0I4ZkpMZllYam55ME1ZUDlmMUtsSnRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9kYzliNmYtM2E2ZC00NDlmLThiODktMWU4MjlmZmExYzNh
LzEvS1prd0I4ZkpMZllYam55ME1ZUDlmMUtsSnRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAtwMyCLa
LQ7JiOZUDTJwJRskBtgZ34xjOqUMd70g+W07xROdqeO0xD8o5XCu7ux5KgKKF6fJ
9fRXIsS0Mp4cIGlJCoSWaeKlEKCeKj0S0LrPh9Q/hkQLtZ+nHbu7JNkPKSvFYHFV
YtvdknEpBffKy7D5ZrOKUnLXnhAEgr3MhCn3NOsG/xZfBRB+mmcgmVtP5X5TjN2J
FfJYwaZtOJoJU1MLBLmJMHvEmN+odWmeIZe1c1K/zEuIJNGyt5D1OXznQJ/v/VHM
1/jgHblZnFHxv2j19/b7ABGuj1hqTVS9PJpCtsKF1Gx3QcooGXSWEoNHscAkyAVW
sTULsp17NjVsoA==
-----END CERTIFICATE-----
Generated at Sun Apr 27 16:55:24 2025 by rpki-client