Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft
File: KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft (raw, json)
Hash identifier: QR916RXMHvtbjw7Bmwk8mySVEyjpG1npsXC3K5MNU/E=
Subject key identifier: F0:73:97:D9:3E:D0:79:B6:0B:9E:F9:BC:0F:2B:4B:03:85:31:23:C2
Authority key identifier: 28:F9:81:C2:0A:A6:52:AA:85:E0:08:BD:26:2F:7B:C1:F8:56:C3:58
Certificate issuer: /CN=28f981c20aa652aa85e008bd262f7bc1f856c358
Certificate serial: 01976C2B5ECC9E5CC071EAE51A8E927B74E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft
Manifest number: 0FD8
Signing time: Sat 14 Jun 2025 02:01:10 +0000
Manifest this update: Sat 14 Jun 2025 02:01:10 +0000
Manifest next update: Sun 15 Jun 2025 02:01:10 +0000
Files and hashes: 1: KPmBwgqmUqqF4Ai9Ji97wfhWw1g.crl (hash: xZF4jwCI2XFmYnCGeQbmairQtSCD9075CzE4onIQ1Eo=)
2: rYNJq30hG9TfQKEAUAnbb-JlarU.roa (hash: bobhiWtsSX2sPVTtreNAJF6ae9i50YxHtcGAHPsK84U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft
rsync://rpki.ripe.net/repository/DEFAULT/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6c:2b:5e:cc:9e:5c:c0:71:ea:e5:1a:8e:92:7b:74:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28f981c20aa652aa85e008bd262f7bc1f856c358
Validity
Not Before: Jun 14 02:01:10 2025 GMT
Not After : Jun 15 02:01:10 2025 GMT
Subject: CN=f07397d93ed079b60b9ef9bc0f2b4b03853123c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:30:6a:6c:ef:65:83:24:12:d4:b2:80:ca:e9:
b8:4d:7f:10:b0:0c:5e:be:e1:2b:05:18:23:44:63:
68:c7:f3:90:f1:71:4f:0d:54:f3:36:09:c7:38:49:
d8:df:d9:ef:af:8b:51:f6:34:88:f0:25:db:93:38:
cf:4c:af:fb:65:f0:4d:9c:7a:c1:e6:9f:15:47:8c:
79:08:2f:f3:a7:11:26:56:3d:5e:8d:2e:63:32:a1:
b8:5a:74:aa:62:b9:90:4c:9d:8c:24:e6:c8:d3:0c:
0b:8b:37:bb:7f:a7:d0:49:d9:7c:e0:83:f6:5f:56:
50:e9:62:13:09:bf:62:c4:cd:88:e7:ee:e9:bf:5a:
d7:69:96:b7:17:20:5a:ff:2f:67:fe:6a:87:7b:d3:
5b:e5:62:03:a0:0e:f7:cc:07:95:72:2d:35:9e:c4:
28:5a:a7:3d:02:36:7e:1e:6e:fb:a5:c5:5f:e9:ac:
17:52:5a:53:13:22:17:d2:7b:28:f3:79:d8:b7:94:
6d:39:d8:3a:a0:a3:ba:43:11:ad:b1:6f:b3:44:be:
1a:66:32:41:9b:55:a3:f5:95:dc:29:44:91:44:12:
31:10:42:cb:86:bb:1e:5f:24:8b:2b:02:8b:e2:cf:
6d:37:a4:90:6e:bb:4a:0e:1a:22:c2:7d:aa:dc:0e:
32:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:73:97:D9:3E:D0:79:B6:0B:9E:F9:BC:0F:2B:4B:03:85:31:23:C2
X509v3 Authority Key Identifier:
keyid:28:F9:81:C2:0A:A6:52:AA:85:E0:08:BD:26:2F:7B:C1:F8:56:C3:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0a:b0:cd:3c:d9:07:ef:2b:3a:d5:00:84:56:c8:08:9c:92:f2:
77:5a:30:18:cb:37:a2:26:b2:da:a5:88:0c:45:17:2d:24:45:
39:aa:3d:99:32:17:23:76:1a:c8:48:a7:bc:85:e2:40:2a:d3:
0a:9a:7a:76:65:23:01:94:95:fe:e7:a7:73:a0:97:79:f2:a7:
c1:bb:1c:19:16:18:3e:8e:56:3b:78:e7:1a:c3:6c:83:02:60:
e0:cd:fd:5f:29:ec:54:e4:2d:e9:8e:ca:f2:f7:12:da:af:13:
54:e5:82:78:b1:85:4e:d6:88:92:bc:72:48:b0:a3:3e:fd:69:
d8:19:f5:54:8d:3b:76:09:e0:5d:22:b9:b2:59:29:85:4a:ce:
11:9c:5b:80:cd:57:20:0b:72:6b:84:39:87:53:11:3d:07:e9:
e3:f5:9a:4d:3d:75:12:f4:6f:cf:f0:62:5c:98:6d:b6:12:b2:
17:0c:94:94:a4:2b:b8:7a:02:22:68:13:ac:cc:27:9e:eb:04:
97:be:21:39:9c:cf:69:d9:41:26:b9:23:10:55:1e:55:a2:de:
06:25:ce:04:fd:bd:63:8a:7d:33:1a:cc:26:41:5a:25:6d:91:
dc:83:50:40:6a:8c:2f:7d:57:48:09:67:cb:2e:ef:76:81:ff:
e7:88:f9:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsK17MnlzAcerlGo6Se3TmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4Zjk4MWMyMGFhNjUyYWE4NWUwMDhiZDI2MmY3YmMxZjg1
NmMzNTgwHhcNMjUwNjE0MDIwMTEwWhcNMjUwNjE1MDIwMTEwWjAzMTEwLwYDVQQD
EyhmMDczOTdkOTNlZDA3OWI2MGI5ZWY5YmMwZjJiNGIwMzg1MzEyM2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTBqbO9lgyQS1LKAyum4TX8QsAxe
vuErBRgjRGNox/OQ8XFPDVTzNgnHOEnY39nvr4tR9jSI8CXbkzjPTK/7ZfBNnHrB
5p8VR4x5CC/zpxEmVj1ejS5jMqG4WnSqYrmQTJ2MJObI0wwLize7f6fQSdl84IP2
X1ZQ6WITCb9ixM2I5+7pv1rXaZa3FyBa/y9n/mqHe9Nb5WIDoA73zAeVci01nsQo
Wqc9AjZ+Hm77pcVf6awXUlpTEyIX0nso83nYt5RtOdg6oKO6QxGtsW+zRL4aZjJB
m1Wj9ZXcKUSRRBIxEELLhrseXySLKwKL4s9tN6SQbrtKDhoiwn2q3A4yAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPBzl9k+0Hm2C575vA8rSwOFMSPCMB8GA1UdIwQY
MBaAFCj5gcIKplKqheAIvSYve8H4VsNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1BtQndncW1VcXFGNEFpOUppOTd3ZmhXdzFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8zNTJmOWEtNGZkZS00ODRhLWI5MjMt
Yzg3ZmJiZDAzZTg2LzEvS1BtQndncW1VcXFGNEFpOUppOTd3ZmhXdzFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8zNTJmOWEtNGZkZS00ODRhLWI5MjMtYzg3ZmJiZDAzZTg2
LzEvS1BtQndncW1VcXFGNEFpOUppOTd3ZmhXdzFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACrDNPNkH
7ys61QCEVsgInJLyd1owGMs3oiay2qWIDEUXLSRFOao9mTIXI3YayEinvIXiQCrT
Cpp6dmUjAZSV/uenc6CXefKnwbscGRYYPo5WO3jnGsNsgwJg4M39XynsVOQt6Y7K
8vcS2q8TVOWCeLGFTtaIkrxySLCjPv1p2Bn1VI07dgngXSK5slkphUrOEZxbgM1X
IAtya4Q5h1MRPQfp4/WaTT11EvRvz/BiXJhtthKyFwyUlKQruHoCImgTrMwnnusE
l74hOZzPadlBJrkjEFUeVaLeBiXOBP29Y4p9MxrMJkFaJW2R3INQQGqML31XSAln
yy7vdoH/54j5Zg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 12:57:39 2025 by rpki-client