Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft
File: KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft (raw, json)
Hash identifier: Qq0UBIAb9br3sdLf8vlhrWqTERXMMOywBYPBkB3ai28=
Subject key identifier: 05:38:5C:62:A5:07:0E:CE:9D:FA:9B:57:E1:DF:3C:3D:41:40:30:0E
Authority key identifier: 28:F9:81:C2:0A:A6:52:AA:85:E0:08:BD:26:2F:7B:C1:F8:56:C3:58
Certificate issuer: /CN=28f981c20aa652aa85e008bd262f7bc1f856c358
Certificate serial: 01987E65F3BC9004CE162B20E20FFBCCA51B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft
Manifest number: 1066
Signing time: Wed 06 Aug 2025 08:01:07 +0000
Manifest this update: Wed 06 Aug 2025 08:01:07 +0000
Manifest next update: Thu 07 Aug 2025 08:01:07 +0000
Files and hashes: 1: KPmBwgqmUqqF4Ai9Ji97wfhWw1g.crl (hash: PAkTFWiRFbaCfguQ2DnLQAjgOM7tib0KncBndPncojA=)
2: rYNJq30hG9TfQKEAUAnbb-JlarU.roa (hash: bobhiWtsSX2sPVTtreNAJF6ae9i50YxHtcGAHPsK84U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft
rsync://rpki.ripe.net/repository/DEFAULT/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 08:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7e:65:f3:bc:90:04:ce:16:2b:20:e2:0f:fb:cc:a5:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28f981c20aa652aa85e008bd262f7bc1f856c358
Validity
Not Before: Aug 6 08:01:07 2025 GMT
Not After : Aug 7 08:01:07 2025 GMT
Subject: CN=05385c62a5070ece9dfa9b57e1df3c3d4140300e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:20:4d:19:6d:9d:10:05:f8:e8:73:ea:81:d6:
13:6e:c1:90:1e:12:c1:e7:f5:e5:28:e4:f6:88:22:
72:fb:19:c8:91:de:56:9a:9a:fe:9d:c6:af:76:c9:
c4:55:0c:34:1f:a0:62:4d:36:cb:a4:a8:8d:7f:50:
b4:08:41:fd:f2:be:d2:6d:48:be:4b:07:3c:a2:84:
cf:aa:f2:e1:c7:8e:c2:fb:4a:96:40:62:66:1e:07:
f7:2c:d3:f7:7a:b3:d5:f9:3d:2d:f0:95:36:38:6f:
88:e8:94:43:74:00:0e:58:f1:1e:a2:60:f2:aa:8a:
b3:7a:b4:12:b0:37:d7:8f:41:ce:23:14:58:4b:08:
c2:d2:f8:54:df:75:85:f9:3d:9e:5d:8d:6e:0d:a1:
2b:2d:66:a1:9a:9b:ee:51:7a:33:1a:3d:58:66:70:
98:31:18:93:90:c3:f1:99:2e:a8:58:31:3f:37:b1:
c4:5b:b0:47:d8:17:cc:de:e1:3c:04:35:8a:6b:ff:
5e:3d:82:f2:cc:aa:54:48:d2:f5:30:f1:a2:6b:2e:
70:05:32:79:ac:29:c8:d5:8c:ca:04:bd:12:bf:89:
36:49:28:4c:95:c4:9e:6d:ff:e2:94:5a:33:f8:b6:
1c:3e:89:d6:4a:b7:56:1a:79:4a:0b:ca:00:09:a3:
1e:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:38:5C:62:A5:07:0E:CE:9D:FA:9B:57:E1:DF:3C:3D:41:40:30:0E
X509v3 Authority Key Identifier:
keyid:28:F9:81:C2:0A:A6:52:AA:85:E0:08:BD:26:2F:7B:C1:F8:56:C3:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
75:be:dc:e8:53:fe:5c:5b:eb:2a:73:72:38:19:ad:53:a9:de:
7a:bf:8c:99:d4:c0:be:c8:95:14:86:d6:9f:f2:3d:5a:93:d8:
19:60:fc:fd:d5:cf:84:4c:c2:5a:a3:bb:36:49:7e:cd:37:76:
4d:b4:a0:f7:a3:8d:80:9e:fb:33:39:4c:4b:6e:94:f3:e3:e7:
a4:3d:ee:ae:f9:f3:35:3d:d7:1d:86:53:39:f1:7c:a9:73:e3:
f0:cd:4e:76:32:f7:e4:e1:7d:83:2c:f0:84:e8:90:fb:1d:c0:
ac:47:c1:af:1d:6d:0c:9d:fe:8e:4c:6d:bb:31:1e:21:1c:97:
4e:01:9c:05:bb:f3:cf:12:6d:23:78:26:9f:78:03:a5:48:f7:
e7:3f:fa:f8:61:93:b4:f9:08:11:aa:fd:8f:41:23:df:66:a9:
7b:08:b0:7f:d9:7e:d7:e9:02:2d:2a:1c:f9:8b:a7:c5:9d:4f:
95:b0:84:30:2b:4c:0b:df:2c:9d:9b:06:2d:4f:49:cd:54:4f:
b6:0a:07:4e:ea:ac:c3:69:94:6e:31:c6:c8:92:66:5c:e0:c8:
18:57:18:4d:54:fd:b1:43:83:bd:e9:bd:bc:ff:03:0c:42:4e:
89:ab:d6:56:bf:ff:97:a4:a5:8b:5e:c3:17:c1:4e:29:08:a2:
bf:36:ce:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh+ZfO8kATOFisg4g/7zKUbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4Zjk4MWMyMGFhNjUyYWE4NWUwMDhiZDI2MmY3YmMxZjg1
NmMzNTgwHhcNMjUwODA2MDgwMTA3WhcNMjUwODA3MDgwMTA3WjAzMTEwLwYDVQQD
EygwNTM4NWM2MmE1MDcwZWNlOWRmYTliNTdlMWRmM2MzZDQxNDAzMDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCBNGW2dEAX46HPqgdYTbsGQHhLB
5/XlKOT2iCJy+xnIkd5Wmpr+ncavdsnEVQw0H6BiTTbLpKiNf1C0CEH98r7SbUi+
Swc8ooTPqvLhx47C+0qWQGJmHgf3LNP3erPV+T0t8JU2OG+I6JRDdAAOWPEeomDy
qoqzerQSsDfXj0HOIxRYSwjC0vhU33WF+T2eXY1uDaErLWahmpvuUXozGj1YZnCY
MRiTkMPxmS6oWDE/N7HEW7BH2BfM3uE8BDWKa/9ePYLyzKpUSNL1MPGiay5wBTJ5
rCnI1YzKBL0Sv4k2SShMlcSebf/ilFoz+LYcPonWSrdWGnlKC8oACaMe5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAU4XGKlBw7OnfqbV+HfPD1BQDAOMB8GA1UdIwQY
MBaAFCj5gcIKplKqheAIvSYve8H4VsNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1BtQndncW1VcXFGNEFpOUppOTd3ZmhXdzFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8zNTJmOWEtNGZkZS00ODRhLWI5MjMt
Yzg3ZmJiZDAzZTg2LzEvS1BtQndncW1VcXFGNEFpOUppOTd3ZmhXdzFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8zNTJmOWEtNGZkZS00ODRhLWI5MjMtYzg3ZmJiZDAzZTg2
LzEvS1BtQndncW1VcXFGNEFpOUppOTd3ZmhXdzFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdb7c6FP+
XFvrKnNyOBmtU6neer+MmdTAvsiVFIbWn/I9WpPYGWD8/dXPhEzCWqO7Nkl+zTd2
TbSg96ONgJ77MzlMS26U8+PnpD3urvnzNT3XHYZTOfF8qXPj8M1OdjL35OF9gyzw
hOiQ+x3ArEfBrx1tDJ3+jkxtuzEeIRyXTgGcBbvzzxJtI3gmn3gDpUj35z/6+GGT
tPkIEar9j0Ej32apewiwf9l+1+kCLSoc+YunxZ1PlbCEMCtMC98snZsGLU9JzVRP
tgoHTuqsw2mUbjHGyJJmXODIGFcYTVT9sUODvem9vP8DDEJOiavWVr//l6Sli17D
F8FOKQiivzbOhQ==
-----END CERTIFICATE-----
Generated at Wed Aug 6 14:20:11 2025 by rpki-client