Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
File: KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft (raw, json)
Hash identifier: TcQc86bmVu3YW4ka2oRdmAODB0MJfeFJ9wVFJg+ARCk=
Subject key identifier: 89:17:A4:40:6C:94:78:58:E4:8E:6B:95:10:EB:EA:D6:9A:88:32:1A
Authority key identifier: 2A:21:B1:AB:E7:87:E2:54:64:39:1F:AD:61:D0:0E:3F:37:6B:98:CF
Certificate issuer: /CN=2a21b1abe787e25464391fad61d00e3f376b98cf
Certificate serial: 0196760D1F19462DA7ECFD3112C31CD5FE53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
Manifest number: 0A2A
Signing time: Sun 27 Apr 2025 07:01:33 +0000
Manifest this update: Sun 27 Apr 2025 07:01:33 +0000
Manifest next update: Mon 28 Apr 2025 07:01:33 +0000
Files and hashes: 1: HDOhzz0jBa_Gp9AJUMy27D9Cjlg.roa (hash: lm71x5ibbc8ZUL32IG9cJWwnD/vjqa8xr80jq2AaleE=)
2: KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl (hash: Zx/gMb9pvePeeHYkWfYecdcGbP15gvkUpq0EsSCggWk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 05:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:76:0d:1f:19:46:2d:a7:ec:fd:31:12:c3:1c:d5:fe:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a21b1abe787e25464391fad61d00e3f376b98cf
Validity
Not Before: Apr 27 07:01:33 2025 GMT
Not After : Apr 28 07:01:33 2025 GMT
Subject: CN=8917a4406c947858e48e6b9510ebead69a88321a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:80:09:ec:07:1a:6c:31:35:43:98:56:54:b3:
18:fc:63:21:53:c5:db:7a:f4:31:c2:69:3a:6f:32:
91:7e:80:8b:86:5a:08:8d:19:b4:c8:64:61:3a:79:
52:39:1b:f0:6e:93:47:38:08:c0:99:1c:e6:08:3e:
ff:16:aa:52:47:83:e9:5b:e9:40:c4:8b:f2:76:1b:
bb:9d:74:88:cb:f1:4f:e8:cd:7e:e7:56:b3:73:70:
0a:ce:30:7b:02:74:f6:ed:b4:31:84:2d:bf:b4:3f:
e6:34:9a:cc:91:33:f5:41:52:89:4c:d9:21:96:af:
50:85:e6:7a:36:e0:54:08:49:26:e0:00:68:e5:18:
3f:d0:43:61:62:78:8a:bb:12:4a:4a:c8:d2:a1:c0:
ed:06:f3:5f:a3:3b:74:46:4e:95:5b:97:ce:4b:6b:
e4:3a:ed:4c:ce:e2:0c:ab:94:80:0d:25:36:ce:0e:
4e:76:cd:26:ed:1b:4b:f8:2a:99:b2:7c:82:63:7c:
f8:94:02:05:5c:60:0d:91:0f:78:8f:38:81:09:b6:
94:59:d0:b9:ae:fd:00:9c:15:66:2f:aa:e5:7e:ab:
a9:05:45:c0:67:32:9b:2b:cd:0b:e8:89:2a:06:d1:
ce:44:25:43:2f:c0:d6:73:c9:ef:5d:dc:32:b9:7e:
6d:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:17:A4:40:6C:94:78:58:E4:8E:6B:95:10:EB:EA:D6:9A:88:32:1A
X509v3 Authority Key Identifier:
keyid:2A:21:B1:AB:E7:87:E2:54:64:39:1F:AD:61:D0:0E:3F:37:6B:98:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
59:9d:b4:6e:1c:01:75:7b:61:c1:d4:53:44:3b:3d:7e:d3:77:
e3:cc:ac:6d:c1:6e:88:95:80:3d:1a:8c:6f:b9:84:81:e8:b1:
a1:46:1b:6c:c8:31:a0:a9:16:d4:2f:78:22:9e:fe:0a:1b:88:
b2:3b:d3:c5:d3:39:d9:db:00:85:dd:3a:a0:42:3a:d8:a1:7a:
b5:cd:7e:b0:67:88:ac:20:17:06:26:7f:0f:ab:38:55:77:5c:
da:59:7b:b4:f3:e8:8f:87:15:56:bc:2a:ab:95:8d:30:05:5d:
54:9b:42:57:d0:72:55:27:3d:78:3c:9e:55:cd:f8:6e:29:bb:
1b:83:7e:aa:8d:36:48:63:a7:03:82:67:c1:9e:78:f8:d4:88:
20:8e:61:a6:c4:74:88:b9:e3:a5:30:63:ff:fa:8a:1b:77:05:
45:75:b7:ad:b2:30:61:b9:3c:1f:73:39:c5:b2:c9:28:54:fc:
3c:90:5c:90:97:88:0d:32:42:86:0f:cc:d7:a3:f9:13:3f:76:
8e:35:82:78:67:8f:33:4a:c6:68:0d:fc:22:55:09:db:68:ac:
f5:5f:a2:47:87:eb:5e:54:19:93:4d:6a:80:9b:14:92:e0:5b:
07:2b:a1:f6:8e:a4:5f:95:88:44:d9:f1:0c:be:0b:1f:04:6b:
ea:7d:1a:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2DR8ZRi2n7P0xEsMc1f5TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMjFiMWFiZTc4N2UyNTQ2NDM5MWZhZDYxZDAwZTNmMzc2
Yjk4Y2YwHhcNMjUwNDI3MDcwMTMzWhcNMjUwNDI4MDcwMTMzWjAzMTEwLwYDVQQD
Eyg4OTE3YTQ0MDZjOTQ3ODU4ZTQ4ZTZiOTUxMGViZWFkNjlhODgzMjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIAJ7AcabDE1Q5hWVLMY/GMhU8Xb
evQxwmk6bzKRfoCLhloIjRm0yGRhOnlSORvwbpNHOAjAmRzmCD7/FqpSR4PpW+lA
xIvydhu7nXSIy/FP6M1+51azc3AKzjB7AnT27bQxhC2/tD/mNJrMkTP1QVKJTNkh
lq9QheZ6NuBUCEkm4ABo5Rg/0ENhYniKuxJKSsjSocDtBvNfozt0Rk6VW5fOS2vk
Ou1MzuIMq5SADSU2zg5Ods0m7RtL+CqZsnyCY3z4lAIFXGANkQ94jziBCbaUWdC5
rv0AnBVmL6rlfqupBUXAZzKbK80L6IkqBtHORCVDL8DWc8nvXdwyuX5tVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIkXpEBslHhY5I5rlRDr6taaiDIaMB8GA1UdIwQY
MBaAFCohsavnh+JUZDkfrWHQDj83a5jPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZDA2NTQtNzI0Yy00ZTkwLTgxZmYt
OTlmNWNiN2EzY2E1LzEvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZDA2NTQtNzI0Yy00ZTkwLTgxZmYtOTlmNWNiN2EzY2E1
LzEvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWZ20bhwB
dXthwdRTRDs9ftN348ysbcFuiJWAPRqMb7mEgeixoUYbbMgxoKkW1C94Ip7+ChuI
sjvTxdM52dsAhd06oEI62KF6tc1+sGeIrCAXBiZ/D6s4VXdc2ll7tPPoj4cVVrwq
q5WNMAVdVJtCV9ByVSc9eDyeVc34bim7G4N+qo02SGOnA4JnwZ54+NSIII5hpsR0
iLnjpTBj//qKG3cFRXW3rbIwYbk8H3M5xbLJKFT8PJBckJeIDTJChg/M16P5Ez92
jjWCeGePM0rGaA38IlUJ22is9V+iR4frXlQZk01qgJsUkuBbByuh9o6kX5WIRNnx
DL4LHwRr6n0aOA==
-----END CERTIFICATE-----
Generated at Sun Apr 27 14:32:11 2025 by rpki-client