Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
File: KfFNQRwg7PxJYhX82w9D2EchkJY.mft (raw, json)
Hash identifier: fXrzKfpE/F3pltBysU452Dg6HOCnvkB+GqN0ibY+72Y=
Subject key identifier: 62:4A:09:42:8B:96:02:98:4E:63:0F:D7:DD:77:63:21:35:17:42:46
Authority key identifier: 29:F1:4D:41:1C:20:EC:FC:49:62:15:FC:DB:0F:43:D8:47:21:90:96
Certificate issuer: /CN=29f14d411c20ecfc496215fcdb0f43d847219096
Certificate serial: 019890D96C367CAAA94BF0DFA547FE20E1DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
Manifest number: 12B9
Signing time: Sat 09 Aug 2025 22:00:24 +0000
Manifest this update: Sat 09 Aug 2025 22:00:24 +0000
Manifest next update: Sun 10 Aug 2025 22:00:24 +0000
Files and hashes: 1: K3k_GCXnaMv59dLKq-rHfPOR6HE.roa (hash: 5Q6jyJMRb9gad/mJLct+/fYWsLJ0GiEE1wJJESuoLsM=)
2: KfFNQRwg7PxJYhX82w9D2EchkJY.crl (hash: bQXopVr+uxOslyI/8JwaMEUd/hkJxewkSwGATiwlXGo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 18:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:90:d9:6c:36:7c:aa:a9:4b:f0:df:a5:47:fe:20:e1:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29f14d411c20ecfc496215fcdb0f43d847219096
Validity
Not Before: Aug 9 22:00:24 2025 GMT
Not After : Aug 10 22:00:24 2025 GMT
Subject: CN=624a09428b9602984e630fd7dd77632135174246
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:13:31:bd:1c:37:c0:d0:44:d5:34:3b:a6:d6:
1f:29:b9:bf:1c:d6:3b:34:56:3c:95:99:ba:36:5d:
3c:5a:21:45:8f:2b:70:a8:23:77:eb:47:ec:15:3d:
54:3b:ba:1d:a2:8d:46:7e:54:66:c3:9d:41:9a:b7:
25:1c:a4:cf:52:76:a9:85:ff:1a:3a:6f:2d:78:0c:
89:4f:8c:08:c1:1a:17:6d:95:71:64:22:f8:f2:18:
3b:8d:f4:f9:7a:09:c6:b9:eb:57:b8:46:2a:cb:e9:
7a:1d:0f:6b:ff:31:96:87:70:4d:a2:53:ed:5e:80:
f1:10:a6:73:2b:bc:09:a5:39:ef:4f:cf:e1:d3:34:
8b:78:c5:cf:e6:d5:7c:c5:cf:e2:86:bc:22:a4:2e:
29:0a:96:fa:cf:97:9d:72:5a:94:4a:dc:f1:c2:19:
5f:4c:eb:4e:06:d8:f2:e2:4f:0d:df:56:87:a4:9b:
27:10:00:34:b0:c6:c6:61:dd:46:c1:2e:06:5d:39:
96:39:59:cb:d8:7e:9c:b2:d5:6f:e1:72:f6:8d:4c:
a1:59:7a:6a:2e:e0:99:3e:2d:53:6b:2b:bb:73:9d:
d6:a6:82:5f:ca:d0:69:44:e4:10:72:0e:5a:ea:87:
80:fb:db:43:e3:6a:00:6a:53:fa:6b:d8:09:5b:47:
29:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:4A:09:42:8B:96:02:98:4E:63:0F:D7:DD:77:63:21:35:17:42:46
X509v3 Authority Key Identifier:
keyid:29:F1:4D:41:1C:20:EC:FC:49:62:15:FC:DB:0F:43:D8:47:21:90:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
56:bf:f5:07:a9:19:9e:5b:9b:38:72:91:4c:ee:a0:9f:e8:57:
2d:19:c9:73:4a:50:9c:61:27:ae:5a:ec:b3:62:d6:10:af:b4:
53:fa:d2:0a:a5:c2:4f:51:22:10:f2:f9:a4:ac:a2:fe:76:9a:
e2:04:c0:b4:f7:1e:f2:8a:f7:49:f6:78:3f:1c:b2:1d:db:22:
54:47:f9:40:e9:91:44:b1:2a:13:89:65:f0:59:f6:cc:f1:f0:
a9:85:0c:4b:02:c4:a7:40:9a:52:6d:03:c6:77:cc:2c:1e:fb:
fd:2d:96:f1:df:b0:fd:cb:bf:b9:29:b2:0b:6e:c4:f4:a1:e9:
94:f3:2a:4c:3c:49:3e:64:42:46:26:91:73:b0:bd:47:dc:11:
61:58:fa:48:c6:0b:4b:4a:e8:25:00:1d:aa:24:45:e5:46:1f:
39:c3:90:75:da:52:34:59:50:76:70:7f:62:cd:8c:25:67:5f:
db:26:c3:b6:92:ae:71:94:31:67:4e:cd:e8:8a:06:b7:a1:76:
09:36:73:9a:90:ed:5a:f6:2b:3e:95:e3:f0:36:3b:7f:20:02:
d9:8c:eb:cf:c2:8c:94:9b:91:1f:3b:4d:fd:49:26:6e:c9:83:
aa:64:68:c2:7d:85:2c:d7:55:7d:98:f6:c1:59:4c:e4:60:8a:
f5:49:23:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiQ2Ww2fKqpS/DfpUf+IOHfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZjE0ZDQxMWMyMGVjZmM0OTYyMTVmY2RiMGY0M2Q4NDcy
MTkwOTYwHhcNMjUwODA5MjIwMDI0WhcNMjUwODEwMjIwMDI0WjAzMTEwLwYDVQQD
Eyg2MjRhMDk0MjhiOTYwMjk4NGU2MzBmZDdkZDc3NjMyMTM1MTc0MjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6xMxvRw3wNBE1TQ7ptYfKbm/HNY7
NFY8lZm6Nl08WiFFjytwqCN360fsFT1UO7odoo1GflRmw51BmrclHKTPUnaphf8a
Om8teAyJT4wIwRoXbZVxZCL48hg7jfT5egnGuetXuEYqy+l6HQ9r/zGWh3BNolPt
XoDxEKZzK7wJpTnvT8/h0zSLeMXP5tV8xc/ihrwipC4pCpb6z5edclqUStzxwhlf
TOtOBtjy4k8N31aHpJsnEAA0sMbGYd1GwS4GXTmWOVnL2H6cstVv4XL2jUyhWXpq
LuCZPi1Tayu7c53WpoJfytBpROQQcg5a6oeA+9tD42oAalP6a9gJW0cpfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGJKCUKLlgKYTmMP1913YyE1F0JGMB8GA1UdIwQY
MBaAFCnxTUEcIOz8SWIV/NsPQ9hHIZCWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iY2YyNzItZDc1MS00NWJlLTk4NTYt
MDE4YTM3NzBkYTc3LzEvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iY2YyNzItZDc1MS00NWJlLTk4NTYtMDE4YTM3NzBkYTc3
LzEvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVr/1B6kZ
nlubOHKRTO6gn+hXLRnJc0pQnGEnrlrss2LWEK+0U/rSCqXCT1EiEPL5pKyi/naa
4gTAtPce8or3SfZ4PxyyHdsiVEf5QOmRRLEqE4ll8Fn2zPHwqYUMSwLEp0CaUm0D
xnfMLB77/S2W8d+w/cu/uSmyC27E9KHplPMqTDxJPmRCRiaRc7C9R9wRYVj6SMYL
S0roJQAdqiRF5UYfOcOQddpSNFlQdnB/Ys2MJWdf2ybDtpKucZQxZ07N6IoGt6F2
CTZzmpDtWvYrPpXj8DY7fyAC2Yzrz8KMlJuRHztN/UkmbsmDqmRown2FLNdVfZj2
wVlM5GCK9UkjYg==
-----END CERTIFICATE-----
Generated at Sun Aug 10 04:26:41 2025 by rpki-client