
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
File: sd_KrmUzbQycpCWFpG2Yyawk9eU.mft (raw, json)
Hash identifier: D6mc0EvG3GI0AHfC+WglekDRUELVvgRhuZQXc27YpuA=
Subject key identifier: 15:D2:7C:82:89:D2:8E:2C:D2:9B:FE:BD:E3:B8:8F:3B:8C:EF:C1:DF
Authority key identifier: B1:DF:CA:AE:65:33:6D:0C:9C:A4:25:85:A4:6D:98:C9:AC:24:F5:E5
Certificate issuer: /CN=b1dfcaae65336d0c9ca42585a46d98c9ac24f5e5
Certificate serial: 01987E9CBC07D57F412427F5864B5F09516B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
Manifest number: 0263
Signing time: Wed 06 Aug 2025 09:00:57 +0000
Manifest this update: Wed 06 Aug 2025 09:00:57 +0000
Manifest next update: Thu 07 Aug 2025 09:00:57 +0000
Files and hashes: 1: sd_KrmUzbQycpCWFpG2Yyawk9eU.crl (hash: uaH42DIU+IZpol61zuS6PpEiWpfIxJ5oTEdl5eLvRxQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 09:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7e:9c:bc:07:d5:7f:41:24:27:f5:86:4b:5f:09:51:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1dfcaae65336d0c9ca42585a46d98c9ac24f5e5
Validity
Not Before: Aug 6 09:00:57 2025 GMT
Not After : Aug 7 09:00:57 2025 GMT
Subject: CN=15d27c8289d28e2cd29bfebde3b88f3b8cefc1df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:92:3a:fe:a7:05:1a:34:84:8b:2b:67:32:12:
f3:84:aa:4b:94:de:98:3a:c0:7d:20:24:95:58:ab:
69:35:0f:37:08:4a:a4:c4:fa:c4:d7:7f:71:0b:bb:
b1:d6:3c:1d:d1:33:9f:d8:6c:64:ec:2b:d2:59:4e:
e6:d2:03:26:08:21:9c:c7:05:29:ec:fa:81:c6:5d:
f2:43:d4:97:10:7d:de:b9:c3:e1:d5:61:db:14:8c:
c3:e5:93:81:e2:6b:a7:30:f4:e6:a6:0a:6f:63:11:
8f:b1:96:c2:2c:a6:02:ba:e9:28:aa:a8:f4:b9:91:
ff:c7:c0:d9:8f:4c:0a:f7:7c:29:32:0f:09:d2:19:
83:1e:cc:d3:cf:69:b8:36:15:8c:44:39:bc:36:43:
47:72:5f:87:96:28:85:85:d4:3b:93:bd:30:77:ef:
b9:a2:fa:60:63:7b:00:32:87:3b:36:1a:86:ca:25:
48:6f:45:47:f9:7f:83:8e:72:af:ea:86:07:0f:8a:
20:68:59:55:f4:6f:0c:11:2b:bc:ae:e0:8d:b2:62:
64:05:96:f5:b9:ca:b9:ae:00:90:55:81:5a:47:3b:
b9:52:e8:68:63:6a:06:b4:53:95:29:ef:77:c7:80:
9a:74:00:7b:a6:c0:5c:06:2a:55:ee:c8:e3:6d:39:
9f:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:D2:7C:82:89:D2:8E:2C:D2:9B:FE:BD:E3:B8:8F:3B:8C:EF:C1:DF
X509v3 Authority Key Identifier:
keyid:B1:DF:CA:AE:65:33:6D:0C:9C:A4:25:85:A4:6D:98:C9:AC:24:F5:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
67:9c:0f:9a:7f:38:44:c7:cd:5f:87:37:25:d6:e9:0d:80:e2:
03:a8:80:38:74:14:05:aa:3b:4f:ab:4b:93:b6:a1:d7:3a:10:
b9:cc:2e:db:64:cd:e7:cf:af:6c:b4:29:5c:11:09:2b:3b:3b:
c1:e1:e5:09:43:97:bb:af:72:9b:57:7e:38:26:bd:09:1a:9a:
4d:e0:08:27:77:0e:80:0a:62:08:91:83:8f:da:c2:2b:0f:bb:
7d:c2:b4:84:bd:74:e5:19:5c:81:7b:60:ae:6a:be:20:25:68:
06:aa:2c:d2:74:f1:8c:dc:bb:42:33:dc:1c:23:aa:09:fc:6e:
37:64:90:9d:6c:58:ff:2f:3a:fb:e9:2f:ac:bd:fa:04:bd:e5:
ed:f3:9a:4c:12:2d:31:d4:73:12:70:25:77:20:44:e8:9c:44:
b7:4d:a6:e0:d5:d8:b4:d9:76:e0:45:70:5b:04:8a:9f:4f:9c:
cb:89:d7:3a:dd:d2:cd:26:39:a9:7b:8c:e0:2c:73:f9:02:0a:
6c:40:31:3d:50:a0:aa:48:d6:21:c0:d2:ee:13:5e:60:02:10:
20:11:fa:f6:93:f9:8c:ab:34:8a:b5:07:42:1c:98:11:e2:26:
d9:da:f2:69:e2:71:b8:56:9c:2b:2b:35:40:d7:6e:f1:12:e9:
56:88:ac:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh+nLwH1X9BJCf1hktfCVFrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZGZjYWFlNjUzMzZkMGM5Y2E0MjU4NWE0NmQ5OGM5YWMy
NGY1ZTUwHhcNMjUwODA2MDkwMDU3WhcNMjUwODA3MDkwMDU3WjAzMTEwLwYDVQQD
EygxNWQyN2M4Mjg5ZDI4ZTJjZDI5YmZlYmRlM2I4OGYzYjhjZWZjMWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpI6/qcFGjSEiytnMhLzhKpLlN6Y
OsB9ICSVWKtpNQ83CEqkxPrE139xC7ux1jwd0TOf2Gxk7CvSWU7m0gMmCCGcxwUp
7PqBxl3yQ9SXEH3eucPh1WHbFIzD5ZOB4munMPTmpgpvYxGPsZbCLKYCuukoqqj0
uZH/x8DZj0wK93wpMg8J0hmDHszTz2m4NhWMRDm8NkNHcl+HliiFhdQ7k70wd++5
ovpgY3sAMoc7NhqGyiVIb0VH+X+DjnKv6oYHD4ogaFlV9G8MESu8ruCNsmJkBZb1
ucq5rgCQVYFaRzu5UuhoY2oGtFOVKe93x4CadAB7psBcBipV7sjjbTmf/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBXSfIKJ0o4s0pv+veO4jzuM78HfMB8GA1UdIwQY
MBaAFLHfyq5lM20MnKQlhaRtmMmsJPXlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8xOTg3N2QtMzkzMi00NzJlLTllNjQt
YzQ1ZTg5MjRjNTRhLzEvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8xOTg3N2QtMzkzMi00NzJlLTllNjQtYzQ1ZTg5MjRjNTRh
LzEvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ5wPmn84
RMfNX4c3JdbpDYDiA6iAOHQUBao7T6tLk7ah1zoQucwu22TN58+vbLQpXBEJKzs7
weHlCUOXu69ym1d+OCa9CRqaTeAIJ3cOgApiCJGDj9rCKw+7fcK0hL105RlcgXtg
rmq+ICVoBqos0nTxjNy7QjPcHCOqCfxuN2SQnWxY/y86++kvrL36BL3l7fOaTBIt
MdRzEnAldyBE6JxEt02m4NXYtNl24EVwWwSKn0+cy4nXOt3SzSY5qXuM4Cxz+QIK
bEAxPVCgqkjWIcDS7hNeYAIQIBH69pP5jKs0irUHQhyYEeIm2dryaeJxuFacKys1
QNdu8RLpVoisfw==
-----END CERTIFICATE-----
Generated at Wed Aug 6 18:24:57 2025 by rpki-client