Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
File: sd_KrmUzbQycpCWFpG2Yyawk9eU.mft (raw, json)
Hash identifier: H9CqZmjggeXoiII68iqq3O0Y4Lapak8b6qGLyltX9UI=
Subject key identifier: DF:6E:12:8B:65:33:E2:7B:E3:C8:5E:86:39:D6:EB:AB:71:39:B2:0A
Authority key identifier: B1:DF:CA:AE:65:33:6D:0C:9C:A4:25:85:A4:6D:98:C9:AC:24:F5:E5
Certificate issuer: /CN=b1dfcaae65336d0c9ca42585a46d98c9ac24f5e5
Certificate serial: 0196771EB42507C335B3F63ECC7CD197DC55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
Manifest number: 0156
Signing time: Sun 27 Apr 2025 12:00:22 +0000
Manifest this update: Sun 27 Apr 2025 12:00:22 +0000
Manifest next update: Mon 28 Apr 2025 12:00:22 +0000
Files and hashes: 1: sd_KrmUzbQycpCWFpG2Yyawk9eU.crl (hash: KN5acgbv57NUzp8bC4YqeSdJ6iXEEL+RU1LB3f6174I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 12:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:77:1e:b4:25:07:c3:35:b3:f6:3e:cc:7c:d1:97:dc:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1dfcaae65336d0c9ca42585a46d98c9ac24f5e5
Validity
Not Before: Apr 27 12:00:22 2025 GMT
Not After : Apr 28 12:00:22 2025 GMT
Subject: CN=df6e128b6533e27be3c85e8639d6ebab7139b20a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:59:d4:a6:8f:2e:32:dc:a4:b3:8d:48:05:5e:
61:69:6d:30:86:81:ff:f7:53:50:a7:75:b0:46:3f:
6f:b1:61:22:34:fe:c1:99:31:cb:35:fc:97:74:3d:
8c:86:28:c6:15:8a:07:03:87:e4:48:08:07:f1:d0:
fb:a6:3b:b9:85:4e:48:48:28:21:dc:4a:6e:1d:36:
0e:cd:bb:12:98:b2:38:b9:4c:f7:70:37:d3:e1:7c:
32:6c:d6:f4:76:c2:b2:46:2f:b4:11:d7:bf:b5:3a:
70:86:cd:71:5b:3d:dd:df:43:40:6f:fe:f7:f8:9a:
b3:47:b0:e1:64:ef:13:00:8e:a1:0b:f4:f1:e6:c6:
6a:71:37:8e:d2:43:4f:89:04:60:ec:41:f8:ad:13:
1e:5d:8d:84:02:76:db:c8:d3:00:b4:1e:22:f3:f4:
fc:1c:d4:e7:1b:7f:c8:8b:57:59:4b:45:89:ae:aa:
51:93:ab:7a:80:51:5f:c3:16:98:31:51:3a:02:7f:
88:e1:ee:47:9a:56:1d:0d:bd:6e:0d:4a:fd:b2:1f:
15:7c:e8:e8:10:53:b8:4d:3c:7a:a6:39:a0:3d:87:
1a:ab:98:de:1e:10:4a:50:65:e1:5d:b1:10:53:9f:
5b:41:e7:d7:27:8a:ed:a4:2c:a3:36:1e:50:e9:25:
82:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:6E:12:8B:65:33:E2:7B:E3:C8:5E:86:39:D6:EB:AB:71:39:B2:0A
X509v3 Authority Key Identifier:
keyid:B1:DF:CA:AE:65:33:6D:0C:9C:A4:25:85:A4:6D:98:C9:AC:24:F5:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2a:29:2d:23:3e:d2:c8:4c:7c:0b:24:bb:81:54:37:74:f9:89:
7f:21:49:62:cd:b1:6f:c4:37:5b:2e:3f:a8:ae:7c:60:11:e9:
ac:5a:a8:62:90:ef:9f:e0:83:17:33:7f:df:41:49:9c:e7:59:
68:bc:df:f6:49:d1:54:3a:60:21:b3:96:9f:6e:44:ff:b0:90:
ef:e1:d5:c7:1f:2a:1d:fb:16:89:4f:e5:cc:c9:1c:52:39:6d:
7a:4f:ed:40:a9:20:ad:c1:24:09:98:b1:9e:d4:c4:22:96:a7:
e8:88:f5:6d:76:48:d5:39:7c:ce:28:28:4c:6c:04:b9:7b:2b:
9f:70:ea:03:34:47:3f:68:a9:9b:ca:b5:91:12:70:3b:50:5c:
53:1d:58:3c:fa:63:46:57:c7:ad:e1:fd:25:15:64:92:b4:e6:
a1:32:b2:76:f6:69:b7:51:70:cb:7e:7c:e2:83:97:c2:73:8c:
b2:86:2c:ce:db:17:f3:d1:ff:52:c6:1b:c4:d1:1b:f1:41:d5:
58:34:fc:cf:26:88:78:c7:1f:08:49:86:6e:a4:2d:61:cd:e4:
dc:d4:93:df:53:02:db:a1:3d:a1:4f:d5:6b:92:d3:5c:7a:12:
9b:b7:4f:74:40:53:f0:87:41:92:40:27:a2:ad:13:83:64:f5:
99:9f:ec:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3HrQlB8M1s/Y+zHzRl9xVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZGZjYWFlNjUzMzZkMGM5Y2E0MjU4NWE0NmQ5OGM5YWMy
NGY1ZTUwHhcNMjUwNDI3MTIwMDIyWhcNMjUwNDI4MTIwMDIyWjAzMTEwLwYDVQQD
EyhkZjZlMTI4YjY1MzNlMjdiZTNjODVlODYzOWQ2ZWJhYjcxMzliMjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlnUpo8uMtyks41IBV5haW0whoH/
91NQp3WwRj9vsWEiNP7BmTHLNfyXdD2MhijGFYoHA4fkSAgH8dD7pju5hU5ISCgh
3EpuHTYOzbsSmLI4uUz3cDfT4XwybNb0dsKyRi+0Ede/tTpwhs1xWz3d30NAb/73
+JqzR7DhZO8TAI6hC/Tx5sZqcTeO0kNPiQRg7EH4rRMeXY2EAnbbyNMAtB4i8/T8
HNTnG3/Ii1dZS0WJrqpRk6t6gFFfwxaYMVE6An+I4e5HmlYdDb1uDUr9sh8VfOjo
EFO4TTx6pjmgPYcaq5jeHhBKUGXhXbEQU59bQefXJ4rtpCyjNh5Q6SWC+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN9uEotlM+J748hehjnW66txObIKMB8GA1UdIwQY
MBaAFLHfyq5lM20MnKQlhaRtmMmsJPXlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8xOTg3N2QtMzkzMi00NzJlLTllNjQt
YzQ1ZTg5MjRjNTRhLzEvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8xOTg3N2QtMzkzMi00NzJlLTllNjQtYzQ1ZTg5MjRjNTRh
LzEvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKiktIz7S
yEx8CyS7gVQ3dPmJfyFJYs2xb8Q3Wy4/qK58YBHprFqoYpDvn+CDFzN/30FJnOdZ
aLzf9knRVDpgIbOWn25E/7CQ7+HVxx8qHfsWiU/lzMkcUjltek/tQKkgrcEkCZix
ntTEIpan6Ij1bXZI1Tl8zigoTGwEuXsrn3DqAzRHP2ipm8q1kRJwO1BcUx1YPPpj
RlfHreH9JRVkkrTmoTKydvZpt1Fwy3584oOXwnOMsoYsztsX89H/UsYbxNEb8UHV
WDT8zyaIeMcfCEmGbqQtYc3k3NST31MC26E9oU/Va5LTXHoSm7dPdEBT8IdBkkAn
oq0Tg2T1mZ/sfQ==
-----END CERTIFICATE-----
Generated at Sun Apr 27 19:23:32 2025 by rpki-client