Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
File: KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft (raw, json)
Hash identifier: hywswzwQQxr67cbTTOZmQOx3PxtG/sOw5nS0syJZFkU=
Subject key identifier: 9B:BF:F0:1B:9A:72:86:9F:DD:FD:02:4C:8B:9F:0F:C7:78:FD:78:B1
Authority key identifier: 28:36:24:00:7F:44:DC:AF:56:8C:37:0E:7F:71:F9:50:CB:19:40:EF
Certificate issuer: /CN=283624007f44dcaf568c370e7f71f950cb1940ef
Certificate serial: 01968F958DC438EE0C9494D4626A6050E0EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
Manifest number: 0697
Signing time: Fri 02 May 2025 06:01:05 +0000
Manifest this update: Fri 02 May 2025 06:01:05 +0000
Manifest next update: Sat 03 May 2025 06:01:05 +0000
Files and hashes: 1: 8nNgOGtBQWNTilGRrMmNlFZZwGM.roa (hash: mOJcQQ3vA0VCC5mkB6hJglG7LUq/Vu6wljMQaBgi+dM=)
2: KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl (hash: T5mX4UTRIrN2XbQ+sVVKgxUqTDipoKwTVuj8FU54RI8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 03 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8f:95:8d:c4:38:ee:0c:94:94:d4:62:6a:60:50:e0:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=283624007f44dcaf568c370e7f71f950cb1940ef
Validity
Not Before: May 2 06:01:05 2025 GMT
Not After : May 3 06:01:05 2025 GMT
Subject: CN=9bbff01b9a72869fddfd024c8b9f0fc778fd78b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:59:19:9a:e5:5b:8e:c2:96:c8:9f:31:2f:f1:
31:a9:43:94:ba:c9:aa:2c:65:9d:ae:ba:1f:a1:3e:
7e:ca:f3:46:d0:25:13:f9:17:0d:26:1e:17:a1:b8:
f6:c9:bc:ce:ec:57:a7:d1:d1:b0:74:3c:9c:02:1a:
d8:18:0a:ef:bf:f5:d7:b7:46:38:68:fc:7c:a1:f2:
d5:99:02:1a:56:c8:60:ec:25:d1:c1:27:73:2c:7a:
6e:b6:bc:55:63:98:a3:7e:86:f2:0b:b8:a3:8e:58:
13:54:df:2b:22:70:8f:b9:bb:19:c6:e1:4c:a7:1a:
e1:54:95:72:27:55:e2:ac:ab:f4:0a:d0:19:12:87:
69:ae:c4:8d:9d:c4:0f:fc:c1:c9:67:47:b5:4f:99:
0b:66:89:08:09:d3:7e:54:52:ce:77:b1:04:2f:4d:
bf:1b:3b:eb:1c:77:57:03:8a:02:a8:90:51:1e:93:
55:62:2b:42:07:92:83:f2:f7:5a:1c:33:c6:81:fa:
ca:8c:6b:e8:68:24:1d:f3:85:4e:c2:a6:9c:8e:67:
3f:fc:64:f0:81:69:aa:0c:fc:1b:7a:bc:eb:3f:fd:
a4:13:7d:76:7c:dd:01:8f:33:b5:90:27:c3:59:5b:
82:e4:e3:19:ba:6c:6f:1e:32:ee:7b:b8:c5:2e:a0:
fb:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:BF:F0:1B:9A:72:86:9F:DD:FD:02:4C:8B:9F:0F:C7:78:FD:78:B1
X509v3 Authority Key Identifier:
keyid:28:36:24:00:7F:44:DC:AF:56:8C:37:0E:7F:71:F9:50:CB:19:40:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3f:0b:6d:3e:00:28:64:da:09:0b:a9:b7:ee:15:61:05:5c:84:
e4:49:f6:d7:da:f6:53:fb:3b:54:46:52:7a:78:90:68:b6:a7:
fc:00:3e:73:60:74:22:6e:11:fb:0a:c4:cd:75:7e:d1:b5:ab:
72:99:3d:4a:27:53:33:09:63:2e:8f:61:b3:bf:c8:2c:81:b6:
5c:bb:77:76:b8:63:4a:2d:18:29:ae:e4:bc:9a:77:ec:1b:78:
29:6d:1d:5f:c9:63:43:1b:3b:08:6b:83:0b:9c:5a:59:82:88:
aa:94:9c:f1:49:b8:d1:9e:0a:ba:41:00:b8:c1:91:12:ad:3d:
d5:08:4d:65:1b:74:eb:04:45:df:5c:20:3e:46:56:b7:ec:47:
d6:8f:17:ca:14:cf:80:ef:95:bf:32:c0:80:d3:33:3c:30:ef:
84:f4:88:5c:54:20:74:5a:16:a2:4a:e3:33:48:10:c1:90:00:
e9:60:3d:e6:d5:ee:e1:54:52:22:87:2b:a6:aa:45:2e:0b:44:
35:d6:28:5a:0e:57:b2:7e:41:3a:01:36:f5:ca:af:cb:b9:67:
55:92:f3:0a:ec:40:76:1c:a1:5d:c4:41:41:89:d0:ba:fa:f1:
7d:49:e2:a0:17:36:10:39:39:65:cb:0d:c9:08:76:ab:c2:73:
8c:ef:29:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaPlY3EOO4MlJTUYmpgUODuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MzYyNDAwN2Y0NGRjYWY1NjhjMzcwZTdmNzFmOTUwY2Ix
OTQwZWYwHhcNMjUwNTAyMDYwMTA1WhcNMjUwNTAzMDYwMTA1WjAzMTEwLwYDVQQD
Eyg5YmJmZjAxYjlhNzI4NjlmZGRmZDAyNGM4YjlmMGZjNzc4ZmQ3OGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFkZmuVbjsKWyJ8xL/ExqUOUusmq
LGWdrrofoT5+yvNG0CUT+RcNJh4Xobj2ybzO7Fen0dGwdDycAhrYGArvv/XXt0Y4
aPx8ofLVmQIaVshg7CXRwSdzLHputrxVY5ijfobyC7ijjlgTVN8rInCPubsZxuFM
pxrhVJVyJ1XirKv0CtAZEodprsSNncQP/MHJZ0e1T5kLZokICdN+VFLOd7EEL02/
GzvrHHdXA4oCqJBRHpNVYitCB5KD8vdaHDPGgfrKjGvoaCQd84VOwqacjmc//GTw
gWmqDPwberzrP/2kE312fN0BjzO1kCfDWVuC5OMZumxvHjLue7jFLqD78wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJu/8Buacoaf3f0CTIufD8d4/XixMB8GA1UdIwQY
MBaAFCg2JAB/RNyvVow3Dn9x+VDLGUDvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82MGM3MjQtYTAwNS00NmQ3LTg0NTIt
MTZjZTMzOTAxNmEwLzEvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82MGM3MjQtYTAwNS00NmQ3LTg0NTItMTZjZTMzOTAxNmEw
LzEvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPwttPgAo
ZNoJC6m37hVhBVyE5En219r2U/s7VEZSeniQaLan/AA+c2B0Im4R+wrEzXV+0bWr
cpk9SidTMwljLo9hs7/ILIG2XLt3drhjSi0YKa7kvJp37Bt4KW0dX8ljQxs7CGuD
C5xaWYKIqpSc8Um40Z4KukEAuMGREq091QhNZRt06wRF31wgPkZWt+xH1o8XyhTP
gO+VvzLAgNMzPDDvhPSIXFQgdFoWokrjM0gQwZAA6WA95tXu4VRSIocrpqpFLgtE
NdYoWg5Xsn5BOgE29cqvy7lnVZLzCuxAdhyhXcRBQYnQuvrxfUnioBc2EDk5ZcsN
yQh2q8JzjO8pdQ==
-----END CERTIFICATE-----
Generated at Fri May 2 09:46:41 2025 by rpki-client