Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
File: KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft (raw, json)
Hash identifier: ouhNUk1pgAInSnDpMsuy+SMeKm5/jMeRJKnUYHKzpno=
Subject key identifier: 54:16:BB:DF:21:4E:B4:EF:E4:CE:03:09:C1:0C:EA:EB:0C:55:A9:87
Authority key identifier: 28:36:24:00:7F:44:DC:AF:56:8C:37:0E:7F:71:F9:50:CB:19:40:EF
Certificate issuer: /CN=283624007f44dcaf568c370e7f71f950cb1940ef
Certificate serial: 01989ECCF798876BE33513E8D9A81B123784
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
Manifest number: 07A8
Signing time: Tue 12 Aug 2025 15:01:29 +0000
Manifest this update: Tue 12 Aug 2025 15:01:29 +0000
Manifest next update: Wed 13 Aug 2025 15:01:29 +0000
Files and hashes: 1: 8nNgOGtBQWNTilGRrMmNlFZZwGM.roa (hash: mOJcQQ3vA0VCC5mkB6hJglG7LUq/Vu6wljMQaBgi+dM=)
2: KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl (hash: jD4jtNxHA0HzAfAsZfEgUjIUVOut7EnTG7rrRiY1gaU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 Aug 2025 13:24:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:9e:cc:f7:98:87:6b:e3:35:13:e8:d9:a8:1b:12:37:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=283624007f44dcaf568c370e7f71f950cb1940ef
Validity
Not Before: Aug 12 15:01:29 2025 GMT
Not After : Aug 13 15:01:29 2025 GMT
Subject: CN=5416bbdf214eb4efe4ce0309c10ceaeb0c55a987
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:92:72:4c:35:07:34:a3:65:28:1c:2b:1a:93:
0a:89:fc:3a:7c:cc:39:ec:d6:cc:72:0b:de:11:27:
81:5a:bd:38:8d:ce:fd:9e:71:89:a9:1c:25:2e:c3:
9d:25:d3:7a:a5:a0:77:9c:ef:03:38:10:12:3b:60:
a0:03:4e:3c:b2:54:38:36:a1:39:d8:da:67:5c:c2:
a6:cb:50:31:57:70:6e:c7:60:25:06:0e:94:10:ec:
fc:4f:c7:7f:da:89:24:c6:07:f4:81:88:5a:0e:ae:
ac:9b:66:cd:4a:a1:50:bd:fb:50:fe:0e:cf:5b:5e:
f3:d5:d3:76:66:67:88:19:94:7c:9b:29:fd:79:02:
65:f9:a7:06:47:fd:20:98:37:40:3f:d2:65:7f:d3:
f8:e0:b1:db:ba:43:ee:ec:10:56:6d:2c:b9:1b:6b:
02:33:a6:41:97:06:08:00:df:d5:bf:58:97:8b:e7:
78:3a:6c:65:80:29:4d:be:45:34:d1:23:f0:71:9c:
82:dc:0d:cd:05:a6:98:46:1e:a8:5f:eb:a8:6c:71:
f8:7e:38:0d:3a:db:cc:dd:72:18:10:d6:e1:ac:89:
c6:7e:c5:92:f3:6a:d2:18:01:5a:d2:10:b5:31:91:
38:78:ad:f6:36:eb:8c:87:6e:f0:04:5f:d9:10:97:
0b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:16:BB:DF:21:4E:B4:EF:E4:CE:03:09:C1:0C:EA:EB:0C:55:A9:87
X509v3 Authority Key Identifier:
keyid:28:36:24:00:7F:44:DC:AF:56:8C:37:0E:7F:71:F9:50:CB:19:40:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1f:6b:16:59:71:bc:40:b6:47:f1:5a:c1:90:f1:cb:d7:db:df:
98:ed:c4:08:8b:2d:06:34:da:09:b5:04:25:0b:76:8d:4a:1f:
ba:b2:ff:13:c2:b0:41:d4:32:09:fe:09:71:6b:c8:80:aa:aa:
ba:8d:a0:2f:d3:2a:a9:26:a5:91:7f:33:3f:01:a9:90:7c:c9:
55:c0:13:31:b1:6f:62:d9:05:46:12:0b:19:cb:63:5c:15:f5:
cb:50:64:ed:a0:67:e2:60:d6:87:96:52:14:b2:10:c7:0a:da:
c6:1f:83:50:53:5e:4d:2c:dd:5f:ce:1a:92:3f:81:75:d7:8c:
87:ab:ac:3a:41:af:fa:45:f5:57:d9:8b:fd:13:49:9d:12:54:
00:dc:53:1a:0a:4b:34:a8:dd:14:68:cf:de:e8:74:45:c0:66:
5c:67:f1:b5:64:ea:4c:ab:66:d4:3c:96:cb:f1:3e:4b:04:61:
84:fe:d4:a2:0d:86:27:8c:04:2b:ff:38:c0:3a:93:72:fb:33:
4c:a0:41:f9:e3:d7:2c:eb:06:12:62:fa:93:fe:de:7b:b4:36:
2f:31:6d:19:f2:82:fc:ac:74:c6:97:4c:4d:4c:d3:18:16:d6:
95:ee:23:0d:74:b0:6e:c8:2a:76:bf:ea:23:ea:c4:f1:1c:10:
64:0c:d6:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiezPeYh2vjNRPo2agbEjeEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MzYyNDAwN2Y0NGRjYWY1NjhjMzcwZTdmNzFmOTUwY2Ix
OTQwZWYwHhcNMjUwODEyMTUwMTI5WhcNMjUwODEzMTUwMTI5WjAzMTEwLwYDVQQD
Eyg1NDE2YmJkZjIxNGViNGVmZTRjZTAzMDljMTBjZWFlYjBjNTVhOTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7JJyTDUHNKNlKBwrGpMKifw6fMw5
7NbMcgveESeBWr04jc79nnGJqRwlLsOdJdN6paB3nO8DOBASO2CgA048slQ4NqE5
2NpnXMKmy1AxV3Bux2AlBg6UEOz8T8d/2okkxgf0gYhaDq6sm2bNSqFQvftQ/g7P
W17z1dN2ZmeIGZR8myn9eQJl+acGR/0gmDdAP9Jlf9P44LHbukPu7BBWbSy5G2sC
M6ZBlwYIAN/Vv1iXi+d4OmxlgClNvkU00SPwcZyC3A3NBaaYRh6oX+uobHH4fjgN
OtvM3XIYENbhrInGfsWS82rSGAFa0hC1MZE4eK32NuuMh27wBF/ZEJcL+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFQWu98hTrTv5M4DCcEM6usMVamHMB8GA1UdIwQY
MBaAFCg2JAB/RNyvVow3Dn9x+VDLGUDvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82MGM3MjQtYTAwNS00NmQ3LTg0NTIt
MTZjZTMzOTAxNmEwLzEvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82MGM3MjQtYTAwNS00NmQ3LTg0NTItMTZjZTMzOTAxNmEw
LzEvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH2sWWXG8
QLZH8VrBkPHL19vfmO3ECIstBjTaCbUEJQt2jUofurL/E8KwQdQyCf4JcWvIgKqq
uo2gL9MqqSalkX8zPwGpkHzJVcATMbFvYtkFRhILGctjXBX1y1Bk7aBn4mDWh5ZS
FLIQxwraxh+DUFNeTSzdX84akj+BddeMh6usOkGv+kX1V9mL/RNJnRJUANxTGgpL
NKjdFGjP3uh0RcBmXGfxtWTqTKtm1DyWy/E+SwRhhP7Uog2GJ4wEK/84wDqTcvsz
TKBB+ePXLOsGEmL6k/7ee7Q2LzFtGfKC/Kx0xpdMTUzTGBbWle4jDXSwbsgqdr/q
I+rE8RwQZAzW+w==
-----END CERTIFICATE-----
Generated at Tue Aug 12 22:46:13 2025 by rpki-client