Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft
File: KL8ecjI3QqxNgTarbI6F33ujfus.mft (raw, json)
Hash identifier: 2ysOu8Z072y0hsYj7cowjVjNFOKmUqkCrMaOYxmmUOU=
Subject key identifier: 64:51:1B:E8:3C:0B:02:CF:AB:03:DB:4D:5C:C2:6C:DC:75:E5:65:11
Authority key identifier: 28:BF:1E:72:32:37:42:AC:4D:81:36:AB:6C:8E:85:DF:7B:A3:7E:EB
Certificate issuer: /CN=28bf1e72323742ac4d8136ab6c8e85df7ba37eeb
Certificate serial: 019896DC340105DB5C01C86C11A689E4651E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft
Manifest number: 162A
Signing time: Mon 11 Aug 2025 02:01:10 +0000
Manifest this update: Mon 11 Aug 2025 02:01:10 +0000
Manifest next update: Tue 12 Aug 2025 02:01:10 +0000
Files and hashes: 1: KL8ecjI3QqxNgTarbI6F33ujfus.crl (hash: eF+xMhQ6OpvmyFpJvdqNI2XAwclz9mvXgDz3Ass7TII=)
2: tkt4SudQfK9uwQrgGKvvYflAjl8.roa (hash: dFUnqKo0rasEdebFDefgA9DnqivcqZmMoexL2NOUY5M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft
rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Aug 2025 02:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:96:dc:34:01:05:db:5c:01:c8:6c:11:a6:89:e4:65:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28bf1e72323742ac4d8136ab6c8e85df7ba37eeb
Validity
Not Before: Aug 11 02:01:10 2025 GMT
Not After : Aug 12 02:01:10 2025 GMT
Subject: CN=64511be83c0b02cfab03db4d5cc26cdc75e56511
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a8:26:1b:8c:fe:60:5b:a5:74:66:7b:30:5d:
bd:64:2b:d8:ff:30:07:6d:6b:43:9f:08:39:2c:d9:
b7:ed:6d:9d:48:8b:ee:52:65:70:98:22:12:8c:18:
c8:84:c0:23:23:ea:27:0c:9b:b1:47:09:42:f0:02:
45:b2:19:71:fb:14:80:da:c5:25:d8:1e:7c:70:44:
e4:db:97:db:5f:93:4f:0c:18:46:a9:93:0b:0a:fb:
c8:ce:8e:b3:ca:a8:12:0c:4a:13:c6:e3:a1:52:18:
a2:b8:f0:c3:32:ba:f2:b1:74:53:18:46:0b:d0:a5:
16:c7:3c:ee:43:48:dd:16:5e:f7:97:e9:68:15:62:
67:5a:ff:9a:6a:26:9b:2a:c1:64:cb:3c:df:4d:9b:
8e:ff:15:07:3c:3c:16:a2:ad:f3:e3:01:5b:df:52:
4f:3d:d8:9d:26:64:e3:49:08:6c:99:03:25:66:a1:
cf:58:75:9e:17:c3:67:d4:c0:3d:1e:85:e6:87:f6:
52:cd:fa:20:50:84:53:03:2a:fa:9f:50:b6:13:dc:
12:28:17:1e:01:93:5f:41:68:05:f2:fd:69:01:5d:
97:fb:47:d7:1e:71:c0:f2:9f:49:af:19:1c:7d:bd:
27:0d:d0:8f:40:13:f9:2d:56:58:08:a9:4a:93:57:
2c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:51:1B:E8:3C:0B:02:CF:AB:03:DB:4D:5C:C2:6C:DC:75:E5:65:11
X509v3 Authority Key Identifier:
keyid:28:BF:1E:72:32:37:42:AC:4D:81:36:AB:6C:8E:85:DF:7B:A3:7E:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
db:4f:7f:5c:29:a4:62:e1:34:33:a4:09:d8:5b:b3:b7:04:fc:
05:9a:76:9c:79:ef:22:73:60:4e:c8:18:48:8c:93:4c:3b:f3:
a8:5b:53:fe:a4:26:17:cb:ff:3d:06:76:5e:84:93:26:2c:90:
41:45:53:b0:a4:ab:a5:be:91:89:2f:ff:d7:98:e6:bc:4d:45:
3a:7e:b6:fc:69:c4:b6:6b:39:46:d1:b3:f9:ff:c0:0f:62:ec:
ca:cb:f4:d5:b0:6b:c4:6e:87:01:79:f6:4e:62:3d:a6:d2:13:
77:be:d5:c9:10:65:77:14:af:5b:0a:fb:df:d1:55:c9:8e:e5:
f5:16:98:2a:04:31:fc:63:d9:1e:54:ab:aa:34:60:06:45:76:
2d:4e:e4:dc:1d:0c:ed:a9:52:8e:47:bb:b5:72:0a:5f:9b:66:
e8:79:6e:24:81:78:de:ac:73:b8:5e:82:11:47:37:ed:98:62:
d0:94:ae:25:f7:d6:04:ee:a9:3c:54:07:79:18:ce:a6:57:a8:
23:eb:04:05:41:79:7b:7c:88:6e:a0:df:09:c5:e2:8b:92:50:
88:68:94:d6:20:f0:8e:3d:df:fb:de:71:4c:1c:ff:55:06:cd:
f7:fa:6c:de:cf:e2:34:3e:19:fc:e7:ac:47:7a:4d:8b:c9:82:
4f:a4:0b:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiW3DQBBdtcAchsEaaJ5GUeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YmYxZTcyMzIzNzQyYWM0ZDgxMzZhYjZjOGU4NWRmN2Jh
MzdlZWIwHhcNMjUwODExMDIwMTEwWhcNMjUwODEyMDIwMTEwWjAzMTEwLwYDVQQD
Eyg2NDUxMWJlODNjMGIwMmNmYWIwM2RiNGQ1Y2MyNmNkYzc1ZTU2NTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqagmG4z+YFuldGZ7MF29ZCvY/zAH
bWtDnwg5LNm37W2dSIvuUmVwmCISjBjIhMAjI+onDJuxRwlC8AJFshlx+xSA2sUl
2B58cETk25fbX5NPDBhGqZMLCvvIzo6zyqgSDEoTxuOhUhiiuPDDMrrysXRTGEYL
0KUWxzzuQ0jdFl73l+loFWJnWv+aaiabKsFkyzzfTZuO/xUHPDwWoq3z4wFb31JP
PdidJmTjSQhsmQMlZqHPWHWeF8Nn1MA9HoXmh/ZSzfogUIRTAyr6n1C2E9wSKBce
AZNfQWgF8v1pAV2X+0fXHnHA8p9Jrxkcfb0nDdCPQBP5LVZYCKlKk1csVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGRRG+g8CwLPqwPbTVzCbNx15WURMB8GA1UdIwQY
MBaAFCi/HnIyN0KsTYE2q2yOhd97o37rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9iYTZkZjctZjMyNS00MTg0LWE1NGEt
MGM0ODFmMGFkMjBlLzEvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9iYTZkZjctZjMyNS00MTg0LWE1NGEtMGM0ODFmMGFkMjBl
LzEvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA209/XCmk
YuE0M6QJ2FuztwT8BZp2nHnvInNgTsgYSIyTTDvzqFtT/qQmF8v/PQZ2XoSTJiyQ
QUVTsKSrpb6RiS//15jmvE1FOn62/GnEtms5RtGz+f/AD2Lsysv01bBrxG6HAXn2
TmI9ptITd77VyRBldxSvWwr739FVyY7l9RaYKgQx/GPZHlSrqjRgBkV2LU7k3B0M
7alSjke7tXIKX5tm6HluJIF43qxzuF6CEUc37Zhi0JSuJffWBO6pPFQHeRjOpleo
I+sEBUF5e3yIbqDfCcXii5JQiGiU1iDwjj3f+95xTBz/VQbN9/ps3s/iND4Z/Oes
R3pNi8mCT6QL9Q==
-----END CERTIFICATE-----
Generated at Mon Aug 11 06:30:01 2025 by rpki-client