Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft
File: KL8ecjI3QqxNgTarbI6F33ujfus.mft (raw, json)
Hash identifier: h+gGmczsUnZu/obZItltxCQb9r+4ZZpn5xayVGUG3uY=
Subject key identifier: B2:17:CD:2E:1D:55:91:90:C9:38:FC:58:E9:CA:0E:27:84:E6:3F:54
Authority key identifier: 28:BF:1E:72:32:37:42:AC:4D:81:36:AB:6C:8E:85:DF:7B:A3:7E:EB
Certificate issuer: /CN=28bf1e72323742ac4d8136ab6c8e85df7ba37eeb
Certificate serial: 019681D9191D79F4FB8A7C8EC90F81901655
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft
Manifest number: 1516
Signing time: Tue 29 Apr 2025 14:00:10 +0000
Manifest this update: Tue 29 Apr 2025 14:00:10 +0000
Manifest next update: Wed 30 Apr 2025 14:00:10 +0000
Files and hashes: 1: KL8ecjI3QqxNgTarbI6F33ujfus.crl (hash: wLa4ZuhQz6isuwghDExrTPMf4NP3STPgw8zdvXekrhU=)
2: tkt4SudQfK9uwQrgGKvvYflAjl8.roa (hash: dFUnqKo0rasEdebFDefgA9DnqivcqZmMoexL2NOUY5M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft
rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 14:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:81:d9:19:1d:79:f4:fb:8a:7c:8e:c9:0f:81:90:16:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28bf1e72323742ac4d8136ab6c8e85df7ba37eeb
Validity
Not Before: Apr 29 14:00:10 2025 GMT
Not After : Apr 30 14:00:10 2025 GMT
Subject: CN=b217cd2e1d559190c938fc58e9ca0e2784e63f54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:2b:28:91:92:ce:ae:68:ba:7f:0a:4e:fc:ef:
e6:13:fd:a9:3c:4e:ce:e3:ab:a9:4b:a9:b9:78:fd:
15:59:19:3d:54:ca:f6:32:bd:fc:47:cd:cd:46:57:
ea:8b:1f:f3:91:4c:a6:19:90:81:a4:d6:d0:23:33:
91:3d:b8:75:f1:5c:ff:2d:4d:67:97:9b:19:17:7b:
54:9e:1b:72:48:47:bd:24:e5:51:59:a8:91:bb:07:
dc:74:15:a9:ed:4b:c7:2d:fc:e7:7b:23:ca:89:e6:
e5:55:fb:c1:59:d4:b9:70:9e:d0:f4:46:9e:39:31:
cd:1a:d7:74:ee:a4:5e:c0:e2:ec:21:4c:2f:e9:77:
aa:84:4a:b2:d6:f1:6d:29:b3:0b:ed:69:05:96:09:
48:c7:6a:ea:a8:a5:1a:ec:0f:f8:3c:d1:aa:36:14:
7b:50:21:9a:2f:76:b1:fc:68:c2:4e:4e:e5:10:39:
a4:39:dc:98:68:c6:ba:73:4c:8a:ff:30:93:d7:58:
01:84:6f:45:e5:e8:ea:f3:11:12:1e:7c:d2:b4:29:
3a:41:04:5c:67:d2:67:77:cf:71:f6:f3:5d:3c:c9:
bb:61:4a:b4:9b:83:b2:1c:9f:2e:d7:90:52:9b:82:
63:d7:d1:8f:ea:ec:df:11:5a:e4:46:c6:bc:d1:b5:
73:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:17:CD:2E:1D:55:91:90:C9:38:FC:58:E9:CA:0E:27:84:E6:3F:54
X509v3 Authority Key Identifier:
keyid:28:BF:1E:72:32:37:42:AC:4D:81:36:AB:6C:8E:85:DF:7B:A3:7E:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8d:2e:c0:d4:2f:e5:43:ab:3c:ca:d2:6c:4c:f5:13:a8:f1:3c:
dc:96:b6:f2:62:76:f2:31:5a:a1:9f:db:9c:b5:e4:be:3c:d5:
bc:33:b9:6d:24:ad:68:1b:ae:e9:12:a6:07:d0:b7:03:90:2f:
f0:94:a3:56:93:28:f5:66:0b:de:bd:7d:c0:c2:73:f0:7b:e0:
5a:16:47:34:bc:db:cd:93:37:d8:11:40:cd:87:e4:54:c5:b8:
06:9d:c7:40:9a:5d:79:28:f5:94:68:0d:1d:5e:d2:68:e3:85:
72:13:45:56:f9:2a:ba:fb:b3:a4:27:b1:2d:c1:24:b0:77:36:
6d:66:19:0d:7d:a8:5c:38:0d:67:6c:48:35:4d:5b:5e:41:65:
2c:70:98:f8:2e:d6:67:a1:0b:61:bc:48:24:7e:dd:1c:b3:1e:
86:c5:8d:22:1b:87:34:2b:70:b8:f8:69:83:a4:ab:0e:a3:bb:
e8:a7:80:f2:c5:c2:c6:75:b0:be:12:47:d2:49:b4:d9:93:48:
57:c5:95:ff:92:e8:90:8e:df:1a:ec:d9:0c:2c:c4:ff:00:20:
40:f9:5f:cb:86:f3:35:dd:0f:a4:57:ce:40:c2:49:d7:2a:c9:
15:fa:88:89:df:5a:17:c9:57:ac:ca:f2:b3:b4:f7:98:27:72:
a3:89:0f:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaB2RkdefT7inyOyQ+BkBZVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YmYxZTcyMzIzNzQyYWM0ZDgxMzZhYjZjOGU4NWRmN2Jh
MzdlZWIwHhcNMjUwNDI5MTQwMDEwWhcNMjUwNDMwMTQwMDEwWjAzMTEwLwYDVQQD
EyhiMjE3Y2QyZTFkNTU5MTkwYzkzOGZjNThlOWNhMGUyNzg0ZTYzZjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1SsokZLOrmi6fwpO/O/mE/2pPE7O
46upS6m5eP0VWRk9VMr2Mr38R83NRlfqix/zkUymGZCBpNbQIzORPbh18Vz/LU1n
l5sZF3tUnhtySEe9JOVRWaiRuwfcdBWp7UvHLfzneyPKieblVfvBWdS5cJ7Q9Eae
OTHNGtd07qRewOLsIUwv6XeqhEqy1vFtKbML7WkFlglIx2rqqKUa7A/4PNGqNhR7
UCGaL3ax/GjCTk7lEDmkOdyYaMa6c0yK/zCT11gBhG9F5ejq8xESHnzStCk6QQRc
Z9Jnd89x9vNdPMm7YUq0m4OyHJ8u15BSm4Jj19GP6uzfEVrkRsa80bVzkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLIXzS4dVZGQyTj8WOnKDieE5j9UMB8GA1UdIwQY
MBaAFCi/HnIyN0KsTYE2q2yOhd97o37rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9iYTZkZjctZjMyNS00MTg0LWE1NGEt
MGM0ODFmMGFkMjBlLzEvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9iYTZkZjctZjMyNS00MTg0LWE1NGEtMGM0ODFmMGFkMjBl
LzEvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjS7A1C/l
Q6s8ytJsTPUTqPE83Ja28mJ28jFaoZ/bnLXkvjzVvDO5bSStaBuu6RKmB9C3A5Av
8JSjVpMo9WYL3r19wMJz8HvgWhZHNLzbzZM32BFAzYfkVMW4Bp3HQJpdeSj1lGgN
HV7SaOOFchNFVvkquvuzpCexLcEksHc2bWYZDX2oXDgNZ2xINU1bXkFlLHCY+C7W
Z6ELYbxIJH7dHLMehsWNIhuHNCtwuPhpg6SrDqO76KeA8sXCxnWwvhJH0km02ZNI
V8WV/5LokI7fGuzZDCzE/wAgQPlfy4bzNd0PpFfOQMJJ1yrJFfqIid9aF8lXrMry
s7T3mCdyo4kPMg==
-----END CERTIFICATE-----
Generated at Tue Apr 29 22:55:38 2025 by rpki-client