
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
File: kaEXOnDkH0WTVHZpraIvDX9o81Q.mft (raw, json)
Hash identifier: YmRv7VDfJPARxrQr0XbAR/8PS+B1res5QHjJlMLyqYY=
Subject key identifier: 58:E6:D5:90:2B:CF:AC:88:60:88:0F:9A:CF:1E:15:F0:EF:AE:6F:82
Authority key identifier: 91:A1:17:3A:70:E4:1F:45:93:54:76:69:AD:A2:2F:0D:7F:68:F3:54
Certificate issuer: /CN=91a1173a70e41f4593547669ada22f0d7f68f354
Certificate serial: 01988BEA7AA5951281F21AA5F75DEBA42168
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
Manifest number: 1625
Signing time: Fri 08 Aug 2025 23:00:56 +0000
Manifest this update: Fri 08 Aug 2025 23:00:56 +0000
Manifest next update: Sat 09 Aug 2025 23:00:56 +0000
Files and hashes: 1: kaEXOnDkH0WTVHZpraIvDX9o81Q.crl (hash: U5gFwd0azKrJQSfT96ZbwFqcZ3gmAWpYRu8uzFtZBRQ=)
2: xREpLh3GVdj1ODzVkMBccz2oKXk.roa (hash: xbsUY7nQRM1AibU2b9y10o7TiQNt9Xvh0b0IzmFT71c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 20:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:8b:ea:7a:a5:95:12:81:f2:1a:a5:f7:5d:eb:a4:21:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91a1173a70e41f4593547669ada22f0d7f68f354
Validity
Not Before: Aug 8 23:00:56 2025 GMT
Not After : Aug 9 23:00:56 2025 GMT
Subject: CN=58e6d5902bcfac8860880f9acf1e15f0efae6f82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:79:8c:0c:13:ae:3d:45:0c:73:41:26:8d:44:
03:b7:c0:74:85:ed:f1:3f:d8:78:4e:b4:b5:43:4a:
ca:34:f0:e9:d9:fc:70:34:43:da:dc:79:d2:39:8c:
e5:5c:1f:75:70:88:62:ce:43:f3:04:22:ac:7b:67:
4b:3b:08:d2:5b:b8:a0:19:66:90:d9:60:37:10:73:
26:0e:ec:97:8e:26:e3:cf:89:37:2c:8c:d6:37:f4:
2c:fb:4a:39:cc:34:fd:dd:1f:a8:bf:7f:a0:c5:a8:
e6:12:16:08:c2:39:0b:e5:8b:89:f4:a0:0d:30:e8:
03:d3:a8:a2:b2:49:82:51:4f:d4:6d:37:a9:b3:95:
ba:3b:c4:38:88:5b:a1:c2:0c:b8:33:ab:fb:74:f4:
a7:38:e5:d4:29:94:de:aa:da:be:fc:e5:86:94:2d:
e5:4a:6f:4c:7f:17:be:9b:7b:fb:52:5a:08:ca:77:
13:2d:e3:ca:91:24:ea:d3:dc:3a:ba:07:ba:d0:a3:
2f:f7:ca:d6:a9:ec:0b:1c:a0:5b:dd:ed:db:a2:e0:
87:23:91:2b:cf:8a:8f:13:0e:af:45:8c:02:dc:5a:
88:a2:95:60:f8:80:42:1c:15:a2:91:db:c3:8f:95:
8a:34:97:a4:3a:4a:00:f2:d2:26:5b:81:ed:37:68:
85:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:E6:D5:90:2B:CF:AC:88:60:88:0F:9A:CF:1E:15:F0:EF:AE:6F:82
X509v3 Authority Key Identifier:
keyid:91:A1:17:3A:70:E4:1F:45:93:54:76:69:AD:A2:2F:0D:7F:68:F3:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6e:ae:8f:d2:46:6c:9a:e0:46:69:31:40:dd:bc:47:5c:cf:98:
80:e4:5d:01:8b:f4:32:29:0a:4f:73:45:c9:16:20:34:8e:94:
04:ae:94:a0:b2:05:45:0d:e5:2a:1b:8a:d6:89:a2:c5:12:b3:
b3:c5:cf:78:61:8f:3f:30:c5:82:4e:5d:ca:3c:2d:c6:47:5a:
d0:3d:1c:b5:5b:14:16:d1:5f:1c:a8:01:3f:82:33:41:44:48:
d8:e4:d4:46:a6:26:d7:f5:e5:3e:80:dd:03:1e:f8:85:11:0e:
9e:db:19:64:c5:b8:34:1e:bf:65:c0:41:13:f6:38:6e:13:20:
f2:de:dd:ee:c0:a1:19:ff:e7:a9:6c:0a:0d:d5:6c:70:fa:c4:
7b:33:d1:d2:7e:88:39:98:99:73:f6:30:98:fb:39:b8:82:a1:
db:1e:b9:22:1f:88:0d:e5:ba:67:a9:62:68:dc:d9:68:89:24:
d3:e7:1d:6d:9e:4c:6d:67:12:43:1b:10:f6:c4:da:2b:0e:af:
2b:34:1b:39:40:6a:5e:8d:b9:e2:c7:4b:c4:7d:33:90:9e:5b:
86:5f:da:d4:50:d4:6b:c3:fe:c2:db:e8:5d:28:0c:2b:08:e2:
e6:e6:14:7d:ad:00:21:21:6e:7a:fe:1e:4a:5a:1c:27:f4:ff:
00:52:20:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiL6nqllRKB8hql913rpCFoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYTExNzNhNzBlNDFmNDU5MzU0NzY2OWFkYTIyZjBkN2Y2
OGYzNTQwHhcNMjUwODA4MjMwMDU2WhcNMjUwODA5MjMwMDU2WjAzMTEwLwYDVQQD
Eyg1OGU2ZDU5MDJiY2ZhYzg4NjA4ODBmOWFjZjFlMTVmMGVmYWU2ZjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3mMDBOuPUUMc0EmjUQDt8B0he3x
P9h4TrS1Q0rKNPDp2fxwNEPa3HnSOYzlXB91cIhizkPzBCKse2dLOwjSW7igGWaQ
2WA3EHMmDuyXjibjz4k3LIzWN/Qs+0o5zDT93R+ov3+gxajmEhYIwjkL5YuJ9KAN
MOgD06iiskmCUU/UbTeps5W6O8Q4iFuhwgy4M6v7dPSnOOXUKZTeqtq+/OWGlC3l
Sm9Mfxe+m3v7UloIyncTLePKkSTq09w6uge60KMv98rWqewLHKBb3e3bouCHI5Er
z4qPEw6vRYwC3FqIopVg+IBCHBWikdvDj5WKNJekOkoA8tImW4HtN2iFEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFjm1ZArz6yIYIgPms8eFfDvrm+CMB8GA1UdIwQY
MBaAFJGhFzpw5B9Fk1R2aa2iLw1/aPNUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8zNGU1M2YtNjc1OS00Y2Y1LTk4MDEt
NWQ2MzBlMjAzZmQ1LzEva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8zNGU1M2YtNjc1OS00Y2Y1LTk4MDEtNWQ2MzBlMjAzZmQ1
LzEva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbq6P0kZs
muBGaTFA3bxHXM+YgORdAYv0MikKT3NFyRYgNI6UBK6UoLIFRQ3lKhuK1omixRKz
s8XPeGGPPzDFgk5dyjwtxkda0D0ctVsUFtFfHKgBP4IzQURI2OTURqYm1/XlPoDd
Ax74hREOntsZZMW4NB6/ZcBBE/Y4bhMg8t7d7sChGf/nqWwKDdVscPrEezPR0n6I
OZiZc/YwmPs5uIKh2x65Ih+IDeW6Z6liaNzZaIkk0+cdbZ5MbWcSQxsQ9sTaKw6v
KzQbOUBqXo254sdLxH0zkJ5bhl/a1FDUa8P+wtvoXSgMKwji5uYUfa0AISFuev4e
SlocJ/T/AFIgMw==
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:24:12 2025 by rpki-client