Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
File: KbOnF2ZaETfpncj60i4-f5jbiXM.mft (raw, json)
Hash identifier: LzutaqgPz2bLbXpRYhy1N/N6GC1qK4cvBQ70rfGvP0E=
Subject key identifier: 66:8B:BA:DE:C9:46:88:BA:D8:17:85:C5:C3:07:50:17:1B:DD:6F:BB
Authority key identifier: 29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
Certificate issuer: /CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Certificate serial: 01988279C63E89AC3DC014424EB8563D930F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
Manifest number: 1624
Signing time: Thu 07 Aug 2025 03:01:15 +0000
Manifest this update: Thu 07 Aug 2025 03:01:15 +0000
Manifest next update: Fri 08 Aug 2025 03:01:15 +0000
Files and hashes: 1: 0l-uuc0ta--zZGivAH1vRPmB_34.roa (hash: N3+ixN59bx1CAdzBVH5dBhTA7XSG6tSZGbX7+qQ9kkU=)
2: KbOnF2ZaETfpncj60i4-f5jbiXM.crl (hash: RHI29q3OWAgWKqIQwV5ev1Vzxr93gVLjaHxlgMcgc1M=)
3: ZjCHU3LEGq34M383f_KumGN_eB4.roa (hash: YxlGAgs8g3hAPxhoH9iP3cLnbEfE9zXQU/84spENz30=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Aug 2025 03:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:82:79:c6:3e:89:ac:3d:c0:14:42:4e:b8:56:3d:93:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Validity
Not Before: Aug 7 03:01:15 2025 GMT
Not After : Aug 8 03:01:15 2025 GMT
Subject: CN=668bbadec94688bad81785c5c30750171bdd6fbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7a:2e:b4:dc:c3:61:a7:53:89:2f:14:9a:17:
5c:5d:f0:5c:79:98:94:f3:1f:46:79:f3:15:c7:0f:
b9:49:06:0e:dd:9e:11:56:e0:22:67:5e:94:98:b2:
1b:ca:8a:b8:5b:35:2b:00:06:e7:d4:56:79:81:b5:
64:ff:b8:29:17:bf:e9:41:8a:e0:ee:ae:bc:3f:63:
9e:f9:14:d7:e5:1e:b9:b3:f6:23:a7:c5:1e:41:dc:
b4:72:28:b3:b3:3a:f4:35:3e:1a:32:2c:2f:e2:37:
f9:d8:d8:b7:a3:ac:1e:c0:69:95:b3:26:f5:63:6c:
3a:31:99:b1:8a:cc:0d:e9:a4:dc:dd:54:b5:13:00:
d2:3b:f5:90:74:78:90:88:9e:8a:a7:c4:46:88:b3:
ad:a0:8e:34:92:62:76:5a:b2:a1:d1:7f:07:30:68:
d1:ec:a8:7a:53:a3:82:02:32:bb:33:04:4e:b7:af:
a4:44:29:23:6f:b3:f1:bd:47:71:8d:d6:95:c4:e8:
95:68:96:de:d9:0f:2e:56:5c:e2:de:ec:12:8d:70:
72:10:cc:de:06:eb:95:cd:65:05:3d:a0:54:59:d9:
15:11:ed:e1:40:f8:fe:00:38:d1:e1:fd:f8:e3:3c:
ba:44:25:73:9c:41:34:95:b9:ce:7c:ec:95:5a:4d:
f2:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:8B:BA:DE:C9:46:88:BA:D8:17:85:C5:C3:07:50:17:1B:DD:6F:BB
X509v3 Authority Key Identifier:
keyid:29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b2:3d:e3:5e:97:97:f8:de:0e:c9:79:b6:22:60:dd:e6:17:95:
f2:e5:c3:3f:37:09:2e:44:69:41:c0:ae:da:e5:44:15:ad:0f:
ef:bb:dd:57:eb:32:2f:78:fc:57:67:e4:32:54:fd:1a:6f:7c:
b7:1b:34:5b:3d:e5:da:d0:37:7d:a0:07:75:e3:08:d6:dc:94:
b8:5a:c3:a1:57:b3:ac:d0:db:71:34:8a:50:43:98:c6:8f:4a:
5f:42:3c:9b:aa:46:d1:f8:3d:67:a2:7a:43:dd:03:4e:c1:8b:
1d:79:78:f5:f1:53:68:1b:47:b0:a5:5e:ab:85:68:05:8b:85:
38:d7:b6:a0:a6:b6:9e:84:da:ad:86:b0:68:ac:84:70:8f:e9:
5f:7f:40:2b:45:b3:cc:bf:3f:05:4e:18:46:91:44:4d:b5:ce:
db:67:5f:18:c5:d1:50:f6:c2:53:af:bd:42:30:0f:f3:71:91:
af:90:bd:2e:c5:56:e3:61:05:df:c2:0d:a9:00:2f:11:42:44:
1a:91:c4:e1:e9:2d:59:3a:0a:fd:a4:e0:71:5e:66:29:ee:7e:
cc:f1:b2:b1:f3:e7:9c:60:96:79:04:c1:8e:04:cd:f1:7c:ed:
5b:22:0d:9c:8a:b6:76:2f:44:ed:41:78:1f:4b:34:24:59:40:
29:ff:f4:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiCecY+iaw9wBRCTrhWPZMPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YjNhNzE3NjY1YTExMzdlOTlkYzhmYWQyMmUzZTdmOThk
Yjg5NzMwHhcNMjUwODA3MDMwMTE1WhcNMjUwODA4MDMwMTE1WjAzMTEwLwYDVQQD
Eyg2NjhiYmFkZWM5NDY4OGJhZDgxNzg1YzVjMzA3NTAxNzFiZGQ2ZmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXoutNzDYadTiS8UmhdcXfBceZiU
8x9GefMVxw+5SQYO3Z4RVuAiZ16UmLIbyoq4WzUrAAbn1FZ5gbVk/7gpF7/pQYrg
7q68P2Oe+RTX5R65s/Yjp8UeQdy0ciizszr0NT4aMiwv4jf52Ni3o6wewGmVsyb1
Y2w6MZmxiswN6aTc3VS1EwDSO/WQdHiQiJ6Kp8RGiLOtoI40kmJ2WrKh0X8HMGjR
7Kh6U6OCAjK7MwROt6+kRCkjb7PxvUdxjdaVxOiVaJbe2Q8uVlzi3uwSjXByEMze
BuuVzWUFPaBUWdkVEe3hQPj+ADjR4f344zy6RCVznEE0lbnOfOyVWk3yCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGaLut7JRoi62BeFxcMHUBcb3W+7MB8GA1UdIwQY
MBaAFCmzpxdmWhE36Z3I+tIuPn+Y24lzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgt
NjY5ZjdhNzYxNjMxLzEvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgtNjY5ZjdhNzYxNjMx
LzEvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsj3jXpeX
+N4OyXm2ImDd5heV8uXDPzcJLkRpQcCu2uVEFa0P77vdV+syL3j8V2fkMlT9Gm98
txs0Wz3l2tA3faAHdeMI1tyUuFrDoVezrNDbcTSKUEOYxo9KX0I8m6pG0fg9Z6J6
Q90DTsGLHXl49fFTaBtHsKVeq4VoBYuFONe2oKa2noTarYawaKyEcI/pX39AK0Wz
zL8/BU4YRpFETbXO22dfGMXRUPbCU6+9QjAP83GRr5C9LsVW42EF38INqQAvEUJE
GpHE4ektWToK/aTgcV5mKe5+zPGysfPnnGCWeQTBjgTN8XztWyINnIq2di9E7UF4
H0s0JFlAKf/0bA==
-----END CERTIFICATE-----
Generated at Thu Aug 7 13:07:16 2025 by rpki-client