Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft
File: KBZKV1f91XJaYIRPKufvc7EHpMA.mft (raw, json)
Hash identifier: wDa5wYpEh7hMdAesMmKhvf69auia+AnMT+9swBRFhuY=
Subject key identifier: 31:39:CA:15:A0:57:F7:F4:67:8C:F4:B7:45:F1:C9:03:76:68:0C:B0
Authority key identifier: 28:16:4A:57:57:FD:D5:72:5A:60:84:4F:2A:E7:EF:73:B1:07:A4:C0
Certificate issuer: /CN=28164a5757fdd5725a60844f2ae7ef73b107a4c0
Certificate serial: 019680C7169B9ECBAB0D3623C654846AD5A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft
Manifest number: 1512
Signing time: Tue 29 Apr 2025 09:00:53 +0000
Manifest this update: Tue 29 Apr 2025 09:00:53 +0000
Manifest next update: Wed 30 Apr 2025 09:00:53 +0000
Files and hashes: 1: KBZKV1f91XJaYIRPKufvc7EHpMA.crl (hash: zdCMSPnDJfjp25cyvxw18i/AwHtjq1u0S3g9R4SwlxQ=)
2: MhHg4JFChvahbVNUw3bJFSkkmEg.roa (hash: 4DOu8CWNY1OjDP1XSPeR4I2ZieWWV4v3/yu30qnq/P4=)
3: jPXAyTxRg6IHrumUsMVZCICaKwI.roa (hash: yu/3MPqNqBbwh5Kh6v8tYgtrr60bnzQOIu7M1/9ZqhU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 09:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:80:c7:16:9b:9e:cb:ab:0d:36:23:c6:54:84:6a:d5:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28164a5757fdd5725a60844f2ae7ef73b107a4c0
Validity
Not Before: Apr 29 09:00:53 2025 GMT
Not After : Apr 30 09:00:53 2025 GMT
Subject: CN=3139ca15a057f7f4678cf4b745f1c90376680cb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ad:02:b9:55:71:a2:51:2d:d2:87:3f:46:0c:
5e:ee:eb:9c:2d:4e:c4:cb:1b:de:1f:09:1f:f2:09:
d0:c9:e6:27:5c:8a:5b:6a:66:86:9a:62:e0:e4:7a:
78:cd:39:b0:cb:d8:89:13:d7:56:3f:c7:fc:84:5f:
5b:5e:6a:16:1c:24:89:23:e5:9e:aa:08:d2:6a:13:
45:f8:a2:d3:b3:2f:a4:65:29:bc:8a:ec:ab:3d:2b:
8f:a3:a7:1e:22:a6:35:b0:12:2c:8e:d6:36:7a:3a:
65:fb:22:18:f1:f9:94:48:3e:ea:3a:2a:74:eb:88:
9d:6c:7e:2d:3d:51:c9:65:ea:2c:85:33:de:98:9f:
77:98:29:f5:26:a3:08:09:d6:69:47:6d:d4:9f:b2:
61:64:b2:db:b6:f1:f8:0d:0c:2d:21:39:f6:09:b6:
bd:40:4b:12:35:2f:07:67:1a:42:53:4e:10:83:15:
95:fb:37:ec:d7:c0:a5:18:45:2c:51:cf:0c:9c:8a:
a8:51:3a:46:6a:7d:fb:90:43:99:e1:c8:7b:24:4e:
99:ce:1e:f1:31:95:0a:d0:e3:fa:b6:9a:f9:c3:99:
a6:85:02:95:bb:34:68:fc:47:54:46:03:62:bf:15:
eb:2f:e9:ac:2a:08:f8:de:9b:e4:bf:98:56:f6:e9:
f1:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:39:CA:15:A0:57:F7:F4:67:8C:F4:B7:45:F1:C9:03:76:68:0C:B0
X509v3 Authority Key Identifier:
keyid:28:16:4A:57:57:FD:D5:72:5A:60:84:4F:2A:E7:EF:73:B1:07:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
95:61:6e:99:39:e0:70:cf:9b:ff:74:7f:bb:52:14:db:6a:8b:
fe:72:3f:44:c4:69:45:5d:1b:d0:cd:22:f8:30:9c:e9:ee:51:
b6:a0:9e:36:3b:1d:9c:4a:57:87:8f:0b:6e:f9:86:21:c6:ac:
47:f5:2c:cc:25:39:15:e1:73:bf:e4:59:08:d9:81:a2:44:0a:
97:21:fc:84:c8:ba:74:58:9e:ab:a9:49:c1:bd:79:7a:02:57:
ed:b1:e2:07:6d:f2:53:92:02:26:bf:b5:aa:06:50:37:ec:fa:
63:b2:41:6e:d0:89:66:05:9c:8d:4e:2d:0b:9f:0e:49:f0:d2:
05:76:fa:2f:aa:89:53:4e:e6:ad:ba:60:cf:6c:32:0a:a9:0f:
72:8e:d1:05:e6:ce:0d:6b:3e:1f:16:8d:b6:e8:c6:f0:fd:81:
bd:c3:22:a9:92:e0:f2:bd:f8:39:df:b5:f2:20:7c:fb:1c:b9:
33:ea:19:e0:ad:30:0a:87:cd:1a:a7:d1:80:c0:e7:08:74:4a:
09:a2:60:f8:97:bb:1c:df:f1:ff:4e:2f:82:2d:35:af:7b:a5:
b3:79:85:7b:52:80:de:4a:74:35:22:48:27:f0:5b:e2:c2:42:
1b:49:82:9a:dc:04:6b:c4:64:71:ad:b0:00:3f:d3:0e:bd:e9:
88:5e:35:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaAxxabnsurDTYjxlSEatWmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTY0YTU3NTdmZGQ1NzI1YTYwODQ0ZjJhZTdlZjczYjEw
N2E0YzAwHhcNMjUwNDI5MDkwMDUzWhcNMjUwNDMwMDkwMDUzWjAzMTEwLwYDVQQD
EygzMTM5Y2ExNWEwNTdmN2Y0Njc4Y2Y0Yjc0NWYxYzkwMzc2NjgwY2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApa0CuVVxolEt0oc/Rgxe7uucLU7E
yxveHwkf8gnQyeYnXIpbamaGmmLg5Hp4zTmwy9iJE9dWP8f8hF9bXmoWHCSJI+We
qgjSahNF+KLTsy+kZSm8iuyrPSuPo6ceIqY1sBIsjtY2ejpl+yIY8fmUSD7qOip0
64idbH4tPVHJZeoshTPemJ93mCn1JqMICdZpR23Un7JhZLLbtvH4DQwtITn2Cba9
QEsSNS8HZxpCU04QgxWV+zfs18ClGEUsUc8MnIqoUTpGan37kEOZ4ch7JE6Zzh7x
MZUK0OP6tpr5w5mmhQKVuzRo/EdURgNivxXrL+msKgj43pvkv5hW9unx4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDE5yhWgV/f0Z4z0t0XxyQN2aAywMB8GA1UdIwQY
MBaAFCgWSldX/dVyWmCETyrn73OxB6TAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85NTUzNWItZTYzMC00NTdmLThhMDEt
YWVhZTViYmMzOTIwLzEvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85NTUzNWItZTYzMC00NTdmLThhMDEtYWVhZTViYmMzOTIw
LzEvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlWFumTng
cM+b/3R/u1IU22qL/nI/RMRpRV0b0M0i+DCc6e5RtqCeNjsdnEpXh48LbvmGIcas
R/UszCU5FeFzv+RZCNmBokQKlyH8hMi6dFieq6lJwb15egJX7bHiB23yU5ICJr+1
qgZQN+z6Y7JBbtCJZgWcjU4tC58OSfDSBXb6L6qJU07mrbpgz2wyCqkPco7RBebO
DWs+HxaNtujG8P2BvcMiqZLg8r34Od+18iB8+xy5M+oZ4K0wCofNGqfRgMDnCHRK
CaJg+Je7HN/x/04vgi01r3uls3mFe1KA3kp0NSJIJ/Bb4sJCG0mCmtwEa8Rkca2w
AD/TDr3piF41eA==
-----END CERTIFICATE-----
Generated at Tue Apr 29 16:18:34 2025 by rpki-client