Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
File: kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft (raw, json)
Hash identifier: wt2cSBzX+NFQNlTiAgD6Quxfvz9JcYYVbG+BYAJkFzg=
Subject key identifier: 97:CB:12:0A:56:4E:A1:BF:67:C1:DF:74:AF:73:0C:77:F8:87:E8:ED
Authority key identifier: 91:DD:0E:48:D9:01:1A:DF:37:66:65:AD:4D:62:CF:31:CE:63:05:8C
Certificate issuer: /CN=91dd0e48d9011adf376665ad4d62cf31ce63058c
Certificate serial: 0197703F01343B36048009F16043888BF828
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
Manifest number: 0CB0
Signing time: Sat 14 Jun 2025 21:01:06 +0000
Manifest this update: Sat 14 Jun 2025 21:01:06 +0000
Manifest next update: Sun 15 Jun 2025 21:01:06 +0000
Files and hashes: 1: O0T2HbDDLXToVBgQvakFVm0WBM8.roa (hash: j4M5mhMKjocJHlnRMyKx/Jo55Alu9WqNqQzzA+GKZ+8=)
2: WPrYk3ZFYryhbXNF2_g_QVCy5G0.roa (hash: 1/VFn2v02knd9dSenNmn42s5XXg6Yfw+0bFY3ogbnpY=)
3: kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl (hash: FzWmHF01yxubnufPAJcOn+KxXlq582WM7m8uSgRZGqg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 19:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:70:3f:01:34:3b:36:04:80:09:f1:60:43:88:8b:f8:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91dd0e48d9011adf376665ad4d62cf31ce63058c
Validity
Not Before: Jun 14 21:01:06 2025 GMT
Not After : Jun 15 21:01:06 2025 GMT
Subject: CN=97cb120a564ea1bf67c1df74af730c77f887e8ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a5:bf:4a:3e:b1:6d:35:0c:8d:90:ba:db:e0:
b8:92:86:9e:d0:c6:20:2e:d4:74:ee:6f:b7:33:1c:
ee:07:66:17:dc:9f:ab:ed:ef:90:ce:cc:14:1e:a8:
a9:ed:d8:49:a6:be:bc:6a:6f:6e:a4:f7:1a:c7:00:
97:04:07:da:2d:b6:03:68:e2:2a:f7:61:e9:bc:d1:
1d:29:9e:09:c8:3e:86:8c:77:e8:58:bf:81:6e:d0:
65:5b:5c:07:05:b7:24:e7:d4:62:18:81:a9:e9:ed:
2a:7f:98:fc:c3:b2:55:cf:1f:71:84:ab:2a:9a:ae:
5e:61:65:93:5f:54:fa:4b:45:4d:aa:10:9c:0d:54:
b9:c0:31:30:6c:b5:ca:ea:b6:d2:71:5d:c9:13:3b:
65:59:31:8a:c7:4e:66:98:5c:5b:86:4b:dd:31:7a:
dd:35:06:69:56:bd:c2:1f:33:73:44:79:67:4b:b8:
6e:2f:17:fb:54:74:49:8b:68:b7:a9:75:24:36:ce:
8f:a5:a7:dd:c6:3f:ad:0a:4d:4a:bd:05:8f:6e:22:
31:16:68:e9:7a:5f:79:58:18:db:97:8c:a9:7a:50:
0e:35:33:dd:b0:ef:b1:7b:ef:b0:c1:ed:1f:70:14:
58:d0:76:0f:4e:b6:40:95:ee:b1:14:8b:88:ac:94:
7b:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:CB:12:0A:56:4E:A1:BF:67:C1:DF:74:AF:73:0C:77:F8:87:E8:ED
X509v3 Authority Key Identifier:
keyid:91:DD:0E:48:D9:01:1A:DF:37:66:65:AD:4D:62:CF:31:CE:63:05:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
86:5f:67:2f:d9:57:fb:3c:b0:96:73:32:61:0f:ba:75:7a:34:
4b:e7:7b:a2:02:bd:96:d2:f7:89:ad:1d:f8:b9:ce:71:b5:d2:
0a:9d:ea:82:79:2b:5b:3f:55:31:1d:07:a5:ea:04:41:f6:06:
91:1e:65:d9:b6:2f:6f:c7:52:53:9f:9c:dd:a2:e8:1d:ea:ea:
b2:09:ce:44:34:60:42:9a:32:c3:69:f9:4f:50:3c:61:13:8b:
29:53:42:41:c8:02:99:68:33:09:9d:a4:07:e2:ca:85:8e:66:
c2:35:9d:8b:e0:c8:8a:d8:49:aa:17:14:63:1c:be:8c:a3:74:
99:70:41:28:9e:e7:dd:9d:cc:e2:e4:67:5a:48:80:d2:a6:1d:
a8:94:f6:91:17:0c:b5:a3:64:9e:75:3a:dc:87:29:ea:79:1f:
b3:96:0c:2d:cc:ee:83:9d:7c:d7:ad:4b:ea:61:14:af:50:27:
3c:89:4c:83:cd:09:71:0f:e2:99:77:72:e3:96:c7:73:b2:c7:
eb:e9:c8:cb:eb:a1:ca:5e:97:54:e6:5c:94:2b:74:c6:10:65:
a6:54:f3:ca:cd:b7:1e:e8:d1:93:8b:3f:e9:48:11:7d:4c:5b:
ea:21:0f:38:28:66:f9:93:7d:9c:0c:c1:8b:fc:4f:b0:f5:20:
3d:ef:94:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdwPwE0OzYEgAnxYEOIi/goMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZGQwZTQ4ZDkwMTFhZGYzNzY2NjVhZDRkNjJjZjMxY2U2
MzA1OGMwHhcNMjUwNjE0MjEwMTA2WhcNMjUwNjE1MjEwMTA2WjAzMTEwLwYDVQQD
Eyg5N2NiMTIwYTU2NGVhMWJmNjdjMWRmNzRhZjczMGM3N2Y4ODdlOGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaW/Sj6xbTUMjZC62+C4koae0MYg
LtR07m+3MxzuB2YX3J+r7e+QzswUHqip7dhJpr68am9upPcaxwCXBAfaLbYDaOIq
92HpvNEdKZ4JyD6GjHfoWL+BbtBlW1wHBbck59RiGIGp6e0qf5j8w7JVzx9xhKsq
mq5eYWWTX1T6S0VNqhCcDVS5wDEwbLXK6rbScV3JEztlWTGKx05mmFxbhkvdMXrd
NQZpVr3CHzNzRHlnS7huLxf7VHRJi2i3qXUkNs6Ppafdxj+tCk1KvQWPbiIxFmjp
el95WBjbl4ypelAONTPdsO+xe++wwe0fcBRY0HYPTrZAle6xFIuIrJR70QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJfLEgpWTqG/Z8HfdK9zDHf4h+jtMB8GA1UdIwQY
MBaAFJHdDkjZARrfN2ZlrU1izzHOYwWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8xZTlkMDQtZDk0Zi00ZjEzLWJlM2Mt
MTBmMzRmNTU4MzYzLzEva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8xZTlkMDQtZDk0Zi00ZjEzLWJlM2MtMTBmMzRmNTU4MzYz
LzEva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhl9nL9lX
+zywlnMyYQ+6dXo0S+d7ogK9ltL3ia0d+LnOcbXSCp3qgnkrWz9VMR0HpeoEQfYG
kR5l2bYvb8dSU5+c3aLoHerqsgnORDRgQpoyw2n5T1A8YROLKVNCQcgCmWgzCZ2k
B+LKhY5mwjWdi+DIithJqhcUYxy+jKN0mXBBKJ7n3Z3M4uRnWkiA0qYdqJT2kRcM
taNknnU63Icp6nkfs5YMLczug518161L6mEUr1AnPIlMg80JcQ/imXdy45bHc7LH
6+nIy+uhyl6XVOZclCt0xhBlplTzys23HujRk4s/6UgRfUxb6iEPOChm+ZN9nAzB
i/xPsPUgPe+UMg==
-----END CERTIFICATE-----
Generated at Sun Jun 15 00:02:36 2025 by rpki-client