Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
File: kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft (raw, json)
Hash identifier: /puz0la+h/KkHVAe1Jn4KYVCOneqh9PtxAWfd/87AGY=
Subject key identifier: 7E:58:F7:9A:5B:EA:BC:1A:9F:64:B5:05:88:AF:74:5E:DB:03:B0:42
Authority key identifier: 91:DD:0E:48:D9:01:1A:DF:37:66:65:AD:4D:62:CF:31:CE:63:05:8C
Certificate issuer: /CN=91dd0e48d9011adf376665ad4d62cf31ce63058c
Certificate serial: 01987306EEB7DF68BA760B1B7EEEB7E88027
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
Manifest number: 0D36
Signing time: Mon 04 Aug 2025 03:01:30 +0000
Manifest this update: Mon 04 Aug 2025 03:01:30 +0000
Manifest next update: Tue 05 Aug 2025 03:01:30 +0000
Files and hashes: 1: O0T2HbDDLXToVBgQvakFVm0WBM8.roa (hash: j4M5mhMKjocJHlnRMyKx/Jo55Alu9WqNqQzzA+GKZ+8=)
2: WPrYk3ZFYryhbXNF2_g_QVCy5G0.roa (hash: 1/VFn2v02knd9dSenNmn42s5XXg6Yfw+0bFY3ogbnpY=)
3: kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl (hash: /XlUQCN/ZhtSln5kT2PUhkyyQlZvuBu+mEmK73d6Xow=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:73:06:ee:b7:df:68:ba:76:0b:1b:7e:ee:b7:e8:80:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91dd0e48d9011adf376665ad4d62cf31ce63058c
Validity
Not Before: Aug 4 03:01:30 2025 GMT
Not After : Aug 5 03:01:30 2025 GMT
Subject: CN=7e58f79a5beabc1a9f64b50588af745edb03b042
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0a:b4:47:3d:25:9a:04:bb:b9:52:f5:ae:a9:
9a:8b:76:f1:29:b9:5c:d7:90:49:f8:8e:e2:cd:16:
e1:2e:66:b2:8a:33:e5:d1:f7:49:c6:62:c2:c0:62:
d8:24:ad:53:2a:f2:24:e6:14:c9:c4:a6:61:bf:dc:
76:40:e8:96:f6:6b:01:bd:8a:c6:28:25:cf:c4:1e:
0c:48:a4:35:27:f1:13:a0:63:b0:29:3b:23:91:dd:
24:31:df:01:62:a6:90:d0:a3:35:b0:c3:68:84:12:
05:7b:50:a5:6f:ca:40:26:44:6c:de:4e:e4:0e:e9:
9f:ba:29:bf:93:04:05:c3:33:5f:db:88:67:79:44:
f6:a4:3f:01:36:b0:22:b5:39:18:d4:97:11:f0:75:
fe:00:cd:6c:ad:7f:2d:28:53:94:b2:29:8b:d2:7c:
5d:d9:dd:fd:19:60:21:3e:66:90:b6:f9:29:4d:0a:
8c:b6:51:22:d0:0f:66:87:c5:44:4c:a7:37:6d:b3:
b0:c9:7a:53:8f:40:fc:5d:9d:4f:2d:32:29:ba:2c:
b4:ba:93:95:36:1c:54:a8:32:9f:f9:1f:96:28:e1:
4d:bc:01:c5:f4:a2:44:cd:fb:cc:2e:07:49:7b:c6:
89:f9:b2:62:23:06:31:d5:ae:d3:5d:46:14:b4:5d:
09:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:58:F7:9A:5B:EA:BC:1A:9F:64:B5:05:88:AF:74:5E:DB:03:B0:42
X509v3 Authority Key Identifier:
keyid:91:DD:0E:48:D9:01:1A:DF:37:66:65:AD:4D:62:CF:31:CE:63:05:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
59:8a:cd:85:ed:f1:6a:a7:60:ec:87:14:f7:a6:7f:8f:0d:33:
91:b1:fb:49:9a:f9:49:eb:bb:d8:f6:9b:ee:08:d1:76:43:3b:
58:82:16:a7:d9:dc:94:b7:d1:4e:0d:61:4e:33:14:f1:6b:82:
53:60:5c:28:59:c9:d7:28:73:34:29:3c:87:8d:60:92:55:d5:
2b:c5:b9:b5:44:cc:80:b5:b7:ad:7e:7b:fc:16:90:9f:70:b0:
de:8a:ff:cc:2a:92:6f:c8:bb:ce:9a:7d:81:a9:a4:c5:9a:b5:
4f:6d:a7:15:d3:c1:6b:30:8e:ce:eb:93:fe:20:b4:9a:83:a5:
f8:53:98:8b:cb:48:91:ca:01:49:7d:a7:1c:35:4b:29:6b:45:
9f:c0:e3:ab:20:78:eb:6f:e4:7a:c0:99:8f:21:34:f7:0e:ce:
ba:90:a8:22:fc:ce:49:94:59:63:c5:0c:bd:31:5e:0e:6c:c5:
b1:34:5f:75:59:58:71:ce:63:1c:1d:14:84:fc:fd:f0:3d:89:
34:84:1a:5f:1d:16:0a:38:ad:16:0d:38:29:8c:20:f8:aa:be:
a8:3f:6d:d2:98:97:9d:24:21:6e:90:43:59:16:c7:72:74:9d:
90:36:02:6e:99:8c:b0:ab:8d:62:42:84:00:03:92:41:5d:d2:
d4:52:29:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhzBu6332i6dgsbfu636IAnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZGQwZTQ4ZDkwMTFhZGYzNzY2NjVhZDRkNjJjZjMxY2U2
MzA1OGMwHhcNMjUwODA0MDMwMTMwWhcNMjUwODA1MDMwMTMwWjAzMTEwLwYDVQQD
Eyg3ZTU4Zjc5YTViZWFiYzFhOWY2NGI1MDU4OGFmNzQ1ZWRiMDNiMDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAq0Rz0lmgS7uVL1rqmai3bxKblc
15BJ+I7izRbhLmayijPl0fdJxmLCwGLYJK1TKvIk5hTJxKZhv9x2QOiW9msBvYrG
KCXPxB4MSKQ1J/EToGOwKTsjkd0kMd8BYqaQ0KM1sMNohBIFe1Clb8pAJkRs3k7k
Dumfuim/kwQFwzNf24hneUT2pD8BNrAitTkY1JcR8HX+AM1srX8tKFOUsimL0nxd
2d39GWAhPmaQtvkpTQqMtlEi0A9mh8VETKc3bbOwyXpTj0D8XZ1PLTIpuiy0upOV
NhxUqDKf+R+WKOFNvAHF9KJEzfvMLgdJe8aJ+bJiIwYx1a7TXUYUtF0JHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH5Y95pb6rwan2S1BYivdF7bA7BCMB8GA1UdIwQY
MBaAFJHdDkjZARrfN2ZlrU1izzHOYwWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8xZTlkMDQtZDk0Zi00ZjEzLWJlM2Mt
MTBmMzRmNTU4MzYzLzEva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8xZTlkMDQtZDk0Zi00ZjEzLWJlM2MtMTBmMzRmNTU4MzYz
LzEva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWYrNhe3x
aqdg7IcU96Z/jw0zkbH7SZr5Seu72Pab7gjRdkM7WIIWp9nclLfRTg1hTjMU8WuC
U2BcKFnJ1yhzNCk8h41gklXVK8W5tUTMgLW3rX57/BaQn3Cw3or/zCqSb8i7zpp9
gamkxZq1T22nFdPBazCOzuuT/iC0moOl+FOYi8tIkcoBSX2nHDVLKWtFn8DjqyB4
62/kesCZjyE09w7OupCoIvzOSZRZY8UMvTFeDmzFsTRfdVlYcc5jHB0UhPz98D2J
NIQaXx0WCjitFg04KYwg+Kq+qD9t0piXnSQhbpBDWRbHcnSdkDYCbpmMsKuNYkKE
AAOSQV3S1FIp9A==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:11:58 2025 by rpki-client