Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
File: KYXMQ9gGohtjMwIZ62OLsbpJroA.mft (raw, json)
Hash identifier: aq0TdOsbINqw7mqSCDft7uMSID4NTCjmGQDPfMHu9t4=
Subject key identifier: A1:CD:48:CA:F7:63:65:D0:87:5C:CC:B8:98:0D:18:99:69:22:86:2D
Authority key identifier: 29:85:CC:43:D8:06:A2:1B:63:33:02:19:EB:63:8B:B1:BA:49:AE:80
Certificate issuer: /CN=2985cc43d806a21b63330219eb638bb1ba49ae80
Certificate serial: 01976CCFBDC3B920F2F2EC10DAC0377A1B06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
Manifest number: 0378
Signing time: Sat 14 Jun 2025 05:00:43 +0000
Manifest this update: Sat 14 Jun 2025 05:00:43 +0000
Manifest next update: Sun 15 Jun 2025 05:00:43 +0000
Files and hashes: 1: 2Erepc7c7P1VRx_bLNiYu7weRzk.roa (hash: k2SMyfwtPMsgu8pAJX36t6HmVMk0LqM07DF6s7B27wo=)
2: KYXMQ9gGohtjMwIZ62OLsbpJroA.crl (hash: 7f2CDvHPnwAAr9Wj3eM+VczlEqpB7QCi0Hp+cjS6q9U=)
3: L_UMuGgef__KCIxYo719-pYnMY0.roa (hash: qQUOKChy81kdhWvOW3DW3K7T6hbp7d9kPXUCB0/Qv9Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6c:cf:bd:c3:b9:20:f2:f2:ec:10:da:c0:37:7a:1b:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2985cc43d806a21b63330219eb638bb1ba49ae80
Validity
Not Before: Jun 14 05:00:43 2025 GMT
Not After : Jun 15 05:00:43 2025 GMT
Subject: CN=a1cd48caf76365d0875cccb8980d18996922862d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:55:e8:18:04:0c:af:db:0f:2d:59:fa:d8:bd:
f4:b3:b3:e8:a5:a8:43:d7:10:aa:3c:2b:e9:d1:b3:
dc:48:16:b7:30:45:f5:7d:71:88:d5:fd:d9:62:d9:
36:9a:ff:27:38:f3:3d:a2:c1:bb:b4:71:f9:3d:4b:
59:ff:37:18:f3:27:69:ba:87:ab:66:cb:50:d5:8e:
3e:4d:26:68:45:6f:8d:a7:a5:29:ba:91:57:a4:6b:
c4:92:55:e9:1d:d3:5b:8e:67:c7:2a:9e:18:66:84:
d7:fc:be:a1:07:27:f1:f4:2a:08:b5:05:ab:90:41:
46:d2:a7:91:cb:2d:a4:9f:59:19:d1:eb:11:58:0e:
1e:df:40:80:ab:7b:94:1e:fc:99:7d:a2:6c:82:05:
9e:5e:14:4d:27:5d:a7:ff:9b:9e:b5:fb:17:f7:21:
e2:84:1a:2a:0d:97:23:49:4c:9b:24:88:b6:d4:b5:
62:2f:27:23:fd:cd:5e:eb:a8:89:9e:2d:24:b0:b6:
4d:ff:6c:bb:34:d8:98:ec:12:3a:77:e1:b9:2c:6d:
5e:21:5a:42:68:61:71:7c:88:96:e6:a4:4e:f3:7c:
be:68:6d:f3:14:d3:ae:1d:fd:ac:64:0c:1e:c2:91:
e2:20:e6:9d:03:43:e1:fb:43:9b:2e:1e:f1:b9:cf:
6b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:CD:48:CA:F7:63:65:D0:87:5C:CC:B8:98:0D:18:99:69:22:86:2D
X509v3 Authority Key Identifier:
keyid:29:85:CC:43:D8:06:A2:1B:63:33:02:19:EB:63:8B:B1:BA:49:AE:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
32:e0:08:59:76:8f:c5:05:c9:e4:03:1d:83:f6:59:c3:a7:c2:
b6:59:dd:09:3e:98:6c:29:32:eb:db:9b:3a:f6:11:64:68:62:
48:eb:b5:06:43:5e:00:71:66:32:b6:02:f1:c3:02:86:9a:36:
32:da:c5:55:db:6a:51:9a:30:98:f4:47:a2:9a:e3:f7:ad:0e:
dd:f6:96:13:df:f4:00:e7:6a:84:71:34:02:35:d6:5e:ed:e4:
8f:37:ec:dd:d4:4a:89:f5:ec:bb:6f:f6:1f:02:02:04:64:5a:
c2:10:7d:7a:dd:01:0f:e2:d0:80:52:5d:5d:a1:5e:2c:81:e5:
a3:9f:ea:06:b1:66:92:a8:16:33:3c:3f:82:d3:48:2b:1f:d9:
25:3f:70:39:ab:90:01:f7:ec:27:bc:25:23:86:50:44:2c:44:
b8:6d:6f:8a:d1:34:b9:23:ae:d4:93:d8:fc:4c:54:98:19:1c:
83:42:03:c4:fe:16:bc:6a:fa:71:ab:af:e8:18:fc:d0:4f:e6:
38:9b:01:fd:66:e0:e6:d7:e3:37:08:7f:e6:fa:a2:07:54:ad:
90:e0:70:43:45:90:f1:7a:e6:fb:0b:fa:14:0f:1f:25:2e:43:
fb:d6:7c:c7:16:67:ad:7a:36:e4:8a:e0:1a:34:00:99:be:62:
f6:a3:17:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsz73DuSDy8uwQ2sA3ehsGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ODVjYzQzZDgwNmEyMWI2MzMzMDIxOWViNjM4YmIxYmE0
OWFlODAwHhcNMjUwNjE0MDUwMDQzWhcNMjUwNjE1MDUwMDQzWjAzMTEwLwYDVQQD
EyhhMWNkNDhjYWY3NjM2NWQwODc1Y2NjYjg5ODBkMTg5OTY5MjI4NjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1XoGAQMr9sPLVn62L30s7PopahD
1xCqPCvp0bPcSBa3MEX1fXGI1f3ZYtk2mv8nOPM9osG7tHH5PUtZ/zcY8ydpuoer
ZstQ1Y4+TSZoRW+Np6UpupFXpGvEklXpHdNbjmfHKp4YZoTX/L6hByfx9CoItQWr
kEFG0qeRyy2kn1kZ0esRWA4e30CAq3uUHvyZfaJsggWeXhRNJ12n/5uetfsX9yHi
hBoqDZcjSUybJIi21LViLycj/c1e66iJni0ksLZN/2y7NNiY7BI6d+G5LG1eIVpC
aGFxfIiW5qRO83y+aG3zFNOuHf2sZAwewpHiIOadA0Ph+0ObLh7xuc9rcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKHNSMr3Y2XQh1zMuJgNGJlpIoYtMB8GA1UdIwQY
MBaAFCmFzEPYBqIbYzMCGetji7G6Sa6AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9mM2ZlZjQtNDVkYS00YjQzLTk4YzIt
NGRmODg0MGVmYjE3LzEvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9mM2ZlZjQtNDVkYS00YjQzLTk4YzItNGRmODg0MGVmYjE3
LzEvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMuAIWXaP
xQXJ5AMdg/ZZw6fCtlndCT6YbCky69ubOvYRZGhiSOu1BkNeAHFmMrYC8cMChpo2
MtrFVdtqUZowmPRHoprj960O3faWE9/0AOdqhHE0AjXWXu3kjzfs3dRKifXsu2/2
HwICBGRawhB9et0BD+LQgFJdXaFeLIHlo5/qBrFmkqgWMzw/gtNIKx/ZJT9wOauQ
AffsJ7wlI4ZQRCxEuG1vitE0uSOu1JPY/ExUmBkcg0IDxP4WvGr6cauv6Bj80E/m
OJsB/Wbg5tfjNwh/5vqiB1StkOBwQ0WQ8Xrm+wv6FA8fJS5D+9Z8xxZnrXo25Irg
GjQAmb5i9qMX1A==
-----END CERTIFICATE-----
Generated at Sat Jun 14 13:02:40 2025 by rpki-client