Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
File: KYXMQ9gGohtjMwIZ62OLsbpJroA.mft (raw, json)
Hash identifier: Hufu/+BNVoQVlphOd6NYfPwtG/20CDn/JBHbN0PB1JA=
Subject key identifier: DF:53:D0:B1:5D:09:4B:86:3A:FC:BB:37:F1:CD:58:8D:10:52:A1:58
Authority key identifier: 29:85:CC:43:D8:06:A2:1B:63:33:02:19:EB:63:8B:B1:BA:49:AE:80
Certificate issuer: /CN=2985cc43d806a21b63330219eb638bb1ba49ae80
Certificate serial: 019880F93B2A2A356F2FC801D77E2BB7C3B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
Manifest number: 0407
Signing time: Wed 06 Aug 2025 20:01:13 +0000
Manifest this update: Wed 06 Aug 2025 20:01:13 +0000
Manifest next update: Thu 07 Aug 2025 20:01:13 +0000
Files and hashes: 1: 2Erepc7c7P1VRx_bLNiYu7weRzk.roa (hash: k2SMyfwtPMsgu8pAJX36t6HmVMk0LqM07DF6s7B27wo=)
2: KYXMQ9gGohtjMwIZ62OLsbpJroA.crl (hash: SlHTQfnRbm2muyn4/Tt+ZOvGUBnLkouwOdClnP+lHeU=)
3: L_UMuGgef__KCIxYo719-pYnMY0.roa (hash: qQUOKChy81kdhWvOW3DW3K7T6hbp7d9kPXUCB0/Qv9Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 20:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:80:f9:3b:2a:2a:35:6f:2f:c8:01:d7:7e:2b:b7:c3:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2985cc43d806a21b63330219eb638bb1ba49ae80
Validity
Not Before: Aug 6 20:01:13 2025 GMT
Not After : Aug 7 20:01:13 2025 GMT
Subject: CN=df53d0b15d094b863afcbb37f1cd588d1052a158
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:d0:79:08:ad:d0:16:01:7b:18:cc:3a:8f:4b:
af:87:62:35:d4:76:18:4e:70:90:70:dc:3d:f6:f0:
a9:b6:92:3e:22:3b:0f:75:60:b4:7e:bf:a2:60:bd:
34:d2:7a:dc:d8:7f:79:a6:e4:bb:ee:b5:bd:79:58:
8c:ac:7b:7b:01:a3:35:76:a0:be:f8:b9:3e:07:32:
53:a2:12:9f:7c:4b:19:ce:71:e4:36:d5:70:bb:b2:
65:1d:9a:59:d4:b0:bd:24:2a:26:d4:94:87:b0:d8:
22:d6:c6:d0:c7:a2:30:77:ee:5b:06:96:c3:e6:2a:
b3:c9:1a:97:b2:8c:2c:6a:3c:88:08:f4:26:f3:af:
38:78:12:58:e2:aa:cc:4d:a2:44:2e:25:71:24:07:
cc:bd:28:6b:3f:26:62:59:e4:c6:e2:de:67:c3:6e:
90:17:8c:e0:ff:cc:17:6a:a4:c0:96:76:13:a7:f7:
17:8e:47:d9:49:50:6c:0a:c5:65:14:d3:54:60:9f:
64:97:d5:56:9f:eb:eb:a0:80:6f:e5:52:2a:34:18:
bf:31:39:9d:48:bc:ad:35:d4:5c:54:eb:9f:36:eb:
8e:03:e0:f0:ca:46:30:9b:bf:98:94:46:8b:4c:25:
da:a9:8d:ad:7e:c5:2d:a7:79:8f:68:bc:74:d8:f7:
e0:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:53:D0:B1:5D:09:4B:86:3A:FC:BB:37:F1:CD:58:8D:10:52:A1:58
X509v3 Authority Key Identifier:
keyid:29:85:CC:43:D8:06:A2:1B:63:33:02:19:EB:63:8B:B1:BA:49:AE:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b4:46:1f:cb:67:b9:61:23:cd:62:f5:ac:d6:80:11:c3:69:65:
bf:14:94:22:eb:b9:f7:b1:86:e7:c0:87:1a:b0:25:66:c7:50:
b8:22:67:3f:ca:08:e3:40:ba:0a:78:2f:25:5d:19:e8:1e:63:
eb:c1:b4:c2:f2:04:27:69:cf:ed:ca:fc:b9:8d:02:07:7e:a5:
56:17:f2:ee:24:fe:47:d4:5e:64:30:b7:32:02:d2:be:72:88:
2f:c9:1c:ba:ac:be:2e:e8:0b:3a:13:6b:e1:9f:23:71:1b:d4:
51:68:66:cc:4c:8d:f2:fb:bc:4c:05:56:4e:93:12:e1:b4:d4:
c8:a1:02:f0:3a:b1:d4:42:b0:18:de:fc:41:4f:ec:2b:97:a6:
6b:3a:ca:f7:41:5f:5d:13:e5:12:ed:56:0f:b1:c5:52:5d:79:
96:bb:7f:f9:b1:a3:7b:2d:8e:b4:0c:a3:4b:3e:11:68:20:39:
e0:20:7f:89:4a:d7:00:82:1b:f8:b1:36:34:33:29:07:6e:1f:
be:c4:50:31:aa:b1:b3:46:a3:10:3a:40:1e:ce:24:9d:f2:4b:
47:2b:8a:1d:40:e6:e4:60:2c:65:05:b6:47:ad:d3:03:6b:a9:
35:59:27:4c:1a:d0:34:f0:54:33:3f:b8:43:df:ea:79:98:91:
35:07:ba:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiA+TsqKjVvL8gB134rt8OyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ODVjYzQzZDgwNmEyMWI2MzMzMDIxOWViNjM4YmIxYmE0
OWFlODAwHhcNMjUwODA2MjAwMTEzWhcNMjUwODA3MjAwMTEzWjAzMTEwLwYDVQQD
EyhkZjUzZDBiMTVkMDk0Yjg2M2FmY2JiMzdmMWNkNTg4ZDEwNTJhMTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA79B5CK3QFgF7GMw6j0uvh2I11HYY
TnCQcNw99vCptpI+IjsPdWC0fr+iYL000nrc2H95puS77rW9eViMrHt7AaM1dqC+
+Lk+BzJTohKffEsZznHkNtVwu7JlHZpZ1LC9JCom1JSHsNgi1sbQx6Iwd+5bBpbD
5iqzyRqXsowsajyICPQm8684eBJY4qrMTaJELiVxJAfMvShrPyZiWeTG4t5nw26Q
F4zg/8wXaqTAlnYTp/cXjkfZSVBsCsVlFNNUYJ9kl9VWn+vroIBv5VIqNBi/MTmd
SLytNdRcVOufNuuOA+DwykYwm7+YlEaLTCXaqY2tfsUtp3mPaLx02PfgcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN9T0LFdCUuGOvy7N/HNWI0QUqFYMB8GA1UdIwQY
MBaAFCmFzEPYBqIbYzMCGetji7G6Sa6AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9mM2ZlZjQtNDVkYS00YjQzLTk4YzIt
NGRmODg0MGVmYjE3LzEvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9mM2ZlZjQtNDVkYS00YjQzLTk4YzItNGRmODg0MGVmYjE3
LzEvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtEYfy2e5
YSPNYvWs1oARw2llvxSUIuu597GG58CHGrAlZsdQuCJnP8oI40C6CngvJV0Z6B5j
68G0wvIEJ2nP7cr8uY0CB36lVhfy7iT+R9ReZDC3MgLSvnKIL8kcuqy+LugLOhNr
4Z8jcRvUUWhmzEyN8vu8TAVWTpMS4bTUyKEC8Dqx1EKwGN78QU/sK5emazrK90Ff
XRPlEu1WD7HFUl15lrt/+bGjey2OtAyjSz4RaCA54CB/iUrXAIIb+LE2NDMpB24f
vsRQMaqxs0ajEDpAHs4knfJLRyuKHUDm5GAsZQW2R63TA2upNVknTBrQNPBUMz+4
Q9/qeZiRNQe6FA==
-----END CERTIFICATE-----
Generated at Thu Aug 7 04:36:03 2025 by rpki-client