Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
File: KYXMQ9gGohtjMwIZ62OLsbpJroA.mft (raw, json)
Hash identifier: nDB1jGoWnhJBuH3BtYAk4sbZ8Y0vJ+oReypMS1XnhQo=
Subject key identifier: 62:E5:9E:99:39:67:78:A1:62:FB:BC:76:6B:B4:15:41:3B:67:3C:80
Authority key identifier: 29:85:CC:43:D8:06:A2:1B:63:33:02:19:EB:63:8B:B1:BA:49:AE:80
Certificate issuer: /CN=2985cc43d806a21b63330219eb638bb1ba49ae80
Certificate serial: 01967F466A97C591BDD4CFB259AAC971BEF1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
Manifest number: 02FD
Signing time: Tue 29 Apr 2025 02:00:43 +0000
Manifest this update: Tue 29 Apr 2025 02:00:43 +0000
Manifest next update: Wed 30 Apr 2025 02:00:43 +0000
Files and hashes: 1: 2Erepc7c7P1VRx_bLNiYu7weRzk.roa (hash: k2SMyfwtPMsgu8pAJX36t6HmVMk0LqM07DF6s7B27wo=)
2: KYXMQ9gGohtjMwIZ62OLsbpJroA.crl (hash: J+eND7K5yvTf8CIINrK/OI2lLE6yeFJEYlu5KPE1EP8=)
3: L_UMuGgef__KCIxYo719-pYnMY0.roa (hash: qQUOKChy81kdhWvOW3DW3K7T6hbp7d9kPXUCB0/Qv9Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 02:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7f:46:6a:97:c5:91:bd:d4:cf:b2:59:aa:c9:71:be:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2985cc43d806a21b63330219eb638bb1ba49ae80
Validity
Not Before: Apr 29 02:00:43 2025 GMT
Not After : Apr 30 02:00:43 2025 GMT
Subject: CN=62e59e99396778a162fbbc766bb415413b673c80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:73:ae:1b:7d:70:e4:e4:11:d2:b0:e9:93:ee:
60:8a:81:0f:de:8d:d8:71:e1:77:7d:b9:82:a5:67:
9a:3c:9c:47:9b:c4:eb:a4:de:4e:dd:a8:b9:46:8f:
be:c9:6a:1a:2a:a2:f8:9f:5b:44:6d:dc:a6:15:fa:
7c:02:92:3c:22:1f:fe:4a:bf:bc:a5:41:b1:5d:a8:
83:ec:6a:05:38:1f:94:9b:4d:3e:8f:ab:a3:20:01:
de:4c:7d:10:f1:37:dc:9d:64:7a:7b:b8:93:cd:e8:
68:62:fb:0b:5e:9d:35:30:ce:27:aa:bf:f7:04:89:
29:2e:f4:11:0d:01:1b:47:a2:33:9f:95:72:e8:b9:
11:e3:7e:dd:96:74:d6:b0:18:c2:ea:e8:91:4b:46:
09:d2:a6:29:11:6d:15:a9:bc:43:a3:d8:4d:38:1e:
cc:45:84:ab:b2:09:dc:59:da:41:58:be:49:97:2d:
e4:36:08:46:83:f5:b7:51:20:ea:f2:1b:90:1a:0e:
39:58:f4:9e:c6:10:ca:ce:73:cb:27:79:d5:f2:ec:
79:e7:0e:5e:dd:e1:25:11:5b:46:9b:78:fa:f4:08:
74:b8:ae:e2:52:9a:2f:ce:25:4c:b1:42:63:9d:d0:
3e:56:84:99:f1:5d:c6:c6:73:b8:f2:7f:c2:b2:04:
51:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:E5:9E:99:39:67:78:A1:62:FB:BC:76:6B:B4:15:41:3B:67:3C:80
X509v3 Authority Key Identifier:
keyid:29:85:CC:43:D8:06:A2:1B:63:33:02:19:EB:63:8B:B1:BA:49:AE:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4f:ef:e4:d2:50:19:e5:3c:ef:d3:05:38:45:d8:ef:07:3c:eb:
cc:1d:67:1f:4c:8c:a0:cc:de:c2:bb:16:6b:6e:b4:9f:fd:ed:
3b:bc:f7:32:38:34:c6:75:dc:8e:0a:78:f4:8d:ee:1c:bf:7a:
d1:23:cc:1e:65:ea:4a:bd:af:69:d9:7e:6d:e7:b9:39:60:af:
73:33:d6:94:fd:eb:f7:32:7f:41:fe:9b:df:7c:60:00:cf:c1:
c3:63:57:d1:37:af:d1:06:83:1d:84:eb:4e:04:30:a7:e3:da:
74:be:13:07:6d:a9:a9:be:bb:ec:45:2d:5b:1a:95:b3:49:98:
cd:27:d4:26:6d:bd:71:a0:7e:86:63:7e:05:39:f0:46:c8:65:
23:89:89:85:65:35:ff:e6:77:da:a4:be:d5:f2:d8:77:c7:0c:
61:2b:6f:9b:d9:bd:44:e5:01:cf:46:43:3e:9f:93:78:c5:c6:
b5:3a:c5:54:b6:84:20:20:d2:de:fd:b0:7a:e5:48:5e:81:77:
13:27:e4:8f:95:c1:cc:4c:92:24:19:fb:f5:69:16:3e:51:da:
07:70:08:2a:94:1c:2a:2a:51:1c:3a:00:38:c1:b7:a5:72:da:
65:d8:c7:81:f2:2c:69:5e:96:70:dc:75:51:07:65:77:1d:26:
9e:55:e3:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ/RmqXxZG91M+yWarJcb7xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ODVjYzQzZDgwNmEyMWI2MzMzMDIxOWViNjM4YmIxYmE0
OWFlODAwHhcNMjUwNDI5MDIwMDQzWhcNMjUwNDMwMDIwMDQzWjAzMTEwLwYDVQQD
Eyg2MmU1OWU5OTM5Njc3OGExNjJmYmJjNzY2YmI0MTU0MTNiNjczYzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3HOuG31w5OQR0rDpk+5gioEP3o3Y
ceF3fbmCpWeaPJxHm8TrpN5O3ai5Ro++yWoaKqL4n1tEbdymFfp8ApI8Ih/+Sr+8
pUGxXaiD7GoFOB+Um00+j6ujIAHeTH0Q8TfcnWR6e7iTzehoYvsLXp01MM4nqr/3
BIkpLvQRDQEbR6Izn5Vy6LkR437dlnTWsBjC6uiRS0YJ0qYpEW0VqbxDo9hNOB7M
RYSrsgncWdpBWL5Jly3kNghGg/W3USDq8huQGg45WPSexhDKznPLJ3nV8ux55w5e
3eElEVtGm3j69Ah0uK7iUpovziVMsUJjndA+VoSZ8V3GxnO48n/CsgRRXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGLlnpk5Z3ihYvu8dmu0FUE7ZzyAMB8GA1UdIwQY
MBaAFCmFzEPYBqIbYzMCGetji7G6Sa6AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9mM2ZlZjQtNDVkYS00YjQzLTk4YzIt
NGRmODg0MGVmYjE3LzEvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9mM2ZlZjQtNDVkYS00YjQzLTk4YzItNGRmODg0MGVmYjE3
LzEvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT+/k0lAZ
5Tzv0wU4RdjvBzzrzB1nH0yMoMzewrsWa260n/3tO7z3Mjg0xnXcjgp49I3uHL96
0SPMHmXqSr2vadl+bee5OWCvczPWlP3r9zJ/Qf6b33xgAM/Bw2NX0Tev0QaDHYTr
TgQwp+PadL4TB22pqb677EUtWxqVs0mYzSfUJm29caB+hmN+BTnwRshlI4mJhWU1
/+Z32qS+1fLYd8cMYStvm9m9ROUBz0ZDPp+TeMXGtTrFVLaEICDS3v2weuVIXoF3
Eyfkj5XBzEySJBn79WkWPlHaB3AIKpQcKipRHDoAOMG3pXLaZdjHgfIsaV6WcNx1
UQdldx0mnlXjsg==
-----END CERTIFICATE-----
Generated at Tue Apr 29 10:46:50 2025 by rpki-client