Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft
File: kdfs8XFCs7CTX443uPfZwlPw7hk.mft (raw, json)
Hash identifier: D9hBnLRD4PZ3En1FU2zFvQrXOgtAes0fuXuJlK+717U=
Subject key identifier: 8A:D3:70:E1:AA:C3:D9:2B:93:3F:3E:AC:95:43:93:DE:AC:AD:C7:23
Authority key identifier: 91:D7:EC:F1:71:42:B3:B0:93:5F:8E:37:B8:F7:D9:C2:53:F0:EE:19
Certificate issuer: /CN=91d7ecf17142b3b0935f8e37b8f7d9c253f0ee19
Certificate serial: 01987298FF4D1A62B97DBE6CBB2F67D694DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft
Manifest number: 161B
Signing time: Mon 04 Aug 2025 01:01:26 +0000
Manifest this update: Mon 04 Aug 2025 01:01:26 +0000
Manifest next update: Tue 05 Aug 2025 01:01:26 +0000
Files and hashes: 1: kdfs8XFCs7CTX443uPfZwlPw7hk.crl (hash: aHTkfv8aWvw/cjroey77vwNYcuPxva+QGTGZcmNInj8=)
2: yaNI0_QU-og_a5wIKL7nblpP3wo.roa (hash: mocSKnatPWu2K5HO5VSBkHGD9dsGk50fbeHRajNzTSQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft
rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 01:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:72:98:ff:4d:1a:62:b9:7d:be:6c:bb:2f:67:d6:94:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d7ecf17142b3b0935f8e37b8f7d9c253f0ee19
Validity
Not Before: Aug 4 01:01:26 2025 GMT
Not After : Aug 5 01:01:26 2025 GMT
Subject: CN=8ad370e1aac3d92b933f3eac954393deacadc723
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:52:dc:52:8f:8b:68:b5:7b:42:8e:49:3a:d1:
fe:c8:a6:94:7d:e4:b3:48:71:58:9b:91:f9:e4:9a:
ae:ba:32:57:a0:7a:a6:82:2e:eb:36:f0:2e:8b:d6:
4a:5c:8d:67:5f:3d:5f:1c:ac:28:ed:40:a5:4e:df:
a5:2d:43:3e:1c:77:0c:40:3d:ad:1e:4a:79:c1:53:
69:35:54:2a:87:01:2b:2b:43:d0:4e:31:cd:a4:06:
29:c8:61:44:07:f1:6b:b7:7f:3c:77:3e:b6:db:af:
34:fe:d2:8b:d4:0f:c5:1e:11:24:86:2c:5d:bc:d9:
86:33:e7:5c:c0:58:0b:a9:b8:9c:77:c9:e7:6d:36:
ed:50:ae:9a:24:35:55:c0:88:14:83:21:34:97:32:
2f:8d:89:06:46:69:4d:9b:66:67:45:cb:eb:08:e5:
be:35:5d:75:ee:ed:c0:e8:05:ed:2b:09:ee:d6:34:
43:dc:7d:d0:93:27:1a:02:0d:a7:55:49:83:f2:a6:
eb:06:cb:03:04:fc:de:7f:34:c0:1d:27:59:6f:f6:
69:6e:14:b2:74:20:2d:f9:0a:75:a3:0d:71:49:fc:
37:ad:a5:f7:27:ca:97:65:4e:58:99:cc:27:a0:22:
9e:13:da:c4:25:79:d4:7c:b3:25:bb:b6:63:dc:de:
cf:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:D3:70:E1:AA:C3:D9:2B:93:3F:3E:AC:95:43:93:DE:AC:AD:C7:23
X509v3 Authority Key Identifier:
keyid:91:D7:EC:F1:71:42:B3:B0:93:5F:8E:37:B8:F7:D9:C2:53:F0:EE:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
65:20:12:b4:ab:ee:85:80:30:88:ae:f2:4a:c5:c5:15:f8:a1:
52:51:35:ae:a2:4a:1f:aa:86:39:61:03:e2:2a:05:6d:ac:5a:
9d:85:8a:2d:4f:19:72:cd:1c:e3:76:27:6b:80:c6:e2:fd:45:
14:38:24:99:41:82:6f:8f:d4:0a:a5:c4:93:7a:c5:9b:e6:8c:
d4:8b:27:13:02:3c:95:56:b3:80:20:eb:1d:4f:bc:6b:dc:f3:
35:f6:d6:80:f7:69:f6:c6:7b:4a:95:53:71:57:99:b3:24:59:
f3:9a:56:67:89:a6:38:0c:7b:20:d6:7f:e1:1f:3c:55:6a:6c:
08:d3:6a:13:18:00:a7:be:6c:c8:49:d7:bc:08:89:62:f6:0e:
8b:c8:ef:2a:5d:f5:8e:ae:2c:3a:16:e1:83:7d:3e:eb:ce:d2:
6f:bb:fd:c9:fc:84:36:46:95:9c:3c:1e:63:07:8b:97:47:0b:
80:d8:58:b0:cc:71:d9:f7:82:3e:7b:09:9b:28:5e:89:31:99:
c6:2a:1e:4d:40:05:cc:39:d7:74:4d:38:f7:c3:fe:64:6f:c4:
25:74:85:24:41:db:de:f9:5d:2c:99:8a:14:02:35:b1:bb:60:
e7:07:92:9d:ea:a6:07:ee:bf:de:77:74:3f:a4:a5:89:ef:32:
27:54:b7:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhymP9NGmK5fb5suy9n1pTfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDdlY2YxNzE0MmIzYjA5MzVmOGUzN2I4ZjdkOWMyNTNm
MGVlMTkwHhcNMjUwODA0MDEwMTI2WhcNMjUwODA1MDEwMTI2WjAzMTEwLwYDVQQD
Eyg4YWQzNzBlMWFhYzNkOTJiOTMzZjNlYWM5NTQzOTNkZWFjYWRjNzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4VLcUo+LaLV7Qo5JOtH+yKaUfeSz
SHFYm5H55JquujJXoHqmgi7rNvAui9ZKXI1nXz1fHKwo7UClTt+lLUM+HHcMQD2t
Hkp5wVNpNVQqhwErK0PQTjHNpAYpyGFEB/Frt388dz622680/tKL1A/FHhEkhixd
vNmGM+dcwFgLqbicd8nnbTbtUK6aJDVVwIgUgyE0lzIvjYkGRmlNm2ZnRcvrCOW+
NV117u3A6AXtKwnu1jRD3H3QkycaAg2nVUmD8qbrBssDBPzefzTAHSdZb/ZpbhSy
dCAt+Qp1ow1xSfw3raX3J8qXZU5YmcwnoCKeE9rEJXnUfLMlu7Zj3N7PbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIrTcOGqw9krkz8+rJVDk96srccjMB8GA1UdIwQY
MBaAFJHX7PFxQrOwk1+ON7j32cJT8O4ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9iMDhlNmUtMDgyMi00MjI0LTk1NGIt
YTZiMWFkMzRlMDhjLzEva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9iMDhlNmUtMDgyMi00MjI0LTk1NGItYTZiMWFkMzRlMDhj
LzEva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZSAStKvu
hYAwiK7ySsXFFfihUlE1rqJKH6qGOWED4ioFbaxanYWKLU8Zcs0c43Yna4DG4v1F
FDgkmUGCb4/UCqXEk3rFm+aM1IsnEwI8lVazgCDrHU+8a9zzNfbWgPdp9sZ7SpVT
cVeZsyRZ85pWZ4mmOAx7INZ/4R88VWpsCNNqExgAp75syEnXvAiJYvYOi8jvKl31
jq4sOhbhg30+687Sb7v9yfyENkaVnDweYweLl0cLgNhYsMxx2feCPnsJmyheiTGZ
xioeTUAFzDnXdE0498P+ZG/EJXSFJEHb3vldLJmKFAI1sbtg5weSneqmB+6/3nd0
P6Slie8yJ1S3Xg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:27:46 2025 by rpki-client