Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft
File: KeoL3n9pK8X9wLFoumFKAnLy5k0.mft (raw, json)
Hash identifier: zTPEMP+HEkaGNxyh9XkLldgWFqXdf4RQdN5sqstv/vw=
Subject key identifier: F5:DF:0A:EE:B7:08:2D:B0:3D:2D:51:16:32:AC:C2:10:C9:F0:83:CE
Authority key identifier: 29:EA:0B:DE:7F:69:2B:C5:FD:C0:B1:68:BA:61:4A:02:72:F2:E6:4D
Certificate issuer: /CN=29ea0bde7f692bc5fdc0b168ba614a0272f2e64d
Certificate serial: 0196760CB184C57F7C355894CFF598EC42AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KeoL3n9pK8X9wLFoumFKAnLy5k0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft
Manifest number: 0B7A
Signing time: Sun 27 Apr 2025 07:01:05 +0000
Manifest this update: Sun 27 Apr 2025 07:01:05 +0000
Manifest next update: Mon 28 Apr 2025 07:01:05 +0000
Files and hashes: 1: 9cEvXYVcBJeRVXoK10hhOCyNhJY.roa (hash: ihTe2JjgXGvlLA7K+HxYQQd7iWcLoXsDNyag9kYHBGk=)
2: KeoL3n9pK8X9wLFoumFKAnLy5k0.crl (hash: aPeuwTpa4nmT9hMji4BDNBbI3rfNwjgQ8mezFSzdjlA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft
rsync://rpki.ripe.net/repository/DEFAULT/KeoL3n9pK8X9wLFoumFKAnLy5k0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 05:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:76:0c:b1:84:c5:7f:7c:35:58:94:cf:f5:98:ec:42:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29ea0bde7f692bc5fdc0b168ba614a0272f2e64d
Validity
Not Before: Apr 27 07:01:05 2025 GMT
Not After : Apr 28 07:01:05 2025 GMT
Subject: CN=f5df0aeeb7082db03d2d511632acc210c9f083ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4b:ad:b0:87:61:48:3c:90:36:f4:d5:0a:53:
d9:d3:25:df:34:96:ca:5a:26:1e:02:50:e7:c9:f6:
6a:8e:7b:ce:24:ee:e7:e6:0a:1c:0e:62:2a:b4:ac:
62:c2:1f:90:ac:a0:66:11:4d:32:82:e4:6c:05:4b:
4f:c8:46:c7:6f:fe:3d:24:ab:f8:f5:63:e0:44:e1:
91:71:c1:b0:61:99:1c:7c:60:85:f8:07:7b:4e:47:
6b:57:8a:1c:84:83:ca:cb:cc:b5:c9:91:d4:29:b2:
17:1e:13:6e:c5:95:a1:da:4c:7f:7a:ee:bb:36:4b:
9f:50:9c:fe:b0:9a:34:ca:a0:cc:ab:49:14:be:1f:
96:de:e0:d6:ba:44:88:36:6b:2d:9d:f3:39:c6:74:
f8:8f:26:56:0a:db:42:08:85:22:77:55:55:7d:e3:
14:49:bc:a7:09:d7:d0:a1:2e:bb:3c:7f:b7:ad:de:
32:d4:9f:7a:0d:29:63:14:fa:e8:fc:3a:62:02:d5:
02:7c:3e:1e:aa:0d:92:d1:7b:9f:73:da:d8:84:b1:
7e:4f:a6:b8:80:e5:e6:66:29:86:e7:c9:d2:e3:8e:
ca:67:a0:02:00:df:d4:24:84:01:e4:d2:1f:2f:cd:
81:d3:97:99:23:70:a5:50:f7:a6:56:55:cd:6a:77:
67:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:DF:0A:EE:B7:08:2D:B0:3D:2D:51:16:32:AC:C2:10:C9:F0:83:CE
X509v3 Authority Key Identifier:
keyid:29:EA:0B:DE:7F:69:2B:C5:FD:C0:B1:68:BA:61:4A:02:72:F2:E6:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KeoL3n9pK8X9wLFoumFKAnLy5k0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
83:bf:8f:4d:ef:20:54:70:56:95:48:82:3b:03:1f:56:31:b7:
6a:4f:03:83:c4:da:5f:e3:86:b7:48:c9:b7:fd:83:9d:82:d6:
e6:12:c1:b9:a5:19:50:9f:4d:5e:da:14:8d:5c:7f:e2:c1:b9:
55:29:fd:13:f5:e5:88:5e:8f:56:eb:d8:f6:11:57:b7:92:30:
10:cc:18:34:c3:99:9b:50:f2:d9:e4:21:44:10:fd:19:31:07:
72:5c:9d:8d:4b:c4:5c:35:19:70:87:61:8b:41:20:84:bb:c3:
78:a1:62:52:b3:14:03:d2:1f:14:d8:4b:e9:b9:db:80:12:9d:
c7:6f:99:90:1b:c9:e3:e9:a2:f1:cf:b2:94:b3:39:08:30:38:
e3:79:07:11:5e:7b:d1:3b:e0:26:33:d0:9f:69:cb:8d:de:c8:
6b:40:06:9a:3c:72:c0:0a:71:ba:6f:01:c0:63:dc:fd:22:42:
39:6a:d2:80:7c:39:44:60:01:1e:a8:a2:72:ba:bf:41:cf:c2:
63:28:c9:bc:80:f2:00:f1:e9:ec:53:c5:60:2d:a7:a1:56:71:
5a:14:d4:4d:a7:e6:a3:f3:0c:75:22:67:ef:bc:e4:31:9a:19:
58:8f:01:8d:02:77:4e:c4:b2:97:e0:9d:b9:06:03:89:05:26:
a8:a8:35:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2DLGExX98NViUz/WY7EKqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZWEwYmRlN2Y2OTJiYzVmZGMwYjE2OGJhNjE0YTAyNzJm
MmU2NGQwHhcNMjUwNDI3MDcwMTA1WhcNMjUwNDI4MDcwMTA1WjAzMTEwLwYDVQQD
EyhmNWRmMGFlZWI3MDgyZGIwM2QyZDUxMTYzMmFjYzIxMGM5ZjA4M2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0utsIdhSDyQNvTVClPZ0yXfNJbK
WiYeAlDnyfZqjnvOJO7n5gocDmIqtKxiwh+QrKBmEU0yguRsBUtPyEbHb/49JKv4
9WPgROGRccGwYZkcfGCF+Ad7TkdrV4ochIPKy8y1yZHUKbIXHhNuxZWh2kx/eu67
NkufUJz+sJo0yqDMq0kUvh+W3uDWukSINmstnfM5xnT4jyZWCttCCIUid1VVfeMU
SbynCdfQoS67PH+3rd4y1J96DSljFPro/DpiAtUCfD4eqg2S0Xufc9rYhLF+T6a4
gOXmZimG58nS447KZ6ACAN/UJIQB5NIfL82B05eZI3ClUPemVlXNandnpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPXfCu63CC2wPS1RFjKswhDJ8IPOMB8GA1UdIwQY
MBaAFCnqC95/aSvF/cCxaLphSgJy8uZNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2VvTDNuOXBLOFg5d0xGb3VtRktBbkx5NWswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9kMmZmNWItMDAwOC00NTcyLTkzODAt
OTc2YzA0YmRmMThmLzEvS2VvTDNuOXBLOFg5d0xGb3VtRktBbkx5NWswLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9kMmZmNWItMDAwOC00NTcyLTkzODAtOTc2YzA0YmRmMThm
LzEvS2VvTDNuOXBLOFg5d0xGb3VtRktBbkx5NWswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg7+PTe8g
VHBWlUiCOwMfVjG3ak8Dg8TaX+OGt0jJt/2DnYLW5hLBuaUZUJ9NXtoUjVx/4sG5
VSn9E/XliF6PVuvY9hFXt5IwEMwYNMOZm1Dy2eQhRBD9GTEHclydjUvEXDUZcIdh
i0EghLvDeKFiUrMUA9IfFNhL6bnbgBKdx2+ZkBvJ4+mi8c+ylLM5CDA443kHEV57
0TvgJjPQn2nLjd7Ia0AGmjxywApxum8BwGPc/SJCOWrSgHw5RGABHqiicrq/Qc/C
YyjJvIDyAPHp7FPFYC2noVZxWhTUTafmo/MMdSJn77zkMZoZWI8BjQJ3TsSyl+Cd
uQYDiQUmqKg1cg==
-----END CERTIFICATE-----
Generated at Sun Apr 27 15:29:55 2025 by rpki-client