Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft
File: KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft (raw, json)
Hash identifier: TKoZDkJezEtpiUPoXnxYsHtVm1bgO6TeFPat14Gwmyk=
Subject key identifier: 2E:F7:34:11:06:A6:54:E8:B1:44:2A:37:27:DC:30:5E:81:E4:2D:A5
Authority key identifier: 29:7A:42:29:71:4F:34:E2:9D:3D:92:B2:5F:7B:59:C7:48:F0:DF:C6
Certificate issuer: /CN=297a4229714f34e29d3d92b25f7b59c748f0dfc6
Certificate serial: 019896A57C15B7899F828C2C24ACEEB3D8D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXpCKXFPNOKdPZKyX3tZx0jw38Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft
Manifest number: 08B7
Signing time: Mon 11 Aug 2025 01:01:24 +0000
Manifest this update: Mon 11 Aug 2025 01:01:24 +0000
Manifest next update: Tue 12 Aug 2025 01:01:24 +0000
Files and hashes: 1: IrS-qV3W0Ik-KE138sR-ycmjsj0.roa (hash: ZrhZqy7V3sNpl24EYUX1sc+YyDytYvN7JDm/U17ihTc=)
2: KXpCKXFPNOKdPZKyX3tZx0jw38Y.crl (hash: WiioQCkavzhPAjM1AI3rbJIDUOrorEKKPVgMtrvbRXo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/KXpCKXFPNOKdPZKyX3tZx0jw38Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Aug 2025 01:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:96:a5:7c:15:b7:89:9f:82:8c:2c:24:ac:ee:b3:d8:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297a4229714f34e29d3d92b25f7b59c748f0dfc6
Validity
Not Before: Aug 11 01:01:24 2025 GMT
Not After : Aug 12 01:01:24 2025 GMT
Subject: CN=2ef7341106a654e8b1442a3727dc305e81e42da5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:74:d1:ea:50:63:09:41:fa:ee:46:7b:be:5c:
a8:ce:7d:1a:5d:99:9f:ca:fb:a7:86:25:e4:32:53:
b5:95:b8:8b:28:e0:8c:d6:e9:f4:ca:80:be:62:89:
0d:6f:6e:84:8d:15:b6:de:b3:b6:a7:10:aa:53:79:
fb:ab:87:66:85:b7:b8:1f:68:93:7f:60:de:34:23:
ff:25:9d:16:60:e0:8e:39:61:13:2c:0c:1a:a7:4f:
43:88:00:37:ba:d0:c6:b2:fc:93:96:ae:06:8f:87:
57:f4:94:f9:ea:f1:eb:1c:1a:eb:a9:d3:1e:b5:e7:
d3:b6:75:69:3a:2b:e3:b6:f9:b0:e3:f9:c3:65:9d:
b6:24:b3:25:58:ed:da:49:2b:ba:97:55:06:10:ec:
52:9d:49:a2:02:9e:fb:3b:4c:71:aa:0a:2a:08:49:
8b:4e:c4:86:25:fe:38:9a:ff:eb:5d:4b:5b:c6:1e:
2e:07:5b:64:80:a9:a6:2e:33:72:4a:85:00:bc:c1:
c3:5e:9c:8c:9b:52:8c:1a:de:f1:8e:aa:66:8a:e5:
b9:5f:1d:af:95:19:0e:2c:be:c7:c6:02:32:64:df:
5c:c7:b6:7f:39:ad:98:2f:85:da:88:0a:a0:eb:21:
fc:c1:bf:dc:c6:ed:6e:fc:3d:86:2e:d4:84:e6:be:
e1:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:F7:34:11:06:A6:54:E8:B1:44:2A:37:27:DC:30:5E:81:E4:2D:A5
X509v3 Authority Key Identifier:
keyid:29:7A:42:29:71:4F:34:E2:9D:3D:92:B2:5F:7B:59:C7:48:F0:DF:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXpCKXFPNOKdPZKyX3tZx0jw38Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
75:5e:fa:8f:73:f1:44:32:46:99:c9:18:96:7d:37:f0:dd:51:
ae:b1:70:f2:53:e7:38:14:3d:63:37:9e:78:51:61:ca:ca:23:
de:57:61:fe:81:38:4c:57:17:34:c0:c1:3b:9c:2a:ee:c0:2f:
29:be:49:80:a3:23:b3:49:53:30:83:01:f0:f0:0a:48:02:c5:
cb:1a:f8:a9:72:fb:be:f1:e8:b0:f3:3a:f3:71:02:63:9d:18:
36:0c:ef:48:f2:24:43:e9:69:af:62:bb:c3:81:ce:82:d4:df:
45:56:5f:51:4e:bf:bb:b1:93:59:2a:b4:a2:34:96:31:0d:44:
0b:e1:f3:c9:16:99:e2:25:45:7e:a5:c5:c9:cc:db:cd:72:56:
60:b9:6f:f3:69:79:59:55:d4:e9:c7:07:e3:75:eb:1b:e9:50:
55:5a:89:e0:14:9d:7f:99:98:b4:da:58:a9:ac:3e:b5:1e:e2:
ce:88:1f:9b:a2:44:d6:b4:0d:29:76:0f:37:26:55:eb:a8:79:
d5:62:2b:16:8b:4a:1b:02:91:59:40:8b:d9:1a:45:42:e9:cd:
1c:ba:fa:71:30:14:95:9c:88:84:65:98:89:5c:30:25:23:5f:
0e:4f:66:b9:fa:81:25:50:ce:df:f3:70:e0:6f:83:43:61:32:
28:f7:6c:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiWpXwVt4mfgowsJKzus9jSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2E0MjI5NzE0ZjM0ZTI5ZDNkOTJiMjVmN2I1OWM3NDhm
MGRmYzYwHhcNMjUwODExMDEwMTI0WhcNMjUwODEyMDEwMTI0WjAzMTEwLwYDVQQD
EygyZWY3MzQxMTA2YTY1NGU4YjE0NDJhMzcyN2RjMzA1ZTgxZTQyZGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnTR6lBjCUH67kZ7vlyozn0aXZmf
yvunhiXkMlO1lbiLKOCM1un0yoC+YokNb26EjRW23rO2pxCqU3n7q4dmhbe4H2iT
f2DeNCP/JZ0WYOCOOWETLAwap09DiAA3utDGsvyTlq4Gj4dX9JT56vHrHBrrqdMe
tefTtnVpOivjtvmw4/nDZZ22JLMlWO3aSSu6l1UGEOxSnUmiAp77O0xxqgoqCEmL
TsSGJf44mv/rXUtbxh4uB1tkgKmmLjNySoUAvMHDXpyMm1KMGt7xjqpmiuW5Xx2v
lRkOLL7HxgIyZN9cx7Z/Oa2YL4XaiAqg6yH8wb/cxu1u/D2GLtSE5r7hPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC73NBEGplTosUQqNyfcMF6B5C2lMB8GA1UdIwQY
MBaAFCl6QilxTzTinT2Ssl97WcdI8N/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1hwQ0tYRlBOT0tkUFpLeVgzdFp4MGp3MzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8xZDcyY2UtYmU0Yy00NDk4LWE4MjMt
M2FlYmM5ZjgxN2NlLzEvS1hwQ0tYRlBOT0tkUFpLeVgzdFp4MGp3MzhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8xZDcyY2UtYmU0Yy00NDk4LWE4MjMtM2FlYmM5ZjgxN2Nl
LzEvS1hwQ0tYRlBOT0tkUFpLeVgzdFp4MGp3MzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdV76j3Px
RDJGmckYln038N1RrrFw8lPnOBQ9YzeeeFFhysoj3ldh/oE4TFcXNMDBO5wq7sAv
Kb5JgKMjs0lTMIMB8PAKSALFyxr4qXL7vvHosPM683ECY50YNgzvSPIkQ+lpr2K7
w4HOgtTfRVZfUU6/u7GTWSq0ojSWMQ1EC+HzyRaZ4iVFfqXFyczbzXJWYLlv82l5
WVXU6ccH43XrG+lQVVqJ4BSdf5mYtNpYqaw+tR7izogfm6JE1rQNKXYPNyZV66h5
1WIrFotKGwKRWUCL2RpFQunNHLr6cTAUlZyIhGWYiVwwJSNfDk9mufqBJVDO3/Nw
4G+DQ2EyKPds7g==
-----END CERTIFICATE-----
Generated at Mon Aug 11 10:09:23 2025 by rpki-client