Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
File: kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft (raw, json)
Hash identifier: ZSasdZoUA4Np/SUxCcBkC3k+htVieBGEBq3dhr9wRxs=
Subject key identifier: 1C:B7:4F:B1:41:32:11:6A:65:65:67:25:74:83:46:7E:97:CB:7F:8C
Authority key identifier: 91:18:8C:A6:4C:46:70:A6:EB:56:B4:2A:50:A1:05:88:AD:96:47:EE
Certificate issuer: /CN=91188ca64c4670a6eb56b42a50a10588ad9647ee
Certificate serial: 019895C9800A20180234DEE4EDD647D84456
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
Manifest number: 0ABC
Signing time: Sun 10 Aug 2025 21:01:07 +0000
Manifest this update: Sun 10 Aug 2025 21:01:07 +0000
Manifest next update: Mon 11 Aug 2025 21:01:07 +0000
Files and hashes: 1: JyQo8VWrljsbu7fdBUyCLnp2fRo.roa (hash: PYNlAKDVxyxJWLdDPpsz5WMXt3MO3ZloO8y7DclxK3I=)
2: kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl (hash: Gm80SMkVse6yGHlOO2SAM2QC9RM2MTR+/Kohe13Gglw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 21:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:95:c9:80:0a:20:18:02:34:de:e4:ed:d6:47:d8:44:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91188ca64c4670a6eb56b42a50a10588ad9647ee
Validity
Not Before: Aug 10 21:01:07 2025 GMT
Not After : Aug 11 21:01:07 2025 GMT
Subject: CN=1cb74fb14132116a656567257483467e97cb7f8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:a6:86:d6:d8:d5:08:61:5d:da:22:68:0a:76:
a6:c8:22:f2:c8:ff:7e:52:0b:17:a5:c0:4d:67:64:
37:fb:47:ce:d5:9f:9a:5a:64:54:6c:7a:d2:fd:42:
a4:59:e9:32:28:1a:3f:ee:b3:bf:4f:6c:7c:59:57:
ce:68:62:c7:0b:69:46:16:21:7e:21:dc:ef:7a:c3:
85:5a:10:45:f5:93:3a:42:b3:2b:27:96:48:3c:ca:
9b:62:22:ec:dd:6a:7b:4e:d1:ca:04:97:46:39:5f:
ea:9a:c3:64:87:4d:0f:d9:04:f0:b0:99:6f:95:cd:
25:61:37:37:8e:93:01:52:0b:e2:fa:d2:06:29:92:
5d:60:ec:2f:42:bc:83:ca:4f:3d:d3:9e:37:fa:f5:
fa:41:67:fa:63:b1:fd:5f:51:34:98:b2:e7:bf:91:
eb:f7:c8:49:28:11:a1:87:f8:ae:ef:17:71:3f:ee:
05:f8:5c:d7:73:51:40:d0:cf:57:49:62:9c:fd:46:
73:2c:90:e7:2d:ef:b7:88:99:11:9f:23:ba:b0:3c:
21:4b:65:96:ae:52:31:77:af:1f:27:95:7c:56:e5:
12:ea:a8:75:89:63:68:8b:54:d6:b1:90:76:0e:70:
07:78:89:37:85:89:87:0c:30:4c:dd:06:66:d8:2a:
c5:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:B7:4F:B1:41:32:11:6A:65:65:67:25:74:83:46:7E:97:CB:7F:8C
X509v3 Authority Key Identifier:
keyid:91:18:8C:A6:4C:46:70:A6:EB:56:B4:2A:50:A1:05:88:AD:96:47:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:ce:4f:67:0e:db:be:54:84:a3:37:7b:1c:be:f6:fc:20:b6:
2a:ad:78:ff:48:a3:87:ad:a4:4e:f1:24:2e:fd:0f:71:c4:30:
da:53:ca:d9:d3:d0:52:44:de:d8:40:4e:ee:5f:c4:11:fd:a8:
d9:cd:19:f6:eb:21:55:e4:23:e7:59:4a:1e:c9:3d:aa:df:dd:
c4:40:44:6f:11:f3:52:6f:80:b3:7b:91:af:5f:86:c5:b5:93:
26:32:b1:bb:f6:56:51:09:b3:10:11:80:1e:07:3f:a5:98:9f:
c4:11:f8:54:c7:16:56:84:2f:d1:bf:3a:c4:25:53:48:fa:fa:
ad:63:cd:db:89:48:d4:a1:dd:7d:f9:42:85:91:e4:30:5e:9f:
b2:2b:5e:93:98:ca:43:fa:4b:45:ac:d6:8a:f6:4e:a0:0d:ac:
51:8e:c9:b1:3a:2b:43:1d:11:23:59:63:b6:63:67:33:e8:06:
b1:92:ae:bf:79:f8:96:5a:76:1f:49:a4:c2:ce:88:41:90:43:
5c:58:2e:c4:66:41:43:8c:05:0a:b3:65:d3:80:1f:e2:bf:c0:
08:ec:4e:b6:3a:80:f5:05:13:66:0d:56:bd:d5:d6:31:fa:0c:
c1:31:05:d2:e8:63:3b:b3:70:51:ae:6c:ba:89:f5:10:0e:d4:
8b:76:21:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiVyYAKIBgCNN7k7dZH2ERWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMTg4Y2E2NGM0NjcwYTZlYjU2YjQyYTUwYTEwNTg4YWQ5
NjQ3ZWUwHhcNMjUwODEwMjEwMTA3WhcNMjUwODExMjEwMTA3WjAzMTEwLwYDVQQD
EygxY2I3NGZiMTQxMzIxMTZhNjU2NTY3MjU3NDgzNDY3ZTk3Y2I3ZjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3aaG1tjVCGFd2iJoCnamyCLyyP9+
UgsXpcBNZ2Q3+0fO1Z+aWmRUbHrS/UKkWekyKBo/7rO/T2x8WVfOaGLHC2lGFiF+
IdzvesOFWhBF9ZM6QrMrJ5ZIPMqbYiLs3Wp7TtHKBJdGOV/qmsNkh00P2QTwsJlv
lc0lYTc3jpMBUgvi+tIGKZJdYOwvQryDyk890543+vX6QWf6Y7H9X1E0mLLnv5Hr
98hJKBGhh/iu7xdxP+4F+FzXc1FA0M9XSWKc/UZzLJDnLe+3iJkRnyO6sDwhS2WW
rlIxd68fJ5V8VuUS6qh1iWNoi1TWsZB2DnAHeIk3hYmHDDBM3QZm2CrF9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBy3T7FBMhFqZWVnJXSDRn6Xy3+MMB8GA1UdIwQY
MBaAFJEYjKZMRnCm61a0KlChBYitlkfuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8zMWQ2YzEtMTE0Ni00NTg4LTgzOGQt
MTQ3MTc3YjgzN2RlLzEva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8zMWQ2YzEtMTE0Ni00NTg4LTgzOGQtMTQ3MTc3YjgzN2Rl
LzEva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZM5PZw7b
vlSEozd7HL72/CC2Kq14/0ijh62kTvEkLv0PccQw2lPK2dPQUkTe2EBO7l/EEf2o
2c0Z9ushVeQj51lKHsk9qt/dxEBEbxHzUm+As3uRr1+GxbWTJjKxu/ZWUQmzEBGA
Hgc/pZifxBH4VMcWVoQv0b86xCVTSPr6rWPN24lI1KHdfflChZHkMF6fsitek5jK
Q/pLRazWivZOoA2sUY7JsTorQx0RI1ljtmNnM+gGsZKuv3n4llp2H0mkws6IQZBD
XFguxGZBQ4wFCrNl04Af4r/ACOxOtjqA9QUTZg1WvdXWMfoMwTEF0uhjO7NwUa5s
uon1EA7Ui3YhzQ==
-----END CERTIFICATE-----
Generated at Mon Aug 11 04:21:08 2025 by rpki-client