Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
File: KMID1l3y1lvbzzyINELdq1WjvN4.mft (raw, json)
Hash identifier: r4dMEZUKj2ClAaleLFxkaS35fEau3v9UvCvECjwEfN4=
Subject key identifier: FA:32:14:39:96:7F:40:4B:9D:C3:E2:7D:56:F0:AF:4A:70:CD:3A:BB
Authority key identifier: 28:C2:03:D6:5D:F2:D6:5B:DB:CF:3C:88:34:42:DD:AB:55:A3:BC:DE
Certificate issuer: /CN=28c203d65df2d65bdbcf3c883442ddab55a3bcde
Certificate serial: 019676B0C3F8F46366155959698B30474F84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KMID1l3y1lvbzzyINELdq1WjvN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
Manifest number: 0AFD
Signing time: Sun 27 Apr 2025 10:00:17 +0000
Manifest this update: Sun 27 Apr 2025 10:00:17 +0000
Manifest next update: Mon 28 Apr 2025 10:00:17 +0000
Files and hashes: 1: KMID1l3y1lvbzzyINELdq1WjvN4.crl (hash: VUqt4KOyGp/mdH6brUyXG8520aGPmx2BH3vkEyhtw38=)
2: kA_OSzYdIA2vmO2YYor5kHVNHTQ.roa (hash: na+fNS4+KPnZVKtvI9VPkmEDxvmlZJBhohUxDwUJWbE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
rsync://rpki.ripe.net/repository/DEFAULT/KMID1l3y1lvbzzyINELdq1WjvN4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 07:29:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:76:b0:c3:f8:f4:63:66:15:59:59:69:8b:30:47:4f:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28c203d65df2d65bdbcf3c883442ddab55a3bcde
Validity
Not Before: Apr 27 10:00:17 2025 GMT
Not After : Apr 28 10:00:17 2025 GMT
Subject: CN=fa321439967f404b9dc3e27d56f0af4a70cd3abb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e3:72:0c:75:24:4b:4b:86:91:87:06:e3:e5:
ad:46:b3:7e:74:d0:1d:51:51:61:ac:87:34:f0:ca:
87:b2:a5:3a:5f:a2:18:8a:4d:9c:ad:d0:c7:32:fd:
a6:5f:2d:c7:63:d5:57:9a:43:6f:60:f6:d9:76:dc:
f5:05:23:7b:4f:20:b9:d3:88:e9:3c:7e:55:65:24:
a4:c7:f4:04:88:70:14:8b:bd:43:00:28:6c:1c:06:
b0:91:7f:e7:7e:00:5f:4d:fe:e2:5f:10:43:96:d0:
b2:a0:32:8a:c3:fa:33:07:3c:6b:89:29:7f:19:33:
eb:6f:c5:df:53:2c:12:2b:a7:d0:9d:91:a0:71:0f:
c8:3c:ef:95:96:73:45:21:a8:2c:89:0b:72:c6:fe:
de:97:14:da:9b:40:b1:8d:ed:c9:6e:4e:bc:10:e9:
b7:24:7e:a0:af:e1:cd:58:23:2a:65:dd:b7:95:6c:
7f:c8:82:62:83:8b:10:d7:89:80:d8:0b:5a:02:dd:
a5:9d:9e:62:bd:71:67:2e:83:e8:65:6d:42:89:04:
b3:bb:bd:92:6e:b8:67:b3:3b:89:5c:79:1f:e6:4f:
47:1e:e3:85:1a:6b:7c:47:ac:45:46:53:f1:1e:51:
0d:1d:fd:c6:bb:f3:f2:e8:5e:7f:ad:80:7f:9b:c2:
05:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:32:14:39:96:7F:40:4B:9D:C3:E2:7D:56:F0:AF:4A:70:CD:3A:BB
X509v3 Authority Key Identifier:
keyid:28:C2:03:D6:5D:F2:D6:5B:DB:CF:3C:88:34:42:DD:AB:55:A3:BC:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMID1l3y1lvbzzyINELdq1WjvN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a5:e6:ce:d7:41:47:24:97:96:39:fe:a4:ce:fe:57:50:df:d6:
6e:07:6d:d6:b4:4a:d8:71:eb:eb:aa:f6:80:37:81:78:0a:52:
c1:9a:d6:05:5e:e5:17:46:11:63:46:1a:a7:1b:b9:56:38:d3:
d8:2c:ae:ff:20:81:28:70:b4:40:1e:ca:61:74:70:0a:7c:eb:
f2:cb:2a:b6:aa:e1:6d:ae:12:30:b2:6a:5d:c4:68:80:4d:3b:
f5:bd:43:43:9f:fd:a8:69:08:2a:eb:b4:e1:1b:02:dd:0f:e1:
da:d1:34:2b:49:fc:e9:88:52:1c:cc:e8:e2:a5:8d:b5:da:de:
b1:ce:07:0c:c2:bd:90:9b:a9:61:24:84:7b:ef:c9:55:9f:c2:
55:9e:a5:1e:1e:d2:9f:f3:d2:41:83:92:a1:0e:cc:b3:b8:2b:
37:b0:50:7b:6b:21:43:3b:d0:f6:6b:9f:55:e3:7f:33:b4:8d:
d4:9a:b1:4c:e9:9b:cc:3e:6e:75:45:17:f9:8b:30:5b:c2:45:
ff:d2:94:47:cf:d4:41:ac:bd:dc:08:b8:3b:e0:19:da:c9:9b:
22:76:7b:97:15:d4:a8:b3:8d:66:b8:33:e1:35:f2:86:69:ec:
be:6c:b5:cf:10:c4:7f:3a:18:04:fe:40:a3:ae:65:50:f6:f3:
cb:3e:ce:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2sMP49GNmFVlZaYswR0+EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YzIwM2Q2NWRmMmQ2NWJkYmNmM2M4ODM0NDJkZGFiNTVh
M2JjZGUwHhcNMjUwNDI3MTAwMDE3WhcNMjUwNDI4MTAwMDE3WjAzMTEwLwYDVQQD
EyhmYTMyMTQzOTk2N2Y0MDRiOWRjM2UyN2Q1NmYwYWY0YTcwY2QzYWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+NyDHUkS0uGkYcG4+WtRrN+dNAd
UVFhrIc08MqHsqU6X6IYik2crdDHMv2mXy3HY9VXmkNvYPbZdtz1BSN7TyC504jp
PH5VZSSkx/QEiHAUi71DAChsHAawkX/nfgBfTf7iXxBDltCyoDKKw/ozBzxriSl/
GTPrb8XfUywSK6fQnZGgcQ/IPO+VlnNFIagsiQtyxv7elxTam0Cxje3Jbk68EOm3
JH6gr+HNWCMqZd23lWx/yIJig4sQ14mA2AtaAt2lnZ5ivXFnLoPoZW1CiQSzu72S
brhnszuJXHkf5k9HHuOFGmt8R6xFRlPxHlENHf3Gu/Py6F5/rYB/m8IFVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPoyFDmWf0BLncPifVbwr0pwzTq7MB8GA1UdIwQY
MBaAFCjCA9Zd8tZb2888iDRC3atVo7zeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS01JRDFsM3kxbHZienp5SU5FTGRxMVdqdk40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS80OWMzZTEtMWY3Zi00ZTU4LWIwMmIt
ODg1OTIwNDMwMjZmLzEvS01JRDFsM3kxbHZienp5SU5FTGRxMVdqdk40Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS80OWMzZTEtMWY3Zi00ZTU4LWIwMmItODg1OTIwNDMwMjZm
LzEvS01JRDFsM3kxbHZienp5SU5FTGRxMVdqdk40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApebO10FH
JJeWOf6kzv5XUN/Wbgdt1rRK2HHr66r2gDeBeApSwZrWBV7lF0YRY0Yapxu5VjjT
2Cyu/yCBKHC0QB7KYXRwCnzr8ssqtqrhba4SMLJqXcRogE079b1DQ5/9qGkIKuu0
4RsC3Q/h2tE0K0n86YhSHMzo4qWNtdresc4HDMK9kJupYSSEe+/JVZ/CVZ6lHh7S
n/PSQYOSoQ7Ms7grN7BQe2shQzvQ9mufVeN/M7SN1JqxTOmbzD5udUUX+YswW8JF
/9KUR8/UQay93Ai4O+AZ2smbInZ7lxXUqLONZrgz4TXyhmnsvmy1zxDEfzoYBP5A
o65lUPbzyz7OOA==
-----END CERTIFICATE-----
Generated at Sun Apr 27 17:35:15 2025 by rpki-client