Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
File: KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft (raw, json)
Hash identifier: ixm+4oTbLquIhGwKRC78IfaUwRrHQ6dSZAS+o4c56Jc=
Subject key identifier: F6:E0:CB:92:B0:BE:0F:C0:F7:39:C8:82:19:05:F3:9D:89:86:C7:EA
Authority key identifier: 28:36:24:00:7F:44:DC:AF:56:8C:37:0E:7F:71:F9:50:CB:19:40:EF
Certificate issuer: /CN=283624007f44dcaf568c370e7f71f950cb1940ef
Certificate serial: 0196598232336FCB0244338FE7AA0D3C86B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
Manifest number: 067B
Signing time: Mon 21 Apr 2025 18:00:26 +0000
Manifest this update: Mon 21 Apr 2025 18:00:26 +0000
Manifest next update: Tue 22 Apr 2025 18:00:26 +0000
Files and hashes: 1: 8nNgOGtBQWNTilGRrMmNlFZZwGM.roa (hash: mOJcQQ3vA0VCC5mkB6hJglG7LUq/Vu6wljMQaBgi+dM=)
2: KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl (hash: v/qJjwSUEcWkTeOv4gEzAyBK3rS7NuowSPoo0Cw4F2c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:59:82:32:33:6f:cb:02:44:33:8f:e7:aa:0d:3c:86:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=283624007f44dcaf568c370e7f71f950cb1940ef
Validity
Not Before: Apr 21 18:00:26 2025 GMT
Not After : Apr 22 18:00:26 2025 GMT
Subject: CN=f6e0cb92b0be0fc0f739c8821905f39d8986c7ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d9:f6:ea:f3:85:52:5f:29:8d:05:e3:78:43:
1e:1f:99:a4:ba:ef:84:d4:94:e2:52:60:e9:d6:d5:
73:c3:61:87:1c:67:60:46:08:b7:79:bb:99:5a:38:
4f:bb:d1:99:cc:52:f5:92:16:81:47:d6:1c:55:08:
de:05:13:62:1d:fd:9a:d3:79:ef:01:ac:60:87:11:
13:d0:17:eb:d3:9b:bf:97:82:4b:7e:d7:4e:51:81:
16:95:27:f5:0d:d7:6a:3a:79:ab:bb:b0:3e:0f:f9:
82:b5:e0:7c:6b:61:9f:f5:77:7d:1d:1b:ce:e5:f8:
a7:f8:92:38:7e:77:ef:c6:f5:e7:2d:71:f5:b7:56:
67:6c:57:91:98:56:ee:b5:89:42:4b:4a:21:00:2d:
e3:cd:62:68:94:44:a6:8a:a3:1f:6c:42:91:fe:55:
5b:98:20:72:15:38:f2:86:04:b7:68:dd:4d:d9:ad:
a1:af:a0:57:fa:cd:8c:01:a2:ab:61:6f:e4:50:cb:
3f:79:3c:14:fe:fb:6f:c2:e0:1f:cf:4a:45:7a:52:
aa:b0:84:18:ed:79:21:0a:20:1f:c5:22:48:63:0a:
37:a0:62:e2:ac:39:ad:43:87:63:81:77:9c:83:b5:
a5:01:7f:41:63:c3:bf:6a:66:54:60:16:14:ad:9a:
b2:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:E0:CB:92:B0:BE:0F:C0:F7:39:C8:82:19:05:F3:9D:89:86:C7:EA
X509v3 Authority Key Identifier:
keyid:28:36:24:00:7F:44:DC:AF:56:8C:37:0E:7F:71:F9:50:CB:19:40:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
91:e6:ae:f4:22:e2:48:18:f3:29:f7:80:45:35:05:26:2d:2b:
15:1a:9f:83:42:27:9a:66:57:3a:eb:ce:c4:1c:64:f5:1c:06:
c4:2f:dc:c0:85:6a:68:65:b4:07:1e:a4:e5:fd:0b:81:76:17:
70:dc:40:ff:e1:b9:b7:ee:40:56:d7:e5:d1:c3:ff:55:74:32:
ff:17:b6:79:14:47:6d:d0:d3:15:40:c9:54:ca:f1:27:81:6e:
33:d2:7c:65:05:f0:48:06:53:5a:47:04:f2:c0:0d:23:c5:1a:
59:c9:85:d6:3d:aa:8e:6f:fd:bb:81:53:48:cd:02:1a:eb:5e:
6d:5a:54:9d:8e:bd:40:c3:68:67:58:1f:43:3d:1b:6e:e3:b9:
6a:3c:54:2c:90:bc:df:a4:e5:b7:37:79:4d:88:0b:85:c0:71:
17:ca:30:e3:a8:8a:75:4e:44:b5:bc:e0:9c:73:e3:dd:4b:d7:
69:60:e1:ac:12:62:b5:52:4f:f7:70:05:da:57:41:1f:8e:8a:
ab:50:d1:de:cc:59:f3:84:88:d0:6a:62:c9:4a:5f:e9:15:df:
e3:1c:43:63:7c:32:9a:f7:65:59:cd:b9:5e:2b:f8:8e:a8:9e:
d0:18:d4:d3:99:f3:3d:27:0d:e8:9a:14:aa:8f:36:2b:f7:02:
e1:2c:56:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZgjIzb8sCRDOP56oNPIa0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MzYyNDAwN2Y0NGRjYWY1NjhjMzcwZTdmNzFmOTUwY2Ix
OTQwZWYwHhcNMjUwNDIxMTgwMDI2WhcNMjUwNDIyMTgwMDI2WjAzMTEwLwYDVQQD
EyhmNmUwY2I5MmIwYmUwZmMwZjczOWM4ODIxOTA1ZjM5ZDg5ODZjN2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Nn26vOFUl8pjQXjeEMeH5mkuu+E
1JTiUmDp1tVzw2GHHGdgRgi3ebuZWjhPu9GZzFL1khaBR9YcVQjeBRNiHf2a03nv
AaxghxET0Bfr05u/l4JLftdOUYEWlSf1DddqOnmru7A+D/mCteB8a2Gf9Xd9HRvO
5fin+JI4fnfvxvXnLXH1t1ZnbFeRmFbutYlCS0ohAC3jzWJolESmiqMfbEKR/lVb
mCByFTjyhgS3aN1N2a2hr6BX+s2MAaKrYW/kUMs/eTwU/vtvwuAfz0pFelKqsIQY
7XkhCiAfxSJIYwo3oGLirDmtQ4djgXecg7WlAX9BY8O/amZUYBYUrZqyXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPbgy5Kwvg/A9znIghkF852JhsfqMB8GA1UdIwQY
MBaAFCg2JAB/RNyvVow3Dn9x+VDLGUDvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82MGM3MjQtYTAwNS00NmQ3LTg0NTIt
MTZjZTMzOTAxNmEwLzEvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82MGM3MjQtYTAwNS00NmQ3LTg0NTItMTZjZTMzOTAxNmEw
LzEvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkeau9CLi
SBjzKfeARTUFJi0rFRqfg0InmmZXOuvOxBxk9RwGxC/cwIVqaGW0Bx6k5f0LgXYX
cNxA/+G5t+5AVtfl0cP/VXQy/xe2eRRHbdDTFUDJVMrxJ4FuM9J8ZQXwSAZTWkcE
8sANI8UaWcmF1j2qjm/9u4FTSM0CGutebVpUnY69QMNoZ1gfQz0bbuO5ajxULJC8
36Tltzd5TYgLhcBxF8ow46iKdU5EtbzgnHPj3UvXaWDhrBJitVJP93AF2ldBH46K
q1DR3sxZ84SI0GpiyUpf6RXf4xxDY3wymvdlWc25Xiv4jqie0BjU05nzPScN6JoU
qo82K/cC4SxW2Q==
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:12:03 2025 by rpki-client