Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft
File: KBZKV1f91XJaYIRPKufvc7EHpMA.mft (raw, json)
Hash identifier: SaS8bfCVYgBDYYRG7emYpdA4rgRQauXCi7dZxnomiN4=
Subject key identifier: 6B:38:7A:24:4E:96:8C:D3:0B:3A:EA:D7:A9:D4:9D:7B:25:D7:1D:5C
Authority key identifier: 28:16:4A:57:57:FD:D5:72:5A:60:84:4F:2A:E7:EF:73:B1:07:A4:C0
Certificate issuer: /CN=28164a5757fdd5725a60844f2ae7ef73b107a4c0
Certificate serial: 0196545BEE9600B9CD65CE5DFAA2DB4C54BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft
Manifest number: 14FB
Signing time: Sun 20 Apr 2025 18:00:32 +0000
Manifest this update: Sun 20 Apr 2025 18:00:32 +0000
Manifest next update: Mon 21 Apr 2025 18:00:32 +0000
Files and hashes: 1: KBZKV1f91XJaYIRPKufvc7EHpMA.crl (hash: IGuOu2Mc+ex57NKhMJ0KAU6BSHzl/Mm+C4Ol1WsWSMk=)
2: MhHg4JFChvahbVNUw3bJFSkkmEg.roa (hash: 4DOu8CWNY1OjDP1XSPeR4I2ZieWWV4v3/yu30qnq/P4=)
3: jPXAyTxRg6IHrumUsMVZCICaKwI.roa (hash: yu/3MPqNqBbwh5Kh6v8tYgtrr60bnzQOIu7M1/9ZqhU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:54:5b:ee:96:00:b9:cd:65:ce:5d:fa:a2:db:4c:54:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28164a5757fdd5725a60844f2ae7ef73b107a4c0
Validity
Not Before: Apr 20 18:00:32 2025 GMT
Not After : Apr 21 18:00:32 2025 GMT
Subject: CN=6b387a244e968cd30b3aead7a9d49d7b25d71d5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:6b:03:11:ef:9d:40:ec:d9:c6:37:6e:97:ad:
86:c5:65:8c:39:4a:8d:34:b6:ed:b4:08:77:b5:4b:
4e:0d:5e:30:ef:33:0c:4c:9c:78:db:a8:b4:8b:d4:
02:1e:5d:52:c0:40:fe:45:90:0c:c4:32:40:2d:75:
0b:4b:3b:8a:af:1d:53:6c:cf:68:3a:27:56:8b:41:
35:bf:93:f0:3c:f8:d3:1d:7b:72:e4:90:0a:da:aa:
30:a2:23:7b:b9:ed:a0:1e:c4:74:bf:b2:c1:0c:73:
2a:04:71:1f:60:30:cf:4c:26:33:a0:d3:65:a1:4c:
0f:cb:da:1d:d8:e4:a5:a1:9a:ba:48:87:25:4d:46:
39:bb:ea:00:ec:72:ef:4e:86:8a:bb:63:5b:46:2a:
77:ca:9a:74:e2:15:e0:f0:4d:b5:8a:c7:60:37:df:
82:26:b5:2c:cd:8c:e6:a0:f5:f6:38:51:eb:ba:bb:
4e:49:cc:0a:64:4f:96:49:f8:f2:0e:3c:d1:de:c9:
d0:f8:7d:06:08:2b:70:b1:c1:fa:bb:6c:60:c8:9f:
b4:b4:31:20:ae:59:91:b5:94:e0:f2:6e:0f:c0:5c:
2e:03:ee:ff:da:4f:33:c3:f8:e1:17:20:88:6a:ca:
79:82:2f:28:66:91:37:7e:7f:39:9d:b6:b0:15:86:
91:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:38:7A:24:4E:96:8C:D3:0B:3A:EA:D7:A9:D4:9D:7B:25:D7:1D:5C
X509v3 Authority Key Identifier:
keyid:28:16:4A:57:57:FD:D5:72:5A:60:84:4F:2A:E7:EF:73:B1:07:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
34:f9:71:96:ee:41:cc:a9:c1:3e:39:64:e7:9d:06:7c:7b:be:
0a:42:05:f9:83:e8:f9:7c:b6:ca:c6:f5:17:6b:52:22:f9:e0:
be:cc:3d:93:93:d9:62:ae:c4:41:a5:04:7c:84:32:7e:a0:c4:
69:02:8b:3f:67:a3:df:35:76:50:a4:62:b5:d1:1c:9a:e0:d8:
2e:ec:b0:0d:f0:4c:6c:80:9d:a7:7b:e3:ee:48:e3:bf:c4:eb:
a0:ec:05:57:11:74:b9:16:ab:0f:23:4e:fe:cb:66:03:d9:3c:
14:1c:ae:0c:5f:e8:d0:d2:c1:bb:e0:47:bf:d6:79:2b:90:a1:
9d:0d:de:12:82:35:13:c0:0f:70:71:90:76:82:c8:89:80:59:
3a:73:ef:39:dc:d6:33:df:15:90:95:c1:b2:70:61:d1:0b:09:
c9:bc:7a:14:32:a5:6e:29:cf:5b:46:cb:e0:85:fa:cf:30:4f:
2b:20:73:17:c3:9f:99:e7:dd:fe:2e:a7:49:ee:17:00:5c:90:
5a:b9:d1:2e:d4:f3:5e:be:fc:d8:c6:dd:a1:6a:47:74:1e:a4:
33:e9:27:83:b3:eb:10:58:3b:b3:b9:4e:ba:67:04:68:d2:de:
2b:c9:fd:2f:1b:a4:c7:7d:35:cc:db:79:58:74:4a:24:7a:01:
0d:8b:0e:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUW+6WALnNZc5d+qLbTFS6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTY0YTU3NTdmZGQ1NzI1YTYwODQ0ZjJhZTdlZjczYjEw
N2E0YzAwHhcNMjUwNDIwMTgwMDMyWhcNMjUwNDIxMTgwMDMyWjAzMTEwLwYDVQQD
Eyg2YjM4N2EyNDRlOTY4Y2QzMGIzYWVhZDdhOWQ0OWQ3YjI1ZDcxZDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WsDEe+dQOzZxjdul62GxWWMOUqN
NLbttAh3tUtODV4w7zMMTJx426i0i9QCHl1SwED+RZAMxDJALXULSzuKrx1TbM9o
OidWi0E1v5PwPPjTHXty5JAK2qowoiN7ue2gHsR0v7LBDHMqBHEfYDDPTCYzoNNl
oUwPy9od2OSloZq6SIclTUY5u+oA7HLvToaKu2NbRip3ypp04hXg8E21isdgN9+C
JrUszYzmoPX2OFHrurtOScwKZE+WSfjyDjzR3snQ+H0GCCtwscH6u2xgyJ+0tDEg
rlmRtZTg8m4PwFwuA+7/2k8zw/jhFyCIasp5gi8oZpE3fn85nbawFYaRmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGs4eiROlozTCzrq16nUnXsl1x1cMB8GA1UdIwQY
MBaAFCgWSldX/dVyWmCETyrn73OxB6TAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85NTUzNWItZTYzMC00NTdmLThhMDEt
YWVhZTViYmMzOTIwLzEvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85NTUzNWItZTYzMC00NTdmLThhMDEtYWVhZTViYmMzOTIw
LzEvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANPlxlu5B
zKnBPjlk550GfHu+CkIF+YPo+Xy2ysb1F2tSIvngvsw9k5PZYq7EQaUEfIQyfqDE
aQKLP2ej3zV2UKRitdEcmuDYLuywDfBMbICdp3vj7kjjv8TroOwFVxF0uRarDyNO
/stmA9k8FByuDF/o0NLBu+BHv9Z5K5ChnQ3eEoI1E8APcHGQdoLIiYBZOnPvOdzW
M98VkJXBsnBh0QsJybx6FDKlbinPW0bL4IX6zzBPKyBzF8Ofmefd/i6nSe4XAFyQ
WrnRLtTzXr782MbdoWpHdB6kM+kng7PrEFg7s7lOumcEaNLeK8n9Lxukx301zNt5
WHRKJHoBDYsOJQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 21:42:07 2025 by rpki-client