Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft
File: KBZKV1f91XJaYIRPKufvc7EHpMA.mft (raw, json)
Hash identifier: hqxoLC4B0Qk2jHM0LLCd/rkzJwIMS4CRJCGZLQzrVzk=
Subject key identifier: 25:5A:C9:49:64:DC:44:F1:02:B8:8E:69:B3:78:70:04:AA:40:CE:6F
Authority key identifier: 28:16:4A:57:57:FD:D5:72:5A:60:84:4F:2A:E7:EF:73:B1:07:A4:C0
Certificate issuer: /CN=28164a5757fdd5725a60844f2ae7ef73b107a4c0
Certificate serial: 01985043F81C97181835CB4DBF79E660E61B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft
Manifest number: 1602
Signing time: Mon 28 Jul 2025 09:01:28 +0000
Manifest this update: Mon 28 Jul 2025 09:01:28 +0000
Manifest next update: Tue 29 Jul 2025 09:01:28 +0000
Files and hashes: 1: KBZKV1f91XJaYIRPKufvc7EHpMA.crl (hash: UYKUobGwlInOt4q8HwKECLXdS1TyYGxMMskRaPY+I+Y=)
2: MhHg4JFChvahbVNUw3bJFSkkmEg.roa (hash: 4DOu8CWNY1OjDP1XSPeR4I2ZieWWV4v3/yu30qnq/P4=)
3: jPXAyTxRg6IHrumUsMVZCICaKwI.roa (hash: yu/3MPqNqBbwh5Kh6v8tYgtrr60bnzQOIu7M1/9ZqhU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:50:43:f8:1c:97:18:18:35:cb:4d:bf:79:e6:60:e6:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28164a5757fdd5725a60844f2ae7ef73b107a4c0
Validity
Not Before: Jul 28 09:01:28 2025 GMT
Not After : Jul 29 09:01:28 2025 GMT
Subject: CN=255ac94964dc44f102b88e69b3787004aa40ce6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:b8:1c:2c:11:e2:89:58:6a:f5:c7:9d:76:52:
64:4b:3f:89:da:de:55:0c:fa:53:26:2e:b0:f0:8e:
bd:16:0d:80:a7:5f:c2:9f:19:b0:f4:45:45:e1:5b:
22:30:6d:ea:b0:7a:83:a3:14:47:ee:27:80:17:51:
9b:82:a1:b5:62:65:99:9c:d3:96:89:6e:ae:47:5f:
ac:97:6f:db:ba:dd:af:aa:2e:1e:51:26:e1:81:e3:
2b:b3:ca:ec:35:a3:20:3d:3d:04:08:cd:7b:2f:26:
80:db:0b:9f:29:78:27:cc:5b:60:2c:a2:54:c9:b4:
2d:80:18:65:42:3d:8e:e9:7a:4f:2b:b6:09:f7:6e:
31:28:99:b3:0f:47:8e:e6:a5:96:9e:f1:9a:99:c5:
e9:f7:58:1c:7b:d2:c5:c3:51:80:23:47:e3:38:4f:
fa:d8:13:ae:ec:8b:dc:80:d8:a4:b2:3e:f1:1f:21:
da:58:ad:ac:96:92:a7:8f:43:06:8a:ae:b9:34:03:
ac:3f:34:8a:d0:74:4c:41:c3:dd:f8:60:99:75:85:
aa:d2:b0:91:2a:42:c1:e4:0e:77:da:93:b4:7b:95:
27:a5:e9:a8:63:28:48:0c:49:4c:6d:66:84:7d:6e:
27:6e:4e:8d:10:c8:19:65:a9:4f:29:36:a0:78:17:
6a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:5A:C9:49:64:DC:44:F1:02:B8:8E:69:B3:78:70:04:AA:40:CE:6F
X509v3 Authority Key Identifier:
keyid:28:16:4A:57:57:FD:D5:72:5A:60:84:4F:2A:E7:EF:73:B1:07:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b0:8f:ca:61:36:ba:e8:f9:8f:e9:b1:53:71:b5:16:e2:4a:70:
b0:d9:aa:30:49:8d:f9:e1:32:af:d9:21:88:a7:87:4a:ee:29:
8c:8a:b1:c5:0e:a5:7d:37:ad:3f:c2:d2:1c:95:35:08:ae:0c:
b1:a7:23:54:df:c5:cf:19:98:0c:29:88:c3:49:2f:98:53:2f:
34:63:e9:41:71:a8:26:8d:63:1f:2c:00:d4:6b:7d:c9:b9:2d:
23:67:f6:91:c6:e6:e8:c9:69:da:50:cc:fb:28:75:66:07:d0:
35:57:c9:24:53:63:a5:23:46:6f:f0:ce:dd:ef:9f:eb:0b:9c:
d8:1d:45:5c:1c:d6:b7:ce:8e:27:3c:42:91:16:d8:29:b8:3e:
ac:6f:f9:cb:eb:cb:68:c0:85:fa:17:62:13:00:cf:41:1d:0e:
cd:42:7f:74:99:65:b9:a3:c5:69:f8:64:1d:51:3a:e6:c8:b5:
92:60:7d:f3:f4:4d:dc:4d:27:de:6b:e2:48:d0:30:51:85:31:
db:d4:25:05:b2:b8:e8:3a:2c:40:15:c2:19:e4:3c:07:6d:f1:
0d:d6:7e:a6:df:35:1d:6e:3f:60:9a:e7:c2:35:b8:81:25:ab:
41:94:f9:c8:b5:58:17:54:47:01:2f:d7:ec:ab:8e:23:fe:26:
60:00:df:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhQQ/gclxgYNctNv3nmYOYbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTY0YTU3NTdmZGQ1NzI1YTYwODQ0ZjJhZTdlZjczYjEw
N2E0YzAwHhcNMjUwNzI4MDkwMTI4WhcNMjUwNzI5MDkwMTI4WjAzMTEwLwYDVQQD
EygyNTVhYzk0OTY0ZGM0NGYxMDJiODhlNjliMzc4NzAwNGFhNDBjZTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9bgcLBHiiVhq9ceddlJkSz+J2t5V
DPpTJi6w8I69Fg2Ap1/Cnxmw9EVF4VsiMG3qsHqDoxRH7ieAF1GbgqG1YmWZnNOW
iW6uR1+sl2/but2vqi4eUSbhgeMrs8rsNaMgPT0ECM17LyaA2wufKXgnzFtgLKJU
ybQtgBhlQj2O6XpPK7YJ924xKJmzD0eO5qWWnvGamcXp91gce9LFw1GAI0fjOE/6
2BOu7IvcgNiksj7xHyHaWK2slpKnj0MGiq65NAOsPzSK0HRMQcPd+GCZdYWq0rCR
KkLB5A532pO0e5UnpemoYyhIDElMbWaEfW4nbk6NEMgZZalPKTageBdqewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCVayUlk3ETxAriOabN4cASqQM5vMB8GA1UdIwQY
MBaAFCgWSldX/dVyWmCETyrn73OxB6TAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85NTUzNWItZTYzMC00NTdmLThhMDEt
YWVhZTViYmMzOTIwLzEvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85NTUzNWItZTYzMC00NTdmLThhMDEtYWVhZTViYmMzOTIw
LzEvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsI/KYTa6
6PmP6bFTcbUW4kpwsNmqMEmN+eEyr9khiKeHSu4pjIqxxQ6lfTetP8LSHJU1CK4M
sacjVN/FzxmYDCmIw0kvmFMvNGPpQXGoJo1jHywA1Gt9ybktI2f2kcbm6Mlp2lDM
+yh1ZgfQNVfJJFNjpSNGb/DO3e+f6wuc2B1FXBzWt86OJzxCkRbYKbg+rG/5y+vL
aMCF+hdiEwDPQR0OzUJ/dJlluaPFafhkHVE65si1kmB98/RN3E0n3mviSNAwUYUx
29QlBbK46DosQBXCGeQ8B23xDdZ+pt81HW4/YJrnwjW4gSWrQZT5yLVYF1RHAS/X
7KuOI/4mYADfNg==
-----END CERTIFICATE-----
Generated at Mon Jul 28 12:18:59 2025 by rpki-client