
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.mft
File: KVZYS3DOhHwam0AFSLFNsDG-3_I.mft (raw, json)
Hash identifier: 7hRcflAFrRfyL+JmITvO5pjyjjc48mt8r4IsqRz1ir8=
Subject key identifier: 32:B9:CC:6A:00:08:77:F9:67:31:D8:7B:19:9D:29:DA:3A:5F:93:A5
Authority key identifier: 29:56:58:4B:70:CE:84:7C:1A:9B:40:05:48:B1:4D:B0:31:BE:DF:F2
Certificate issuer: /CN=2956584b70ce847c1a9b400548b14db031bedff2
Certificate serial: 01983984115E00B1ED34B74BB618C0D6092E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.mft
Manifest number: 08DD
Signing time: Wed 23 Jul 2025 23:00:12 +0000
Manifest this update: Wed 23 Jul 2025 23:00:12 +0000
Manifest next update: Thu 24 Jul 2025 23:00:12 +0000
Files and hashes: 1: Hg9ftZU-9AaUb-uuud6YLmFeeqc.roa (hash: kIMrWnLBKnZqV6WvzFWIcWQTCQyb5mE+suXdE7Wee/M=)
2: KVZYS3DOhHwam0AFSLFNsDG-3_I.crl (hash: 0nsP09Ufj5IQKkToQXnxvqJDqubSOSqlAxCqEkkmQHs=)
3: UY5PADzbeIj93cBuCOAZIezRods.roa (hash: 94p+JoB1n19vWg1B3h2izrs5nmNxhhnj9iR596bjT+I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.mft
rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:39:84:11:5e:00:b1:ed:34:b7:4b:b6:18:c0:d6:09:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2956584b70ce847c1a9b400548b14db031bedff2
Validity
Not Before: Jul 23 23:00:12 2025 GMT
Not After : Jul 24 23:00:12 2025 GMT
Subject: CN=32b9cc6a000877f96731d87b199d29da3a5f93a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:2d:f0:40:a8:33:67:20:2e:27:70:a1:57:eb:
40:31:89:1e:c4:6f:9c:a5:62:b5:26:c3:94:ed:0e:
3f:f0:07:2e:7e:26:7f:f5:d5:4e:cd:2f:bc:42:48:
2c:9e:23:08:de:24:41:55:9a:92:64:ec:99:ca:aa:
21:c2:93:31:7b:be:4e:9e:cb:95:a2:a2:f5:af:61:
9a:73:51:3f:5e:06:ab:fc:70:0a:56:fd:bf:5f:b8:
f4:66:15:cd:b6:f4:9c:37:9c:c0:0c:fb:25:60:f9:
a0:4d:23:b9:f6:a9:fe:4a:f4:99:3c:5b:e3:97:6a:
48:e5:b9:ec:fd:3b:be:cf:7e:f1:c4:c3:32:f4:fb:
bc:23:6a:ff:93:f5:e0:c1:1a:3c:98:14:25:c8:10:
13:eb:58:de:36:d4:52:cc:b3:39:a1:e0:14:9d:e4:
3f:76:8c:3a:32:69:f7:23:48:81:1f:e8:4c:e9:9e:
79:be:b8:b7:17:33:6a:f4:d9:54:08:a5:75:3b:b6:
df:c4:31:6a:db:ee:70:70:3e:fd:3c:27:d0:f4:f6:
26:19:17:a6:4b:76:fb:82:a5:21:9f:e2:2d:bd:d8:
96:8e:8f:b4:01:e4:6c:bf:82:e1:60:33:d2:f5:99:
66:f9:49:a5:95:0a:a9:d8:80:8d:1b:9e:1a:1b:65:
f2:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:B9:CC:6A:00:08:77:F9:67:31:D8:7B:19:9D:29:DA:3A:5F:93:A5
X509v3 Authority Key Identifier:
keyid:29:56:58:4B:70:CE:84:7C:1A:9B:40:05:48:B1:4D:B0:31:BE:DF:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
85:a4:ae:b5:fb:c5:b0:98:2b:05:24:fa:52:a6:8d:84:86:2c:
ff:92:97:6c:dd:1b:6e:4e:a5:c0:79:14:b3:97:42:c5:8d:28:
f2:df:f6:59:c8:1d:a2:64:c1:a0:db:59:84:a7:02:fd:17:c6:
19:a5:a1:9f:77:70:a4:23:d9:20:c9:f2:c5:3c:2d:f7:ca:88:
03:0d:89:f5:4d:ee:c4:dc:5a:51:43:e2:c8:ec:89:3d:43:ec:
e1:6b:4e:49:11:96:6a:7c:51:0e:b9:a4:8b:b8:57:00:45:62:
48:7d:51:99:f1:15:02:5b:eb:81:c5:22:85:a7:f8:48:0b:c5:
2a:72:5c:e7:8a:cc:a7:c8:93:11:1f:3d:e7:10:85:73:ad:c5:
99:96:e9:02:1f:ad:e5:44:fd:db:85:5c:0e:d1:a3:33:fe:b6:
a2:06:a8:ea:63:5e:9d:30:70:22:fa:b7:d1:dc:37:c4:c1:9f:
de:c1:02:89:16:9f:56:00:87:d9:56:1b:45:26:9f:cf:8d:a4:
a3:d1:40:ff:e6:9e:93:a3:1a:75:fa:28:cb:ae:20:1a:e3:d1:
31:12:7c:26:49:b7:49:30:29:43:94:65:3a:3b:5a:71:96:d8:
a0:d7:3c:82:7f:64:98:a8:a6:97:92:f2:62:01:fa:18:37:99:
2d:ee:45:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZg5hBFeALHtNLdLthjA1gkuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NTY1ODRiNzBjZTg0N2MxYTliNDAwNTQ4YjE0ZGIwMzFi
ZWRmZjIwHhcNMjUwNzIzMjMwMDEyWhcNMjUwNzI0MjMwMDEyWjAzMTEwLwYDVQQD
EygzMmI5Y2M2YTAwMDg3N2Y5NjczMWQ4N2IxOTlkMjlkYTNhNWY5M2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwS3wQKgzZyAuJ3ChV+tAMYkexG+c
pWK1JsOU7Q4/8AcufiZ/9dVOzS+8QkgsniMI3iRBVZqSZOyZyqohwpMxe75OnsuV
oqL1r2Gac1E/Xgar/HAKVv2/X7j0ZhXNtvScN5zADPslYPmgTSO59qn+SvSZPFvj
l2pI5bns/Tu+z37xxMMy9Pu8I2r/k/XgwRo8mBQlyBAT61jeNtRSzLM5oeAUneQ/
dow6Mmn3I0iBH+hM6Z55vri3FzNq9NlUCKV1O7bfxDFq2+5wcD79PCfQ9PYmGRem
S3b7gqUhn+ItvdiWjo+0AeRsv4LhYDPS9Zlm+UmllQqp2ICNG54aG2XyfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDK5zGoACHf5ZzHYexmdKdo6X5OlMB8GA1UdIwQY
MBaAFClWWEtwzoR8GptABUixTbAxvt/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi82NGZlN2QtODYyZC00ZTFhLTlmZDAt
MDZiNDFlZjEzOThkLzEvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi82NGZlN2QtODYyZC00ZTFhLTlmZDAtMDZiNDFlZjEzOThk
LzEvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhaSutfvF
sJgrBST6UqaNhIYs/5KXbN0bbk6lwHkUs5dCxY0o8t/2WcgdomTBoNtZhKcC/RfG
GaWhn3dwpCPZIMnyxTwt98qIAw2J9U3uxNxaUUPiyOyJPUPs4WtOSRGWanxRDrmk
i7hXAEViSH1RmfEVAlvrgcUihaf4SAvFKnJc54rMp8iTER895xCFc63FmZbpAh+t
5UT924VcDtGjM/62ogao6mNenTBwIvq30dw3xMGf3sECiRafVgCH2VYbRSafz42k
o9FA/+aek6Madfooy64gGuPRMRJ8Jkm3STApQ5RlOjtacZbYoNc8gn9kmKiml5Ly
YgH6GDeZLe5FMw==
-----END CERTIFICATE-----
Generated at Thu Jul 24 04:51:07 2025 by rpki-client