
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.mft
File: KVZYS3DOhHwam0AFSLFNsDG-3_I.mft (raw, json)
Hash identifier: rI7gIJRifzFt/5bvDZeMdnI7AYeHjmZzUfHrhWK7Ecw=
Subject key identifier: 78:8A:4D:5B:6C:AE:E6:8C:52:E4:C6:26:27:98:B2:F4:D5:4F:62:4A
Authority key identifier: 29:56:58:4B:70:CE:84:7C:1A:9B:40:05:48:B1:4D:B0:31:BE:DF:F2
Certificate issuer: /CN=2956584b70ce847c1a9b400548b14db031bedff2
Certificate serial: 019831CB0673AF9467E44021C8A3A94B04FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.mft
Manifest number: 08D9
Signing time: Tue 22 Jul 2025 11:00:45 +0000
Manifest this update: Tue 22 Jul 2025 11:00:45 +0000
Manifest next update: Wed 23 Jul 2025 11:00:45 +0000
Files and hashes: 1: Hg9ftZU-9AaUb-uuud6YLmFeeqc.roa (hash: kIMrWnLBKnZqV6WvzFWIcWQTCQyb5mE+suXdE7Wee/M=)
2: KVZYS3DOhHwam0AFSLFNsDG-3_I.crl (hash: //e1TOGf84cGISYCfDKpkKtGrR6VvyROMXtypMurk7o=)
3: UY5PADzbeIj93cBuCOAZIezRods.roa (hash: 94p+JoB1n19vWg1B3h2izrs5nmNxhhnj9iR596bjT+I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.mft
rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 11:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:31:cb:06:73:af:94:67:e4:40:21:c8:a3:a9:4b:04:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2956584b70ce847c1a9b400548b14db031bedff2
Validity
Not Before: Jul 22 11:00:45 2025 GMT
Not After : Jul 23 11:00:45 2025 GMT
Subject: CN=788a4d5b6caee68c52e4c6262798b2f4d54f624a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7b:57:c7:db:9b:20:c7:53:58:80:b7:3a:3d:
f6:09:ec:17:38:07:8b:0b:f6:d3:88:bd:fe:14:a3:
8b:ed:b1:74:d3:88:53:12:11:af:0a:56:d3:85:c0:
ec:bc:a8:e2:1c:9a:0b:50:c3:81:82:ba:57:74:81:
a1:4a:c9:be:d1:1e:20:d8:1a:bc:64:67:8f:86:4a:
a5:40:a5:80:13:b5:59:ae:0c:0e:61:d7:50:7e:dd:
34:7c:af:10:2c:13:fb:98:50:7a:01:24:38:bd:c1:
10:5c:ed:c5:1d:7c:da:a2:d6:53:9d:d3:b1:13:22:
6c:52:ab:6c:96:4d:63:08:4d:3e:bd:2a:a0:86:a3:
b8:d5:31:4a:8e:a8:3c:02:9f:28:d3:f2:a2:03:0b:
57:78:f6:8c:2a:42:28:46:a1:18:93:1d:1d:6b:5a:
ec:02:00:c1:bb:68:59:76:9a:00:98:9a:bc:2e:f4:
a0:0c:b1:c5:70:28:f3:2e:a2:3e:36:db:b0:21:c1:
76:1a:25:77:04:67:7e:d5:12:cb:94:4e:9d:d4:5d:
37:fb:48:09:f9:48:4c:f5:ca:2c:05:39:a8:07:63:
80:e4:75:6d:0c:f5:20:d3:9a:1d:e7:1c:4b:e9:ce:
82:f9:c1:ec:7a:51:9e:82:4c:64:40:93:5f:ec:07:
95:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:8A:4D:5B:6C:AE:E6:8C:52:E4:C6:26:27:98:B2:F4:D5:4F:62:4A
X509v3 Authority Key Identifier:
keyid:29:56:58:4B:70:CE:84:7C:1A:9B:40:05:48:B1:4D:B0:31:BE:DF:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
43:bb:81:4b:fa:b9:20:57:27:26:c2:94:0d:ef:bf:b5:25:b8:
3b:c6:df:9c:36:99:ec:2d:46:f5:65:b9:c3:d3:3b:9d:f5:75:
45:c3:44:b9:57:df:b9:0e:ea:50:29:0a:9b:71:b5:7a:34:1a:
d4:eb:6d:8d:f1:97:26:3e:d9:89:8f:0c:cd:04:68:14:0d:e0:
51:63:c5:55:e7:6c:f4:c6:38:7e:7b:ca:02:c1:2d:26:17:c5:
98:9e:ec:2f:11:a5:a7:ac:b3:62:68:88:18:18:bd:69:46:95:
b7:f6:b7:42:a0:60:95:de:b1:5d:9a:59:b3:f1:4c:1c:89:91:
41:fb:c2:f5:1f:93:f2:6e:ff:bd:c4:d5:53:24:74:1d:12:d1:
40:0a:df:41:d7:fd:21:48:8a:d1:0b:92:1c:1f:3e:a1:fe:47:
3f:5b:27:52:48:6f:58:a8:e3:75:f8:53:ae:53:6f:59:77:07:
83:81:7c:af:b7:53:fe:11:83:8d:67:7e:ed:51:f2:cb:3a:0b:
e6:f5:3c:8d:0b:0c:93:75:fc:55:00:c7:b6:35:3f:02:94:27:
52:14:c3:88:46:95:8f:66:ef:89:fb:3e:57:48:f4:c0:9c:26:
50:bf:e1:0e:c5:2a:77:43:64:60:bb:11:19:54:d7:ab:e2:cc:
aa:1a:19:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZgxywZzr5Rn5EAhyKOpSwT6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NTY1ODRiNzBjZTg0N2MxYTliNDAwNTQ4YjE0ZGIwMzFi
ZWRmZjIwHhcNMjUwNzIyMTEwMDQ1WhcNMjUwNzIzMTEwMDQ1WjAzMTEwLwYDVQQD
Eyg3ODhhNGQ1YjZjYWVlNjhjNTJlNGM2MjYyNzk4YjJmNGQ1NGY2MjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHtXx9ubIMdTWIC3Oj32CewXOAeL
C/bTiL3+FKOL7bF004hTEhGvClbThcDsvKjiHJoLUMOBgrpXdIGhSsm+0R4g2Bq8
ZGePhkqlQKWAE7VZrgwOYddQft00fK8QLBP7mFB6ASQ4vcEQXO3FHXzaotZTndOx
EyJsUqtslk1jCE0+vSqghqO41TFKjqg8Ap8o0/KiAwtXePaMKkIoRqEYkx0da1rs
AgDBu2hZdpoAmJq8LvSgDLHFcCjzLqI+NtuwIcF2GiV3BGd+1RLLlE6d1F03+0gJ
+UhM9cosBTmoB2OA5HVtDPUg05od5xxL6c6C+cHselGegkxkQJNf7AeVKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHiKTVtsruaMUuTGJieYsvTVT2JKMB8GA1UdIwQY
MBaAFClWWEtwzoR8GptABUixTbAxvt/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi82NGZlN2QtODYyZC00ZTFhLTlmZDAt
MDZiNDFlZjEzOThkLzEvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi82NGZlN2QtODYyZC00ZTFhLTlmZDAtMDZiNDFlZjEzOThk
LzEvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ7uBS/q5
IFcnJsKUDe+/tSW4O8bfnDaZ7C1G9WW5w9M7nfV1RcNEuVffuQ7qUCkKm3G1ejQa
1OttjfGXJj7ZiY8MzQRoFA3gUWPFVeds9MY4fnvKAsEtJhfFmJ7sLxGlp6yzYmiI
GBi9aUaVt/a3QqBgld6xXZpZs/FMHImRQfvC9R+T8m7/vcTVUyR0HRLRQArfQdf9
IUiK0QuSHB8+of5HP1snUkhvWKjjdfhTrlNvWXcHg4F8r7dT/hGDjWd+7VHyyzoL
5vU8jQsMk3X8VQDHtjU/ApQnUhTDiEaVj2bvifs+V0j0wJwmUL/hDsUqd0NkYLsR
GVTXq+LMqhoZMQ==
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:31:26 2025 by rpki-client