Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/d9f482-135e-47f6-9317-6785ada527c1/1/kKAnBQBlMu8zoAZPh1oQCSNQn9U.mft
File: kKAnBQBlMu8zoAZPh1oQCSNQn9U.mft (raw, json)
Hash identifier: MTy9ACX2FaTuvy6/JQY8sCm3p6uv8rNTD67rd34Bh9c=
Subject key identifier: A8:F0:00:22:C8:88:E9:CE:54:55:51:A9:9D:A9:B9:87:ED:F2:21:DE
Authority key identifier: 90:A0:27:05:00:65:32:EF:33:A0:06:4F:87:5A:10:09:23:50:9F:D5
Certificate issuer: /CN=90a02705006532ef33a0064f875a100923509fd5
Certificate serial: 019853446CF3251F10B760E33F1BDFC7A6DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kKAnBQBlMu8zoAZPh1oQCSNQn9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/d9f482-135e-47f6-9317-6785ada527c1/1/kKAnBQBlMu8zoAZPh1oQCSNQn9U.mft
Manifest number: 0FD9
Signing time: Mon 28 Jul 2025 23:00:49 +0000
Manifest this update: Mon 28 Jul 2025 23:00:49 +0000
Manifest next update: Tue 29 Jul 2025 23:00:49 +0000
Files and hashes: 1: Is94Q2E0TcL99ktPLy3XOhFlG9s.roa (hash: QmvTWH4bMNqja9fgfEB+gdmLSFW4G8IyUfhDS4uj7O4=)
2: kKAnBQBlMu8zoAZPh1oQCSNQn9U.crl (hash: qgBdRw/YViCeLUsWy7gknlhI6u+VPujOaND9yL10Zck=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/d9f482-135e-47f6-9317-6785ada527c1/1/kKAnBQBlMu8zoAZPh1oQCSNQn9U.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/d9f482-135e-47f6-9317-6785ada527c1/1/kKAnBQBlMu8zoAZPh1oQCSNQn9U.mft
rsync://rpki.ripe.net/repository/DEFAULT/kKAnBQBlMu8zoAZPh1oQCSNQn9U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Jul 2025 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:53:44:6c:f3:25:1f:10:b7:60:e3:3f:1b:df:c7:a6:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90a02705006532ef33a0064f875a100923509fd5
Validity
Not Before: Jul 28 23:00:49 2025 GMT
Not After : Jul 29 23:00:49 2025 GMT
Subject: CN=a8f00022c888e9ce545551a99da9b987edf221de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:6c:3e:70:42:91:72:73:2f:fd:7d:b4:23:81:
6e:b3:47:c4:0b:5c:58:1f:6c:92:af:f2:99:b2:53:
05:32:d5:d5:14:c0:d8:75:d9:8e:b6:81:96:3c:99:
7e:f3:0e:5d:3c:f4:00:d2:ee:cb:52:cd:f4:b5:1a:
dd:aa:1b:d6:c8:c0:5b:d7:e0:ea:4a:34:90:9c:35:
09:88:d8:bd:16:e4:9c:22:72:fc:76:e2:36:75:cb:
83:1f:85:53:a9:10:4e:ca:03:ff:a3:cb:e3:62:f4:
02:00:88:4a:af:88:91:19:24:24:db:f9:0b:e7:dd:
bd:69:e5:15:1c:29:47:51:c3:8e:98:10:b8:86:b8:
2b:75:f5:11:c8:9c:44:a3:fb:44:a4:bd:e7:6f:2b:
b3:6f:2e:17:0f:33:e3:31:c4:e9:a0:dd:c2:ea:07:
ae:e3:99:31:c6:53:17:16:a7:92:cd:67:1c:73:b9:
6a:58:8f:8c:f9:81:b2:b8:41:f5:47:25:f2:02:b5:
a9:cd:ee:c8:e9:ab:b6:b1:95:12:fe:ee:81:2e:1e:
3a:cf:d7:db:16:91:11:c7:d1:cb:b6:61:2d:2d:be:
77:ab:27:8f:25:73:5b:55:d9:9e:b9:de:a0:a6:cc:
3e:d2:be:37:74:c2:6e:6b:69:e4:8c:96:80:99:3e:
55:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:F0:00:22:C8:88:E9:CE:54:55:51:A9:9D:A9:B9:87:ED:F2:21:DE
X509v3 Authority Key Identifier:
keyid:90:A0:27:05:00:65:32:EF:33:A0:06:4F:87:5A:10:09:23:50:9F:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kKAnBQBlMu8zoAZPh1oQCSNQn9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/d9f482-135e-47f6-9317-6785ada527c1/1/kKAnBQBlMu8zoAZPh1oQCSNQn9U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/d9f482-135e-47f6-9317-6785ada527c1/1/kKAnBQBlMu8zoAZPh1oQCSNQn9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
18:b8:7c:87:77:91:c9:9d:94:ed:ed:41:5f:33:a3:d7:ab:28:
a9:b6:53:9a:f0:63:1e:19:c4:aa:63:d1:fc:02:e2:b6:40:8a:
19:e7:b7:eb:83:4f:95:2b:2f:bf:0e:63:87:d1:c8:b9:31:69:
d5:d6:a3:49:f9:af:62:9a:15:94:70:15:16:f2:b9:37:f4:bc:
7e:81:4e:ed:83:74:fe:63:17:d1:09:e0:51:e0:16:05:91:89:
28:ee:05:84:04:bd:fc:60:8f:d6:6d:a8:dd:7f:80:8f:f6:65:
51:19:80:b0:7c:09:ee:2d:6a:79:e4:56:65:66:19:f2:1e:7e:
e5:05:b0:e6:b5:36:0d:c8:3e:8b:46:46:f4:fb:7a:55:7a:bb:
39:21:09:4d:2b:de:88:96:b3:c9:5a:6b:88:2c:93:8e:84:37:
a0:68:16:39:c9:31:24:8d:7e:67:85:45:c9:4e:fb:91:89:5b:
d8:94:2f:0b:68:41:56:f6:56:b7:d7:56:b4:ee:95:a5:94:60:
44:d8:dd:4a:fd:ad:46:cc:3a:71:1c:b3:6d:b4:0e:14:f3:a4:
9a:b1:ca:99:08:b3:d4:55:01:fe:c6:a4:40:e2:56:6a:99:4c:
eb:8f:ee:ef:d7:eb:e5:ca:0d:8f:d5:53:9f:48:be:21:dc:11:
2b:58:22:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhTRGzzJR8Qt2DjPxvfx6bdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYTAyNzA1MDA2NTMyZWYzM2EwMDY0Zjg3NWExMDA5MjM1
MDlmZDUwHhcNMjUwNzI4MjMwMDQ5WhcNMjUwNzI5MjMwMDQ5WjAzMTEwLwYDVQQD
EyhhOGYwMDAyMmM4ODhlOWNlNTQ1NTUxYTk5ZGE5Yjk4N2VkZjIyMWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2w+cEKRcnMv/X20I4Fus0fEC1xY
H2ySr/KZslMFMtXVFMDYddmOtoGWPJl+8w5dPPQA0u7LUs30tRrdqhvWyMBb1+Dq
SjSQnDUJiNi9FuScInL8duI2dcuDH4VTqRBOygP/o8vjYvQCAIhKr4iRGSQk2/kL
5929aeUVHClHUcOOmBC4hrgrdfURyJxEo/tEpL3nbyuzby4XDzPjMcTpoN3C6geu
45kxxlMXFqeSzWccc7lqWI+M+YGyuEH1RyXyArWpze7I6au2sZUS/u6BLh46z9fb
FpERx9HLtmEtLb53qyePJXNbVdmeud6gpsw+0r43dMJua2nkjJaAmT5VCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKjwACLIiOnOVFVRqZ2puYft8iHeMB8GA1UdIwQY
MBaAFJCgJwUAZTLvM6AGT4daEAkjUJ/VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0tBbkJRQmxNdTh6b0FaUGgxb1FDU05RbjlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9kOWY0ODItMTM1ZS00N2Y2LTkzMTct
Njc4NWFkYTUyN2MxLzEva0tBbkJRQmxNdTh6b0FaUGgxb1FDU05RbjlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9kOWY0ODItMTM1ZS00N2Y2LTkzMTctNjc4NWFkYTUyN2Mx
LzEva0tBbkJRQmxNdTh6b0FaUGgxb1FDU05RbjlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGLh8h3eR
yZ2U7e1BXzOj16soqbZTmvBjHhnEqmPR/ALitkCKGee364NPlSsvvw5jh9HIuTFp
1dajSfmvYpoVlHAVFvK5N/S8foFO7YN0/mMX0QngUeAWBZGJKO4FhAS9/GCP1m2o
3X+Aj/ZlURmAsHwJ7i1qeeRWZWYZ8h5+5QWw5rU2Dcg+i0ZG9Pt6VXq7OSEJTSve
iJazyVpriCyTjoQ3oGgWOckxJI1+Z4VFyU77kYlb2JQvC2hBVvZWt9dWtO6VpZRg
RNjdSv2tRsw6cRyzbbQOFPOkmrHKmQiz1FUB/sakQOJWaplM64/u79fr5coNj9VT
n0i+IdwRK1giKw==
-----END CERTIFICATE-----
Generated at Tue Jul 29 04:07:52 2025 by rpki-client