Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/d9f482-135e-47f6-9317-6785ada527c1/1/kKAnBQBlMu8zoAZPh1oQCSNQn9U.mft
File: kKAnBQBlMu8zoAZPh1oQCSNQn9U.mft (raw, json)
Hash identifier: EB19+tl6WSlctMcldS8rSeAg/tfbMoLe3kvrkPbLCfI=
Subject key identifier: 4F:B0:87:97:E4:FD:AA:1B:0D:13:DD:9F:F1:5B:C5:A4:6B:26:2D:35
Authority key identifier: 90:A0:27:05:00:65:32:EF:33:A0:06:4F:87:5A:10:09:23:50:9F:D5
Certificate issuer: /CN=90a02705006532ef33a0064f875a100923509fd5
Certificate serial: 0196538047B7EA849A109263B66080ECA4EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kKAnBQBlMu8zoAZPh1oQCSNQn9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/d9f482-135e-47f6-9317-6785ada527c1/1/kKAnBQBlMu8zoAZPh1oQCSNQn9U.mft
Manifest number: 0ED0
Signing time: Sun 20 Apr 2025 14:00:37 +0000
Manifest this update: Sun 20 Apr 2025 14:00:37 +0000
Manifest next update: Mon 21 Apr 2025 14:00:37 +0000
Files and hashes: 1: Is94Q2E0TcL99ktPLy3XOhFlG9s.roa (hash: QmvTWH4bMNqja9fgfEB+gdmLSFW4G8IyUfhDS4uj7O4=)
2: kKAnBQBlMu8zoAZPh1oQCSNQn9U.crl (hash: 48MgJcCjI8hqBH1nIP7+0EMairJSmHxIbGhqRDkzbQA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/d9f482-135e-47f6-9317-6785ada527c1/1/kKAnBQBlMu8zoAZPh1oQCSNQn9U.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/d9f482-135e-47f6-9317-6785ada527c1/1/kKAnBQBlMu8zoAZPh1oQCSNQn9U.mft
rsync://rpki.ripe.net/repository/DEFAULT/kKAnBQBlMu8zoAZPh1oQCSNQn9U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 14:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:53:80:47:b7:ea:84:9a:10:92:63:b6:60:80:ec:a4:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90a02705006532ef33a0064f875a100923509fd5
Validity
Not Before: Apr 20 14:00:37 2025 GMT
Not After : Apr 21 14:00:37 2025 GMT
Subject: CN=4fb08797e4fdaa1b0d13dd9ff15bc5a46b262d35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:4d:f8:58:9e:7f:ef:4b:ef:47:2d:bd:ce:1e:
81:3f:e2:ce:9e:f9:71:41:32:b8:10:ba:a2:32:ee:
e3:7e:3c:d5:8a:4d:16:72:a2:d5:89:5f:f8:41:a0:
9c:1a:c7:d2:b7:af:fd:ea:bb:97:82:f8:73:02:99:
9a:b0:ad:22:c2:c0:2b:e0:f9:a2:47:9b:d9:a2:b6:
b2:b1:9d:be:b2:46:72:fe:45:0d:c6:f2:75:73:78:
5f:d7:d5:a3:5d:72:a1:1d:01:44:c9:61:6f:09:66:
cf:e3:cd:89:20:5b:a4:f1:ad:e6:1a:7e:34:c1:9b:
33:3f:fa:28:18:8d:7f:82:ed:4d:c1:a9:87:cf:ad:
89:86:6e:a0:63:6d:33:04:54:3e:ed:b9:a2:3a:1f:
5d:08:0d:b5:0d:46:57:40:73:83:c5:26:b5:e4:e0:
0d:b1:7c:e4:b3:50:e2:12:4d:24:4c:cc:f1:06:53:
62:84:5d:73:56:18:11:46:4e:b1:af:18:e6:0a:a9:
78:57:f3:63:27:6b:bc:04:3a:e5:91:73:2e:c5:f2:
8e:9e:f1:4b:b1:7e:b1:33:e8:76:e3:1d:bf:fd:5d:
f7:9e:d7:39:0a:ad:1e:16:d6:cb:96:c5:a4:9a:1f:
5b:d5:44:c8:e3:df:4c:cc:3c:98:54:c5:48:e2:29:
e2:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:B0:87:97:E4:FD:AA:1B:0D:13:DD:9F:F1:5B:C5:A4:6B:26:2D:35
X509v3 Authority Key Identifier:
keyid:90:A0:27:05:00:65:32:EF:33:A0:06:4F:87:5A:10:09:23:50:9F:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kKAnBQBlMu8zoAZPh1oQCSNQn9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/d9f482-135e-47f6-9317-6785ada527c1/1/kKAnBQBlMu8zoAZPh1oQCSNQn9U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/d9f482-135e-47f6-9317-6785ada527c1/1/kKAnBQBlMu8zoAZPh1oQCSNQn9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
91:22:e3:6f:1f:a5:0e:af:13:6f:6d:80:11:ea:62:6e:bb:4d:
c0:e2:2e:28:a2:53:ee:b3:d9:4f:da:d9:41:2e:79:dd:4e:30:
76:73:34:08:b8:d1:ca:5d:6d:e3:af:38:18:f8:6a:a6:89:7e:
4d:86:fd:ec:95:45:f0:6a:1e:9a:48:1e:3a:1d:22:1b:00:3c:
3c:cb:cd:b4:31:e5:48:33:37:57:2f:0a:7c:a4:e6:5e:16:c3:
13:c3:dd:fa:ce:8a:fa:72:67:db:bf:8e:92:ff:e0:96:3a:db:
b6:25:f4:30:bf:89:26:f7:8a:e5:69:52:62:50:8b:5f:82:f5:
ac:33:4b:39:06:20:c2:42:4a:e1:f4:2e:47:48:5a:de:be:fd:
cf:14:6f:ef:ab:a2:cb:52:6e:ca:8e:38:f4:24:d2:17:4d:e7:
9e:73:e2:d8:d9:0b:ae:b5:00:2b:c2:4f:b5:96:ff:5f:12:fa:
c5:34:3a:23:51:5b:a6:4e:7e:c0:95:35:1c:8f:cd:54:26:2a:
52:85:c6:cc:fb:75:73:58:9e:87:57:97:96:59:bd:e6:59:67:
e7:60:07:d4:fa:f6:5f:e9:66:e4:55:22:1a:7b:5c:2b:2c:60:
e5:11:3b:d6:27:d0:99:90:1e:8a:ce:74:bb:60:8e:f5:d9:aa:
72:58:86:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZTgEe36oSaEJJjtmCA7KTqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYTAyNzA1MDA2NTMyZWYzM2EwMDY0Zjg3NWExMDA5MjM1
MDlmZDUwHhcNMjUwNDIwMTQwMDM3WhcNMjUwNDIxMTQwMDM3WjAzMTEwLwYDVQQD
Eyg0ZmIwODc5N2U0ZmRhYTFiMGQxM2RkOWZmMTViYzVhNDZiMjYyZDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq034WJ5/70vvRy29zh6BP+LOnvlx
QTK4ELqiMu7jfjzVik0WcqLViV/4QaCcGsfSt6/96ruXgvhzApmasK0iwsAr4Pmi
R5vZoraysZ2+skZy/kUNxvJ1c3hf19WjXXKhHQFEyWFvCWbP482JIFuk8a3mGn40
wZszP/ooGI1/gu1NwamHz62Jhm6gY20zBFQ+7bmiOh9dCA21DUZXQHODxSa15OAN
sXzks1DiEk0kTMzxBlNihF1zVhgRRk6xrxjmCql4V/NjJ2u8BDrlkXMuxfKOnvFL
sX6xM+h24x2//V33ntc5Cq0eFtbLlsWkmh9b1UTI499MzDyYVMVI4iniPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE+wh5fk/aobDRPdn/FbxaRrJi01MB8GA1UdIwQY
MBaAFJCgJwUAZTLvM6AGT4daEAkjUJ/VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0tBbkJRQmxNdTh6b0FaUGgxb1FDU05RbjlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9kOWY0ODItMTM1ZS00N2Y2LTkzMTct
Njc4NWFkYTUyN2MxLzEva0tBbkJRQmxNdTh6b0FaUGgxb1FDU05RbjlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9kOWY0ODItMTM1ZS00N2Y2LTkzMTctNjc4NWFkYTUyN2Mx
LzEva0tBbkJRQmxNdTh6b0FaUGgxb1FDU05RbjlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkSLjbx+l
Dq8Tb22AEepibrtNwOIuKKJT7rPZT9rZQS553U4wdnM0CLjRyl1t4684GPhqpol+
TYb97JVF8GoemkgeOh0iGwA8PMvNtDHlSDM3Vy8KfKTmXhbDE8Pd+s6K+nJn27+O
kv/gljrbtiX0ML+JJveK5WlSYlCLX4L1rDNLOQYgwkJK4fQuR0ha3r79zxRv76ui
y1Juyo449CTSF03nnnPi2NkLrrUAK8JPtZb/XxL6xTQ6I1Fbpk5+wJU1HI/NVCYq
UoXGzPt1c1ieh1eXllm95lln52AH1Pr2X+lm5FUiGntcKyxg5RE71ifQmZAeis50
u2CO9dmqcliGrg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 19:50:11 2025 by rpki-client