Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/1298e1-a1e4-4abc-ab1f-649d25a95907/1/KfNCRmRyXVgguqeCcTFDozB2kfM.mft
File: KfNCRmRyXVgguqeCcTFDozB2kfM.mft (raw, json)
Hash identifier: 8qqdJnoVBiMHr0vRyJZxNVP45LWheRGZGboeLShUjXc=
Subject key identifier: 4D:9C:47:7E:BF:A1:FE:37:45:02:A0:63:56:58:F9:57:62:90:8C:0C
Authority key identifier: 29:F3:42:46:64:72:5D:58:20:BA:A7:82:71:31:43:A3:30:76:91:F3
Certificate issuer: /CN=29f3424664725d5820baa782713143a3307691f3
Certificate serial: 019827B556B0AD6B265B6826A2921464E200
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KfNCRmRyXVgguqeCcTFDozB2kfM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/1298e1-a1e4-4abc-ab1f-649d25a95907/1/KfNCRmRyXVgguqeCcTFDozB2kfM.mft
Manifest number: 4A
Signing time: Sun 20 Jul 2025 12:00:51 +0000
Manifest this update: Sun 20 Jul 2025 12:00:51 +0000
Manifest next update: Mon 21 Jul 2025 12:00:51 +0000
Files and hashes: 1: KfNCRmRyXVgguqeCcTFDozB2kfM.crl (hash: u3rh2i/gG6g8WS18uPgY9eB3Q1DG0mz0XR4O/hk3/y0=)
2: lvisyME0LlQajyGS5pMcYDKFR08.roa (hash: 31DzKjH8PvmlicGQvfn7fIzRcBCmYUXLsghB5MjrccU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/1298e1-a1e4-4abc-ab1f-649d25a95907/1/KfNCRmRyXVgguqeCcTFDozB2kfM.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/1298e1-a1e4-4abc-ab1f-649d25a95907/1/KfNCRmRyXVgguqeCcTFDozB2kfM.mft
rsync://rpki.ripe.net/repository/DEFAULT/KfNCRmRyXVgguqeCcTFDozB2kfM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 12:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:27:b5:56:b0:ad:6b:26:5b:68:26:a2:92:14:64:e2:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29f3424664725d5820baa782713143a3307691f3
Validity
Not Before: Jul 20 12:00:51 2025 GMT
Not After : Jul 21 12:00:51 2025 GMT
Subject: CN=4d9c477ebfa1fe374502a0635658f95762908c0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:88:85:87:68:77:29:b9:3e:bd:0d:0f:b9:04:
64:2e:53:fd:c3:a3:4a:72:58:be:d3:8b:93:72:3b:
23:a4:9c:54:d3:3f:27:91:63:ae:8d:fe:13:1d:43:
0c:69:0a:86:6c:09:e7:42:60:a6:1d:9d:3f:67:c1:
0e:8b:89:bc:92:9c:b2:6e:a1:b3:0f:a9:81:d2:60:
df:87:fa:41:9a:0d:5b:e5:1b:59:2c:d8:81:e0:bc:
62:23:0c:7f:cb:72:6b:e0:59:ce:0a:6c:30:75:ef:
a6:d1:d5:1a:4e:0d:0b:f0:9a:b2:ee:7b:1e:73:52:
8a:4b:4f:05:ff:74:a9:71:fb:5a:63:c0:73:99:2d:
3e:bc:43:5e:64:da:b6:71:7b:64:fa:8f:c1:40:bf:
47:b5:58:e4:5d:d0:f9:21:ff:31:84:e7:b7:9d:ba:
ab:41:0e:5d:7c:4b:4a:69:6f:a2:b8:c5:6c:64:15:
b8:2b:50:c7:30:ff:c7:01:1d:80:92:fb:bf:1b:22:
26:48:50:2b:72:77:84:af:6c:c3:30:2e:e2:2d:33:
9f:db:10:b0:f9:d7:f6:83:23:ad:e3:f9:6f:90:11:
bb:91:1c:12:8a:08:d2:55:7e:a6:cc:0b:55:46:4a:
5c:7e:89:b7:46:f7:78:60:b9:66:2d:c2:5d:f8:45:
8f:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:9C:47:7E:BF:A1:FE:37:45:02:A0:63:56:58:F9:57:62:90:8C:0C
X509v3 Authority Key Identifier:
keyid:29:F3:42:46:64:72:5D:58:20:BA:A7:82:71:31:43:A3:30:76:91:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KfNCRmRyXVgguqeCcTFDozB2kfM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/1298e1-a1e4-4abc-ab1f-649d25a95907/1/KfNCRmRyXVgguqeCcTFDozB2kfM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/1298e1-a1e4-4abc-ab1f-649d25a95907/1/KfNCRmRyXVgguqeCcTFDozB2kfM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7b:13:1d:31:63:7c:87:6c:ff:b4:1e:22:bb:62:64:1b:24:e7:
d2:d7:af:de:af:a8:9a:de:bb:70:6d:f8:0d:ef:90:73:77:49:
f6:4d:d9:b8:a6:c0:3e:a9:d6:45:a2:bb:19:3a:22:22:3b:12:
4d:73:d9:d3:c5:85:c3:93:82:ed:dc:57:5c:a5:5d:b5:2e:e5:
0b:00:83:a2:af:5f:5a:a2:65:0c:ac:cf:41:13:4a:a1:91:6a:
59:1b:6d:ac:93:38:a9:be:87:00:c9:7c:85:f6:d7:fa:70:e6:
d8:ae:36:32:e0:c1:9d:45:7d:e2:36:1c:33:8d:b5:0c:42:37:
f0:95:51:0f:ac:bb:8b:40:29:bf:fc:fe:f5:6c:a6:5b:dd:6a:
29:9e:23:24:d0:49:6e:a2:bf:77:63:af:f4:33:88:aa:f4:20:
bc:b1:62:0c:9c:09:ae:d8:0d:8b:eb:fc:a2:87:f4:65:dd:c8:
3e:d0:8d:0c:c2:62:ec:35:5d:08:63:b5:cc:12:8a:3e:32:59:
81:6e:d5:56:5f:47:34:13:7e:65:a5:a4:01:2a:b1:5f:20:48:
f4:01:35:53:36:83:1c:b4:ea:d7:b0:7f:50:fa:21:ac:bb:1f:
42:26:b7:6b:37:6c:c4:72:0f:30:ee:fb:e5:6f:a6:84:e6:71:
18:95:3a:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZgntVawrWsmW2gmopIUZOIAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZjM0MjQ2NjQ3MjVkNTgyMGJhYTc4MjcxMzE0M2EzMzA3
NjkxZjMwHhcNMjUwNzIwMTIwMDUxWhcNMjUwNzIxMTIwMDUxWjAzMTEwLwYDVQQD
Eyg0ZDljNDc3ZWJmYTFmZTM3NDUwMmEwNjM1NjU4Zjk1NzYyOTA4YzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkoiFh2h3Kbk+vQ0PuQRkLlP9w6NK
cli+04uTcjsjpJxU0z8nkWOujf4THUMMaQqGbAnnQmCmHZ0/Z8EOi4m8kpyybqGz
D6mB0mDfh/pBmg1b5RtZLNiB4LxiIwx/y3Jr4FnOCmwwde+m0dUaTg0L8Jqy7nse
c1KKS08F/3SpcftaY8BzmS0+vENeZNq2cXtk+o/BQL9HtVjkXdD5If8xhOe3nbqr
QQ5dfEtKaW+iuMVsZBW4K1DHMP/HAR2Akvu/GyImSFArcneEr2zDMC7iLTOf2xCw
+df2gyOt4/lvkBG7kRwSigjSVX6mzAtVRkpcfom3Rvd4YLlmLcJd+EWP1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE2cR36/of43RQKgY1ZY+VdikIwMMB8GA1UdIwQY
MBaAFCnzQkZkcl1YILqngnExQ6MwdpHzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZOQ1JtUnlYVmdndXFlQ2NURkRvekIya2ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8xMjk4ZTEtYTFlNC00YWJjLWFiMWYt
NjQ5ZDI1YTk1OTA3LzEvS2ZOQ1JtUnlYVmdndXFlQ2NURkRvekIya2ZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8xMjk4ZTEtYTFlNC00YWJjLWFiMWYtNjQ5ZDI1YTk1OTA3
LzEvS2ZOQ1JtUnlYVmdndXFlQ2NURkRvekIya2ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAexMdMWN8
h2z/tB4iu2JkGyTn0tev3q+omt67cG34De+Qc3dJ9k3ZuKbAPqnWRaK7GToiIjsS
TXPZ08WFw5OC7dxXXKVdtS7lCwCDoq9fWqJlDKzPQRNKoZFqWRttrJM4qb6HAMl8
hfbX+nDm2K42MuDBnUV94jYcM421DEI38JVRD6y7i0Apv/z+9WymW91qKZ4jJNBJ
bqK/d2Ov9DOIqvQgvLFiDJwJrtgNi+v8oof0Zd3IPtCNDMJi7DVdCGO1zBKKPjJZ
gW7VVl9HNBN+ZaWkASqxXyBI9AE1UzaDHLTq17B/UPohrLsfQia3azdsxHIPMO77
5W+mhOZxGJU6Sw==
-----END CERTIFICATE-----
Generated at Sun Jul 20 16:21:31 2025 by rpki-client