Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
File: KMID1l3y1lvbzzyINELdq1WjvN4.mft (raw, json)
Hash identifier: eMWD0xMcdjvIvg2jPfxJ7aYTs6uT9sIuZiPCLF2vYUk=
Subject key identifier: 92:E9:32:DC:96:0E:9C:2C:F8:D5:F5:19:68:C1:9A:CE:DF:F3:A6:BC
Authority key identifier: 28:C2:03:D6:5D:F2:D6:5B:DB:CF:3C:88:34:42:DD:AB:55:A3:BC:DE
Certificate issuer: /CN=28c203d65df2d65bdbcf3c883442ddab55a3bcde
Certificate serial: 01985344391E3752D8A8BC54E4C9B74F9021
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KMID1l3y1lvbzzyINELdq1WjvN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
Manifest number: 0BF4
Signing time: Mon 28 Jul 2025 23:00:36 +0000
Manifest this update: Mon 28 Jul 2025 23:00:36 +0000
Manifest next update: Tue 29 Jul 2025 23:00:36 +0000
Files and hashes: 1: KMID1l3y1lvbzzyINELdq1WjvN4.crl (hash: Kuy6wY9gp9rDq4LK+C66UZBPDsmqUxX7VRrEdc05Q2w=)
2: eEe-w2donDCxX-tAzaEpFb0UtVY.roa (hash: g2d5FELl0EWl1pKF09WRuqqNzRt0N8/ZzyiwDHce4Xk=)
3: kA_OSzYdIA2vmO2YYor5kHVNHTQ.roa (hash: na+fNS4+KPnZVKtvI9VPkmEDxvmlZJBhohUxDwUJWbE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
rsync://rpki.ripe.net/repository/DEFAULT/KMID1l3y1lvbzzyINELdq1WjvN4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Jul 2025 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:53:44:39:1e:37:52:d8:a8:bc:54:e4:c9:b7:4f:90:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28c203d65df2d65bdbcf3c883442ddab55a3bcde
Validity
Not Before: Jul 28 23:00:36 2025 GMT
Not After : Jul 29 23:00:36 2025 GMT
Subject: CN=92e932dc960e9c2cf8d5f51968c19acedff3a6bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:26:35:2b:4a:47:ab:7b:1b:7f:5e:9d:63:92:
a8:3c:2b:1a:5e:8e:e7:ba:de:78:be:9b:55:3a:33:
0b:f6:63:74:9e:80:41:c3:fa:0e:86:6d:1e:85:af:
cc:8a:9b:00:c0:8a:c4:2b:65:96:bc:99:8f:67:90:
bd:f4:1b:71:5a:6a:80:6b:2d:c3:43:61:e5:cf:80:
d0:af:e1:c6:35:7c:57:9b:fb:95:a5:a9:05:d5:1c:
8d:0c:f5:8b:53:5d:1b:a1:de:85:ba:26:54:4a:5e:
63:b6:98:88:c5:76:b9:9f:0a:c1:d6:c3:4a:53:56:
e1:bb:f4:46:d1:e7:d1:9c:5b:20:d3:0e:b6:44:31:
3e:a2:35:19:13:e9:31:6a:fd:1e:9b:63:f5:23:7b:
8c:1f:2f:e8:79:aa:b1:50:10:3e:4f:2e:0f:5b:98:
5c:16:4c:01:bd:69:be:97:e5:07:6a:ed:b8:a2:2c:
f8:d9:3d:5c:3c:f5:41:2c:2d:99:0b:e7:ad:75:58:
b0:1b:55:87:18:b0:ec:6e:d0:0e:9d:75:d6:4d:f1:
0c:88:d0:26:9b:1f:e0:1f:88:be:e3:47:5c:60:da:
1c:ab:e0:e4:32:5c:9c:24:c4:73:8e:fd:76:07:81:
91:0d:47:cf:94:f9:ca:d4:44:3a:b2:ed:24:36:c1:
c2:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:E9:32:DC:96:0E:9C:2C:F8:D5:F5:19:68:C1:9A:CE:DF:F3:A6:BC
X509v3 Authority Key Identifier:
keyid:28:C2:03:D6:5D:F2:D6:5B:DB:CF:3C:88:34:42:DD:AB:55:A3:BC:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMID1l3y1lvbzzyINELdq1WjvN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
94:ca:a7:8d:64:fa:06:25:22:61:bb:c9:87:21:06:aa:ba:3e:
23:01:72:e3:6a:33:c0:b9:cb:c0:30:85:8a:ca:b4:a8:96:11:
7c:c7:99:fb:4c:16:3c:51:7a:01:d7:98:0d:73:99:fc:e0:65:
3f:de:d1:b1:fa:ce:94:f3:95:a1:e5:32:7c:2d:a3:38:b4:cd:
da:37:bf:7f:64:76:cc:d6:8c:e6:37:d6:52:18:dd:e2:2a:5d:
8d:f3:2e:8f:dc:0f:05:ff:d2:71:7d:bf:1d:05:3a:88:54:9a:
d1:f6:84:38:89:30:5c:4a:70:95:5b:c4:b6:45:33:8f:74:89:
e2:87:f9:4d:e2:8f:0a:f0:0c:2c:0a:d3:17:96:c7:09:5a:35:
d3:e1:79:2d:f5:82:0f:6d:04:11:b8:f0:9a:1c:0f:99:d3:e5:
10:3d:f1:1f:89:f7:c7:55:fc:5e:8c:73:53:b4:3a:42:c5:83:
81:a9:84:f1:a7:6c:7c:03:93:ed:ff:d2:8f:2f:db:53:ac:90:
d3:6b:50:69:c8:f8:55:72:35:f6:b6:fe:04:77:70:7b:5b:92:
6a:97:f9:d6:60:17:85:1a:da:be:bd:d6:e1:fc:c1:1d:4e:8a:
61:1f:fa:8e:76:05:f2:99:b1:6c:bf:4b:94:87:31:e5:5f:e8:
ff:3c:c9:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhTRDkeN1LYqLxU5Mm3T5AhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YzIwM2Q2NWRmMmQ2NWJkYmNmM2M4ODM0NDJkZGFiNTVh
M2JjZGUwHhcNMjUwNzI4MjMwMDM2WhcNMjUwNzI5MjMwMDM2WjAzMTEwLwYDVQQD
Eyg5MmU5MzJkYzk2MGU5YzJjZjhkNWY1MTk2OGMxOWFjZWRmZjNhNmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCY1K0pHq3sbf16dY5KoPCsaXo7n
ut54vptVOjML9mN0noBBw/oOhm0eha/MipsAwIrEK2WWvJmPZ5C99BtxWmqAay3D
Q2Hlz4DQr+HGNXxXm/uVpakF1RyNDPWLU10bod6FuiZUSl5jtpiIxXa5nwrB1sNK
U1bhu/RG0efRnFsg0w62RDE+ojUZE+kxav0em2P1I3uMHy/oeaqxUBA+Ty4PW5hc
FkwBvWm+l+UHau24oiz42T1cPPVBLC2ZC+etdViwG1WHGLDsbtAOnXXWTfEMiNAm
mx/gH4i+40dcYNocq+DkMlycJMRzjv12B4GRDUfPlPnK1EQ6su0kNsHC6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJLpMtyWDpws+NX1GWjBms7f86a8MB8GA1UdIwQY
MBaAFCjCA9Zd8tZb2888iDRC3atVo7zeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS01JRDFsM3kxbHZienp5SU5FTGRxMVdqdk40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS80OWMzZTEtMWY3Zi00ZTU4LWIwMmIt
ODg1OTIwNDMwMjZmLzEvS01JRDFsM3kxbHZienp5SU5FTGRxMVdqdk40Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS80OWMzZTEtMWY3Zi00ZTU4LWIwMmItODg1OTIwNDMwMjZm
LzEvS01JRDFsM3kxbHZienp5SU5FTGRxMVdqdk40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlMqnjWT6
BiUiYbvJhyEGqro+IwFy42ozwLnLwDCFisq0qJYRfMeZ+0wWPFF6AdeYDXOZ/OBl
P97RsfrOlPOVoeUyfC2jOLTN2je/f2R2zNaM5jfWUhjd4ipdjfMuj9wPBf/ScX2/
HQU6iFSa0faEOIkwXEpwlVvEtkUzj3SJ4of5TeKPCvAMLArTF5bHCVo10+F5LfWC
D20EEbjwmhwPmdPlED3xH4n3x1X8XoxzU7Q6QsWDgamE8adsfAOT7f/Sjy/bU6yQ
02tQacj4VXI19rb+BHdwe1uSapf51mAXhRravr3W4fzBHU6KYR/6jnYF8pmxbL9L
lIcx5V/o/zzJsw==
-----END CERTIFICATE-----
Generated at Tue Jul 29 07:36:57 2025 by rpki-client