Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
File: KMID1l3y1lvbzzyINELdq1WjvN4.mft (raw, json)
Hash identifier: wfkWHVkfAjXd4lE0B3Aak52Ye5O65ilazzbWAUMrUls=
Subject key identifier: 02:D7:1E:87:58:58:EC:84:90:1F:51:F1:83:1E:9D:F7:DD:BD:02:DA
Authority key identifier: 28:C2:03:D6:5D:F2:D6:5B:DB:CF:3C:88:34:42:DD:AB:55:A3:BC:DE
Certificate issuer: /CN=28c203d65df2d65bdbcf3c883442ddab55a3bcde
Certificate serial: 019657CBB25A7D0BE059E35AC1B5D0D7D2E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KMID1l3y1lvbzzyINELdq1WjvN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
Manifest number: 0AED
Signing time: Mon 21 Apr 2025 10:01:29 +0000
Manifest this update: Mon 21 Apr 2025 10:01:29 +0000
Manifest next update: Tue 22 Apr 2025 10:01:29 +0000
Files and hashes: 1: KMID1l3y1lvbzzyINELdq1WjvN4.crl (hash: jUl4fItYqgmiWox2NhmAHdxBUObuURH5ltiTvMSlVNY=)
2: kA_OSzYdIA2vmO2YYor5kHVNHTQ.roa (hash: na+fNS4+KPnZVKtvI9VPkmEDxvmlZJBhohUxDwUJWbE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
rsync://rpki.ripe.net/repository/DEFAULT/KMID1l3y1lvbzzyINELdq1WjvN4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:57:cb:b2:5a:7d:0b:e0:59:e3:5a:c1:b5:d0:d7:d2:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28c203d65df2d65bdbcf3c883442ddab55a3bcde
Validity
Not Before: Apr 21 10:01:29 2025 GMT
Not After : Apr 22 10:01:29 2025 GMT
Subject: CN=02d71e875858ec84901f51f1831e9df7ddbd02da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:12:96:82:a9:07:3c:07:69:98:24:4f:65:6f:
2b:a9:e0:3d:67:a9:52:f9:fb:e8:4f:50:67:99:85:
17:96:3f:f7:d4:58:3d:87:f4:af:1f:f8:59:05:67:
0c:71:0a:df:eb:8f:8f:5b:27:1f:09:97:5e:52:74:
5c:59:3d:ad:6a:39:a1:72:33:fe:6c:cb:9a:4b:32:
25:86:9e:bc:67:89:5f:22:66:e4:5a:31:8c:d0:f0:
d2:63:9b:f2:17:67:83:bb:34:9c:40:9a:28:79:a6:
48:00:10:84:4f:e2:db:bd:a7:19:5d:5f:6b:50:8d:
46:c5:32:e6:13:1a:eb:c7:8f:08:e6:41:f6:05:2a:
e7:01:ed:4c:2b:08:82:8f:55:b7:72:b3:73:45:05:
dd:0c:91:59:10:73:d9:7e:b5:83:3b:d7:ff:77:14:
b1:6e:e9:81:40:f4:2c:58:fa:20:17:da:b0:93:c7:
8e:79:4b:85:35:04:03:38:a7:fa:ed:b0:78:ac:83:
10:1d:f7:f5:bb:8d:83:6a:32:bf:58:d3:0d:92:ad:
b6:d2:bb:42:8e:96:f3:63:f1:1f:32:2c:07:f6:e6:
ee:1b:76:17:03:17:fc:76:55:68:d1:ad:3b:68:8e:
c1:dc:ae:5e:cf:e3:ad:bb:8a:7b:0c:d2:16:75:07:
47:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:D7:1E:87:58:58:EC:84:90:1F:51:F1:83:1E:9D:F7:DD:BD:02:DA
X509v3 Authority Key Identifier:
keyid:28:C2:03:D6:5D:F2:D6:5B:DB:CF:3C:88:34:42:DD:AB:55:A3:BC:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMID1l3y1lvbzzyINELdq1WjvN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1f:7a:c3:5e:ac:55:82:05:77:44:ad:b2:fc:fd:5d:fb:21:1d:
63:4e:52:75:59:79:7f:f5:eb:d0:a8:8e:cb:9c:67:23:4a:6d:
28:f1:17:d3:0b:d4:f8:f5:cc:07:d5:51:de:42:ac:a8:39:31:
e2:14:8d:7a:94:bd:c2:d5:0e:00:29:67:dc:b2:f7:c5:ff:c4:
9d:cb:65:ab:54:d7:29:32:73:9d:4f:4e:9a:5a:4e:ad:2b:c0:
4f:be:61:95:96:c3:7c:ce:81:1c:f2:d6:38:0a:16:7d:67:a0:
9b:12:ad:e4:a9:89:59:69:cf:3f:d8:4f:f8:74:a3:e2:11:a6:
41:0c:ed:cd:44:a1:b2:07:bf:f4:68:72:1d:6c:90:64:c1:cb:
ba:3b:11:59:5d:cb:21:65:90:e2:55:1c:8d:3a:07:9e:05:f0:
34:01:9b:5f:cc:d5:2c:22:50:31:1c:20:66:99:aa:ca:f0:c6:
d5:8b:b2:fe:b4:ca:f1:a8:db:25:fc:5a:17:5b:30:77:0d:97:
02:1f:21:40:bb:71:31:02:79:b1:ee:cf:9e:22:ae:77:73:8a:
31:8a:d6:f4:5c:00:7d:6b:d3:c4:5f:49:25:17:70:d8:cf:f9:
2d:e0:37:4c:2c:2a:b2:fd:6d:b7:02:4c:db:a2:6b:5e:98:68:
b8:c4:22:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXy7JafQvgWeNawbXQ19LoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YzIwM2Q2NWRmMmQ2NWJkYmNmM2M4ODM0NDJkZGFiNTVh
M2JjZGUwHhcNMjUwNDIxMTAwMTI5WhcNMjUwNDIyMTAwMTI5WjAzMTEwLwYDVQQD
EygwMmQ3MWU4NzU4NThlYzg0OTAxZjUxZjE4MzFlOWRmN2RkYmQwMmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBKWgqkHPAdpmCRPZW8rqeA9Z6lS
+fvoT1BnmYUXlj/31Fg9h/SvH/hZBWcMcQrf64+PWycfCZdeUnRcWT2tajmhcjP+
bMuaSzIlhp68Z4lfImbkWjGM0PDSY5vyF2eDuzScQJooeaZIABCET+LbvacZXV9r
UI1GxTLmExrrx48I5kH2BSrnAe1MKwiCj1W3crNzRQXdDJFZEHPZfrWDO9f/dxSx
bumBQPQsWPogF9qwk8eOeUuFNQQDOKf67bB4rIMQHff1u42DajK/WNMNkq220rtC
jpbzY/EfMiwH9ubuG3YXAxf8dlVo0a07aI7B3K5ez+Otu4p7DNIWdQdHaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFALXHodYWOyEkB9R8YMenffdvQLaMB8GA1UdIwQY
MBaAFCjCA9Zd8tZb2888iDRC3atVo7zeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS01JRDFsM3kxbHZienp5SU5FTGRxMVdqdk40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS80OWMzZTEtMWY3Zi00ZTU4LWIwMmIt
ODg1OTIwNDMwMjZmLzEvS01JRDFsM3kxbHZienp5SU5FTGRxMVdqdk40Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS80OWMzZTEtMWY3Zi00ZTU4LWIwMmItODg1OTIwNDMwMjZm
LzEvS01JRDFsM3kxbHZienp5SU5FTGRxMVdqdk40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH3rDXqxV
ggV3RK2y/P1d+yEdY05SdVl5f/Xr0KiOy5xnI0ptKPEX0wvU+PXMB9VR3kKsqDkx
4hSNepS9wtUOACln3LL3xf/Enctlq1TXKTJznU9OmlpOrSvAT75hlZbDfM6BHPLW
OAoWfWegmxKt5KmJWWnPP9hP+HSj4hGmQQztzUShsge/9GhyHWyQZMHLujsRWV3L
IWWQ4lUcjToHngXwNAGbX8zVLCJQMRwgZpmqyvDG1Yuy/rTK8ajbJfxaF1swdw2X
Ah8hQLtxMQJ5se7PniKud3OKMYrW9FwAfWvTxF9JJRdw2M/5LeA3TCwqsv1ttwJM
26JrXphouMQiaw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:02:01 2025 by rpki-client