Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/kGQm9IPDaqzahzIySriK1YAMmi0.mft
File: kGQm9IPDaqzahzIySriK1YAMmi0.mft (raw, json)
Hash identifier: 1XPHXcUDOcfCVAd+L/RRSvT8FKH+H+WTnWhEXJdxvkk=
Subject key identifier: 14:3F:DB:56:9E:31:2E:31:D1:97:85:26:D9:7A:E8:02:1F:EB:D2:47
Authority key identifier: 90:64:26:F4:83:C3:6A:AC:DA:87:32:32:4A:B8:8A:D5:80:0C:9A:2D
Certificate issuer: /CN=906426f483c36aacda8732324ab88ad5800c9a2d
Certificate serial: 01974EC5769536AF923D8276D13530CBFFA2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kGQm9IPDaqzahzIySriK1YAMmi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/kGQm9IPDaqzahzIySriK1YAMmi0.mft
Manifest number: 0AA2
Signing time: Sun 08 Jun 2025 09:00:53 +0000
Manifest this update: Sun 08 Jun 2025 09:00:53 +0000
Manifest next update: Mon 09 Jun 2025 09:00:53 +0000
Files and hashes: 1: gLZLrbhpO6mWtu79cX_I9beQtfY.roa (hash: FKC1b4NqDGusVuG1PsHV/OorcR6VfmcWdy6GLsbONNI=)
2: kGQm9IPDaqzahzIySriK1YAMmi0.crl (hash: Rlruzk9FpoLoTP7CNcNoIb08MIGou28Zig+cRNjCG3c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/kGQm9IPDaqzahzIySriK1YAMmi0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/kGQm9IPDaqzahzIySriK1YAMmi0.mft
rsync://rpki.ripe.net/repository/DEFAULT/kGQm9IPDaqzahzIySriK1YAMmi0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4e:c5:76:95:36:af:92:3d:82:76:d1:35:30:cb:ff:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=906426f483c36aacda8732324ab88ad5800c9a2d
Validity
Not Before: Jun 8 09:00:53 2025 GMT
Not After : Jun 9 09:00:53 2025 GMT
Subject: CN=143fdb569e312e31d1978526d97ae8021febd247
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e4:4c:8c:11:62:64:b9:3e:84:ab:e4:2c:95:
71:ba:4f:78:bc:1a:0e:8a:6e:a7:bc:db:a3:2d:41:
93:cc:82:72:07:8b:6e:37:f1:ea:1c:5a:fd:e7:34:
d2:0b:e0:23:ce:92:7d:0f:8b:8a:dc:62:be:52:84:
1f:2b:c1:0b:61:62:2c:e3:e9:61:ae:e7:b3:2f:99:
67:a0:8c:11:16:18:47:d7:bf:30:89:2d:3c:ee:0b:
a3:8c:1d:83:f0:91:b9:8d:c0:8f:c6:12:6e:c1:ed:
85:b6:0d:e5:00:20:15:26:f1:8e:b0:38:82:9b:53:
b1:2e:cb:66:1b:7c:1a:ec:78:00:ce:cb:1c:50:62:
20:c8:22:fd:45:6b:db:11:ae:16:91:a8:3d:ee:d9:
19:d9:74:7f:31:3f:37:9b:c5:0a:7f:12:eb:f2:1f:
4f:af:7c:ee:d5:8d:4a:ad:c2:0d:26:d0:cf:94:42:
47:ed:29:bf:e4:1e:7a:8d:2a:6f:96:b0:0e:49:77:
a0:94:32:1f:df:97:19:07:91:1d:e6:37:b4:2b:44:
1d:6d:cb:73:4b:54:d5:10:c4:ec:0a:5b:8a:93:b6:
e7:74:97:2c:48:a5:21:57:82:72:19:08:c0:b7:43:
68:8f:77:77:83:7a:e5:df:93:19:5a:be:12:d1:e6:
20:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:3F:DB:56:9E:31:2E:31:D1:97:85:26:D9:7A:E8:02:1F:EB:D2:47
X509v3 Authority Key Identifier:
keyid:90:64:26:F4:83:C3:6A:AC:DA:87:32:32:4A:B8:8A:D5:80:0C:9A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kGQm9IPDaqzahzIySriK1YAMmi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/kGQm9IPDaqzahzIySriK1YAMmi0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/kGQm9IPDaqzahzIySriK1YAMmi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
58:47:fc:b3:96:03:0b:42:c5:0d:25:a4:8c:29:c4:94:a4:fa:
87:d3:4b:00:48:28:da:a5:c7:73:b7:29:74:8d:eb:2f:5a:b5:
c5:09:a3:08:ba:b5:43:31:b6:8d:b2:13:e6:1c:f6:91:61:57:
17:9a:6c:9c:1c:d5:b3:b6:40:b2:2e:e9:67:fc:81:42:ff:1b:
b9:13:21:37:3f:bb:f1:a5:19:05:53:90:75:72:ef:cc:02:4f:
a6:6b:89:7a:b2:42:3f:ff:7d:f8:01:c2:79:2d:6b:93:59:62:
92:0d:7b:a5:ef:b7:49:90:9f:62:1b:db:17:df:73:a4:30:02:
bd:19:cc:38:8a:30:fe:14:3f:38:f2:74:27:06:b3:35:54:68:
97:27:05:13:c0:2a:fd:29:f2:23:5f:c0:10:f6:96:6e:85:fd:
b0:30:d7:20:ae:4b:cc:85:ce:c7:ae:90:5f:80:0d:a1:64:d3:
5e:18:88:60:fa:e3:0c:c7:56:20:2b:98:1a:ab:20:9b:63:9e:
b0:58:3c:ec:cf:79:92:12:9b:2a:12:39:8e:7f:31:19:d0:20:
21:79:16:6f:a8:76:93:7c:55:15:48:a0:47:a9:e2:91:20:59:
84:e5:b8:5d:1d:53:56:8f:c8:75:9a:af:1b:f5:86:4d:f2:3f:
05:c5:07:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOxXaVNq+SPYJ20TUwy/+iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNjQyNmY0ODNjMzZhYWNkYTg3MzIzMjRhYjg4YWQ1ODAw
YzlhMmQwHhcNMjUwNjA4MDkwMDUzWhcNMjUwNjA5MDkwMDUzWjAzMTEwLwYDVQQD
EygxNDNmZGI1NjllMzEyZTMxZDE5Nzg1MjZkOTdhZTgwMjFmZWJkMjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+RMjBFiZLk+hKvkLJVxuk94vBoO
im6nvNujLUGTzIJyB4tuN/HqHFr95zTSC+AjzpJ9D4uK3GK+UoQfK8ELYWIs4+lh
ruezL5lnoIwRFhhH178wiS087gujjB2D8JG5jcCPxhJuwe2Ftg3lACAVJvGOsDiC
m1OxLstmG3wa7HgAzsscUGIgyCL9RWvbEa4Wkag97tkZ2XR/MT83m8UKfxLr8h9P
r3zu1Y1KrcINJtDPlEJH7Sm/5B56jSpvlrAOSXeglDIf35cZB5Ed5je0K0Qdbctz
S1TVEMTsCluKk7bndJcsSKUhV4JyGQjAt0Noj3d3g3rl35MZWr4S0eYgyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBQ/21aeMS4x0ZeFJtl66AIf69JHMB8GA1UdIwQY
MBaAFJBkJvSDw2qs2ocyMkq4itWADJotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0dRbTlJUERhcXphaHpJeVNyaUsxWUFNbWkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85NGQ0NDEtZDk4Ny00MDYyLTg5YzEt
OTRjNWFkMTdhN2EwLzEva0dRbTlJUERhcXphaHpJeVNyaUsxWUFNbWkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85NGQ0NDEtZDk4Ny00MDYyLTg5YzEtOTRjNWFkMTdhN2Ew
LzEva0dRbTlJUERhcXphaHpJeVNyaUsxWUFNbWkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWEf8s5YD
C0LFDSWkjCnElKT6h9NLAEgo2qXHc7cpdI3rL1q1xQmjCLq1QzG2jbIT5hz2kWFX
F5psnBzVs7ZAsi7pZ/yBQv8buRMhNz+78aUZBVOQdXLvzAJPpmuJerJCP/99+AHC
eS1rk1likg17pe+3SZCfYhvbF99zpDACvRnMOIow/hQ/OPJ0JwazNVRolycFE8Aq
/SnyI1/AEPaWboX9sDDXIK5LzIXOx66QX4ANoWTTXhiIYPrjDMdWICuYGqsgm2Oe
sFg87M95khKbKhI5jn8xGdAgIXkWb6h2k3xVFUigR6nikSBZhOW4XR1TVo/IdZqv
G/WGTfI/BcUHww==
-----END CERTIFICATE-----
Generated at Sun Jun 8 13:50:10 2025 by rpki-client