Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
File: KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft (raw, json)
Hash identifier: XjeXUigSwtpqrXRcIAPWW0kbMa5GdQ+a+GsvqHQqTvY=
Subject key identifier: A5:EA:8A:60:42:4A:C0:99:05:9F:70:D4:00:38:6E:4C:CA:A1:DF:84
Authority key identifier: 2A:21:B1:AB:E7:87:E2:54:64:39:1F:AD:61:D0:0E:3F:37:6B:98:CF
Certificate issuer: /CN=2a21b1abe787e25464391fad61d00e3f376b98cf
Certificate serial: 01974A7B8C0C36FB4BB7167E852F841A61B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
Manifest number: 0A98
Signing time: Sat 07 Jun 2025 13:01:40 +0000
Manifest this update: Sat 07 Jun 2025 13:01:40 +0000
Manifest next update: Sun 08 Jun 2025 13:01:40 +0000
Files and hashes: 1: HDOhzz0jBa_Gp9AJUMy27D9Cjlg.roa (hash: lm71x5ibbc8ZUL32IG9cJWwnD/vjqa8xr80jq2AaleE=)
2: KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl (hash: o4XrLHyL5sn5Aem7N2+Jwlr/xaBIsR/aeRgxvUeWZ54=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 13:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4a:7b:8c:0c:36:fb:4b:b7:16:7e:85:2f:84:1a:61:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a21b1abe787e25464391fad61d00e3f376b98cf
Validity
Not Before: Jun 7 13:01:40 2025 GMT
Not After : Jun 8 13:01:40 2025 GMT
Subject: CN=a5ea8a60424ac099059f70d400386e4ccaa1df84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:ee:77:26:9d:bd:80:8f:c6:7a:0b:b7:25:b1:
e7:36:60:48:b4:1a:dc:89:c5:43:89:26:73:66:da:
10:a1:85:cc:2d:6d:d0:57:51:ee:68:3f:02:a4:4a:
18:6f:cd:0f:ff:dd:28:e1:86:b7:58:20:c5:f5:7f:
2b:e0:8d:df:7e:97:1f:0d:38:1c:28:c8:c4:c1:cf:
11:94:1c:d2:ab:c2:99:88:16:9b:05:33:38:53:f0:
44:08:58:4e:7d:7a:11:d9:2c:9b:a8:99:4a:c2:cd:
6e:9b:f7:50:c7:99:33:9f:d3:d4:bb:6d:c5:e7:0e:
71:41:22:de:a2:52:a1:a0:10:62:db:3e:c9:e8:f1:
e0:13:47:0b:23:82:a9:46:ef:e1:0c:40:64:55:dc:
42:73:48:ef:d1:70:2a:0e:8d:50:c2:de:f7:53:e7:
7c:d1:5d:2b:77:aa:49:44:71:02:c2:a4:f6:a8:cf:
43:7e:f4:46:9f:65:6e:20:05:8b:47:3a:b7:8b:f2:
82:6a:ce:85:b1:e7:92:7d:5d:bc:d1:74:5e:ad:ca:
f5:6d:56:9e:f4:0d:62:df:f2:c9:73:b6:c8:fd:d8:
76:38:e0:45:f8:d9:55:d5:c1:7c:20:cc:35:42:9f:
93:d8:65:4d:3a:da:e2:7b:0b:d9:d2:8f:f7:34:d4:
a9:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:EA:8A:60:42:4A:C0:99:05:9F:70:D4:00:38:6E:4C:CA:A1:DF:84
X509v3 Authority Key Identifier:
keyid:2A:21:B1:AB:E7:87:E2:54:64:39:1F:AD:61:D0:0E:3F:37:6B:98:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
07:cc:85:52:6f:f7:c9:51:aa:84:0c:e2:8e:28:60:c4:cc:bd:
5b:d2:5e:13:4d:02:30:a3:a5:06:49:67:49:12:7d:53:40:4b:
53:79:48:1e:35:35:1a:24:7b:f8:4d:a1:fe:58:63:0f:41:f7:
76:e0:67:f2:e4:a1:87:39:4d:f0:9d:df:6d:b5:6d:cb:f5:96:
71:94:17:a8:1e:6c:42:92:5e:20:a3:b3:c0:7e:43:b2:9f:64:
2c:4d:26:1b:d1:cd:55:f0:69:5a:33:0e:9a:58:1b:76:14:83:
b7:f2:4d:03:4c:89:dd:f6:c9:18:4f:0e:9e:76:7f:a0:68:c4:
3c:c6:7b:2b:99:96:cf:74:32:0d:b6:78:f5:54:44:97:b3:cd:
24:ab:42:a2:6d:4c:81:59:e0:1c:8e:8a:28:87:f3:6b:62:22:
b2:34:2e:19:bf:15:b6:cb:d3:67:16:ad:dd:77:2f:64:bf:a9:
fd:2e:70:d4:d3:ee:ee:e0:4b:71:54:48:38:f6:9d:7a:3a:77:
55:7b:1e:f6:e9:0b:8c:46:15:eb:06:6f:09:77:2e:61:d7:9d:
9b:4d:2f:b5:ae:24:84:63:e3:4f:a4:e9:4c:7a:8f:27:76:7a:
04:f0:ac:6f:b5:a9:60:ee:53:3a:29:7d:71:f7:af:43:bc:59:
e2:d0:d1:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKe4wMNvtLtxZ+hS+EGmG1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMjFiMWFiZTc4N2UyNTQ2NDM5MWZhZDYxZDAwZTNmMzc2
Yjk4Y2YwHhcNMjUwNjA3MTMwMTQwWhcNMjUwNjA4MTMwMTQwWjAzMTEwLwYDVQQD
EyhhNWVhOGE2MDQyNGFjMDk5MDU5ZjcwZDQwMDM4NmU0Y2NhYTFkZjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8+53Jp29gI/Gegu3JbHnNmBItBrc
icVDiSZzZtoQoYXMLW3QV1HuaD8CpEoYb80P/90o4Ya3WCDF9X8r4I3ffpcfDTgc
KMjEwc8RlBzSq8KZiBabBTM4U/BECFhOfXoR2SybqJlKws1um/dQx5kzn9PUu23F
5w5xQSLeolKhoBBi2z7J6PHgE0cLI4KpRu/hDEBkVdxCc0jv0XAqDo1Qwt73U+d8
0V0rd6pJRHECwqT2qM9DfvRGn2VuIAWLRzq3i/KCas6FseeSfV280XRercr1bVae
9A1i3/LJc7bI/dh2OOBF+NlV1cF8IMw1Qp+T2GVNOtriewvZ0o/3NNSpFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKXqimBCSsCZBZ9w1AA4bkzKod+EMB8GA1UdIwQY
MBaAFCohsavnh+JUZDkfrWHQDj83a5jPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZDA2NTQtNzI0Yy00ZTkwLTgxZmYt
OTlmNWNiN2EzY2E1LzEvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZDA2NTQtNzI0Yy00ZTkwLTgxZmYtOTlmNWNiN2EzY2E1
LzEvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB8yFUm/3
yVGqhAzijihgxMy9W9JeE00CMKOlBklnSRJ9U0BLU3lIHjU1GiR7+E2h/lhjD0H3
duBn8uShhzlN8J3fbbVty/WWcZQXqB5sQpJeIKOzwH5Dsp9kLE0mG9HNVfBpWjMO
mlgbdhSDt/JNA0yJ3fbJGE8OnnZ/oGjEPMZ7K5mWz3QyDbZ49VREl7PNJKtCom1M
gVngHI6KKIfza2IisjQuGb8VtsvTZxat3XcvZL+p/S5w1NPu7uBLcVRIOPadejp3
VXse9ukLjEYV6wZvCXcuYdedm00vta4khGPjT6TpTHqPJ3Z6BPCsb7WpYO5TOil9
cfevQ7xZ4tDRwA==
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:58:16 2025 by rpki-client