Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
File: KfFNQRwg7PxJYhX82w9D2EchkJY.mft (raw, json)
Hash identifier: uEA3gjgPq62f8+KdSCgIzJUOf0z4WqcFgEcv0doE1wE=
Subject key identifier: 65:C6:39:E5:15:A0:74:31:A7:0F:37:06:36:BF:68:C4:E4:36:C5:DE
Authority key identifier: 29:F1:4D:41:1C:20:EC:FC:49:62:15:FC:DB:0F:43:D8:47:21:90:96
Certificate issuer: /CN=29f14d411c20ecfc496215fcdb0f43d847219096
Certificate serial: 019754234C41FC008A6D1347F4FE41DB7CC9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
Manifest number: 1215
Signing time: Mon 09 Jun 2025 10:01:28 +0000
Manifest this update: Mon 09 Jun 2025 10:01:28 +0000
Manifest next update: Tue 10 Jun 2025 10:01:28 +0000
Files and hashes: 1: K3k_GCXnaMv59dLKq-rHfPOR6HE.roa (hash: 5Q6jyJMRb9gad/mJLct+/fYWsLJ0GiEE1wJJESuoLsM=)
2: KfFNQRwg7PxJYhX82w9D2EchkJY.crl (hash: xmpIQR1Szuhew8Lkw8YUxlPm7eHflS37gYwz8drfOAk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 10 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:54:23:4c:41:fc:00:8a:6d:13:47:f4:fe:41:db:7c:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29f14d411c20ecfc496215fcdb0f43d847219096
Validity
Not Before: Jun 9 10:01:28 2025 GMT
Not After : Jun 10 10:01:28 2025 GMT
Subject: CN=65c639e515a07431a70f370636bf68c4e436c5de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d3:d9:db:fb:af:0f:85:c1:e5:c8:84:51:39:
09:e6:fe:7d:0f:bd:ef:9e:47:8c:0a:c2:74:f3:5e:
93:e8:5e:3b:b3:75:93:0a:b5:f4:1d:e4:3a:0f:6f:
6c:5b:7c:57:03:26:c1:c5:98:dd:01:6d:ff:dd:5e:
5d:eb:c9:20:eb:3d:e4:68:5c:b6:07:59:b6:a3:8c:
b8:a2:e3:fa:cd:8d:5b:8d:b8:bb:3e:e0:62:8d:e7:
cc:e6:f5:0e:6b:e9:37:c8:8c:5c:ed:c7:e8:bb:d1:
1f:96:00:58:e8:bf:79:c4:b6:92:97:fe:f3:74:99:
a8:8a:e3:44:82:2f:99:aa:69:3f:7d:d8:49:8d:f6:
64:c7:b3:62:4f:b6:3b:4f:96:0c:4c:08:6c:20:ab:
ac:fe:ea:27:9b:15:40:57:fd:41:95:d8:d3:43:ca:
b4:7c:79:f6:2c:44:6b:d6:c9:32:13:11:c7:5d:09:
71:07:c4:ff:4f:58:bd:5f:b5:4f:13:5b:31:61:f6:
f4:46:43:bf:f4:b6:c2:fc:3f:90:25:01:71:e1:60:
3b:56:14:e4:df:04:88:9b:75:d7:16:f7:2b:fd:e7:
c1:b1:7d:85:dc:63:d1:05:6d:b4:98:05:c9:67:e9:
0f:1e:85:05:13:07:d4:57:66:94:59:62:22:98:a6:
7e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:C6:39:E5:15:A0:74:31:A7:0F:37:06:36:BF:68:C4:E4:36:C5:DE
X509v3 Authority Key Identifier:
keyid:29:F1:4D:41:1C:20:EC:FC:49:62:15:FC:DB:0F:43:D8:47:21:90:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
70:75:23:a5:11:5d:b0:2b:26:63:4b:b3:b9:c9:3b:c1:38:58:
d7:e4:f0:e1:f9:5c:f3:8b:c7:d0:56:0d:3b:89:98:13:37:76:
5c:cd:60:97:d4:d5:e9:00:f2:c1:60:b4:35:67:2f:77:93:57:
67:41:06:cc:87:29:67:c6:19:b5:5a:2b:e7:f2:b9:26:6d:03:
38:18:c4:a0:90:7d:a4:09:f4:47:13:a5:74:b3:10:92:3a:3f:
80:11:3e:b4:73:8f:37:79:58:c9:2a:ed:db:2a:6d:c9:92:58:
df:81:45:af:95:46:54:aa:c0:2f:00:9c:78:88:cd:30:b5:a3:
67:2e:3a:e9:b4:54:8b:b2:62:20:b2:4a:06:5e:17:61:f1:03:
69:0e:7c:47:cb:40:d9:a7:02:84:16:e2:e0:22:97:9e:1e:d9:
06:21:6e:7f:41:45:1e:5f:9a:ed:1b:40:43:aa:c5:76:8b:f9:
9c:cb:4b:df:f0:14:ad:d1:23:6b:31:f4:3a:64:73:a0:bc:18:
74:cd:19:43:d3:9f:f7:6b:60:4e:e1:7b:54:5b:41:08:5a:98:
65:5f:76:82:8b:da:a0:80:3d:fb:7c:f6:9d:cc:5e:87:a5:b7:
7a:5f:3b:9a:48:f2:d0:c7:4e:9d:e2:7e:14:dc:ab:9b:12:dc:
67:97:1e:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUI0xB/ACKbRNH9P5B23zJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZjE0ZDQxMWMyMGVjZmM0OTYyMTVmY2RiMGY0M2Q4NDcy
MTkwOTYwHhcNMjUwNjA5MTAwMTI4WhcNMjUwNjEwMTAwMTI4WjAzMTEwLwYDVQQD
Eyg2NWM2MzllNTE1YTA3NDMxYTcwZjM3MDYzNmJmNjhjNGU0MzZjNWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9PZ2/uvD4XB5ciEUTkJ5v59D73v
nkeMCsJ0816T6F47s3WTCrX0HeQ6D29sW3xXAybBxZjdAW3/3V5d68kg6z3kaFy2
B1m2o4y4ouP6zY1bjbi7PuBijefM5vUOa+k3yIxc7cfou9EflgBY6L95xLaSl/7z
dJmoiuNEgi+Zqmk/fdhJjfZkx7NiT7Y7T5YMTAhsIKus/uonmxVAV/1BldjTQ8q0
fHn2LERr1skyExHHXQlxB8T/T1i9X7VPE1sxYfb0RkO/9LbC/D+QJQFx4WA7VhTk
3wSIm3XXFvcr/efBsX2F3GPRBW20mAXJZ+kPHoUFEwfUV2aUWWIimKZ+WQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGXGOeUVoHQxpw83Bja/aMTkNsXeMB8GA1UdIwQY
MBaAFCnxTUEcIOz8SWIV/NsPQ9hHIZCWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iY2YyNzItZDc1MS00NWJlLTk4NTYt
MDE4YTM3NzBkYTc3LzEvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iY2YyNzItZDc1MS00NWJlLTk4NTYtMDE4YTM3NzBkYTc3
LzEvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcHUjpRFd
sCsmY0uzuck7wThY1+Tw4flc84vH0FYNO4mYEzd2XM1gl9TV6QDywWC0NWcvd5NX
Z0EGzIcpZ8YZtVor5/K5Jm0DOBjEoJB9pAn0RxOldLMQkjo/gBE+tHOPN3lYySrt
2yptyZJY34FFr5VGVKrALwCceIjNMLWjZy466bRUi7JiILJKBl4XYfEDaQ58R8tA
2acChBbi4CKXnh7ZBiFuf0FFHl+a7RtAQ6rFdov5nMtL3/AUrdEjazH0OmRzoLwY
dM0ZQ9Of92tgTuF7VFtBCFqYZV92govaoIA9+3z2ncxeh6W3el87mkjy0MdOneJ+
FNyrmxLcZ5cerg==
-----END CERTIFICATE-----
Generated at Mon Jun 9 15:36:35 2025 by rpki-client