Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
File: KfFNQRwg7PxJYhX82w9D2EchkJY.mft (raw, json)
Hash identifier: eaM8gHLbqgCHAU7vWAG555rxy6MGfRuajBcWTrmZav4=
Subject key identifier: B1:C3:2C:6B:F0:01:12:E9:50:CA:59:F2:7E:92:5E:10:14:D5:EA:E1
Authority key identifier: 29:F1:4D:41:1C:20:EC:FC:49:62:15:FC:DB:0F:43:D8:47:21:90:96
Certificate issuer: /CN=29f14d411c20ecfc496215fcdb0f43d847219096
Certificate serial: 019759EDE8DE4F3EDEFE7395ECAAFA732FC7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
Manifest number: 1218
Signing time: Tue 10 Jun 2025 13:00:52 +0000
Manifest this update: Tue 10 Jun 2025 13:00:52 +0000
Manifest next update: Wed 11 Jun 2025 13:00:52 +0000
Files and hashes: 1: K3k_GCXnaMv59dLKq-rHfPOR6HE.roa (hash: 5Q6jyJMRb9gad/mJLct+/fYWsLJ0GiEE1wJJESuoLsM=)
2: KfFNQRwg7PxJYhX82w9D2EchkJY.crl (hash: mmBaSHdauqvH3eaXzU1B46xCds8zHGFT8AaNdzvGuIo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Jun 2025 13:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:59:ed:e8:de:4f:3e:de:fe:73:95:ec:aa:fa:73:2f:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29f14d411c20ecfc496215fcdb0f43d847219096
Validity
Not Before: Jun 10 13:00:52 2025 GMT
Not After : Jun 11 13:00:52 2025 GMT
Subject: CN=b1c32c6bf00112e950ca59f27e925e1014d5eae1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:91:05:52:d8:e4:d1:92:09:c3:cc:66:2f:a6:
95:e6:1a:0c:ac:b1:7d:87:c0:b2:2d:53:03:2f:74:
99:2d:08:3b:04:e2:3d:c3:07:d5:96:71:f6:1a:db:
8f:d0:ee:5d:46:5a:58:93:1d:c3:60:85:f3:0b:44:
d4:0e:24:32:25:e3:ae:20:31:85:72:7a:93:5b:66:
74:cd:c4:54:7d:45:e7:64:49:de:84:81:e9:3f:5d:
48:db:b5:7c:bc:11:58:63:c8:fc:d9:f0:fb:b7:47:
a4:f1:8d:5b:10:14:94:6e:e9:0a:e5:e3:38:5c:75:
e9:80:f5:1c:47:1d:51:5e:45:ea:ca:eb:fa:8b:07:
4e:2f:b4:d4:76:69:66:c2:ed:26:d2:b8:5e:96:bd:
3a:27:2d:31:1f:7b:24:85:ec:76:9d:ec:f3:c6:74:
6b:eb:bd:04:07:54:53:a3:72:20:1b:97:9f:c8:29:
38:c5:16:07:21:1e:1f:a5:b6:15:a4:85:7b:2f:f5:
a4:28:ee:e5:93:b4:25:d6:17:9b:7c:fb:23:5f:c2:
01:62:a3:db:d5:50:7b:bc:59:ca:d6:f7:c4:64:21:
20:cb:b7:61:fe:68:f3:9b:2a:f9:fe:8d:53:c7:04:
16:62:fb:c8:d9:5a:c7:8c:ef:f8:6a:fd:e7:69:85:
1c:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:C3:2C:6B:F0:01:12:E9:50:CA:59:F2:7E:92:5E:10:14:D5:EA:E1
X509v3 Authority Key Identifier:
keyid:29:F1:4D:41:1C:20:EC:FC:49:62:15:FC:DB:0F:43:D8:47:21:90:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
24:88:9b:39:77:b6:22:87:cc:8a:99:31:1a:df:81:57:6d:eb:
24:7e:9f:6b:4d:44:51:15:e3:52:5e:7b:f3:d2:af:bf:ab:98:
1b:6d:85:6e:59:df:33:1d:14:7e:00:47:84:7a:57:ce:87:44:
ec:46:df:57:80:48:4b:7b:57:9a:29:ee:be:16:8e:5a:b5:e2:
95:32:38:79:f5:c6:76:78:60:5c:91:e3:48:71:6a:df:4a:06:
cb:cc:43:b8:f5:02:23:97:ab:b4:98:56:6a:98:94:24:23:88:
16:10:7c:17:ed:96:5b:41:c0:a6:39:8f:f8:64:10:ff:0f:6a:
c2:48:bc:fa:19:6f:c1:d7:80:2f:5b:21:c9:fc:3e:f1:37:b7:
47:d4:db:8e:04:c3:70:28:ce:8c:c9:05:04:6d:9f:64:49:53:
8c:8a:a8:b7:26:01:c5:8c:00:4d:1e:f6:de:73:11:d0:25:9d:
be:22:2d:7e:87:d1:02:80:3b:7e:4c:bd:8d:df:49:4c:5b:79:
8c:9e:45:1c:aa:02:01:95:5d:fa:b3:c1:f2:fb:65:62:91:23:
4c:e8:3e:88:7b:21:63:ef:4e:96:f5:7e:b8:34:24:1e:77:bb:
da:4d:9d:b9:33:1f:47:43:10:c3:2a:e1:ba:2c:36:b9:c0:0d:
dd:c2:cf:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZ7ejeTz7e/nOV7Kr6cy/HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZjE0ZDQxMWMyMGVjZmM0OTYyMTVmY2RiMGY0M2Q4NDcy
MTkwOTYwHhcNMjUwNjEwMTMwMDUyWhcNMjUwNjExMTMwMDUyWjAzMTEwLwYDVQQD
EyhiMWMzMmM2YmYwMDExMmU5NTBjYTU5ZjI3ZTkyNWUxMDE0ZDVlYWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2JEFUtjk0ZIJw8xmL6aV5hoMrLF9
h8CyLVMDL3SZLQg7BOI9wwfVlnH2GtuP0O5dRlpYkx3DYIXzC0TUDiQyJeOuIDGF
cnqTW2Z0zcRUfUXnZEnehIHpP11I27V8vBFYY8j82fD7t0ek8Y1bEBSUbukK5eM4
XHXpgPUcRx1RXkXqyuv6iwdOL7TUdmlmwu0m0rhelr06Jy0xH3skhex2nezzxnRr
670EB1RTo3IgG5efyCk4xRYHIR4fpbYVpIV7L/WkKO7lk7Ql1hebfPsjX8IBYqPb
1VB7vFnK1vfEZCEgy7dh/mjzmyr5/o1TxwQWYvvI2VrHjO/4av3naYUcrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLHDLGvwARLpUMpZ8n6SXhAU1erhMB8GA1UdIwQY
MBaAFCnxTUEcIOz8SWIV/NsPQ9hHIZCWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iY2YyNzItZDc1MS00NWJlLTk4NTYt
MDE4YTM3NzBkYTc3LzEvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iY2YyNzItZDc1MS00NWJlLTk4NTYtMDE4YTM3NzBkYTc3
LzEvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJIibOXe2
IofMipkxGt+BV23rJH6fa01EURXjUl5789Kvv6uYG22FblnfMx0UfgBHhHpXzodE
7EbfV4BIS3tXminuvhaOWrXilTI4efXGdnhgXJHjSHFq30oGy8xDuPUCI5ertJhW
apiUJCOIFhB8F+2WW0HApjmP+GQQ/w9qwki8+hlvwdeAL1shyfw+8Te3R9TbjgTD
cCjOjMkFBG2fZElTjIqotyYBxYwATR723nMR0CWdviItfofRAoA7fky9jd9JTFt5
jJ5FHKoCAZVd+rPB8vtlYpEjTOg+iHshY+9OlvV+uDQkHne72k2duTMfR0MQwyrh
uiw2ucAN3cLPwQ==
-----END CERTIFICATE-----
Generated at Tue Jun 10 17:52:12 2025 by rpki-client