Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
File: KfFNQRwg7PxJYhX82w9D2EchkJY.mft (raw, json)
Hash identifier: Mm6gcy1TX5Dy3C1pQQRKJiMXPFQ2cajenbw2WVZp0qk=
Subject key identifier: 74:A1:96:71:26:70:70:7D:98:41:0F:B7:E8:57:F3:5C:7C:94:C6:C5
Authority key identifier: 29:F1:4D:41:1C:20:EC:FC:49:62:15:FC:DB:0F:43:D8:47:21:90:96
Certificate issuer: /CN=29f14d411c20ecfc496215fcdb0f43d847219096
Certificate serial: 019921B06F372ABF6248F793CD00D159747D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
Manifest number: 1304
Signing time: Sun 07 Sep 2025 01:00:34 +0000
Manifest this update: Sun 07 Sep 2025 01:00:34 +0000
Manifest next update: Mon 08 Sep 2025 01:00:34 +0000
Files and hashes: 1: K3k_GCXnaMv59dLKq-rHfPOR6HE.roa (hash: 5Q6jyJMRb9gad/mJLct+/fYWsLJ0GiEE1wJJESuoLsM=)
2: KfFNQRwg7PxJYhX82w9D2EchkJY.crl (hash: uNFJXlDwo2CA0Lr0wmQzsRiMBwrXEvehNfVB6Pmixgk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 01:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:21:b0:6f:37:2a:bf:62:48:f7:93:cd:00:d1:59:74:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29f14d411c20ecfc496215fcdb0f43d847219096
Validity
Not Before: Sep 7 01:00:34 2025 GMT
Not After : Sep 8 01:00:34 2025 GMT
Subject: CN=74a196712670707d98410fb7e857f35c7c94c6c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4e:1f:79:a6:32:d7:c2:9a:95:aa:fb:c2:45:
4a:b8:d7:14:ad:ff:60:87:2b:bc:83:7b:f9:b8:9b:
ce:f2:05:9f:d4:37:6e:a1:d2:19:89:36:0b:2b:b5:
38:5e:b6:b2:e8:31:2e:76:7d:8a:bf:0a:cc:ae:27:
50:9c:92:be:28:94:7a:cd:0e:3c:96:80:97:90:2c:
62:7a:41:7a:5a:ec:df:8b:b5:04:51:1f:81:ac:a9:
8a:a9:fb:2f:76:d3:eb:74:3e:a7:7a:53:8a:fa:ec:
cc:ec:ed:b2:12:a8:ee:96:1a:41:67:d6:55:d6:c7:
c1:4a:e8:37:4a:26:73:af:51:e2:c3:9c:3e:5d:42:
d6:68:9f:67:6f:90:a6:6b:d7:58:3e:d4:82:07:d2:
96:ab:f8:03:7c:70:b5:8f:87:7f:14:60:b5:1f:7a:
9f:57:41:d5:56:aa:75:04:31:62:b6:cb:f6:fe:d4:
ca:c7:fe:4c:5c:4d:d3:03:10:0d:bb:4a:4d:17:1e:
52:5b:76:cb:6f:3d:fc:71:30:8b:ad:86:1a:6a:c1:
ba:3e:d7:9e:99:1e:77:f4:cb:5c:5f:db:88:a2:b3:
cd:8d:3b:99:e8:79:b1:ee:d8:ec:aa:ec:64:ed:fe:
28:5d:ef:72:33:50:da:1e:8c:9a:59:3a:7f:eb:7a:
68:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:A1:96:71:26:70:70:7D:98:41:0F:B7:E8:57:F3:5C:7C:94:C6:C5
X509v3 Authority Key Identifier:
keyid:29:F1:4D:41:1C:20:EC:FC:49:62:15:FC:DB:0F:43:D8:47:21:90:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
78:26:47:d8:3f:bb:62:2e:f1:3d:99:13:9f:4e:30:d6:a2:04:
84:e1:3e:7a:6a:9a:18:8c:46:20:61:8c:f3:c7:73:13:77:56:
0b:4f:6a:0c:2c:b4:d2:56:4f:3e:27:f7:82:fd:d6:1c:87:46:
ac:6b:64:a6:08:2c:b8:b6:dc:d1:cb:22:12:2a:f9:74:05:6b:
36:f6:d9:6c:45:03:66:a6:1d:2c:7b:c6:6e:8a:61:5e:fa:95:
30:78:ea:c2:4f:2a:81:9c:bf:e7:3e:44:c7:ea:fb:d8:09:91:
77:a7:8d:31:8d:b0:81:b8:e1:6e:d1:bd:be:6f:8e:8a:bd:89:
2b:b2:66:74:8a:60:53:5c:47:73:3f:7d:de:49:1e:1f:15:3e:
ce:93:f7:8e:72:33:75:08:03:36:6e:38:e3:62:38:4f:1e:f8:
48:6a:20:7b:cb:76:58:c7:26:d6:ef:13:f2:b7:4f:af:d7:13:
88:16:8e:03:5f:bc:f8:1b:36:fc:26:ce:02:36:da:4c:2b:d8:
36:a4:80:eb:25:fa:f8:ae:b0:33:0e:b5:04:e8:17:40:60:fb:
bc:d8:e8:e3:09:d4:9a:33:75:f9:35:25:d3:ef:cf:d8:ba:15:
c9:2b:1f:12:b8:f1:44:7e:96:ca:67:a4:c4:cc:d9:4a:1c:67:
98:6c:e0:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsG83Kr9iSPeTzQDRWXR9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZjE0ZDQxMWMyMGVjZmM0OTYyMTVmY2RiMGY0M2Q4NDcy
MTkwOTYwHhcNMjUwOTA3MDEwMDM0WhcNMjUwOTA4MDEwMDM0WjAzMTEwLwYDVQQD
Eyg3NGExOTY3MTI2NzA3MDdkOTg0MTBmYjdlODU3ZjM1YzdjOTRjNmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAok4feaYy18Kalar7wkVKuNcUrf9g
hyu8g3v5uJvO8gWf1DduodIZiTYLK7U4Xray6DEudn2KvwrMridQnJK+KJR6zQ48
loCXkCxiekF6Wuzfi7UEUR+BrKmKqfsvdtPrdD6nelOK+uzM7O2yEqjulhpBZ9ZV
1sfBSug3SiZzr1Hiw5w+XULWaJ9nb5Cma9dYPtSCB9KWq/gDfHC1j4d/FGC1H3qf
V0HVVqp1BDFitsv2/tTKx/5MXE3TAxANu0pNFx5SW3bLbz38cTCLrYYaasG6Ptee
mR539MtcX9uIorPNjTuZ6Hmx7tjsquxk7f4oXe9yM1DaHoyaWTp/63poQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHShlnEmcHB9mEEPt+hX81x8lMbFMB8GA1UdIwQY
MBaAFCnxTUEcIOz8SWIV/NsPQ9hHIZCWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iY2YyNzItZDc1MS00NWJlLTk4NTYt
MDE4YTM3NzBkYTc3LzEvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iY2YyNzItZDc1MS00NWJlLTk4NTYtMDE4YTM3NzBkYTc3
LzEvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeCZH2D+7
Yi7xPZkTn04w1qIEhOE+emqaGIxGIGGM88dzE3dWC09qDCy00lZPPif3gv3WHIdG
rGtkpggsuLbc0csiEir5dAVrNvbZbEUDZqYdLHvGbophXvqVMHjqwk8qgZy/5z5E
x+r72AmRd6eNMY2wgbjhbtG9vm+Oir2JK7JmdIpgU1xHcz993kkeHxU+zpP3jnIz
dQgDNm4442I4Tx74SGoge8t2WMcm1u8T8rdPr9cTiBaOA1+8+Bs2/CbOAjbaTCvY
NqSA6yX6+K6wMw61BOgXQGD7vNjo4wnUmjN1+TUl0+/P2LoVySsfErjxRH6Wymek
xMzZShxnmGzg7Q==
-----END CERTIFICATE-----
Generated at Sun Sep 7 11:23:20 2025 by rpki-client