Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
File: sd_KrmUzbQycpCWFpG2Yyawk9eU.mft (raw, json)
Hash identifier: Y970/aqJ4ffbishX+vijSWuRJXhASuJwbiN81bhXHqU=
Subject key identifier: 1F:58:96:98:23:9C:1B:CB:01:8D:FD:39:57:D1:35:ED:97:8A:81:EB
Authority key identifier: B1:DF:CA:AE:65:33:6D:0C:9C:A4:25:85:A4:6D:98:C9:AC:24:F5:E5
Certificate issuer: /CN=b1dfcaae65336d0c9ca42585a46d98c9ac24f5e5
Certificate serial: 0197499F3EF040EF5B98623B5DC7FF375194
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
Manifest number: 01C3
Signing time: Sat 07 Jun 2025 09:01:02 +0000
Manifest this update: Sat 07 Jun 2025 09:01:02 +0000
Manifest next update: Sun 08 Jun 2025 09:01:02 +0000
Files and hashes: 1: sd_KrmUzbQycpCWFpG2Yyawk9eU.crl (hash: uVSixe2mAQJ4wNfOFTtJorZUWZ6BWkUCaX0WOn1Ftlg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:49:9f:3e:f0:40:ef:5b:98:62:3b:5d:c7:ff:37:51:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1dfcaae65336d0c9ca42585a46d98c9ac24f5e5
Validity
Not Before: Jun 7 09:01:02 2025 GMT
Not After : Jun 8 09:01:02 2025 GMT
Subject: CN=1f589698239c1bcb018dfd3957d135ed978a81eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4e:e3:38:28:6e:51:46:7c:ea:bb:b6:6b:32:
d1:63:ba:a7:88:d2:3a:94:4d:1c:30:b6:8c:60:6c:
44:5e:eb:94:28:e5:85:77:81:35:f9:5e:d3:7c:8a:
1d:db:f3:6f:26:ef:93:37:d5:b7:a2:f8:da:a5:b9:
c8:7a:8a:8f:37:9f:db:6f:d1:ad:e6:48:48:e6:2a:
81:a4:dc:47:79:bd:8e:b6:2d:75:74:aa:fd:a7:44:
4c:09:5d:6d:0f:81:cd:ed:ca:f4:e4:c9:9f:80:7c:
a2:52:91:33:0d:26:1d:6b:9c:0f:b2:f6:71:e8:8f:
da:bd:28:a9:ad:5e:05:b0:4f:60:70:07:4c:0d:22:
f5:6b:49:46:83:c2:7e:27:08:41:de:20:15:22:a8:
4a:db:2a:d0:61:81:12:25:ca:91:16:78:08:7e:f9:
3c:25:cf:7e:ec:2a:f2:d9:26:bd:5c:28:bd:32:ba:
f2:61:9e:19:f9:03:36:02:df:ab:ab:01:b6:45:20:
c5:73:23:a8:de:6d:c9:85:18:49:7b:59:37:79:b8:
0a:5d:c0:2b:de:d9:c7:10:8a:bd:5f:47:aa:4c:3e:
09:11:d3:03:3b:55:41:ec:f9:68:50:f5:65:80:8c:
2c:21:4d:5a:c1:61:59:a8:31:d7:e6:53:3a:a5:87:
2a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:58:96:98:23:9C:1B:CB:01:8D:FD:39:57:D1:35:ED:97:8A:81:EB
X509v3 Authority Key Identifier:
keyid:B1:DF:CA:AE:65:33:6D:0C:9C:A4:25:85:A4:6D:98:C9:AC:24:F5:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ae:23:4f:e0:86:af:b0:fc:14:92:5a:56:7b:14:31:be:cf:b2:
d0:8d:18:a1:37:3e:2e:26:50:d4:b3:6f:22:4e:e7:11:07:45:
35:ab:13:2c:e4:85:61:70:8c:5c:c6:e9:38:7a:72:7f:88:72:
f1:69:e8:5c:7c:f6:71:4f:36:9e:19:a4:ae:f8:44:2f:87:aa:
a0:3a:79:d2:36:3b:d2:8d:62:f7:d5:9c:73:50:00:41:4c:3a:
38:aa:b6:8d:17:3c:4d:15:a1:ce:96:17:ab:78:67:f6:23:bb:
05:3d:d0:63:a6:ff:e9:a3:02:59:64:f9:5f:f9:ce:15:91:41:
25:0c:32:f4:22:6b:35:6d:ec:8e:26:56:1d:6b:48:b9:10:de:
d8:0b:72:a1:09:46:21:35:a4:b5:46:b1:be:43:ff:6e:b2:c6:
3d:f8:df:95:c9:10:88:fa:44:18:35:d4:0c:1b:fe:fd:a8:7b:
b4:97:ab:1b:d6:69:ab:68:98:6b:7c:09:b8:ed:92:d5:c1:cc:
c3:f7:6a:d6:4a:4d:ca:39:dc:bb:46:2e:1a:3d:3c:c1:06:5d:
b9:d2:1b:9f:1b:89:92:c2:a4:2e:f8:dc:4e:54:4a:9c:6f:3f:
5e:eb:f2:d4:db:8d:d2:5c:ad:0b:bf:29:01:c5:00:3d:0d:76:
1b:2f:90:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJnz7wQO9bmGI7Xcf/N1GUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZGZjYWFlNjUzMzZkMGM5Y2E0MjU4NWE0NmQ5OGM5YWMy
NGY1ZTUwHhcNMjUwNjA3MDkwMTAyWhcNMjUwNjA4MDkwMTAyWjAzMTEwLwYDVQQD
EygxZjU4OTY5ODIzOWMxYmNiMDE4ZGZkMzk1N2QxMzVlZDk3OGE4MWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtE7jOChuUUZ86ru2azLRY7qniNI6
lE0cMLaMYGxEXuuUKOWFd4E1+V7TfIod2/NvJu+TN9W3ovjapbnIeoqPN5/bb9Gt
5khI5iqBpNxHeb2Oti11dKr9p0RMCV1tD4HN7cr05MmfgHyiUpEzDSYda5wPsvZx
6I/avSiprV4FsE9gcAdMDSL1a0lGg8J+JwhB3iAVIqhK2yrQYYESJcqRFngIfvk8
Jc9+7Cry2Sa9XCi9MrryYZ4Z+QM2At+rqwG2RSDFcyOo3m3JhRhJe1k3ebgKXcAr
3tnHEIq9X0eqTD4JEdMDO1VB7PloUPVlgIwsIU1awWFZqDHX5lM6pYcqhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB9YlpgjnBvLAY39OVfRNe2XioHrMB8GA1UdIwQY
MBaAFLHfyq5lM20MnKQlhaRtmMmsJPXlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8xOTg3N2QtMzkzMi00NzJlLTllNjQt
YzQ1ZTg5MjRjNTRhLzEvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8xOTg3N2QtMzkzMi00NzJlLTllNjQtYzQ1ZTg5MjRjNTRh
LzEvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAriNP4Iav
sPwUklpWexQxvs+y0I0YoTc+LiZQ1LNvIk7nEQdFNasTLOSFYXCMXMbpOHpyf4hy
8WnoXHz2cU82nhmkrvhEL4eqoDp50jY70o1i99Wcc1AAQUw6OKq2jRc8TRWhzpYX
q3hn9iO7BT3QY6b/6aMCWWT5X/nOFZFBJQwy9CJrNW3sjiZWHWtIuRDe2AtyoQlG
ITWktUaxvkP/brLGPfjflckQiPpEGDXUDBv+/ah7tJerG9Zpq2iYa3wJuO2S1cHM
w/dq1kpNyjncu0YuGj08wQZdudIbnxuJksKkLvjcTlRKnG8/Xuvy1NuN0lytC78p
AcUAPQ12Gy+Q3g==
-----END CERTIFICATE-----
Generated at Sat Jun 7 13:45:17 2025 by rpki-client