Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
File: sd_KrmUzbQycpCWFpG2Yyawk9eU.mft (raw, json)
Hash identifier: 78hyyOe1hpI4lp1f1qT7PhtBAndKlIhD6efMoBDsjzg=
Subject key identifier: 3B:1C:E5:21:0B:42:D9:2F:68:96:20:28:A3:22:5A:D5:1F:C8:45:9A
Authority key identifier: B1:DF:CA:AE:65:33:6D:0C:9C:A4:25:85:A4:6D:98:C9:AC:24:F5:E5
Certificate issuer: /CN=b1dfcaae65336d0c9ca42585a46d98c9ac24f5e5
Certificate serial: 0199172D1FD018325B844F102DD10D01CA34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
Manifest number: 02B2
Signing time: Fri 05 Sep 2025 00:00:57 +0000
Manifest this update: Fri 05 Sep 2025 00:00:57 +0000
Manifest next update: Sat 06 Sep 2025 00:00:57 +0000
Files and hashes: 1: sd_KrmUzbQycpCWFpG2Yyawk9eU.crl (hash: wdwNcDebq6VoxYIS/stfLnkC5qQ5YXdepmly8ri6Rv8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 00:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:17:2d:1f:d0:18:32:5b:84:4f:10:2d:d1:0d:01:ca:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1dfcaae65336d0c9ca42585a46d98c9ac24f5e5
Validity
Not Before: Sep 5 00:00:57 2025 GMT
Not After : Sep 6 00:00:57 2025 GMT
Subject: CN=3b1ce5210b42d92f68962028a3225ad51fc8459a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:4a:95:48:94:3f:be:b7:8c:64:63:80:26:89:
4c:b7:63:33:68:af:bc:bc:e0:fe:f8:10:51:b0:0e:
ed:b4:fb:00:8c:f9:f4:13:aa:35:cf:ae:d7:b7:e7:
b2:d6:68:f7:67:2b:76:85:1c:52:73:20:25:f3:71:
16:90:66:84:fa:4d:df:bf:73:4e:e6:81:0a:b8:18:
dd:d8:fc:f8:60:35:5a:98:4b:e3:23:37:d5:01:15:
9f:db:4e:26:a2:57:40:77:ef:03:15:49:0d:bd:ae:
ff:6c:94:70:c3:61:61:1a:c6:0a:1f:ae:bc:2e:99:
84:53:c3:20:8d:f2:e8:df:a9:4f:2c:7c:85:3e:0d:
2d:1f:6b:53:3f:ff:15:d7:6a:cd:b4:b3:92:92:4c:
be:6b:ba:50:af:8e:46:06:3e:e2:09:0e:54:c7:c7:
92:18:49:e1:8f:71:fc:13:c9:ef:53:91:01:70:8d:
11:8c:e3:c4:04:1e:42:2c:a8:fe:4c:eb:81:27:8b:
f5:8d:91:96:5e:9c:35:5d:e4:56:07:ef:6b:39:93:
83:5c:d5:b6:b6:b5:37:95:9a:ef:1c:25:a9:63:b6:
ca:1f:6e:fa:d2:41:95:c2:e0:86:60:dc:83:30:2b:
24:94:71:42:de:10:51:eb:3b:73:7d:7a:1d:9a:9f:
52:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:1C:E5:21:0B:42:D9:2F:68:96:20:28:A3:22:5A:D5:1F:C8:45:9A
X509v3 Authority Key Identifier:
keyid:B1:DF:CA:AE:65:33:6D:0C:9C:A4:25:85:A4:6D:98:C9:AC:24:F5:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0d:6e:c0:2b:61:4e:fe:0d:92:e6:25:94:ca:49:f5:ce:eb:57:
92:77:e2:50:86:eb:b4:26:d1:ad:24:8d:3b:d3:32:04:62:4d:
0a:d2:1d:cf:51:b7:f0:ce:20:17:ee:53:76:d5:2b:39:91:66:
62:c0:01:05:3c:a9:1b:11:00:a6:54:e4:e3:5c:d5:db:9a:51:
bd:9d:89:b6:d3:c7:c6:7b:57:2a:7b:95:15:d0:40:ea:7c:00:
ef:5a:f2:94:d0:46:c0:ae:89:df:ab:ab:11:ac:69:32:58:44:
d2:bc:ad:21:92:16:22:a7:6b:0b:fb:de:28:23:40:8c:be:49:
f5:19:02:08:9d:a5:6d:16:d5:8f:03:a4:18:1e:ee:65:1c:6d:
ca:62:3b:99:26:03:53:7d:46:55:a1:41:f3:ca:72:f6:b8:05:
14:57:f7:b1:ac:89:54:44:d1:60:34:7a:b7:46:1f:0a:25:4f:
fc:25:b3:21:03:e1:61:3d:f1:e0:75:b0:53:5e:41:7c:31:bc:
2b:d6:50:03:cf:23:c2:bf:3f:83:0a:23:b8:6e:50:21:6c:df:
a2:ed:19:82:78:17:1c:c7:45:fe:96:17:9a:f9:7d:c3:5a:55:
79:c1:5e:7b:7e:64:8c:76:6e:c1:f1:81:18:24:8d:d1:97:87:
87:36:f2:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkXLR/QGDJbhE8QLdENAco0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZGZjYWFlNjUzMzZkMGM5Y2E0MjU4NWE0NmQ5OGM5YWMy
NGY1ZTUwHhcNMjUwOTA1MDAwMDU3WhcNMjUwOTA2MDAwMDU3WjAzMTEwLwYDVQQD
EygzYjFjZTUyMTBiNDJkOTJmNjg5NjIwMjhhMzIyNWFkNTFmYzg0NTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEqVSJQ/vreMZGOAJolMt2MzaK+8
vOD++BBRsA7ttPsAjPn0E6o1z67Xt+ey1mj3Zyt2hRxScyAl83EWkGaE+k3fv3NO
5oEKuBjd2Pz4YDVamEvjIzfVARWf204moldAd+8DFUkNva7/bJRww2FhGsYKH668
LpmEU8MgjfLo36lPLHyFPg0tH2tTP/8V12rNtLOSkky+a7pQr45GBj7iCQ5Ux8eS
GEnhj3H8E8nvU5EBcI0RjOPEBB5CLKj+TOuBJ4v1jZGWXpw1XeRWB+9rOZODXNW2
trU3lZrvHCWpY7bKH2760kGVwuCGYNyDMCsklHFC3hBR6ztzfXodmp9SRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDsc5SELQtkvaJYgKKMiWtUfyEWaMB8GA1UdIwQY
MBaAFLHfyq5lM20MnKQlhaRtmMmsJPXlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8xOTg3N2QtMzkzMi00NzJlLTllNjQt
YzQ1ZTg5MjRjNTRhLzEvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8xOTg3N2QtMzkzMi00NzJlLTllNjQtYzQ1ZTg5MjRjNTRh
LzEvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADW7AK2FO
/g2S5iWUykn1zutXknfiUIbrtCbRrSSNO9MyBGJNCtIdz1G38M4gF+5TdtUrOZFm
YsABBTypGxEAplTk41zV25pRvZ2JttPHxntXKnuVFdBA6nwA71rylNBGwK6J36ur
EaxpMlhE0rytIZIWIqdrC/veKCNAjL5J9RkCCJ2lbRbVjwOkGB7uZRxtymI7mSYD
U31GVaFB88py9rgFFFf3sayJVETRYDR6t0YfCiVP/CWzIQPhYT3x4HWwU15BfDG8
K9ZQA88jwr8/gwojuG5QIWzfou0ZgngXHMdF/pYXmvl9w1pVecFee35kjHZuwfGB
GCSN0ZeHhzby1w==
-----END CERTIFICATE-----
Generated at Fri Sep 5 07:33:07 2025 by rpki-client