Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
File: kaEXOnDkH0WTVHZpraIvDX9o81Q.mft (raw, json)
Hash identifier: C8Bzr+M5p2D23G1h1u7PosB7G8/Y40ihXVh1qk2qKW8=
Subject key identifier: 61:E0:A9:E0:6A:50:D5:D3:5A:0D:C7:59:B6:05:43:37:E2:97:AC:2B
Authority key identifier: 91:A1:17:3A:70:E4:1F:45:93:54:76:69:AD:A2:2F:0D:7F:68:F3:54
Certificate issuer: /CN=91a1173a70e41f4593547669ada22f0d7f68f354
Certificate serial: 01974779BF377B2B14629BD846B2B43C5AA1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
Manifest number: 157D
Signing time: Fri 06 Jun 2025 23:00:50 +0000
Manifest this update: Fri 06 Jun 2025 23:00:50 +0000
Manifest next update: Sat 07 Jun 2025 23:00:50 +0000
Files and hashes: 1: kaEXOnDkH0WTVHZpraIvDX9o81Q.crl (hash: 9x+j5p3Xz6b7yxl5SDKkoYnO/WpnGEsPshuTvQLPZms=)
2: xREpLh3GVdj1ODzVkMBccz2oKXk.roa (hash: xbsUY7nQRM1AibU2b9y10o7TiQNt9Xvh0b0IzmFT71c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:47:79:bf:37:7b:2b:14:62:9b:d8:46:b2:b4:3c:5a:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91a1173a70e41f4593547669ada22f0d7f68f354
Validity
Not Before: Jun 6 23:00:50 2025 GMT
Not After : Jun 7 23:00:50 2025 GMT
Subject: CN=61e0a9e06a50d5d35a0dc759b6054337e297ac2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:52:ec:2b:cd:3e:be:92:ea:72:70:78:ee:de:
3f:cf:39:c2:35:a6:2e:1b:cf:fb:7f:e6:b3:41:c0:
b3:e3:e3:bc:9e:fc:e0:50:8d:fc:e3:72:4c:01:a2:
9c:5e:7f:d1:67:0e:66:ab:42:6f:7e:e6:81:0f:74:
9a:a4:71:9b:a5:20:d8:9c:53:21:dc:57:a3:7a:60:
04:a3:f5:14:e4:86:64:7c:d2:5a:2b:a9:8e:05:67:
6b:13:03:96:d8:e1:1f:87:c6:33:c4:62:59:97:6c:
b9:7b:a1:a8:4d:a4:9b:6f:8e:ca:43:5f:10:bd:8c:
9d:fb:7a:c0:55:ac:fd:52:51:ee:71:88:95:cc:d8:
58:e6:b3:c3:76:fd:a7:33:53:4f:8d:45:aa:61:2e:
06:d5:df:38:f1:b6:a8:ba:1d:4b:e9:47:db:c0:e0:
56:df:15:7b:5a:56:95:57:11:24:fb:b2:89:8d:f5:
7b:11:0a:05:17:a6:f3:3f:dd:32:02:90:2f:49:47:
e3:d2:1e:c6:a8:83:99:55:14:1b:08:c6:a3:a4:ff:
81:41:1c:a2:2a:39:1f:96:45:2e:b9:8d:9e:b4:3b:
96:ea:7f:45:0d:14:ea:18:26:3a:1e:ce:a4:58:f1:
9b:e0:ca:cc:bd:1e:9e:33:e0:95:00:92:dd:8c:7d:
8d:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:E0:A9:E0:6A:50:D5:D3:5A:0D:C7:59:B6:05:43:37:E2:97:AC:2B
X509v3 Authority Key Identifier:
keyid:91:A1:17:3A:70:E4:1F:45:93:54:76:69:AD:A2:2F:0D:7F:68:F3:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
68:d0:85:a5:ab:69:92:98:62:23:79:50:07:01:40:56:5b:97:
2e:eb:00:7f:e3:e6:cb:a8:cb:4d:26:35:48:e3:08:10:1a:d0:
ea:fd:4f:a4:ab:25:ca:c2:0b:55:2e:31:bd:97:d5:4d:0b:35:
47:23:13:d5:a2:df:97:1e:7b:6d:d7:5e:d7:a4:53:38:9d:56:
a1:cf:30:0f:92:55:07:48:fc:0b:ec:0b:07:a7:98:58:ed:bf:
e9:82:13:6e:56:7f:a2:0b:e3:71:e0:c8:46:7f:05:cc:a6:9d:
66:3f:23:da:b5:65:77:51:65:23:b3:ca:9f:d4:d5:39:ad:bd:
28:a8:22:b8:c6:87:01:c7:69:aa:59:d5:7a:0b:62:01:3f:c9:
ee:50:78:25:fa:69:c3:65:b7:c8:e6:fc:d6:a3:ae:27:9b:01:
c0:a4:41:3a:03:cc:13:f3:07:76:ac:5d:06:64:72:da:1d:b0:
e2:64:b2:e9:6a:13:5b:e1:9a:76:16:13:3d:df:37:76:ac:94:
45:f6:25:89:04:05:7b:2a:1e:66:de:f6:78:82:ca:14:97:95:
64:67:7d:71:26:d3:47:ef:2c:d1:58:cb:3a:79:27:72:cd:00:
b8:e5:57:a9:30:35:ae:0e:3f:fc:7b:e1:2e:6c:4b:5a:99:88:
4a:34:5f:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHeb83eysUYpvYRrK0PFqhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYTExNzNhNzBlNDFmNDU5MzU0NzY2OWFkYTIyZjBkN2Y2
OGYzNTQwHhcNMjUwNjA2MjMwMDUwWhcNMjUwNjA3MjMwMDUwWjAzMTEwLwYDVQQD
Eyg2MWUwYTllMDZhNTBkNWQzNWEwZGM3NTliNjA1NDMzN2UyOTdhYzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylLsK80+vpLqcnB47t4/zznCNaYu
G8/7f+azQcCz4+O8nvzgUI3843JMAaKcXn/RZw5mq0JvfuaBD3SapHGbpSDYnFMh
3FejemAEo/UU5IZkfNJaK6mOBWdrEwOW2OEfh8YzxGJZl2y5e6GoTaSbb47KQ18Q
vYyd+3rAVaz9UlHucYiVzNhY5rPDdv2nM1NPjUWqYS4G1d848baouh1L6UfbwOBW
3xV7WlaVVxEk+7KJjfV7EQoFF6bzP90yApAvSUfj0h7GqIOZVRQbCMajpP+BQRyi
KjkflkUuuY2etDuW6n9FDRTqGCY6Hs6kWPGb4MrMvR6eM+CVAJLdjH2N4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGHgqeBqUNXTWg3HWbYFQzfil6wrMB8GA1UdIwQY
MBaAFJGhFzpw5B9Fk1R2aa2iLw1/aPNUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8zNGU1M2YtNjc1OS00Y2Y1LTk4MDEt
NWQ2MzBlMjAzZmQ1LzEva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8zNGU1M2YtNjc1OS00Y2Y1LTk4MDEtNWQ2MzBlMjAzZmQ1
LzEva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaNCFpatp
kphiI3lQBwFAVluXLusAf+Pmy6jLTSY1SOMIEBrQ6v1PpKslysILVS4xvZfVTQs1
RyMT1aLflx57bdde16RTOJ1Woc8wD5JVB0j8C+wLB6eYWO2/6YITblZ/ogvjceDI
Rn8FzKadZj8j2rVld1FlI7PKn9TVOa29KKgiuMaHAcdpqlnVegtiAT/J7lB4Jfpp
w2W3yOb81qOuJ5sBwKRBOgPME/MHdqxdBmRy2h2w4mSy6WoTW+GadhYTPd83dqyU
RfYliQQFeyoeZt72eILKFJeVZGd9cSbTR+8s0VjLOnkncs0AuOVXqTA1rg4//Hvh
LmxLWpmISjRfUw==
-----END CERTIFICATE-----
Generated at Sat Jun 7 01:23:42 2025 by rpki-client