Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.mft
File: KH4cl_cfNVhn4_uHfyGqUTC2z10.mft (raw, json)
Hash identifier: ve1cTI8ZKqY7PeDHV7gB+3P14dqlLFVJN0149IOdTMk=
Subject key identifier: 68:8D:22:8C:8B:8B:6A:9A:5D:8E:E9:86:9A:AF:3D:80:CC:44:1F:5A
Authority key identifier: 28:7E:1C:97:F7:1F:35:58:67:E3:FB:87:7F:21:AA:51:30:B6:CF:5D
Certificate issuer: /CN=287e1c97f71f355867e3fb877f21aa5130b6cf5d
Certificate serial: 01975948DAD2B5160BC8A21BCDE8A508B5C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KH4cl_cfNVhn4_uHfyGqUTC2z10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.mft
Manifest number: 09CF
Signing time: Tue 10 Jun 2025 10:00:36 +0000
Manifest this update: Tue 10 Jun 2025 10:00:36 +0000
Manifest next update: Wed 11 Jun 2025 10:00:36 +0000
Files and hashes: 1: HlpYPKfUTSJ7pDq2oQziu1OJN70.roa (hash: 2/lnsP1apTOPlsNH0YhFprUwFbQM2G9j3yZLF5vZFt4=)
2: KH4cl_cfNVhn4_uHfyGqUTC2z10.crl (hash: QBItDuv37R9EaQTeChQ8fhpxcts52nvYEYGhJbSOrk4=)
3: n82Q14Y2YDik1JFdwsQlLlmUXCU.roa (hash: Pqu0KJ3PErrtF3waClxiFcaMqimhO+E9Mo28nI/aapw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.mft
rsync://rpki.ripe.net/repository/DEFAULT/KH4cl_cfNVhn4_uHfyGqUTC2z10.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:59:48:da:d2:b5:16:0b:c8:a2:1b:cd:e8:a5:08:b5:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=287e1c97f71f355867e3fb877f21aa5130b6cf5d
Validity
Not Before: Jun 10 10:00:36 2025 GMT
Not After : Jun 11 10:00:36 2025 GMT
Subject: CN=688d228c8b8b6a9a5d8ee9869aaf3d80cc441f5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:e4:d8:28:cc:50:60:1e:4c:c6:1f:84:fd:b5:
04:00:bd:b5:29:3a:ff:6c:4a:1f:10:bc:a8:f6:8e:
b6:c5:8d:05:5c:50:8b:b5:be:80:73:e0:2d:63:fb:
0f:30:5c:14:ec:6b:4a:25:ee:6e:ad:88:0b:bf:a1:
13:ee:57:10:d3:33:37:62:0e:33:f2:49:5c:fd:8a:
98:64:5d:da:3c:9b:8a:7d:6d:1b:a7:30:d6:fc:d9:
ed:a6:eb:56:be:52:a2:0d:1e:16:dc:41:90:e2:0a:
65:99:a0:bf:13:7f:47:24:11:ad:6f:48:81:d4:3b:
5e:f0:d3:d9:ba:f7:1a:c7:6a:bd:42:f4:79:71:eb:
20:ca:2a:26:2a:58:14:4a:1d:48:a3:4a:90:54:39:
74:32:72:65:33:63:cf:b7:14:35:d2:8e:ad:d0:52:
76:dd:99:47:f1:86:44:4d:fb:2e:e1:ff:88:76:b3:
c9:40:d2:36:72:0d:fa:82:06:a5:a0:e3:e7:b9:ca:
18:c7:2c:71:ac:5f:d4:bb:d3:47:c1:b8:cb:29:4b:
cb:45:e0:47:8c:32:89:3a:6e:92:92:d5:f1:dc:19:
b0:b2:39:6e:19:16:2d:4d:4b:8b:77:91:41:b2:3f:
20:25:d7:fe:57:30:a3:41:b9:13:c8:be:20:78:21:
c5:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:8D:22:8C:8B:8B:6A:9A:5D:8E:E9:86:9A:AF:3D:80:CC:44:1F:5A
X509v3 Authority Key Identifier:
keyid:28:7E:1C:97:F7:1F:35:58:67:E3:FB:87:7F:21:AA:51:30:B6:CF:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KH4cl_cfNVhn4_uHfyGqUTC2z10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4e:0a:35:0e:91:86:ad:dc:66:28:9b:39:40:b3:4d:55:70:6b:
aa:65:36:5e:a4:f0:3a:40:3c:f3:8c:9e:2f:bc:3e:6c:d0:6b:
f9:d4:db:e8:8f:2b:a8:14:2f:15:16:d6:0a:3a:30:d0:78:51:
6d:84:08:c1:83:c1:e6:0d:13:89:a3:52:8c:c9:88:db:8f:95:
77:63:28:9e:69:4f:57:94:c8:b5:c5:03:6a:37:6d:b4:40:f5:
81:2c:27:f8:44:0b:e5:65:1c:64:32:8b:7d:8c:c3:15:a5:ad:
0a:21:02:7a:96:e4:0b:5d:ff:2a:5b:16:6f:d3:54:d5:66:e8:
2b:72:6f:91:de:5e:63:d6:ec:06:9e:3d:66:f7:4e:18:ea:40:
c1:aa:f8:20:55:fd:14:62:53:61:1e:c7:74:28:61:33:eb:ec:
01:76:99:25:e1:84:41:a9:c7:09:e9:11:55:1f:eb:1f:73:03:
99:c6:69:00:f4:41:67:b8:5f:be:09:5b:79:cc:c3:28:10:12:
09:ec:e8:fa:a2:06:05:f2:f9:87:d6:05:98:a3:d5:61:74:84:
28:3a:5b:b5:e7:13:4b:18:c6:92:7c:45:58:ba:87:af:42:d5:
df:e6:ed:60:9a:88:83:29:93:c1:5a:88:51:86:26:99:68:cf:
d1:7a:80:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZSNrStRYLyKIbzeilCLXDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4N2UxYzk3ZjcxZjM1NTg2N2UzZmI4NzdmMjFhYTUxMzBi
NmNmNWQwHhcNMjUwNjEwMTAwMDM2WhcNMjUwNjExMTAwMDM2WjAzMTEwLwYDVQQD
Eyg2ODhkMjI4YzhiOGI2YTlhNWQ4ZWU5ODY5YWFmM2Q4MGNjNDQxZjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+TYKMxQYB5Mxh+E/bUEAL21KTr/
bEofELyo9o62xY0FXFCLtb6Ac+AtY/sPMFwU7GtKJe5urYgLv6ET7lcQ0zM3Yg4z
8klc/YqYZF3aPJuKfW0bpzDW/NntputWvlKiDR4W3EGQ4gplmaC/E39HJBGtb0iB
1Dte8NPZuvcax2q9QvR5cesgyiomKlgUSh1Io0qQVDl0MnJlM2PPtxQ10o6t0FJ2
3ZlH8YZETfsu4f+IdrPJQNI2cg36ggaloOPnucoYxyxxrF/Uu9NHwbjLKUvLReBH
jDKJOm6SktXx3BmwsjluGRYtTUuLd5FBsj8gJdf+VzCjQbkTyL4geCHFewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGiNIoyLi2qaXY7phpqvPYDMRB9aMB8GA1UdIwQY
MBaAFCh+HJf3HzVYZ+P7h38hqlEwts9dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0g0Y2xfY2ZOVmhuNF91SGZ5R3FVVEMyejEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hZjE2MWItZWY1MS00NGJkLThlMGEt
OWViM2M2ODJiMDA5LzEvS0g0Y2xfY2ZOVmhuNF91SGZ5R3FVVEMyejEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hZjE2MWItZWY1MS00NGJkLThlMGEtOWViM2M2ODJiMDA5
LzEvS0g0Y2xfY2ZOVmhuNF91SGZ5R3FVVEMyejEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATgo1DpGG
rdxmKJs5QLNNVXBrqmU2XqTwOkA884yeL7w+bNBr+dTb6I8rqBQvFRbWCjow0HhR
bYQIwYPB5g0TiaNSjMmI24+Vd2MonmlPV5TItcUDajdttED1gSwn+EQL5WUcZDKL
fYzDFaWtCiECepbkC13/KlsWb9NU1WboK3Jvkd5eY9bsBp49ZvdOGOpAwar4IFX9
FGJTYR7HdChhM+vsAXaZJeGEQanHCekRVR/rH3MDmcZpAPRBZ7hfvglbeczDKBAS
Cezo+qIGBfL5h9YFmKPVYXSEKDpbtecTSxjGknxFWLqHr0LV3+btYJqIgymTwVqI
UYYmmWjP0XqAsA==
-----END CERTIFICATE-----
Generated at Tue Jun 10 12:22:40 2025 by rpki-client