Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.mft
File: KH4cl_cfNVhn4_uHfyGqUTC2z10.mft (raw, json)
Hash identifier: +ZwvwicE5eE9K/YCSOA8P9yv3TSDR3dKncqRUUCHx4E=
Subject key identifier: 1C:49:F4:FB:A2:BD:BB:88:B6:F1:7A:94:36:EA:30:2A:62:53:DA:10
Authority key identifier: 28:7E:1C:97:F7:1F:35:58:67:E3:FB:87:7F:21:AA:51:30:B6:CF:5D
Certificate issuer: /CN=287e1c97f71f355867e3fb877f21aa5130b6cf5d
Certificate serial: 01975F1409094E4DD0E80EDC33F2F4AA2329
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KH4cl_cfNVhn4_uHfyGqUTC2z10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.mft
Manifest number: 09D2
Signing time: Wed 11 Jun 2025 13:00:37 +0000
Manifest this update: Wed 11 Jun 2025 13:00:37 +0000
Manifest next update: Thu 12 Jun 2025 13:00:37 +0000
Files and hashes: 1: HlpYPKfUTSJ7pDq2oQziu1OJN70.roa (hash: 2/lnsP1apTOPlsNH0YhFprUwFbQM2G9j3yZLF5vZFt4=)
2: KH4cl_cfNVhn4_uHfyGqUTC2z10.crl (hash: pUDhLhQL79LcHT4Pp7xshK9qWZYR3mK8FM5avF5rwt0=)
3: n82Q14Y2YDik1JFdwsQlLlmUXCU.roa (hash: Pqu0KJ3PErrtF3waClxiFcaMqimhO+E9Mo28nI/aapw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.mft
rsync://rpki.ripe.net/repository/DEFAULT/KH4cl_cfNVhn4_uHfyGqUTC2z10.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 12 Jun 2025 13:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5f:14:09:09:4e:4d:d0:e8:0e:dc:33:f2:f4:aa:23:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=287e1c97f71f355867e3fb877f21aa5130b6cf5d
Validity
Not Before: Jun 11 13:00:37 2025 GMT
Not After : Jun 12 13:00:37 2025 GMT
Subject: CN=1c49f4fba2bdbb88b6f17a9436ea302a6253da10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:4c:cf:76:d4:3d:3b:38:4b:5b:b5:d7:c5:64:
05:e2:05:9c:c9:28:4d:d8:3a:cb:d2:90:5e:4a:a2:
7d:48:aa:cf:64:71:ca:ca:0a:24:84:3b:88:c0:6e:
c6:07:41:07:38:51:54:49:ff:e7:28:8c:b4:3b:53:
53:c4:88:94:d4:e6:86:a4:79:85:31:4a:59:47:2f:
22:54:88:90:07:5b:ec:ee:ef:02:e7:83:ea:44:b1:
89:68:03:4a:26:43:64:a4:4f:c2:94:e4:d7:c1:b4:
a4:68:ed:02:7a:e9:34:b0:cf:39:d3:23:71:db:18:
95:20:22:18:b8:b3:29:e6:3c:e7:c5:2a:15:bd:d3:
4f:46:a3:47:01:da:50:6f:dd:b6:a4:fc:44:46:38:
28:1a:d2:93:58:c1:5f:35:2b:1d:f0:c1:3e:03:85:
85:ed:25:73:64:82:86:74:ab:59:0b:23:9e:62:2c:
fd:e4:ef:dd:37:e1:5a:25:91:9a:6f:45:03:a3:82:
e8:6f:6e:4c:6b:d2:c6:27:8d:64:92:20:ed:89:f2:
f5:19:13:ea:25:69:74:a5:cf:4a:28:d6:61:d6:ac:
8f:6b:f9:1e:3d:5b:6b:58:84:e9:21:f9:a2:00:75:
7d:cb:51:17:a0:e1:bd:d6:a3:68:78:30:0d:7a:1f:
8c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:49:F4:FB:A2:BD:BB:88:B6:F1:7A:94:36:EA:30:2A:62:53:DA:10
X509v3 Authority Key Identifier:
keyid:28:7E:1C:97:F7:1F:35:58:67:E3:FB:87:7F:21:AA:51:30:B6:CF:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KH4cl_cfNVhn4_uHfyGqUTC2z10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4d:96:45:e8:b2:f1:9a:60:d0:d3:e6:09:41:9d:52:62:49:5f:
c7:e8:33:01:12:ce:1f:ca:6a:c6:d3:d2:c9:73:78:d4:5a:f1:
1a:e7:2e:5f:41:1d:ef:a5:4c:77:98:e5:09:22:76:3b:79:50:
81:e7:64:2f:ef:25:6f:07:0a:2e:3b:af:22:3a:d7:44:80:7f:
4a:9f:8d:c9:c3:c3:e2:ac:7c:f4:a3:6d:86:d0:4c:b8:30:55:
35:16:8f:7d:81:45:bd:07:d9:90:a2:bd:df:b9:68:ce:dc:01:
d0:1a:16:74:76:c1:80:e5:8e:97:ee:b0:4c:e1:ed:02:41:63:
c3:88:7b:71:66:4b:4c:24:e5:08:3f:c8:77:fb:24:7c:c1:cb:
8b:61:a1:10:c8:63:af:85:a8:a3:69:12:4f:12:8a:fe:9f:07:
8b:1b:84:ea:cb:3d:34:12:05:22:ee:05:19:2f:2d:cb:44:ff:
7f:97:31:74:2e:ff:84:44:2a:35:69:30:da:d8:81:b7:97:fe:
67:96:ba:b9:05:20:7d:90:b6:b9:96:0a:66:4c:e1:01:c2:a4:
9d:42:45:e9:89:7c:31:e2:ee:25:7d:c9:87:6b:c1:49:4f:dc:
84:ce:b5:25:ef:36:c3:15:36:16:47:c0:6b:ff:04:8f:d2:a3:
1d:5d:c6:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdfFAkJTk3Q6A7cM/L0qiMpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4N2UxYzk3ZjcxZjM1NTg2N2UzZmI4NzdmMjFhYTUxMzBi
NmNmNWQwHhcNMjUwNjExMTMwMDM3WhcNMjUwNjEyMTMwMDM3WjAzMTEwLwYDVQQD
EygxYzQ5ZjRmYmEyYmRiYjg4YjZmMTdhOTQzNmVhMzAyYTYyNTNkYTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkzPdtQ9OzhLW7XXxWQF4gWcyShN
2DrL0pBeSqJ9SKrPZHHKygokhDuIwG7GB0EHOFFUSf/nKIy0O1NTxIiU1OaGpHmF
MUpZRy8iVIiQB1vs7u8C54PqRLGJaANKJkNkpE/ClOTXwbSkaO0Ceuk0sM850yNx
2xiVICIYuLMp5jznxSoVvdNPRqNHAdpQb922pPxERjgoGtKTWMFfNSsd8ME+A4WF
7SVzZIKGdKtZCyOeYiz95O/dN+FaJZGab0UDo4Lob25Ma9LGJ41kkiDtifL1GRPq
JWl0pc9KKNZh1qyPa/kePVtrWITpIfmiAHV9y1EXoOG91qNoeDANeh+MeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBxJ9PuivbuItvF6lDbqMCpiU9oQMB8GA1UdIwQY
MBaAFCh+HJf3HzVYZ+P7h38hqlEwts9dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0g0Y2xfY2ZOVmhuNF91SGZ5R3FVVEMyejEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hZjE2MWItZWY1MS00NGJkLThlMGEt
OWViM2M2ODJiMDA5LzEvS0g0Y2xfY2ZOVmhuNF91SGZ5R3FVVEMyejEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hZjE2MWItZWY1MS00NGJkLThlMGEtOWViM2M2ODJiMDA5
LzEvS0g0Y2xfY2ZOVmhuNF91SGZ5R3FVVEMyejEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATZZF6LLx
mmDQ0+YJQZ1SYklfx+gzARLOH8pqxtPSyXN41FrxGucuX0Ed76VMd5jlCSJ2O3lQ
gedkL+8lbwcKLjuvIjrXRIB/Sp+NycPD4qx89KNthtBMuDBVNRaPfYFFvQfZkKK9
37loztwB0BoWdHbBgOWOl+6wTOHtAkFjw4h7cWZLTCTlCD/Id/skfMHLi2GhEMhj
r4Woo2kSTxKK/p8HixuE6ss9NBIFIu4FGS8ty0T/f5cxdC7/hEQqNWkw2tiBt5f+
Z5a6uQUgfZC2uZYKZkzhAcKknUJF6Yl8MeLuJX3Jh2vBSU/chM61Je82wxU2FkfA
a/8Ej9KjHV3G1Q==
-----END CERTIFICATE-----
Generated at Wed Jun 11 20:36:08 2025 by rpki-client