Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.mft
File: KH4cl_cfNVhn4_uHfyGqUTC2z10.mft (raw, json)
Hash identifier: Rl6LKodHj3cCnbaP1M3E/a3grsXAgoXcvB8ZZg02Ru0=
Subject key identifier: 97:E4:72:5F:E3:26:48:B4:C8:1A:BC:28:F0:12:5E:C6:C1:87:08:53
Authority key identifier: 28:7E:1C:97:F7:1F:35:58:67:E3:FB:87:7F:21:AA:51:30:B6:CF:5D
Certificate issuer: /CN=287e1c97f71f355867e3fb877f21aa5130b6cf5d
Certificate serial: 019764DF2DA7BA1DF4E800D84888253744CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KH4cl_cfNVhn4_uHfyGqUTC2z10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.mft
Manifest number: 09D5
Signing time: Thu 12 Jun 2025 16:00:37 +0000
Manifest this update: Thu 12 Jun 2025 16:00:37 +0000
Manifest next update: Fri 13 Jun 2025 16:00:37 +0000
Files and hashes: 1: HlpYPKfUTSJ7pDq2oQziu1OJN70.roa (hash: 2/lnsP1apTOPlsNH0YhFprUwFbQM2G9j3yZLF5vZFt4=)
2: KH4cl_cfNVhn4_uHfyGqUTC2z10.crl (hash: DaR4Lq5Fl+pCkwjnH4msZa8pqnl7QlYuwZdMjxuQZJE=)
3: n82Q14Y2YDik1JFdwsQlLlmUXCU.roa (hash: Pqu0KJ3PErrtF3waClxiFcaMqimhO+E9Mo28nI/aapw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.mft
rsync://rpki.ripe.net/repository/DEFAULT/KH4cl_cfNVhn4_uHfyGqUTC2z10.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Jun 2025 13:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:64:df:2d:a7:ba:1d:f4:e8:00:d8:48:88:25:37:44:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=287e1c97f71f355867e3fb877f21aa5130b6cf5d
Validity
Not Before: Jun 12 16:00:37 2025 GMT
Not After : Jun 13 16:00:37 2025 GMT
Subject: CN=97e4725fe32648b4c81abc28f0125ec6c1870853
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:bf:9c:84:a1:d0:8d:ac:f3:8f:40:64:a9:2e:
c3:f1:58:d5:ff:d5:39:c3:a6:58:63:e0:42:53:25:
ec:ba:92:e1:e9:67:5f:68:2d:aa:ed:2b:da:4e:c4:
a3:c2:45:64:f8:45:59:87:ae:6c:ea:01:85:4d:14:
b9:22:0f:a9:86:5a:ff:47:94:20:17:b7:9b:fc:fa:
8a:3f:4a:7d:90:99:f3:2c:ec:65:86:fa:aa:2c:81:
6c:d3:8f:2b:ee:4a:9f:26:1c:12:bb:14:0a:bc:d7:
31:f3:5c:00:e2:c7:2f:d4:00:ed:b3:49:76:c3:24:
2e:bb:37:76:8c:c7:1a:c2:4b:45:a3:17:03:bf:8a:
42:05:20:be:3b:30:48:0a:62:a3:f7:f0:25:64:33:
26:00:38:ba:a3:ef:2d:a8:3d:d5:04:d3:77:fe:9a:
64:4d:e5:c0:6b:58:6b:3a:37:55:ac:74:f5:33:05:
82:dc:17:1a:6e:c1:54:d9:97:b6:77:51:a3:fa:76:
6a:e0:9e:8d:34:31:d8:78:3a:96:7d:89:09:b9:00:
ba:91:59:38:b9:a8:cd:c0:44:35:c7:74:49:08:53:
ab:68:c0:c4:2a:ad:06:55:82:3d:ed:6e:b2:b9:f5:
b1:b2:eb:b3:a7:c0:7e:02:cc:34:50:98:20:9b:6e:
b5:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:E4:72:5F:E3:26:48:B4:C8:1A:BC:28:F0:12:5E:C6:C1:87:08:53
X509v3 Authority Key Identifier:
keyid:28:7E:1C:97:F7:1F:35:58:67:E3:FB:87:7F:21:AA:51:30:B6:CF:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KH4cl_cfNVhn4_uHfyGqUTC2z10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
97:d4:8c:bc:96:02:36:a5:7a:29:dd:bd:76:13:37:6f:d9:c9:
f2:ac:d7:d9:66:40:52:18:56:43:f6:fd:fb:a2:87:7f:24:18:
87:40:f3:0d:0c:26:20:f2:36:8a:9e:6c:6e:a6:b2:1d:19:f3:
32:4d:58:7c:d3:fb:7c:04:88:7d:39:65:16:44:fd:70:76:d1:
64:80:c5:14:60:d4:c3:7e:ab:91:65:37:0e:7a:56:9b:25:f4:
6f:5e:3e:2c:d5:11:db:0a:14:b9:62:48:bc:cf:14:ef:6a:35:
00:22:e5:c6:c3:a3:35:08:f4:6e:f0:ac:e2:e1:80:7f:4e:f2:
68:b3:3b:a4:54:87:49:60:33:bc:45:a5:7e:7e:ba:e7:13:b3:
74:f5:f1:0f:db:f3:b0:a3:d5:5f:d1:8d:a5:80:a5:ad:a7:c5:
c3:a4:23:ed:86:21:f4:4c:41:b3:f7:5f:42:2e:0d:17:51:d2:
e4:f0:3a:d3:ad:60:8f:4d:52:aa:46:96:8d:ee:85:ee:fa:b1:
6e:97:3a:00:73:b2:31:74:cf:15:78:ba:c8:11:94:c0:84:3c:
ec:0a:f4:d2:a9:87:be:70:4d:7f:0e:1c:d7:43:ce:48:d7:90:
39:1b:5c:d5:f6:57:e0:25:c9:8c:6b:68:05:6b:d7:24:13:55:
7e:e8:a2:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdk3y2nuh306ADYSIglN0TOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4N2UxYzk3ZjcxZjM1NTg2N2UzZmI4NzdmMjFhYTUxMzBi
NmNmNWQwHhcNMjUwNjEyMTYwMDM3WhcNMjUwNjEzMTYwMDM3WjAzMTEwLwYDVQQD
Eyg5N2U0NzI1ZmUzMjY0OGI0YzgxYWJjMjhmMDEyNWVjNmMxODcwODUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0L+chKHQjazzj0BkqS7D8VjV/9U5
w6ZYY+BCUyXsupLh6WdfaC2q7SvaTsSjwkVk+EVZh65s6gGFTRS5Ig+phlr/R5Qg
F7eb/PqKP0p9kJnzLOxlhvqqLIFs048r7kqfJhwSuxQKvNcx81wA4scv1ADts0l2
wyQuuzd2jMcawktFoxcDv4pCBSC+OzBICmKj9/AlZDMmADi6o+8tqD3VBNN3/ppk
TeXAa1hrOjdVrHT1MwWC3BcabsFU2Ze2d1Gj+nZq4J6NNDHYeDqWfYkJuQC6kVk4
uajNwEQ1x3RJCFOraMDEKq0GVYI97W6yufWxsuuzp8B+Asw0UJggm261ZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJfkcl/jJki0yBq8KPASXsbBhwhTMB8GA1UdIwQY
MBaAFCh+HJf3HzVYZ+P7h38hqlEwts9dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0g0Y2xfY2ZOVmhuNF91SGZ5R3FVVEMyejEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hZjE2MWItZWY1MS00NGJkLThlMGEt
OWViM2M2ODJiMDA5LzEvS0g0Y2xfY2ZOVmhuNF91SGZ5R3FVVEMyejEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hZjE2MWItZWY1MS00NGJkLThlMGEtOWViM2M2ODJiMDA5
LzEvS0g0Y2xfY2ZOVmhuNF91SGZ5R3FVVEMyejEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl9SMvJYC
NqV6Kd29dhM3b9nJ8qzX2WZAUhhWQ/b9+6KHfyQYh0DzDQwmIPI2ip5sbqayHRnz
Mk1YfNP7fASIfTllFkT9cHbRZIDFFGDUw36rkWU3DnpWmyX0b14+LNUR2woUuWJI
vM8U72o1ACLlxsOjNQj0bvCs4uGAf07yaLM7pFSHSWAzvEWlfn665xOzdPXxD9vz
sKPVX9GNpYClrafFw6Qj7YYh9ExBs/dfQi4NF1HS5PA6061gj01SqkaWje6F7vqx
bpc6AHOyMXTPFXi6yBGUwIQ87Ar00qmHvnBNfw4c10POSNeQORtc1fZX4CXJjGto
BWvXJBNVfuiicg==
-----END CERTIFICATE-----
Generated at Thu Jun 12 18:03:28 2025 by rpki-client