Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
File: KbOnF2ZaETfpncj60i4-f5jbiXM.mft (raw, json)
Hash identifier: 9LwG8i3peEh/wrG8vAc+PYGctIFeDaIFQZvHy5Uw5ZY=
Subject key identifier: 26:92:2E:80:88:79:29:EC:B0:70:9C:C9:74:35:89:70:A2:19:AF:A5
Authority key identifier: 29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
Certificate issuer: /CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Certificate serial: 01973E090BCFFF9E598E212E52D6D0EBD5D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
Manifest number: 157C
Signing time: Thu 05 Jun 2025 03:01:09 +0000
Manifest this update: Thu 05 Jun 2025 03:01:09 +0000
Manifest next update: Fri 06 Jun 2025 03:01:09 +0000
Files and hashes: 1: 0l-uuc0ta--zZGivAH1vRPmB_34.roa (hash: N3+ixN59bx1CAdzBVH5dBhTA7XSG6tSZGbX7+qQ9kkU=)
2: KbOnF2ZaETfpncj60i4-f5jbiXM.crl (hash: qFUk7hA4cfBdrsoruY6A5dAzVoTwVSNDwik/6Q/wfRs=)
3: ZjCHU3LEGq34M383f_KumGN_eB4.roa (hash: YxlGAgs8g3hAPxhoH9iP3cLnbEfE9zXQU/84spENz30=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3e:09:0b:cf:ff:9e:59:8e:21:2e:52:d6:d0:eb:d5:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Validity
Not Before: Jun 5 03:01:09 2025 GMT
Not After : Jun 6 03:01:09 2025 GMT
Subject: CN=26922e80887929ecb0709cc974358970a219afa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:43:db:39:5b:fc:b4:d0:a8:7d:96:73:4e:4b:
f9:f7:03:51:f6:3e:ec:21:98:e3:41:28:2e:4d:6a:
01:b2:67:4e:26:0b:fd:38:18:c2:2b:7f:3b:19:2b:
fd:ef:24:26:ac:1a:69:74:85:f4:3e:60:3f:a8:ca:
18:31:48:bd:18:65:c8:f1:84:da:cd:66:55:e0:56:
01:50:46:e4:d6:33:a4:f5:52:b3:35:2a:c9:98:30:
e9:f6:6d:3e:2a:eb:36:24:33:f6:03:fe:af:7a:e1:
d5:e1:59:d6:51:c9:2b:94:9c:90:c4:18:7c:4f:9a:
e5:97:f7:61:b8:9e:da:23:3b:0c:49:66:da:e9:57:
3b:f2:3c:e1:d3:47:2e:57:2b:6a:45:71:4f:44:1b:
e0:8e:0f:bc:8b:98:73:de:c7:f6:f6:e2:0f:d8:08:
b1:06:ef:13:8e:a9:f6:73:04:ed:7e:49:3b:00:1b:
33:81:db:8a:71:48:73:01:05:47:20:eb:4f:52:c9:
e5:60:d0:2e:3b:d1:49:19:0a:40:25:a2:6d:d7:a7:
ea:19:9a:e5:67:0b:90:1e:d5:db:71:b1:2d:b8:c3:
b4:94:56:6b:b4:07:db:25:04:9c:e2:e8:39:cc:8b:
f6:0f:a7:80:fa:1f:b0:ec:80:8d:0c:49:ec:ee:78:
9f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:92:2E:80:88:79:29:EC:B0:70:9C:C9:74:35:89:70:A2:19:AF:A5
X509v3 Authority Key Identifier:
keyid:29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5f:a9:12:7a:75:49:ec:b1:00:40:53:ac:61:06:66:50:34:24:
7e:a5:8e:d3:00:91:23:ed:ed:f0:fb:c9:53:f8:fa:6a:f0:d9:
3a:66:00:39:82:47:8b:09:4b:18:ea:1b:ad:0f:66:6b:7c:0b:
c8:57:4f:4b:92:2c:38:36:3b:06:5d:ff:ff:7b:e2:7d:39:62:
70:1b:19:87:a9:2d:44:bb:60:89:0f:2f:31:3e:51:b3:5f:8b:
04:26:b4:ec:69:ef:1b:e0:33:a7:78:3f:55:d5:fb:17:cb:81:
2f:78:12:b9:b1:5a:44:17:c5:69:c5:f6:66:ff:b1:71:ca:fe:
9c:ba:fa:70:6a:45:e9:a9:d3:8f:6c:1a:26:57:2d:cc:00:a8:
de:da:17:94:d0:ab:3d:a5:d8:c6:30:ee:7d:9f:48:85:7d:c1:
eb:21:c3:ca:32:58:16:c8:a3:62:ac:66:bd:8d:55:c9:84:7e:
0d:88:0b:94:43:d5:2c:de:a9:8f:3e:f4:74:d5:4b:66:96:d7:
a7:ae:ae:6f:4c:78:0e:89:ab:83:c0:8a:ec:57:ee:79:45:62:
20:21:2a:ac:cd:ea:87:34:56:42:ed:6f:7f:bc:2c:fb:0b:2b:
2f:e2:e8:a9:14:af:8d:de:42:d9:3a:bb:66:4a:fc:14:2e:87:
72:54:c0:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZc+CQvP/55ZjiEuUtbQ69XZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YjNhNzE3NjY1YTExMzdlOTlkYzhmYWQyMmUzZTdmOThk
Yjg5NzMwHhcNMjUwNjA1MDMwMTA5WhcNMjUwNjA2MDMwMTA5WjAzMTEwLwYDVQQD
EygyNjkyMmU4MDg4NzkyOWVjYjA3MDljYzk3NDM1ODk3MGEyMTlhZmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0UPbOVv8tNCofZZzTkv59wNR9j7s
IZjjQSguTWoBsmdOJgv9OBjCK387GSv97yQmrBppdIX0PmA/qMoYMUi9GGXI8YTa
zWZV4FYBUEbk1jOk9VKzNSrJmDDp9m0+Kus2JDP2A/6veuHV4VnWUckrlJyQxBh8
T5rll/dhuJ7aIzsMSWba6Vc78jzh00cuVytqRXFPRBvgjg+8i5hz3sf29uIP2Aix
Bu8Tjqn2cwTtfkk7ABszgduKcUhzAQVHIOtPUsnlYNAuO9FJGQpAJaJt16fqGZrl
ZwuQHtXbcbEtuMO0lFZrtAfbJQSc4ug5zIv2D6eA+h+w7ICNDEns7nifjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCaSLoCIeSnssHCcyXQ1iXCiGa+lMB8GA1UdIwQY
MBaAFCmzpxdmWhE36Z3I+tIuPn+Y24lzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgt
NjY5ZjdhNzYxNjMxLzEvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgtNjY5ZjdhNzYxNjMx
LzEvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX6kSenVJ
7LEAQFOsYQZmUDQkfqWO0wCRI+3t8PvJU/j6avDZOmYAOYJHiwlLGOobrQ9ma3wL
yFdPS5IsODY7Bl3//3vifTlicBsZh6ktRLtgiQ8vMT5Rs1+LBCa07GnvG+Azp3g/
VdX7F8uBL3gSubFaRBfFacX2Zv+xccr+nLr6cGpF6anTj2waJlctzACo3toXlNCr
PaXYxjDufZ9IhX3B6yHDyjJYFsijYqxmvY1VyYR+DYgLlEPVLN6pjz70dNVLZpbX
p66ub0x4Domrg8CK7FfueUViICEqrM3qhzRWQu1vf7ws+wsrL+LoqRSvjd5C2Tq7
Zkr8FC6HclTAKg==
-----END CERTIFICATE-----
Generated at Thu Jun 5 07:10:17 2025 by rpki-client