Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
File: KbOnF2ZaETfpncj60i4-f5jbiXM.mft (raw, json)
Hash identifier: Ly38pgwWN6UiFdlgIUuy4DeCFHAErYFV/7tieA/Wcg0=
Subject key identifier: C1:3A:A1:24:01:0D:E3:FF:CC:94:6F:EE:DF:8C:E4:82:15:29:39:2F
Authority key identifier: 29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
Certificate issuer: /CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Certificate serial: 019922C3AA1D6BA0489225D4EC955EEFF6D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
Manifest number: 1677
Signing time: Sun 07 Sep 2025 06:01:12 +0000
Manifest this update: Sun 07 Sep 2025 06:01:12 +0000
Manifest next update: Mon 08 Sep 2025 06:01:12 +0000
Files and hashes: 1: 0l-uuc0ta--zZGivAH1vRPmB_34.roa (hash: N3+ixN59bx1CAdzBVH5dBhTA7XSG6tSZGbX7+qQ9kkU=)
2: KbOnF2ZaETfpncj60i4-f5jbiXM.crl (hash: uqqyjnWiD/y4o/GhqOmF9k7nvtQ80DrEWn5ckdOOlAc=)
3: ZjCHU3LEGq34M383f_KumGN_eB4.roa (hash: YxlGAgs8g3hAPxhoH9iP3cLnbEfE9zXQU/84spENz30=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:c3:aa:1d:6b:a0:48:92:25:d4:ec:95:5e:ef:f6:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Validity
Not Before: Sep 7 06:01:12 2025 GMT
Not After : Sep 8 06:01:12 2025 GMT
Subject: CN=c13aa124010de3ffcc946feedf8ce4821529392f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e0:bd:cf:d2:07:be:59:b4:09:de:4c:24:2d:
e8:6d:4c:b9:7c:3f:b6:62:21:b6:46:09:45:df:31:
ad:53:48:5a:1d:9f:e3:59:14:43:3e:17:cf:6a:cd:
95:c5:c9:56:18:2f:a2:44:f4:f6:7e:16:34:fe:06:
7d:0d:42:c6:9b:d1:c5:92:4e:6e:60:48:ab:92:d9:
e9:4c:4e:82:47:6b:21:01:fa:7f:d3:6f:46:e5:54:
38:52:82:c3:e0:ea:be:9b:86:4a:63:ba:62:e0:11:
ea:13:34:10:90:c4:6b:cf:c4:76:d5:32:3e:ae:2b:
8d:1c:ef:bb:f3:ed:bc:54:67:74:aa:f3:5e:cf:eb:
79:3d:5e:59:44:45:4d:97:84:78:4b:c0:76:5b:f9:
78:5b:b0:ab:7c:b2:f9:c1:d2:8b:cf:df:e7:33:f8:
df:22:69:3d:89:fa:77:58:e3:76:7e:f2:b5:11:09:
c3:08:d1:29:bd:b3:c7:a1:da:d1:81:91:5c:9d:0f:
3c:e1:68:66:97:c2:f6:4b:ac:f5:5b:57:57:89:14:
33:47:10:89:93:b7:2a:9d:db:49:4c:ad:cb:69:c2:
65:bc:59:25:d2:13:82:37:49:db:64:e9:76:48:b1:
11:55:dd:3b:06:52:22:3f:43:b7:3f:98:08:bb:55:
92:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:3A:A1:24:01:0D:E3:FF:CC:94:6F:EE:DF:8C:E4:82:15:29:39:2F
X509v3 Authority Key Identifier:
keyid:29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3f:52:d3:d1:04:34:d9:aa:2d:d0:b3:f6:d2:a1:02:f3:a4:9b:
4c:32:c8:23:14:7e:b9:36:13:48:5c:82:4e:c0:7a:17:0b:a4:
3d:c9:ec:45:1a:64:49:22:58:38:53:9a:30:28:02:8d:e8:b4:
4b:5c:f3:d0:26:cc:ef:c1:2f:e3:a9:fe:0c:ff:36:aa:13:4f:
00:8a:f3:c1:47:9c:17:2a:6c:0a:f7:0a:46:61:60:d4:89:ff:
ea:9c:e0:a1:da:6e:d0:50:1e:40:c0:2e:e0:8e:de:78:8b:1d:
84:f6:af:ed:7c:e7:1d:b7:de:44:a5:50:cb:4a:7e:38:41:53:
9b:c0:68:18:64:19:86:17:fb:24:72:56:33:b8:82:3d:76:47:
b6:2d:26:05:08:5a:93:56:98:29:80:df:d3:cd:ac:0e:5a:4d:
80:98:69:84:82:64:54:94:70:1f:b9:6d:fc:7c:f0:96:66:f7:
6c:8a:77:17:70:2b:2a:1b:63:14:4f:d6:9e:b2:55:1e:04:d2:
4f:48:8f:36:b0:9a:65:d5:83:7c:90:62:87:f5:ce:37:b1:14:
22:00:18:3d:2a:9d:c3:b2:e1:5c:6f:54:4c:08:5b:38:dd:e4:
89:b7:7f:23:4c:e6:6f:31:db:27:4e:cc:31:cd:46:69:0e:d3:
05:69:d3:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiw6oda6BIkiXU7JVe7/bXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YjNhNzE3NjY1YTExMzdlOTlkYzhmYWQyMmUzZTdmOThk
Yjg5NzMwHhcNMjUwOTA3MDYwMTEyWhcNMjUwOTA4MDYwMTEyWjAzMTEwLwYDVQQD
EyhjMTNhYTEyNDAxMGRlM2ZmY2M5NDZmZWVkZjhjZTQ4MjE1MjkzOTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0eC9z9IHvlm0Cd5MJC3obUy5fD+2
YiG2RglF3zGtU0haHZ/jWRRDPhfPas2VxclWGC+iRPT2fhY0/gZ9DULGm9HFkk5u
YEirktnpTE6CR2shAfp/029G5VQ4UoLD4Oq+m4ZKY7pi4BHqEzQQkMRrz8R21TI+
riuNHO+78+28VGd0qvNez+t5PV5ZREVNl4R4S8B2W/l4W7CrfLL5wdKLz9/nM/jf
Imk9ifp3WON2fvK1EQnDCNEpvbPHodrRgZFcnQ884Whml8L2S6z1W1dXiRQzRxCJ
k7cqndtJTK3LacJlvFkl0hOCN0nbZOl2SLERVd07BlIiP0O3P5gIu1WSjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFME6oSQBDeP/zJRv7t+M5IIVKTkvMB8GA1UdIwQY
MBaAFCmzpxdmWhE36Z3I+tIuPn+Y24lzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgt
NjY5ZjdhNzYxNjMxLzEvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgtNjY5ZjdhNzYxNjMx
LzEvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP1LT0QQ0
2aot0LP20qEC86SbTDLIIxR+uTYTSFyCTsB6FwukPcnsRRpkSSJYOFOaMCgCjei0
S1zz0CbM78Ev46n+DP82qhNPAIrzwUecFypsCvcKRmFg1In/6pzgodpu0FAeQMAu
4I7eeIsdhPav7XznHbfeRKVQy0p+OEFTm8BoGGQZhhf7JHJWM7iCPXZHti0mBQha
k1aYKYDf082sDlpNgJhphIJkVJRwH7lt/Hzwlmb3bIp3F3ArKhtjFE/WnrJVHgTS
T0iPNrCaZdWDfJBih/XON7EUIgAYPSqdw7LhXG9UTAhbON3kibd/I0zmbzHbJ07M
Mc1GaQ7TBWnT4g==
-----END CERTIFICATE-----
Generated at Sun Sep 7 11:59:51 2025 by rpki-client