Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
File: kfikmw1lM9BnmVaH-u49tzqqCLE.mft (raw, json)
Hash identifier: O/hQVJT9Zp4Bi+p2/T6vgz161HmvAooW/Y8rYc6xMck=
Subject key identifier: 72:E1:B8:C3:DD:EE:70:EF:39:AF:2C:CA:E4:CD:D3:45:86:64:7D:69
Authority key identifier: 91:F8:A4:9B:0D:65:33:D0:67:99:56:87:FA:EE:3D:B7:3A:AA:08:B1
Certificate issuer: /CN=91f8a49b0d6533d067995687faee3db73aaa08b1
Certificate serial: 019756111B1EE130BBDCA8F0F94ABAACE993
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
Manifest number: 0495
Signing time: Mon 09 Jun 2025 19:00:50 +0000
Manifest this update: Mon 09 Jun 2025 19:00:50 +0000
Manifest next update: Tue 10 Jun 2025 19:00:50 +0000
Files and hashes: 1: kfikmw1lM9BnmVaH-u49tzqqCLE.crl (hash: dQ46e6H1uIZw5E56LP5tk0Zc6BXAICdFClzzO/R3oWA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 10 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:56:11:1b:1e:e1:30:bb:dc:a8:f0:f9:4a:ba:ac:e9:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91f8a49b0d6533d067995687faee3db73aaa08b1
Validity
Not Before: Jun 9 19:00:50 2025 GMT
Not After : Jun 10 19:00:50 2025 GMT
Subject: CN=72e1b8c3ddee70ef39af2ccae4cdd34586647d69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:7a:06:07:19:9d:9e:1e:60:57:3e:41:9a:ec:
62:c5:26:8c:7e:7a:6d:7e:a8:64:28:d6:ae:37:17:
ec:72:52:23:38:6b:d9:67:df:d2:ea:21:71:41:ba:
f0:ee:94:83:fb:cd:09:3a:e7:9d:14:e2:b2:fe:2c:
11:cf:bd:b0:1c:3d:bf:d5:46:c1:3e:28:90:3b:f9:
dd:fc:da:e8:e6:1b:a7:20:04:c0:ff:e0:db:08:b9:
6e:ef:42:6e:19:fc:c9:4d:53:fe:cf:49:f1:f5:bb:
3d:a9:f1:ec:dd:0b:f0:b5:9e:8d:d1:19:df:8e:77:
c4:b6:c7:55:f3:b5:ec:a2:d5:16:8f:a1:a0:20:d0:
e3:1e:03:22:17:d7:be:75:f4:84:c0:c1:fd:8f:e3:
23:b3:a9:e9:4f:0a:c4:e5:ba:0c:a8:9c:ef:65:46:
f5:1e:72:49:38:cc:5a:c9:11:b8:46:f8:2f:1b:2b:
d8:4a:85:8b:97:60:cc:69:c8:20:d9:ea:15:c4:d6:
27:bd:07:52:77:e2:db:e4:f2:4c:67:8e:0d:5c:d1:
58:35:e4:d4:f0:e8:bb:5c:08:b5:85:ec:88:07:71:
bc:07:40:6c:3c:25:bd:68:23:3f:d9:34:85:2d:64:
8c:42:8d:89:5a:90:3f:f6:08:08:69:a4:6b:dd:36:
22:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:E1:B8:C3:DD:EE:70:EF:39:AF:2C:CA:E4:CD:D3:45:86:64:7D:69
X509v3 Authority Key Identifier:
keyid:91:F8:A4:9B:0D:65:33:D0:67:99:56:87:FA:EE:3D:B7:3A:AA:08:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9a:66:c6:b7:2b:e6:b7:7f:e7:e6:b4:00:80:38:f8:8c:ea:e3:
e3:d9:d3:02:9c:ff:15:fb:f2:f5:6c:3f:22:f3:45:df:7b:b6:
8b:6f:d6:53:cc:06:7b:b4:71:db:f9:b1:5c:3c:69:b2:00:c4:
6a:9f:a9:70:ca:0a:4a:b8:21:b8:77:c6:1d:1d:45:df:c8:4a:
71:6c:29:27:74:5f:7f:fe:e5:92:b3:a5:79:a2:4e:44:6d:02:
d9:a6:12:d8:63:6c:ee:27:69:3e:9b:25:c0:01:2f:c9:cc:32:
35:2f:d5:b0:d1:d9:33:85:34:08:35:52:44:96:0b:18:fb:1d:
5c:4d:87:f9:4c:d8:bf:d0:4d:64:9d:33:91:85:fd:c1:d4:d9:
e2:ae:47:38:5a:ac:b5:9e:34:72:cf:35:e0:d2:a4:a5:bd:7d:
39:cd:1e:26:86:de:5d:b2:62:3a:21:a3:51:c2:c9:06:7f:8c:
13:9e:bc:9c:db:21:fe:d7:2d:d6:49:87:24:95:be:dc:b5:c3:
c7:8d:ad:54:4d:2a:e8:b8:27:4a:cd:fc:36:4b:a1:f1:a4:15:
3f:3e:ab:85:67:3a:0f:a7:47:ac:e8:d9:7c:46:14:72:b1:29:
2e:58:ba:7d:3f:3d:92:3d:49:c7:d7:ad:52:f8:da:d0:67:a3:
23:b5:3c:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdWERse4TC73Kjw+Uq6rOmTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZjhhNDliMGQ2NTMzZDA2Nzk5NTY4N2ZhZWUzZGI3M2Fh
YTA4YjEwHhcNMjUwNjA5MTkwMDUwWhcNMjUwNjEwMTkwMDUwWjAzMTEwLwYDVQQD
Eyg3MmUxYjhjM2RkZWU3MGVmMzlhZjJjY2FlNGNkZDM0NTg2NjQ3ZDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXoGBxmdnh5gVz5BmuxixSaMfnpt
fqhkKNauNxfsclIjOGvZZ9/S6iFxQbrw7pSD+80JOuedFOKy/iwRz72wHD2/1UbB
PiiQO/nd/Nro5hunIATA/+DbCLlu70JuGfzJTVP+z0nx9bs9qfHs3QvwtZ6N0Rnf
jnfEtsdV87XsotUWj6GgINDjHgMiF9e+dfSEwMH9j+Mjs6npTwrE5boMqJzvZUb1
HnJJOMxayRG4RvgvGyvYSoWLl2DMacgg2eoVxNYnvQdSd+Lb5PJMZ44NXNFYNeTU
8Oi7XAi1heyIB3G8B0BsPCW9aCM/2TSFLWSMQo2JWpA/9ggIaaRr3TYiSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHLhuMPd7nDvOa8syuTN00WGZH1pMB8GA1UdIwQY
MBaAFJH4pJsNZTPQZ5lWh/ruPbc6qgixMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8zODlmYmYtZGZiNS00YTBiLWI4NDYt
NDMyODQyOWJkMzc0LzEva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8zODlmYmYtZGZiNS00YTBiLWI4NDYtNDMyODQyOWJkMzc0
LzEva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmmbGtyvm
t3/n5rQAgDj4jOrj49nTApz/Ffvy9Ww/IvNF33u2i2/WU8wGe7Rx2/mxXDxpsgDE
ap+pcMoKSrghuHfGHR1F38hKcWwpJ3Rff/7lkrOleaJORG0C2aYS2GNs7idpPpsl
wAEvycwyNS/VsNHZM4U0CDVSRJYLGPsdXE2H+UzYv9BNZJ0zkYX9wdTZ4q5HOFqs
tZ40cs814NKkpb19Oc0eJobeXbJiOiGjUcLJBn+ME568nNsh/tct1kmHJJW+3LXD
x42tVE0q6LgnSs38Nkuh8aQVPz6rhWc6D6dHrOjZfEYUcrEpLli6fT89kj1Jx9et
Uvja0GejI7U8xg==
-----END CERTIFICATE-----
Generated at Tue Jun 10 01:20:55 2025 by rpki-client