Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
File: kfikmw1lM9BnmVaH-u49tzqqCLE.mft (raw, json)
Hash identifier: l1p7j89vT/QCN7FphJ/7lXxkOtufUyQVEIHD+6QnZ58=
Subject key identifier: 97:A4:37:8E:94:6D:BD:9C:A6:AE:7B:69:AA:6C:5B:E5:87:9B:71:E9
Authority key identifier: 91:F8:A4:9B:0D:65:33:D0:67:99:56:87:FA:EE:3D:B7:3A:AA:08:B1
Certificate issuer: /CN=91f8a49b0d6533d067995687faee3db73aaa08b1
Certificate serial: 01976D3D9303B53833FD5D7B566D741EE29D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
Manifest number: 04A1
Signing time: Sat 14 Jun 2025 07:00:41 +0000
Manifest this update: Sat 14 Jun 2025 07:00:41 +0000
Manifest next update: Sun 15 Jun 2025 07:00:41 +0000
Files and hashes: 1: kfikmw1lM9BnmVaH-u49tzqqCLE.crl (hash: r9dXe1NHJxdgptev09sG1YCsvZQahdAilDiwsnWcnNI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6d:3d:93:03:b5:38:33:fd:5d:7b:56:6d:74:1e:e2:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91f8a49b0d6533d067995687faee3db73aaa08b1
Validity
Not Before: Jun 14 07:00:41 2025 GMT
Not After : Jun 15 07:00:41 2025 GMT
Subject: CN=97a4378e946dbd9ca6ae7b69aa6c5be5879b71e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:0c:ac:45:d5:53:ff:5b:a6:ed:d4:49:19:de:
74:3f:3e:3d:d9:cf:dc:a1:61:a8:ab:b9:0a:2b:fb:
c9:bd:75:f5:b5:60:b4:b2:79:7d:b5:41:cd:5d:17:
e4:ad:c9:fd:b6:81:c6:45:2d:41:91:3a:3d:8b:20:
82:19:33:ac:60:10:81:05:fd:d6:4c:ec:f2:a9:2f:
73:55:1b:01:5b:eb:09:fb:71:ed:68:4d:b8:a0:dd:
aa:34:7c:ba:24:2d:c4:59:75:27:0d:50:a6:70:4a:
7a:93:31:90:c4:f4:ac:5a:71:4d:1d:eb:93:5d:90:
cd:ed:e0:25:3c:5a:d2:00:dd:0f:1d:df:06:b3:cc:
2c:e8:02:ad:92:2f:1f:7c:22:dd:7f:5a:07:5e:54:
d3:95:4c:9f:1f:27:24:ce:b0:bf:9d:89:da:27:b0:
90:f8:a2:ca:35:1b:56:33:79:9d:87:d5:5b:b9:a4:
d1:ce:81:6d:2b:50:ac:c5:1a:1e:65:8a:c2:d0:e4:
90:43:6f:95:7c:28:a2:39:0e:c5:d0:81:6e:3f:7c:
ff:62:7e:68:7f:f9:7d:84:cf:d5:b0:88:a3:63:61:
b7:a9:e2:37:1d:41:f1:3f:2f:66:d7:b8:86:77:c7:
75:a7:95:ab:8b:80:7b:d4:2a:38:38:61:05:63:3f:
4b:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:A4:37:8E:94:6D:BD:9C:A6:AE:7B:69:AA:6C:5B:E5:87:9B:71:E9
X509v3 Authority Key Identifier:
keyid:91:F8:A4:9B:0D:65:33:D0:67:99:56:87:FA:EE:3D:B7:3A:AA:08:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
31:87:ef:35:88:86:a8:27:ed:a0:3d:c4:f4:0c:51:15:53:8a:
69:0c:c2:d9:83:f5:ac:65:4c:4b:66:73:cc:cf:05:c5:13:25:
c2:7e:5e:a9:e6:e0:ef:2a:53:81:25:e7:b4:dd:9d:b6:8f:33:
1c:45:bb:a7:24:0b:20:ff:ec:34:17:31:ed:e8:78:22:45:52:
20:a6:8f:f3:f1:7b:29:18:4b:6d:ad:f8:2a:26:30:e7:03:67:
1e:6f:c9:0d:fd:51:cf:89:03:c8:7e:14:1b:b0:fa:cd:9d:3b:
91:45:60:76:f8:de:03:37:32:75:ac:f0:a7:8b:06:b4:23:2e:
ba:9b:83:8b:35:55:fe:de:99:a3:12:4e:dc:d5:fe:e5:bd:2e:
53:47:a5:02:88:7f:2a:9f:ab:98:cf:93:47:55:89:23:52:bd:
46:c7:c0:f7:72:b1:b9:d4:d0:0d:33:1f:b8:b4:61:82:94:71:
b3:0d:76:82:58:43:88:84:10:9f:78:c2:5c:cd:de:aa:45:6c:
db:70:5d:62:2d:38:26:e2:03:cf:c0:b6:e8:63:2e:ef:14:3c:
30:cc:ef:fd:98:20:46:57:64:1d:d7:49:67:fb:07:f6:c6:4c:
2a:21:cf:7e:2b:68:a2:de:83:0f:71:7d:8b:b4:3d:25:6d:44:
09:44:96:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPZMDtTgz/V17Vm10HuKdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZjhhNDliMGQ2NTMzZDA2Nzk5NTY4N2ZhZWUzZGI3M2Fh
YTA4YjEwHhcNMjUwNjE0MDcwMDQxWhcNMjUwNjE1MDcwMDQxWjAzMTEwLwYDVQQD
Eyg5N2E0Mzc4ZTk0NmRiZDljYTZhZTdiNjlhYTZjNWJlNTg3OWI3MWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2QysRdVT/1um7dRJGd50Pz492c/c
oWGoq7kKK/vJvXX1tWC0snl9tUHNXRfkrcn9toHGRS1BkTo9iyCCGTOsYBCBBf3W
TOzyqS9zVRsBW+sJ+3HtaE24oN2qNHy6JC3EWXUnDVCmcEp6kzGQxPSsWnFNHeuT
XZDN7eAlPFrSAN0PHd8Gs8ws6AKtki8ffCLdf1oHXlTTlUyfHyckzrC/nYnaJ7CQ
+KLKNRtWM3mdh9VbuaTRzoFtK1CsxRoeZYrC0OSQQ2+VfCiiOQ7F0IFuP3z/Yn5o
f/l9hM/VsIijY2G3qeI3HUHxPy9m17iGd8d1p5Wri4B71Co4OGEFYz9LEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJekN46Ubb2cpq57aapsW+WHm3HpMB8GA1UdIwQY
MBaAFJH4pJsNZTPQZ5lWh/ruPbc6qgixMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8zODlmYmYtZGZiNS00YTBiLWI4NDYt
NDMyODQyOWJkMzc0LzEva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8zODlmYmYtZGZiNS00YTBiLWI4NDYtNDMyODQyOWJkMzc0
LzEva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMYfvNYiG
qCftoD3E9AxRFVOKaQzC2YP1rGVMS2ZzzM8FxRMlwn5eqebg7ypTgSXntN2dto8z
HEW7pyQLIP/sNBcx7eh4IkVSIKaP8/F7KRhLba34KiYw5wNnHm/JDf1Rz4kDyH4U
G7D6zZ07kUVgdvjeAzcydazwp4sGtCMuupuDizVV/t6ZoxJO3NX+5b0uU0elAoh/
Kp+rmM+TR1WJI1K9RsfA93KxudTQDTMfuLRhgpRxsw12glhDiIQQn3jCXM3eqkVs
23BdYi04JuIDz8C26GMu7xQ8MMzv/ZggRldkHddJZ/sH9sZMKiHPfitoot6DD3F9
i7Q9JW1ECUSWfQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 12:27:09 2025 by rpki-client