Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
File: kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft (raw, json)
Hash identifier: fdBubP6WBfrCHc0Qe02y+JShkydTTf7IdNicumEjh5c=
Subject key identifier: 88:36:D6:7F:12:97:0D:F0:CB:1E:94:8E:EE:A4:2E:7A:F4:17:2A:EB
Authority key identifier: 91:DD:0E:48:D9:01:1A:DF:37:66:65:AD:4D:62:CF:31:CE:63:05:8C
Certificate issuer: /CN=91dd0e48d9011adf376665ad4d62cf31ce63058c
Certificate serial: 01973E0924313B8428DD9EC905879616C9BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
Manifest number: 0C96
Signing time: Thu 05 Jun 2025 03:01:15 +0000
Manifest this update: Thu 05 Jun 2025 03:01:15 +0000
Manifest next update: Fri 06 Jun 2025 03:01:15 +0000
Files and hashes: 1: O0T2HbDDLXToVBgQvakFVm0WBM8.roa (hash: j4M5mhMKjocJHlnRMyKx/Jo55Alu9WqNqQzzA+GKZ+8=)
2: WPrYk3ZFYryhbXNF2_g_QVCy5G0.roa (hash: 1/VFn2v02knd9dSenNmn42s5XXg6Yfw+0bFY3ogbnpY=)
3: kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl (hash: 6KIGTMje0cGIQyWxlwVIAgdvK7YJNLJDvDJgUCUODdk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3e:09:24:31:3b:84:28:dd:9e:c9:05:87:96:16:c9:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91dd0e48d9011adf376665ad4d62cf31ce63058c
Validity
Not Before: Jun 5 03:01:15 2025 GMT
Not After : Jun 6 03:01:15 2025 GMT
Subject: CN=8836d67f12970df0cb1e948eeea42e7af4172aeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a4:2d:ea:1c:c9:5c:8a:ab:80:1e:79:08:e7:
14:41:3b:9b:38:01:ec:13:ea:50:b4:c4:a1:b2:38:
2d:8d:ad:ed:7b:8c:f2:82:44:d2:0c:8a:4a:76:93:
b8:3e:9a:6f:fa:b3:1a:df:12:02:e1:ab:71:be:17:
29:c6:da:2e:45:0c:b8:23:0e:c2:52:0c:d2:53:48:
50:5a:a8:a3:1c:18:7a:79:9c:ee:72:9c:50:bd:f9:
76:e8:aa:96:c3:1c:92:ce:a6:7d:48:f7:25:35:cb:
4b:cb:08:0b:e9:e2:59:e2:b0:75:b9:97:70:52:7a:
d3:8d:62:3f:ed:ad:87:cd:3d:97:7f:15:04:39:7e:
c9:05:3c:51:38:6b:b0:3b:d1:07:9c:09:36:17:fe:
2e:e9:14:c9:0d:cc:7d:48:4b:8a:d9:7c:70:36:db:
77:c5:a3:61:40:94:9f:02:5b:f0:57:db:54:3b:56:
09:7e:4e:60:44:c0:db:f7:22:d7:49:bf:13:3e:80:
74:9a:7d:38:8e:25:4c:cf:de:b4:e4:d4:70:6b:be:
87:f3:41:06:9d:73:03:dc:a4:56:92:5c:d1:7d:be:
88:ce:2d:4d:df:b0:93:b2:27:7e:5a:1f:3f:64:e9:
cf:5f:82:3a:bd:11:6d:df:30:cf:e7:4f:bc:8c:c1:
42:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:36:D6:7F:12:97:0D:F0:CB:1E:94:8E:EE:A4:2E:7A:F4:17:2A:EB
X509v3 Authority Key Identifier:
keyid:91:DD:0E:48:D9:01:1A:DF:37:66:65:AD:4D:62:CF:31:CE:63:05:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
70:25:fd:fe:8e:c6:fa:84:a9:c1:c0:6a:25:22:60:02:50:ae:
ee:1a:e4:d1:a5:57:f9:e5:7e:14:b8:a9:50:33:ce:31:68:ac:
9d:9e:d5:ba:f0:ae:07:44:3c:83:e6:31:ba:45:a8:53:8b:ce:
e1:e4:5b:60:b5:7b:34:a0:5d:b5:c2:7b:70:97:58:95:91:06:
0c:04:1f:da:27:e1:01:d9:a6:c5:97:8a:ed:fa:ee:5f:79:2f:
99:c1:94:09:cb:e8:f9:bc:75:48:2e:4d:41:55:bc:db:ae:dd:
b5:79:76:c6:98:46:c4:20:8b:f4:e3:c6:1e:dd:58:cc:b5:9f:
a5:75:ea:cb:96:c3:42:26:e8:fb:03:fb:8b:46:cd:ca:01:4d:
a3:80:74:49:c6:0e:b5:a9:e8:38:9e:27:ed:bd:28:31:9e:22:
90:5d:7f:79:f4:73:0b:fc:23:d6:97:ee:0f:68:2b:4f:22:e7:
9c:6e:8a:c6:4f:e5:b9:6d:1a:f8:49:40:9d:0e:ca:a7:7d:50:
a3:7a:b5:09:21:d5:37:80:a9:dd:ce:f6:08:c8:95:d8:99:2a:
51:5c:f2:4d:d7:4b:7c:20:21:1e:74:bc:bc:a8:bf:9a:ca:21:
b3:80:b1:d9:e8:09:25:df:e2:3b:ab:07:a5:5a:e0:cb:7c:de:
c2:27:1e:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZc+CSQxO4Qo3Z7JBYeWFsm7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZGQwZTQ4ZDkwMTFhZGYzNzY2NjVhZDRkNjJjZjMxY2U2
MzA1OGMwHhcNMjUwNjA1MDMwMTE1WhcNMjUwNjA2MDMwMTE1WjAzMTEwLwYDVQQD
Eyg4ODM2ZDY3ZjEyOTcwZGYwY2IxZTk0OGVlZWE0MmU3YWY0MTcyYWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqQt6hzJXIqrgB55COcUQTubOAHs
E+pQtMShsjgtja3te4zygkTSDIpKdpO4Pppv+rMa3xIC4atxvhcpxtouRQy4Iw7C
UgzSU0hQWqijHBh6eZzucpxQvfl26KqWwxySzqZ9SPclNctLywgL6eJZ4rB1uZdw
UnrTjWI/7a2HzT2XfxUEOX7JBTxROGuwO9EHnAk2F/4u6RTJDcx9SEuK2XxwNtt3
xaNhQJSfAlvwV9tUO1YJfk5gRMDb9yLXSb8TPoB0mn04jiVMz9605NRwa76H80EG
nXMD3KRWklzRfb6Izi1N37CTsid+Wh8/ZOnPX4I6vRFt3zDP50+8jMFCxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIg21n8Slw3wyx6Uju6kLnr0FyrrMB8GA1UdIwQY
MBaAFJHdDkjZARrfN2ZlrU1izzHOYwWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8xZTlkMDQtZDk0Zi00ZjEzLWJlM2Mt
MTBmMzRmNTU4MzYzLzEva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8xZTlkMDQtZDk0Zi00ZjEzLWJlM2MtMTBmMzRmNTU4MzYz
LzEva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcCX9/o7G
+oSpwcBqJSJgAlCu7hrk0aVX+eV+FLipUDPOMWisnZ7VuvCuB0Q8g+YxukWoU4vO
4eRbYLV7NKBdtcJ7cJdYlZEGDAQf2ifhAdmmxZeK7fruX3kvmcGUCcvo+bx1SC5N
QVW8267dtXl2xphGxCCL9OPGHt1YzLWfpXXqy5bDQibo+wP7i0bNygFNo4B0ScYO
tanoOJ4n7b0oMZ4ikF1/efRzC/wj1pfuD2grTyLnnG6Kxk/luW0a+ElAnQ7Kp31Q
o3q1CSHVN4Cp3c72CMiV2JkqUVzyTddLfCAhHnS8vKi/msohs4Cx2egJJd/iO6sH
pVrgy3zewiceSg==
-----END CERTIFICATE-----
Generated at Thu Jun 5 09:49:19 2025 by rpki-client