Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
File: kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft (raw, json)
Hash identifier: 3zGsZT5HgbKbF6X28+DrJ4xcs/BDs55j4jBLCsmaq1k=
Subject key identifier: 52:A3:49:23:CE:BD:C0:27:47:6F:20:AE:0A:61:56:40:BB:5C:B9:CE
Authority key identifier: 91:DD:0E:48:D9:01:1A:DF:37:66:65:AD:4D:62:CF:31:CE:63:05:8C
Certificate issuer: /CN=91dd0e48d9011adf376665ad4d62cf31ce63058c
Certificate serial: 0198CBDDBFF4102DC4006AB12A40A6A31A94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
Manifest number: 0D64
Signing time: Thu 21 Aug 2025 09:02:44 +0000
Manifest this update: Thu 21 Aug 2025 09:02:44 +0000
Manifest next update: Fri 22 Aug 2025 09:02:44 +0000
Files and hashes: 1: O0T2HbDDLXToVBgQvakFVm0WBM8.roa (hash: j4M5mhMKjocJHlnRMyKx/Jo55Alu9WqNqQzzA+GKZ+8=)
2: WPrYk3ZFYryhbXNF2_g_QVCy5G0.roa (hash: 1/VFn2v02knd9dSenNmn42s5XXg6Yfw+0bFY3ogbnpY=)
3: kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl (hash: qKJnVttV04cj1wmD6W/eqTh4IU/5WFghliVPOLjsPHA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:cb:dd:bf:f4:10:2d:c4:00:6a:b1:2a:40:a6:a3:1a:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91dd0e48d9011adf376665ad4d62cf31ce63058c
Validity
Not Before: Aug 21 09:02:44 2025 GMT
Not After : Aug 22 09:02:44 2025 GMT
Subject: CN=52a34923cebdc027476f20ae0a615640bb5cb9ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b9:b1:05:6c:9b:6a:ac:a0:3e:9e:98:dd:51:
c4:78:f0:50:16:3e:43:8f:8b:f2:d8:65:57:d9:b0:
b7:b1:ec:80:00:12:c1:f5:7e:8b:aa:4d:43:59:65:
b4:f2:4c:3b:53:0b:b0:cd:72:cf:cc:25:72:7f:e9:
54:a5:ad:89:1b:c8:cf:7c:fa:ea:c3:10:4d:df:af:
89:e4:cb:11:1d:0c:aa:aa:c6:92:7d:2c:ee:97:d0:
49:ea:7c:be:73:33:6b:ab:ad:70:fd:e4:19:a6:61:
47:5b:1a:d8:cf:3a:d7:74:ad:59:ee:c3:ef:45:6d:
3b:86:26:26:1f:72:6a:0b:f0:68:ff:30:5e:44:5d:
3e:cc:b4:6e:ba:f9:e0:47:5e:a8:b7:f0:dc:22:c7:
f8:8e:dd:91:8d:45:a2:6b:2b:b1:04:69:62:c2:ed:
b1:6c:61:7d:10:9d:dd:de:2a:e1:2d:4e:4c:f5:8b:
d5:63:ee:3c:aa:23:91:83:e4:9c:47:38:3c:f5:27:
4b:c3:b6:eb:8c:32:ec:05:bf:de:55:5b:b9:c0:e8:
e7:5d:bb:8b:0a:3c:a5:36:3a:02:22:66:a6:29:02:
e0:71:66:ef:67:44:6b:b5:73:18:49:cf:e7:56:f0:
87:7d:0b:ba:30:d8:63:38:5c:0a:0e:51:33:f9:0b:
a5:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:A3:49:23:CE:BD:C0:27:47:6F:20:AE:0A:61:56:40:BB:5C:B9:CE
X509v3 Authority Key Identifier:
keyid:91:DD:0E:48:D9:01:1A:DF:37:66:65:AD:4D:62:CF:31:CE:63:05:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
92:d9:1b:59:43:34:c4:17:94:18:38:81:65:b2:68:25:d6:b3:
c4:61:49:18:aa:c2:da:0f:18:a0:cb:02:69:7c:54:fa:f6:67:
e5:21:da:70:ed:46:ad:1b:70:a5:07:ed:50:ab:4f:7d:de:58:
b2:64:72:26:fc:6e:81:a4:a2:a8:b3:88:71:f3:ff:ec:33:a9:
8c:83:e3:26:c7:55:88:ca:36:51:35:b0:a2:9b:cd:82:28:18:
c3:c4:9c:a3:0b:b3:0b:d3:d0:73:21:36:46:de:20:ba:fd:1e:
da:1c:eb:94:35:4e:f9:73:48:9c:a4:67:56:27:1c:a8:d4:8e:
21:0c:8d:c2:5c:0a:50:b3:99:98:f6:a8:24:8d:81:bb:93:aa:
2a:bf:34:52:ad:29:e5:74:f8:a6:37:9b:1e:cc:1b:3e:08:0c:
86:28:f3:80:7b:b0:a2:df:6f:ca:57:cc:69:5e:ba:17:2f:39:
3b:05:6d:d1:14:d4:4e:eb:09:7e:8f:26:53:d6:4a:77:c0:df:
85:87:f7:e8:19:e6:1c:56:af:44:51:56:0f:0c:b7:de:e7:77:
e4:b1:c8:ed:dd:e2:e1:f6:93:44:e5:01:7f:04:5e:e5:7c:48:
5b:72:06:4d:9c:73:17:a7:87:a4:7b:1e:5a:9e:9e:3e:bb:64:
44:5f:2b:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjL3b/0EC3EAGqxKkCmoxqUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZGQwZTQ4ZDkwMTFhZGYzNzY2NjVhZDRkNjJjZjMxY2U2
MzA1OGMwHhcNMjUwODIxMDkwMjQ0WhcNMjUwODIyMDkwMjQ0WjAzMTEwLwYDVQQD
Eyg1MmEzNDkyM2NlYmRjMDI3NDc2ZjIwYWUwYTYxNTY0MGJiNWNiOWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLmxBWybaqygPp6Y3VHEePBQFj5D
j4vy2GVX2bC3seyAABLB9X6Lqk1DWWW08kw7UwuwzXLPzCVyf+lUpa2JG8jPfPrq
wxBN36+J5MsRHQyqqsaSfSzul9BJ6ny+czNrq61w/eQZpmFHWxrYzzrXdK1Z7sPv
RW07hiYmH3JqC/Bo/zBeRF0+zLRuuvngR16ot/DcIsf4jt2RjUWiayuxBGliwu2x
bGF9EJ3d3irhLU5M9YvVY+48qiORg+ScRzg89SdLw7brjDLsBb/eVVu5wOjnXbuL
CjylNjoCImamKQLgcWbvZ0RrtXMYSc/nVvCHfQu6MNhjOFwKDlEz+QulCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFKjSSPOvcAnR28grgphVkC7XLnOMB8GA1UdIwQY
MBaAFJHdDkjZARrfN2ZlrU1izzHOYwWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8xZTlkMDQtZDk0Zi00ZjEzLWJlM2Mt
MTBmMzRmNTU4MzYzLzEva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8xZTlkMDQtZDk0Zi00ZjEzLWJlM2MtMTBmMzRmNTU4MzYz
LzEva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAktkbWUM0
xBeUGDiBZbJoJdazxGFJGKrC2g8YoMsCaXxU+vZn5SHacO1GrRtwpQftUKtPfd5Y
smRyJvxugaSiqLOIcfP/7DOpjIPjJsdViMo2UTWwopvNgigYw8ScowuzC9PQcyE2
Rt4guv0e2hzrlDVO+XNInKRnViccqNSOIQyNwlwKULOZmPaoJI2Bu5OqKr80Uq0p
5XT4pjebHswbPggMhijzgHuwot9vylfMaV66Fy85OwVt0RTUTusJfo8mU9ZKd8Df
hYf36BnmHFavRFFWDwy33ud35LHI7d3i4faTROUBfwRe5XxIW3IGTZxzF6eHpHse
Wp6ePrtkRF8rcg==
-----END CERTIFICATE-----
Generated at Thu Aug 21 15:25:07 2025 by rpki-client