Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
File: KYXMQ9gGohtjMwIZ62OLsbpJroA.mft (raw, json)
Hash identifier: hUGXlv8CrViwXbhB/DQo7UKdNv34gUnGulR2tWkh/uE=
Subject key identifier: 5C:86:3F:4F:5D:F3:EF:21:5D:27:29:1B:68:B8:36:D3:1D:5A:AF:DF
Authority key identifier: 29:85:CC:43:D8:06:A2:1B:63:33:02:19:EB:63:8B:B1:BA:49:AE:80
Certificate issuer: /CN=2985cc43d806a21b63330219eb638bb1ba49ae80
Certificate serial: 01961133323F3391E876A784A0DBD067B7BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
Manifest number: 02C4
Signing time: Mon 07 Apr 2025 17:01:29 +0000
Manifest this update: Mon 07 Apr 2025 17:01:29 +0000
Manifest next update: Tue 08 Apr 2025 17:01:29 +0000
Files and hashes: 1: 2Erepc7c7P1VRx_bLNiYu7weRzk.roa (hash: k2SMyfwtPMsgu8pAJX36t6HmVMk0LqM07DF6s7B27wo=)
2: KYXMQ9gGohtjMwIZ62OLsbpJroA.crl (hash: YRu8Z1/o+qpSHioULQiGGj+nEafqeIMqFQMBwUyKqDc=)
3: L_UMuGgef__KCIxYo719-pYnMY0.roa (hash: qQUOKChy81kdhWvOW3DW3K7T6hbp7d9kPXUCB0/Qv9Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:11:33:32:3f:33:91:e8:76:a7:84:a0:db:d0:67:b7:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2985cc43d806a21b63330219eb638bb1ba49ae80
Validity
Not Before: Apr 7 17:01:29 2025 GMT
Not After : Apr 8 17:01:29 2025 GMT
Subject: CN=5c863f4f5df3ef215d27291b68b836d31d5aafdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:d5:44:56:50:fd:79:9a:46:da:42:ed:b0:cb:
bc:10:20:3f:7d:ed:67:76:78:ef:bb:8d:4f:81:e6:
a6:34:56:a7:42:6c:93:1a:32:ca:cc:1e:d8:47:78:
42:fd:32:50:ea:bb:c8:39:a7:b4:02:9b:30:30:60:
2e:f0:2f:ee:e0:76:b1:48:d6:79:3a:77:2c:f2:ea:
1f:4b:74:43:df:0d:d1:f3:02:9d:9d:4b:d1:93:8b:
9c:c7:95:a6:85:1b:db:ff:1a:bf:e1:64:dc:da:8c:
50:1b:42:0d:50:3f:48:49:c6:d5:6d:c7:ee:d8:e7:
2c:88:dd:2a:57:b1:64:48:3f:cf:02:ab:8a:e9:72:
c9:1a:50:9b:59:ea:2f:c7:19:59:0b:57:16:fb:92:
1f:75:cb:43:f1:ad:fd:64:43:56:85:7b:f0:2f:da:
7a:68:d4:98:83:5e:6f:27:47:4f:fe:e2:bc:83:3f:
87:e9:5a:07:9c:9b:dd:b2:a2:f4:3a:63:81:78:d5:
22:bb:d7:44:2f:a2:fd:3d:75:b1:bd:d3:ce:76:f9:
20:9a:32:d6:6c:2a:e7:7a:b6:dc:7e:03:7c:ca:de:
bd:50:69:fe:b3:ca:86:1a:9b:09:fc:f1:73:0d:0c:
de:f1:73:ca:c8:85:b6:0a:51:e1:53:7a:f7:ba:ae:
ca:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:86:3F:4F:5D:F3:EF:21:5D:27:29:1B:68:B8:36:D3:1D:5A:AF:DF
X509v3 Authority Key Identifier:
keyid:29:85:CC:43:D8:06:A2:1B:63:33:02:19:EB:63:8B:B1:BA:49:AE:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
84:54:7b:7a:16:42:83:97:7a:02:4d:2d:f3:8d:ab:46:2c:12:
e8:ba:e4:e8:ef:73:16:ce:9a:66:e7:3d:36:ee:79:e3:9a:17:
ae:2a:dc:30:cd:60:f7:dd:54:04:d9:01:0a:93:32:e0:02:4a:
82:57:cd:54:c0:d8:82:2e:31:92:f6:58:c6:6e:56:ba:f7:7d:
dc:26:91:1d:c8:bb:9c:aa:9c:eb:c4:22:f3:49:73:79:33:65:
d6:6f:d3:7b:4a:af:1e:2e:e4:a4:19:62:62:d4:1f:93:35:f2:
40:68:bb:18:99:77:f9:89:50:60:25:a0:cb:db:84:39:6a:46:
d0:ab:e0:35:67:fc:fc:85:65:d1:d0:36:e1:87:00:a9:5d:78:
d7:68:fa:58:5b:61:1d:38:06:3c:c1:d9:13:6f:9a:dd:b2:46:
f8:39:c9:f9:3d:8a:31:0b:53:b8:91:95:27:03:c4:8e:7d:5a:
58:3d:d6:a8:05:45:80:26:53:46:4e:25:b2:5f:25:20:08:0a:
c7:01:71:24:21:de:2e:f2:f1:49:73:59:40:c7:bd:76:a9:0c:
04:0e:96:be:c2:74:81:dc:c5:ef:40:d5:fa:0b:88:41:ad:a9:
ee:8b:09:f5:1b:4c:8b:3a:16:38:6d:b4:39:fc:70:64:3f:03:
d0:c5:94:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYRMzI/M5HodqeEoNvQZ7e6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ODVjYzQzZDgwNmEyMWI2MzMzMDIxOWViNjM4YmIxYmE0
OWFlODAwHhcNMjUwNDA3MTcwMTI5WhcNMjUwNDA4MTcwMTI5WjAzMTEwLwYDVQQD
Eyg1Yzg2M2Y0ZjVkZjNlZjIxNWQyNzI5MWI2OGI4MzZkMzFkNWFhZmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3NVEVlD9eZpG2kLtsMu8ECA/fe1n
dnjvu41PgeamNFanQmyTGjLKzB7YR3hC/TJQ6rvIOae0ApswMGAu8C/u4HaxSNZ5
Oncs8uofS3RD3w3R8wKdnUvRk4ucx5WmhRvb/xq/4WTc2oxQG0INUD9IScbVbcfu
2OcsiN0qV7FkSD/PAquK6XLJGlCbWeovxxlZC1cW+5IfdctD8a39ZENWhXvwL9p6
aNSYg15vJ0dP/uK8gz+H6VoHnJvdsqL0OmOBeNUiu9dEL6L9PXWxvdPOdvkgmjLW
bCrnerbcfgN8yt69UGn+s8qGGpsJ/PFzDQze8XPKyIW2ClHhU3r3uq7KOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFyGP09d8+8hXScpG2i4NtMdWq/fMB8GA1UdIwQY
MBaAFCmFzEPYBqIbYzMCGetji7G6Sa6AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9mM2ZlZjQtNDVkYS00YjQzLTk4YzIt
NGRmODg0MGVmYjE3LzEvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9mM2ZlZjQtNDVkYS00YjQzLTk4YzItNGRmODg0MGVmYjE3
LzEvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhFR7ehZC
g5d6Ak0t842rRiwS6Lrk6O9zFs6aZuc9Nu5545oXrircMM1g991UBNkBCpMy4AJK
glfNVMDYgi4xkvZYxm5Wuvd93CaRHci7nKqc68Qi80lzeTNl1m/Te0qvHi7kpBli
YtQfkzXyQGi7GJl3+YlQYCWgy9uEOWpG0KvgNWf8/IVl0dA24YcAqV1412j6WFth
HTgGPMHZE2+a3bJG+DnJ+T2KMQtTuJGVJwPEjn1aWD3WqAVFgCZTRk4lsl8lIAgK
xwFxJCHeLvLxSXNZQMe9dqkMBA6WvsJ0gdzF70DV+guIQa2p7osJ9RtMizoWOG20
OfxwZD8D0MWUOQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:17:55 2025 by rpki-client