Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/KtL-ZGbQcJSkJW2izIRwg8UAaxo.mft
File: KtL-ZGbQcJSkJW2izIRwg8UAaxo.mft (raw, json)
Hash identifier: UrggWpk6xWrR4DYax5olHKc1pr80h9+sRF6mTG9aD98=
Subject key identifier: F3:68:F1:BF:47:EA:FD:0F:CA:23:75:69:34:21:BF:84:71:CE:F3:3C
Authority key identifier: 2A:D2:FE:64:66:D0:70:94:A4:25:6D:A2:CC:84:70:83:C5:00:6B:1A
Certificate issuer: /CN=2ad2fe6466d07094a4256da2cc847083c5006b1a
Certificate serial: 01993649F9EF187EE311036C1BB3FD8FCD4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KtL-ZGbQcJSkJW2izIRwg8UAaxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/KtL-ZGbQcJSkJW2izIRwg8UAaxo.mft
Manifest number: 1385
Signing time: Thu 11 Sep 2025 01:00:41 +0000
Manifest this update: Thu 11 Sep 2025 01:00:41 +0000
Manifest next update: Fri 12 Sep 2025 01:00:41 +0000
Files and hashes: 1: KtL-ZGbQcJSkJW2izIRwg8UAaxo.crl (hash: 82JexxsE4KkSW5zeyz4fKGC9Bh0fvxHxxd6xnSa7A8c=)
2: uSrOots_DMPy38Ek0_9yV10Tzw8.roa (hash: Ypv5LfASDsUldkz8kd27ybD8JIawSksjG/puUQcmBe4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/KtL-ZGbQcJSkJW2izIRwg8UAaxo.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/KtL-ZGbQcJSkJW2izIRwg8UAaxo.mft
rsync://rpki.ripe.net/repository/DEFAULT/KtL-ZGbQcJSkJW2izIRwg8UAaxo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Sep 2025 20:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:36:49:f9:ef:18:7e:e3:11:03:6c:1b:b3:fd:8f:cd:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ad2fe6466d07094a4256da2cc847083c5006b1a
Validity
Not Before: Sep 11 01:00:41 2025 GMT
Not After : Sep 12 01:00:41 2025 GMT
Subject: CN=f368f1bf47eafd0fca2375693421bf8471cef33c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:bd:fb:fc:04:eb:be:02:6f:b5:05:28:a4:15:
b5:2e:eb:b8:57:eb:f3:fc:39:02:56:6a:cb:b2:49:
40:d3:dc:1a:a9:58:89:76:02:64:2b:8d:2b:81:34:
e2:77:24:59:e2:0f:49:d7:9f:c9:d9:b5:a8:7f:e2:
2c:1d:44:4f:5f:18:1b:31:82:22:01:0b:ac:f1:92:
cf:6e:d1:09:70:ac:bd:0e:72:16:f4:54:f0:cf:29:
9d:ba:ed:5d:24:31:33:96:2e:64:4f:ad:f7:e7:b4:
83:b9:ef:13:67:62:6e:ee:e0:7c:ec:25:40:52:92:
5d:ce:70:cd:be:b1:f3:75:17:1c:75:65:4c:e0:db:
da:5d:83:bb:30:20:4b:10:39:c7:c2:d8:00:6b:79:
b9:da:90:b8:04:f8:47:f7:28:28:a5:ee:c6:f0:06:
f7:90:f8:fd:73:b7:9d:95:c4:fe:cb:30:d2:22:bf:
84:fa:6d:2c:8a:4e:31:5b:77:70:91:bb:20:1b:a4:
78:13:0e:0d:73:0f:37:41:87:0f:b2:fb:f5:3f:c7:
54:54:15:ca:0c:50:68:af:9e:aa:45:b7:cf:28:d2:
04:eb:67:30:a5:f2:18:bd:9c:e2:fa:51:cc:e7:88:
99:05:40:83:2c:9b:6d:33:60:ef:b1:42:06:97:b7:
95:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:68:F1:BF:47:EA:FD:0F:CA:23:75:69:34:21:BF:84:71:CE:F3:3C
X509v3 Authority Key Identifier:
keyid:2A:D2:FE:64:66:D0:70:94:A4:25:6D:A2:CC:84:70:83:C5:00:6B:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KtL-ZGbQcJSkJW2izIRwg8UAaxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/KtL-ZGbQcJSkJW2izIRwg8UAaxo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/KtL-ZGbQcJSkJW2izIRwg8UAaxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9c:b6:d3:0d:3f:27:b2:30:a5:2d:ab:f9:a8:97:19:10:c5:ca:
fe:64:fa:29:28:de:71:93:ad:ed:96:4a:0b:4c:1f:3b:9f:7f:
08:61:8e:bc:78:2a:52:71:7a:9b:b6:1d:47:56:9c:c9:c1:27:
e6:53:0b:d3:a3:a0:45:b2:d2:53:2c:d9:57:e9:60:a5:0f:26:
e9:2c:0e:44:7a:f1:75:23:ab:e6:1a:27:ad:eb:fa:a9:75:d4:
93:c3:07:e5:32:10:e6:1b:87:ad:93:ce:85:a2:42:14:a0:2e:
4b:33:9c:77:c3:5d:03:94:16:ac:6c:83:ab:29:ff:ff:88:bc:
93:48:88:9d:d1:c9:f8:70:56:ab:e8:d0:89:20:2b:95:69:ad:
2c:a8:b5:ba:fe:21:cb:bb:c1:cf:2e:d4:bc:43:2d:d2:49:0b:
ed:de:0e:03:67:34:0b:7f:fb:8a:71:ac:e5:f0:99:ff:2b:8f:
1e:1b:13:64:db:10:31:ff:73:3b:14:63:66:0f:c3:7b:dd:8b:
96:f9:d0:77:ea:4c:a0:ff:2c:c3:a2:c3:57:82:7b:2d:42:5c:
4e:8d:67:98:47:63:fd:6e:e7:f4:21:f3:8a:3d:9f:6f:f5:26:
b6:60:d2:09:e0:ca:55:e0:bd:b7:40:34:d0:16:c2:ef:0d:72:
d1:8c:1e:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZk2SfnvGH7jEQNsG7P9j81KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhZDJmZTY0NjZkMDcwOTRhNDI1NmRhMmNjODQ3MDgzYzUw
MDZiMWEwHhcNMjUwOTExMDEwMDQxWhcNMjUwOTEyMDEwMDQxWjAzMTEwLwYDVQQD
EyhmMzY4ZjFiZjQ3ZWFmZDBmY2EyMzc1NjkzNDIxYmY4NDcxY2VmMzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnL37/ATrvgJvtQUopBW1Luu4V+vz
/DkCVmrLsklA09waqViJdgJkK40rgTTidyRZ4g9J15/J2bWof+IsHURPXxgbMYIi
AQus8ZLPbtEJcKy9DnIW9FTwzymduu1dJDEzli5kT63357SDue8TZ2Ju7uB87CVA
UpJdznDNvrHzdRccdWVM4NvaXYO7MCBLEDnHwtgAa3m52pC4BPhH9ygope7G8Ab3
kPj9c7edlcT+yzDSIr+E+m0sik4xW3dwkbsgG6R4Ew4Ncw83QYcPsvv1P8dUVBXK
DFBor56qRbfPKNIE62cwpfIYvZzi+lHM54iZBUCDLJttM2DvsUIGl7eVqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPNo8b9H6v0PyiN1aTQhv4RxzvM8MB8GA1UdIwQY
MBaAFCrS/mRm0HCUpCVtosyEcIPFAGsaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3RMLVpHYlFjSlNrSlcyaXpJUndnOFVBYXhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84YTMxZjMtN2FjZi00N2I0LWI5N2It
ZmEzMWUyZGM2YWJiLzEvS3RMLVpHYlFjSlNrSlcyaXpJUndnOFVBYXhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84YTMxZjMtN2FjZi00N2I0LWI5N2ItZmEzMWUyZGM2YWJi
LzEvS3RMLVpHYlFjSlNrSlcyaXpJUndnOFVBYXhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnLbTDT8n
sjClLav5qJcZEMXK/mT6KSjecZOt7ZZKC0wfO59/CGGOvHgqUnF6m7YdR1acycEn
5lML06OgRbLSUyzZV+lgpQ8m6SwORHrxdSOr5honrev6qXXUk8MH5TIQ5huHrZPO
haJCFKAuSzOcd8NdA5QWrGyDqyn//4i8k0iIndHJ+HBWq+jQiSArlWmtLKi1uv4h
y7vBzy7UvEMt0kkL7d4OA2c0C3/7inGs5fCZ/yuPHhsTZNsQMf9zOxRjZg/De92L
lvnQd+pMoP8sw6LDV4J7LUJcTo1nmEdj/W7n9CHzij2fb/UmtmDSCeDKVeC9t0A0
0BbC7w1y0YweyQ==
-----END CERTIFICATE-----
Generated at Thu Sep 11 03:13:08 2025 by rpki-client