
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
File: kHpNEpJLU1fjAmev48XMc2QkEVg.mft (raw, json)
Hash identifier: bOIc2J50/VK1aUhKAnd22xaoKcaZNBb18/TClted/l4=
Subject key identifier: 89:3D:9E:84:8A:A6:9F:FE:F1:27:46:A5:74:AC:A3:F7:1B:B5:82:F7
Authority key identifier: 90:7A:4D:12:92:4B:53:57:E3:02:67:AF:E3:C5:CC:73:64:24:11:58
Certificate issuer: /CN=907a4d12924b5357e30267afe3c5cc7364241158
Certificate serial: 019754237F3EB77BAFACA3B2097069997D8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
Manifest number: 0F97
Signing time: Mon 09 Jun 2025 10:01:41 +0000
Manifest this update: Mon 09 Jun 2025 10:01:41 +0000
Manifest next update: Tue 10 Jun 2025 10:01:41 +0000
Files and hashes: 1: kHpNEpJLU1fjAmev48XMc2QkEVg.crl (hash: qL1tUJ1UgG9tk3d+fXyH1iqInjtS2nFzXUjqY1YpOAU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 10 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:54:23:7f:3e:b7:7b:af:ac:a3:b2:09:70:69:99:7d:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=907a4d12924b5357e30267afe3c5cc7364241158
Validity
Not Before: Jun 9 10:01:41 2025 GMT
Not After : Jun 10 10:01:41 2025 GMT
Subject: CN=893d9e848aa69ffef12746a574aca3f71bb582f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:50:7a:e8:26:2b:a2:b1:01:33:4e:b5:45:ba:
84:5d:51:e0:08:06:c4:8d:30:a6:4c:85:31:37:9d:
29:5d:06:65:11:34:01:ef:88:af:2f:a9:b9:1c:23:
d8:92:94:dc:74:ad:aa:d6:ab:78:04:4b:89:5f:1f:
01:7b:c3:2b:21:6e:7a:92:a8:b4:56:28:e6:a5:c8:
03:33:ce:15:06:ac:9e:2a:8f:1e:10:0a:45:16:b4:
91:10:ce:0a:30:06:f7:c2:5a:3c:c5:ed:1f:10:a8:
45:0e:59:19:9a:d3:93:a7:8a:18:e2:62:9e:77:fb:
d1:f6:6b:32:bd:51:e4:d5:2c:7b:44:85:b3:79:67:
4a:9f:96:d3:a4:a4:89:cb:49:39:fe:a8:4b:f7:a2:
ab:6c:3c:ae:3d:e1:93:d9:9a:41:5c:e9:12:af:70:
c9:96:cd:8f:f8:1b:c9:e3:60:c7:cc:c0:27:ca:e3:
3a:c0:7b:36:38:93:22:99:d9:6a:d4:a8:54:1a:f2:
36:1e:0b:86:25:4c:9d:be:1e:bf:9c:17:a7:bf:50:
eb:5c:20:0a:e1:e5:e1:94:98:f4:78:f8:9c:68:dd:
d1:88:ef:42:33:02:d8:da:02:97:e2:ae:f6:64:4c:
07:ce:e5:06:e2:c6:50:aa:86:da:0c:c6:ee:d8:88:
dc:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:3D:9E:84:8A:A6:9F:FE:F1:27:46:A5:74:AC:A3:F7:1B:B5:82:F7
X509v3 Authority Key Identifier:
keyid:90:7A:4D:12:92:4B:53:57:E3:02:67:AF:E3:C5:CC:73:64:24:11:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
13:5c:75:e6:99:c6:81:6a:d9:17:11:c6:52:12:8b:e8:79:78:
7f:93:54:32:38:9b:b4:8b:d2:98:a8:71:2d:53:08:a9:15:9d:
bd:6f:e9:7f:57:79:74:03:7e:78:4e:e1:04:9c:a8:b4:6b:b4:
76:e9:b9:34:1c:35:30:f7:e1:ef:2d:bb:38:7e:b9:0f:2b:1e:
8d:6c:d1:28:5c:09:92:a3:29:d8:45:16:10:ad:38:9a:6f:4d:
3a:89:05:ab:6f:60:20:b9:02:4d:9a:2e:86:8b:61:64:91:21:
f4:0d:a5:09:71:f1:86:2b:e1:9f:c0:d6:db:c4:68:a1:31:a0:
90:b6:ba:5f:63:64:70:ca:20:73:83:af:61:b2:da:f8:96:5e:
f7:05:02:b5:e4:bb:19:9f:af:75:05:93:1e:ba:8c:c9:7c:7c:
d7:17:91:43:df:7b:c7:c6:90:ce:97:07:60:b1:14:93:0e:75:
90:28:9f:49:d1:26:72:32:71:86:b0:d5:7b:92:2a:62:85:6c:
ba:29:9b:8d:53:50:8b:9c:f9:16:87:e8:1a:5a:a8:5e:db:2c:
a5:1e:6d:8e:96:df:69:f4:27:d8:f4:53:ae:1f:e8:2d:1b:3b:
4a:a8:00:df:56:04:dd:83:bb:f7:4e:57:70:8e:f4:26:43:f7:
e9:39:8b:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUI38+t3uvrKOyCXBpmX2MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwN2E0ZDEyOTI0YjUzNTdlMzAyNjdhZmUzYzVjYzczNjQy
NDExNTgwHhcNMjUwNjA5MTAwMTQxWhcNMjUwNjEwMTAwMTQxWjAzMTEwLwYDVQQD
Eyg4OTNkOWU4NDhhYTY5ZmZlZjEyNzQ2YTU3NGFjYTNmNzFiYjU4MmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6VB66CYrorEBM061RbqEXVHgCAbE
jTCmTIUxN50pXQZlETQB74ivL6m5HCPYkpTcdK2q1qt4BEuJXx8Be8MrIW56kqi0
VijmpcgDM84VBqyeKo8eEApFFrSREM4KMAb3wlo8xe0fEKhFDlkZmtOTp4oY4mKe
d/vR9msyvVHk1Sx7RIWzeWdKn5bTpKSJy0k5/qhL96KrbDyuPeGT2ZpBXOkSr3DJ
ls2P+BvJ42DHzMAnyuM6wHs2OJMimdlq1KhUGvI2HguGJUydvh6/nBenv1DrXCAK
4eXhlJj0ePicaN3RiO9CMwLY2gKX4q72ZEwHzuUG4sZQqobaDMbu2IjcEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIk9noSKpp/+8SdGpXSso/cbtYL3MB8GA1UdIwQY
MBaAFJB6TRKSS1NX4wJnr+PFzHNkJBFYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hZWY0NGYtY2JkZi00MTIwLTg0ZjEt
NjIxYTJiYjQwYzY2LzEva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hZWY0NGYtY2JkZi00MTIwLTg0ZjEtNjIxYTJiYjQwYzY2
LzEva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE1x15pnG
gWrZFxHGUhKL6Hl4f5NUMjibtIvSmKhxLVMIqRWdvW/pf1d5dAN+eE7hBJyotGu0
dum5NBw1MPfh7y27OH65DysejWzRKFwJkqMp2EUWEK04mm9NOokFq29gILkCTZou
hothZJEh9A2lCXHxhivhn8DW28RooTGgkLa6X2NkcMogc4OvYbLa+JZe9wUCteS7
GZ+vdQWTHrqMyXx81xeRQ997x8aQzpcHYLEUkw51kCifSdEmcjJxhrDVe5IqYoVs
uimbjVNQi5z5FofoGlqoXtsspR5tjpbfafQn2PRTrh/oLRs7SqgA31YE3YO7905X
cI70JkP36TmLxA==
-----END CERTIFICATE-----
Generated at Mon Jun 9 14:33:00 2025 by rpki-client