Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.mft
File: KVZYS3DOhHwam0AFSLFNsDG-3_I.mft (raw, json)
Hash identifier: Koz2rrHdl/WKarQLT8XWCqjVXJrKzDwZHe37KEh8P8k=
Subject key identifier: 81:B2:0C:CF:A0:3B:C5:A4:14:4F:13:74:9A:24:19:E0:9D:CA:0C:70
Authority key identifier: 29:56:58:4B:70:CE:84:7C:1A:9B:40:05:48:B1:4D:B0:31:BE:DF:F2
Certificate issuer: /CN=2956584b70ce847c1a9b400548b14db031bedff2
Certificate serial: 0197462FBC2A0B23C1FAB206860975B8903B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.mft
Manifest number: 085F
Signing time: Fri 06 Jun 2025 17:00:22 +0000
Manifest this update: Fri 06 Jun 2025 17:00:22 +0000
Manifest next update: Sat 07 Jun 2025 17:00:22 +0000
Files and hashes: 1: Hg9ftZU-9AaUb-uuud6YLmFeeqc.roa (hash: kIMrWnLBKnZqV6WvzFWIcWQTCQyb5mE+suXdE7Wee/M=)
2: KVZYS3DOhHwam0AFSLFNsDG-3_I.crl (hash: eym0DJR6EJW3geAZNqjIQjwco7lGHIUqsIt3OtBFprs=)
3: UY5PADzbeIj93cBuCOAZIezRods.roa (hash: 94p+JoB1n19vWg1B3h2izrs5nmNxhhnj9iR596bjT+I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.mft
rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:46:2f:bc:2a:0b:23:c1:fa:b2:06:86:09:75:b8:90:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2956584b70ce847c1a9b400548b14db031bedff2
Validity
Not Before: Jun 6 17:00:22 2025 GMT
Not After : Jun 7 17:00:22 2025 GMT
Subject: CN=81b20ccfa03bc5a4144f13749a2419e09dca0c70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:66:88:8b:d1:6e:d9:46:69:ce:8b:1c:75:85:
6f:a7:82:ea:c9:69:3e:f8:b2:45:d9:64:da:90:ac:
7d:81:94:a9:48:6a:97:00:a0:a6:a2:aa:63:cb:cd:
6e:82:75:f3:3b:32:fd:60:2d:9d:80:c1:0f:c1:1e:
6f:11:92:2a:20:fc:15:eb:7a:f4:8d:b1:78:49:b4:
a5:7c:4e:1b:0f:a5:68:0a:3f:64:b3:0f:3c:78:e8:
29:4e:ec:dd:12:67:8b:83:cc:ae:1d:54:2e:7d:13:
25:57:46:9a:0e:bb:88:c9:ee:05:d3:eb:70:df:a1:
7c:f0:c9:96:70:23:6d:d4:e2:b5:79:09:1b:f5:fa:
49:8c:64:a2:2a:29:b5:a6:80:77:8c:cd:46:d0:03:
f3:36:d6:08:c5:79:8f:d0:12:04:a8:57:34:3e:40:
52:e4:87:12:d8:ee:d1:4e:6f:14:0e:40:bc:39:9a:
aa:d4:b6:80:d3:b7:41:64:1f:a8:f8:36:1f:65:46:
75:00:31:e2:9a:78:16:20:2c:5e:19:0e:e6:1e:03:
41:18:2b:e1:f0:d3:ba:2f:fc:47:4f:4d:21:7a:35:
6b:d7:d7:a1:32:ec:90:25:37:a2:40:36:80:ab:74:
d0:2b:f3:9e:0a:ca:72:65:1a:be:bc:27:b6:48:bc:
aa:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:B2:0C:CF:A0:3B:C5:A4:14:4F:13:74:9A:24:19:E0:9D:CA:0C:70
X509v3 Authority Key Identifier:
keyid:29:56:58:4B:70:CE:84:7C:1A:9B:40:05:48:B1:4D:B0:31:BE:DF:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
38:4b:b8:2d:f2:2a:28:b2:72:08:2c:3d:8b:4f:df:a8:72:64:
b7:60:97:d4:4f:63:8a:e0:c6:f4:42:e6:98:96:e0:0b:af:8f:
b5:3e:d7:ca:9d:2e:a5:f3:c6:5a:1e:f3:19:10:41:0f:c9:0e:
2e:d1:0a:77:20:bd:71:67:0e:4b:0b:07:26:85:6c:d4:c7:59:
98:b4:47:f3:ae:da:c3:19:de:87:bb:d6:74:55:39:24:7b:25:
70:c2:65:a7:5f:86:0d:e7:07:bc:d4:1b:42:6a:5b:8f:9d:24:
44:d1:d0:ba:e7:fb:7f:38:46:ca:9d:b8:c8:65:a8:df:55:57:
aa:59:eb:c5:c8:87:df:08:4b:c8:d7:9d:bc:63:a2:b4:b0:dd:
10:01:99:42:5a:59:fd:48:e4:dd:8e:f6:f4:86:a9:89:a9:c0:
ed:83:3f:9a:6f:46:4d:87:36:aa:12:a4:e4:7b:e6:85:4b:7a:
bc:d5:7d:20:7d:76:eb:f8:b3:aa:c3:02:0c:c0:d1:af:e0:97:
5b:4d:79:3f:b3:77:98:0f:4b:1f:29:63:8d:d2:54:e3:b5:37:
0e:3f:d6:02:f5:36:17:2d:1a:96:a8:ef:24:d8:b7:e0:93:c0:
3f:fc:f8:e5:93:42:ee:7f:af:53:b9:27:5e:6e:be:c6:fe:44:
db:b7:97:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdGL7wqCyPB+rIGhgl1uJA7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NTY1ODRiNzBjZTg0N2MxYTliNDAwNTQ4YjE0ZGIwMzFi
ZWRmZjIwHhcNMjUwNjA2MTcwMDIyWhcNMjUwNjA3MTcwMDIyWjAzMTEwLwYDVQQD
Eyg4MWIyMGNjZmEwM2JjNWE0MTQ0ZjEzNzQ5YTI0MTllMDlkY2EwYzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWaIi9Fu2UZpzoscdYVvp4LqyWk+
+LJF2WTakKx9gZSpSGqXAKCmoqpjy81ugnXzOzL9YC2dgMEPwR5vEZIqIPwV63r0
jbF4SbSlfE4bD6VoCj9ksw88eOgpTuzdEmeLg8yuHVQufRMlV0aaDruIye4F0+tw
36F88MmWcCNt1OK1eQkb9fpJjGSiKim1poB3jM1G0APzNtYIxXmP0BIEqFc0PkBS
5IcS2O7RTm8UDkC8OZqq1LaA07dBZB+o+DYfZUZ1ADHimngWICxeGQ7mHgNBGCvh
8NO6L/xHT00hejVr19ehMuyQJTeiQDaAq3TQK/OeCspyZRq+vCe2SLyqrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIGyDM+gO8WkFE8TdJokGeCdygxwMB8GA1UdIwQY
MBaAFClWWEtwzoR8GptABUixTbAxvt/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi82NGZlN2QtODYyZC00ZTFhLTlmZDAt
MDZiNDFlZjEzOThkLzEvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi82NGZlN2QtODYyZC00ZTFhLTlmZDAtMDZiNDFlZjEzOThk
LzEvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOEu4LfIq
KLJyCCw9i0/fqHJkt2CX1E9jiuDG9ELmmJbgC6+PtT7Xyp0upfPGWh7zGRBBD8kO
LtEKdyC9cWcOSwsHJoVs1MdZmLRH867awxneh7vWdFU5JHslcMJlp1+GDecHvNQb
Qmpbj50kRNHQuuf7fzhGyp24yGWo31VXqlnrxciH3whLyNedvGOitLDdEAGZQlpZ
/Ujk3Y729IapianA7YM/mm9GTYc2qhKk5HvmhUt6vNV9IH126/izqsMCDMDRr+CX
W015P7N3mA9LHyljjdJU47U3Dj/WAvU2Fy0alqjvJNi34JPAP/z45ZNC7n+vU7kn
Xm6+xv5E27eXkg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 00:59:01 2025 by rpki-client