Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.mft
File: KVZYS3DOhHwam0AFSLFNsDG-3_I.mft (raw, json)
Hash identifier: xK7SlFvdsrjsFzUyTU5sH/5L/jhMqsIzWws1ms1b2ZU=
Subject key identifier: 3C:D9:8F:6D:4B:95:80:35:70:47:93:A6:DB:CC:C7:29:0B:75:85:6B
Authority key identifier: 29:56:58:4B:70:CE:84:7C:1A:9B:40:05:48:B1:4D:B0:31:BE:DF:F2
Certificate issuer: /CN=2956584b70ce847c1a9b400548b14db031bedff2
Certificate serial: 01992330EF45E8DA08E13953F105F1CF94F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.mft
Manifest number: 0956
Signing time: Sun 07 Sep 2025 08:00:33 +0000
Manifest this update: Sun 07 Sep 2025 08:00:33 +0000
Manifest next update: Mon 08 Sep 2025 08:00:33 +0000
Files and hashes: 1: Hg9ftZU-9AaUb-uuud6YLmFeeqc.roa (hash: kIMrWnLBKnZqV6WvzFWIcWQTCQyb5mE+suXdE7Wee/M=)
2: KVZYS3DOhHwam0AFSLFNsDG-3_I.crl (hash: NUCR1xmmPN89ZtQ/48INx+L5yfNWkTcESSjT2rLU/4M=)
3: UY5PADzbeIj93cBuCOAZIezRods.roa (hash: 94p+JoB1n19vWg1B3h2izrs5nmNxhhnj9iR596bjT+I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.mft
rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:23:30:ef:45:e8:da:08:e1:39:53:f1:05:f1:cf:94:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2956584b70ce847c1a9b400548b14db031bedff2
Validity
Not Before: Sep 7 08:00:33 2025 GMT
Not After : Sep 8 08:00:33 2025 GMT
Subject: CN=3cd98f6d4b958035704793a6dbccc7290b75856b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:43:37:61:70:7b:61:7e:6b:f0:8b:43:8d:a7:
a6:7f:a3:bc:d8:4e:1e:77:c5:15:a1:c2:34:3f:1e:
a4:36:b2:e2:eb:01:ab:be:bb:3a:ff:c3:76:65:59:
3b:09:a1:d6:f4:04:76:69:e4:cf:ec:f7:5c:37:2f:
bb:15:15:97:b6:e3:59:7e:6b:f0:4b:2e:a0:78:90:
31:36:c9:f8:88:3c:16:d1:4f:ab:38:24:d4:1d:5a:
d2:bc:0c:72:3b:ce:e9:3d:0d:aa:e4:83:0a:c3:59:
68:bb:af:77:e3:91:a8:89:2d:72:0f:cd:7e:ec:fa:
26:d6:4f:4d:d4:af:0b:17:b1:b2:24:d1:d5:84:28:
29:ae:bc:68:14:18:e1:43:29:57:0b:7d:86:a7:c0:
37:fa:da:76:75:75:ea:f8:98:b3:76:8b:84:47:e7:
81:3b:2b:3d:97:d4:d3:d0:ce:65:65:ec:94:7f:2b:
35:dc:e0:dd:f5:4f:ec:6c:50:8e:28:2d:e6:64:6c:
87:04:ba:ed:37:21:72:98:7e:ff:fa:cf:9e:33:b6:
51:1e:e3:86:46:ff:e0:77:51:11:06:40:b4:75:bc:
70:e6:fc:73:8a:a2:04:b8:b3:03:7e:d4:bb:f8:cf:
70:75:2f:21:71:7b:42:a6:3a:c7:8e:39:57:48:a7:
88:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:D9:8F:6D:4B:95:80:35:70:47:93:A6:DB:CC:C7:29:0B:75:85:6B
X509v3 Authority Key Identifier:
keyid:29:56:58:4B:70:CE:84:7C:1A:9B:40:05:48:B1:4D:B0:31:BE:DF:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
63:b6:3f:34:88:8b:53:c2:f6:28:b6:10:cc:78:22:94:5d:da:
c7:90:d8:b2:f8:88:54:36:95:2b:64:f7:1d:61:76:03:8f:94:
e8:cd:c8:62:15:a8:42:4b:1b:5f:59:65:7b:a1:87:55:1f:14:
76:34:63:ed:bc:72:e2:be:8e:14:2d:7b:8f:c2:53:13:29:af:
97:7f:ef:06:12:b7:d3:f2:8d:fc:8c:e0:43:56:46:ac:46:21:
8c:a5:97:85:fe:25:65:0e:03:a7:0e:84:8c:ea:90:fb:12:fe:
97:ea:96:02:2e:97:8c:c0:dc:80:43:f4:21:52:ce:85:db:bb:
03:be:df:6b:04:46:01:a7:54:35:11:c5:b0:78:e8:98:b6:14:
48:23:65:10:94:85:bc:6a:15:53:e3:0c:38:af:c4:49:4e:f3:
0b:2c:30:56:57:d7:fb:3d:20:e8:e8:f5:0a:f7:3f:db:79:9c:
a4:8f:e2:99:3e:27:c2:9f:b7:68:fa:62:fd:b2:dd:16:6d:ee:
85:b7:31:85:7d:5c:e0:7a:a0:00:05:cb:80:9a:b9:26:07:1a:
6a:a4:d0:41:1b:96:f1:25:e6:7e:ba:9e:22:46:4b:6f:0f:ca:
0a:3b:51:c5:d9:0a:b3:08:d7:a6:1e:c9:6f:d1:eb:bb:ef:30:
f1:99:d7:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjMO9F6NoI4TlT8QXxz5TwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NTY1ODRiNzBjZTg0N2MxYTliNDAwNTQ4YjE0ZGIwMzFi
ZWRmZjIwHhcNMjUwOTA3MDgwMDMzWhcNMjUwOTA4MDgwMDMzWjAzMTEwLwYDVQQD
EygzY2Q5OGY2ZDRiOTU4MDM1NzA0NzkzYTZkYmNjYzcyOTBiNzU4NTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEM3YXB7YX5r8ItDjaemf6O82E4e
d8UVocI0Px6kNrLi6wGrvrs6/8N2ZVk7CaHW9AR2aeTP7PdcNy+7FRWXtuNZfmvw
Sy6geJAxNsn4iDwW0U+rOCTUHVrSvAxyO87pPQ2q5IMKw1lou69345GoiS1yD81+
7Pom1k9N1K8LF7GyJNHVhCgprrxoFBjhQylXC32Gp8A3+tp2dXXq+JizdouER+eB
Oys9l9TT0M5lZeyUfys13ODd9U/sbFCOKC3mZGyHBLrtNyFymH7/+s+eM7ZRHuOG
Rv/gd1ERBkC0dbxw5vxziqIEuLMDftS7+M9wdS8hcXtCpjrHjjlXSKeI5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDzZj21LlYA1cEeTptvMxykLdYVrMB8GA1UdIwQY
MBaAFClWWEtwzoR8GptABUixTbAxvt/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi82NGZlN2QtODYyZC00ZTFhLTlmZDAt
MDZiNDFlZjEzOThkLzEvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi82NGZlN2QtODYyZC00ZTFhLTlmZDAtMDZiNDFlZjEzOThk
LzEvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY7Y/NIiL
U8L2KLYQzHgilF3ax5DYsviIVDaVK2T3HWF2A4+U6M3IYhWoQksbX1lle6GHVR8U
djRj7bxy4r6OFC17j8JTEymvl3/vBhK30/KN/IzgQ1ZGrEYhjKWXhf4lZQ4Dpw6E
jOqQ+xL+l+qWAi6XjMDcgEP0IVLOhdu7A77fawRGAadUNRHFsHjomLYUSCNlEJSF
vGoVU+MMOK/ESU7zCywwVlfX+z0g6Oj1Cvc/23mcpI/imT4nwp+3aPpi/bLdFm3u
hbcxhX1c4HqgAAXLgJq5JgcaaqTQQRuW8SXmfrqeIkZLbw/KCjtRxdkKswjXph7J
b9Hru+8w8ZnXWA==
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:20:22 2025 by rpki-client