Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.mft
File: KVZYS3DOhHwam0AFSLFNsDG-3_I.mft (raw, json)
Hash identifier: 6wz2xA7AOjISE0ux6MvBVOezDIJjXaH7PCsjCT+ttto=
Subject key identifier: 52:F8:7D:39:6C:0C:12:E4:42:F3:77:F8:C6:E5:0B:4D:66:34:0F:47
Authority key identifier: 29:56:58:4B:70:CE:84:7C:1A:9B:40:05:48:B1:4D:B0:31:BE:DF:F2
Certificate issuer: /CN=2956584b70ce847c1a9b400548b14db031bedff2
Certificate serial: 019B6E748F154B787F9D2615B0A52A5D971F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.mft
Manifest number: 0A87
Signing time: Tue 30 Dec 2025 08:51:31 +0000
Manifest this update: Tue 30 Dec 2025 08:51:31 +0000
Manifest next update: Wed 31 Dec 2025 08:51:31 +0000
Files and hashes: 1: Hg9ftZU-9AaUb-uuud6YLmFeeqc.roa (hash: kIMrWnLBKnZqV6WvzFWIcWQTCQyb5mE+suXdE7Wee/M=)
2: KVZYS3DOhHwam0AFSLFNsDG-3_I.crl (hash: sgjuO+CgNcmSRbSslbXNXKDoy0erxrdYfix2/XXD4ws=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:6e:74:8f:15:4b:78:7f:9d:26:15:b0:a5:2a:5d:97:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2956584b70ce847c1a9b400548b14db031bedff2
Validity
Not Before: Dec 30 08:51:31 2025 GMT
Not After : Dec 31 08:51:31 2025 GMT
Subject: CN=52f87d396c0c12e442f377f8c6e50b4d66340f47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:73:d8:cb:df:0a:82:44:02:62:b5:49:22:76:
88:43:91:2b:4a:fb:72:03:77:f5:6f:7e:06:eb:28:
e2:67:dc:06:8c:2b:07:c7:bf:f9:8f:4a:47:33:6d:
d1:18:b3:c7:f3:20:75:be:a0:cd:2e:1e:9a:56:f4:
1e:c5:7a:7c:44:22:6b:63:50:0c:fa:a2:c4:a2:6e:
1b:22:db:c4:60:6c:7d:60:bc:78:80:76:5d:bf:b6:
30:9a:18:7b:74:4e:91:29:15:49:a5:8b:6e:65:1b:
34:ce:e8:94:70:14:4f:11:23:c9:6e:60:6d:4b:07:
6d:a2:47:11:1c:f3:cd:a8:b8:4c:76:d8:81:0c:c3:
1a:0a:f7:6b:19:80:93:2a:52:08:f6:4d:db:0e:66:
d2:af:6d:39:d8:93:6d:db:35:fd:23:da:6e:b9:0f:
7c:b8:83:c1:26:5a:17:fb:2d:56:bb:ea:76:b7:64:
fa:d8:01:6f:39:2f:26:97:91:cb:1a:ed:42:5f:76:
70:b3:1a:63:b3:10:fe:25:48:08:a0:9b:4f:19:42:
4a:b5:a4:fc:30:44:5c:73:ef:fb:c8:91:a4:01:75:
12:85:1b:2f:eb:c9:33:1c:87:71:33:0a:4d:21:b0:
08:3a:b7:13:fd:91:62:36:30:e3:83:83:ae:37:c9:
d3:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:F8:7D:39:6C:0C:12:E4:42:F3:77:F8:C6:E5:0B:4D:66:34:0F:47
X509v3 Authority Key Identifier:
keyid:29:56:58:4B:70:CE:84:7C:1A:9B:40:05:48:B1:4D:B0:31:BE:DF:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:4b:21:56:dc:bc:86:6b:c2:aa:fa:95:75:4b:76:d9:5b:c8:
7f:11:61:20:80:38:b7:bc:e2:e1:3c:14:f5:b2:dc:69:56:fb:
09:ab:1d:c8:9e:b5:49:85:b1:45:74:fe:86:ea:8e:6e:0c:e4:
4c:b5:99:a6:9b:cf:bf:38:74:b7:38:1e:ba:fe:79:53:4f:f5:
a8:70:97:af:78:db:a7:b4:a1:ca:b6:44:7e:10:9b:b9:d6:e0:
7a:43:6a:e9:d5:74:82:87:14:b8:3c:e4:0f:c0:15:0e:d7:2c:
99:d3:bd:ac:1f:3f:f4:8e:e0:2b:1c:c9:c5:a2:1f:f6:ea:b5:
73:22:c9:59:37:9b:7e:0a:37:72:7d:7c:b0:cf:4a:7b:09:0e:
02:5e:b5:a5:e0:0c:3a:ea:6e:09:ac:50:22:bc:23:06:88:11:
cc:77:aa:5c:d8:f5:21:39:b2:56:08:8e:59:a1:60:7a:c6:fd:
44:52:ae:a6:ac:26:3a:ba:92:c7:22:a1:16:d1:fa:5b:87:0c:
95:27:c4:f6:45:29:84:e0:1d:71:fa:ba:1a:06:c5:57:a8:31:
74:6e:da:94:ae:d0:6f:2c:d0:60:9b:94:f3:9e:d8:75:94:ce:
b8:8d:c3:2b:d0:29:59:1b:e2:ec:d7:1f:3f:ea:ba:ee:ea:27:
4f:ec:4d:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZtudI8VS3h/nSYVsKUqXZcfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NTY1ODRiNzBjZTg0N2MxYTliNDAwNTQ4YjE0ZGIwMzFi
ZWRmZjIwHhcNMjUxMjMwMDg1MTMxWhcNMjUxMjMxMDg1MTMxWjAzMTEwLwYDVQQD
Eyg1MmY4N2QzOTZjMGMxMmU0NDJmMzc3ZjhjNmU1MGI0ZDY2MzQwZjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHPYy98KgkQCYrVJInaIQ5ErSvty
A3f1b34G6yjiZ9wGjCsHx7/5j0pHM23RGLPH8yB1vqDNLh6aVvQexXp8RCJrY1AM
+qLEom4bItvEYGx9YLx4gHZdv7Ywmhh7dE6RKRVJpYtuZRs0zuiUcBRPESPJbmBt
SwdtokcRHPPNqLhMdtiBDMMaCvdrGYCTKlII9k3bDmbSr2052JNt2zX9I9puuQ98
uIPBJloX+y1Wu+p2t2T62AFvOS8ml5HLGu1CX3ZwsxpjsxD+JUgIoJtPGUJKtaT8
MERcc+/7yJGkAXUShRsv68kzHIdxMwpNIbAIOrcT/ZFiNjDjg4OuN8nTiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFL4fTlsDBLkQvN3+MblC01mNA9HMB8GA1UdIwQY
MBaAFClWWEtwzoR8GptABUixTbAxvt/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi82NGZlN2QtODYyZC00ZTFhLTlmZDAt
MDZiNDFlZjEzOThkLzEvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi82NGZlN2QtODYyZC00ZTFhLTlmZDAtMDZiNDFlZjEzOThk
LzEvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZEshVty8
hmvCqvqVdUt22VvIfxFhIIA4t7zi4TwU9bLcaVb7CasdyJ61SYWxRXT+huqObgzk
TLWZppvPvzh0tzgeuv55U0/1qHCXr3jbp7ShyrZEfhCbudbgekNq6dV0gocUuDzk
D8AVDtcsmdO9rB8/9I7gKxzJxaIf9uq1cyLJWTebfgo3cn18sM9KewkOAl61peAM
OupuCaxQIrwjBogRzHeqXNj1ITmyVgiOWaFgesb9RFKupqwmOrqSxyKhFtH6W4cM
lSfE9kUphOAdcfq6GgbFV6gxdG7alK7QbyzQYJuU857YdZTOuI3DK9ApWRvi7Ncf
P+q67uonT+xNSg==
-----END CERTIFICATE-----
Generated at Mon Apr 27 18:00:28 2026 by rpki-client