
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f11dea-305e-4898-9192-365347f416c0/1/knseVqx9B4AsRWfEZ5Q1FZtCIJY.mft
File: knseVqx9B4AsRWfEZ5Q1FZtCIJY.mft (raw, json)
Hash identifier: lJlQ4y9UCl0/pU0fUssRb0gGOQDMzUsG4mCkTMNJOMg=
Subject key identifier: 29:F4:6F:7D:2F:04:16:7A:C0:32:BD:43:E2:9C:6F:B0:90:A9:C5:EA
Authority key identifier: 92:7B:1E:56:AC:7D:07:80:2C:45:67:C4:67:94:35:15:9B:42:20:96
Certificate issuer: /CN=927b1e56ac7d07802c4567c4679435159b422096
Certificate serial: 01975EDD0705219A330A142AB14F920EE722
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/knseVqx9B4AsRWfEZ5Q1FZtCIJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f11dea-305e-4898-9192-365347f416c0/1/knseVqx9B4AsRWfEZ5Q1FZtCIJY.mft
Manifest number: 1589
Signing time: Wed 11 Jun 2025 12:00:32 +0000
Manifest this update: Wed 11 Jun 2025 12:00:32 +0000
Manifest next update: Thu 12 Jun 2025 12:00:32 +0000
Files and hashes: 1: ZZutCOlh3Ali7o57VArVQ-r6xEQ.roa (hash: Z8oFv1O8k+i1SuyJDIP9mmTPP/Uv75FEkkBOgolEt4M=)
2: knseVqx9B4AsRWfEZ5Q1FZtCIJY.crl (hash: bvmIz/NDPGgteljKvl2Kqp30O45Wm7hz9LEMR66Ko3E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/f11dea-305e-4898-9192-365347f416c0/1/knseVqx9B4AsRWfEZ5Q1FZtCIJY.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/f11dea-305e-4898-9192-365347f416c0/1/knseVqx9B4AsRWfEZ5Q1FZtCIJY.mft
rsync://rpki.ripe.net/repository/DEFAULT/knseVqx9B4AsRWfEZ5Q1FZtCIJY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 12 Jun 2025 08:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5e:dd:07:05:21:9a:33:0a:14:2a:b1:4f:92:0e:e7:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=927b1e56ac7d07802c4567c4679435159b422096
Validity
Not Before: Jun 11 12:00:32 2025 GMT
Not After : Jun 12 12:00:32 2025 GMT
Subject: CN=29f46f7d2f04167ac032bd43e29c6fb090a9c5ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:a1:50:0a:33:33:4b:55:cd:3f:de:da:db:78:
55:cd:cf:e5:46:9b:2c:4c:2a:3e:74:0d:ef:de:e0:
ec:c6:a7:28:e3:fc:51:bc:89:37:43:76:5f:36:91:
ac:ff:bb:5a:d8:1f:04:80:9d:ad:20:89:7a:1f:cd:
01:3b:d0:c0:21:8f:da:de:92:41:de:a2:aa:27:55:
47:2c:ea:62:1d:b7:40:79:8f:f0:6f:6a:69:f6:a4:
5b:d7:84:4e:ca:27:1a:d5:fe:0d:3d:7a:1b:1f:00:
9d:18:dd:43:29:68:6c:48:de:0c:e5:07:60:85:a0:
b7:d9:47:19:b5:19:33:23:66:57:b0:3d:59:b2:15:
17:1f:24:aa:f3:f8:ee:b6:14:64:2a:79:31:0a:74:
03:9a:b9:4f:70:ee:67:84:e9:0e:0b:16:13:bd:9a:
e6:be:e2:dd:f9:ce:8a:74:d8:a0:08:8c:76:0c:d2:
21:62:ab:5e:3d:8e:6f:69:67:bd:81:f1:36:6a:c9:
de:d1:60:64:5e:0c:f2:4f:6f:67:83:51:7b:d4:4c:
22:8e:f2:0f:dc:23:ba:90:af:14:4d:f1:1d:51:c0:
ea:41:2d:45:2d:7c:7c:3e:d7:3c:7c:9c:9b:bf:6b:
08:e3:a6:22:08:c2:e8:1d:9e:bc:13:58:cd:88:b4:
68:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:F4:6F:7D:2F:04:16:7A:C0:32:BD:43:E2:9C:6F:B0:90:A9:C5:EA
X509v3 Authority Key Identifier:
keyid:92:7B:1E:56:AC:7D:07:80:2C:45:67:C4:67:94:35:15:9B:42:20:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/knseVqx9B4AsRWfEZ5Q1FZtCIJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f11dea-305e-4898-9192-365347f416c0/1/knseVqx9B4AsRWfEZ5Q1FZtCIJY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f11dea-305e-4898-9192-365347f416c0/1/knseVqx9B4AsRWfEZ5Q1FZtCIJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
06:e5:a8:7f:b6:23:6a:b5:7f:7a:b9:86:5f:85:37:4b:5d:84:
c0:15:78:8e:da:7f:6d:44:0f:66:fe:f1:bf:27:ff:24:0f:4f:
83:da:19:1e:71:92:81:d0:5d:d8:3f:bf:02:12:be:aa:a3:b2:
d6:9a:63:83:17:2e:df:f4:7d:66:2b:72:d3:83:bf:99:52:1e:
07:4a:a0:3d:3f:87:59:78:b5:69:68:72:75:68:88:82:48:dd:
9b:7c:6a:49:bb:70:32:c2:6b:90:72:97:58:14:b6:d3:58:19:
88:93:72:93:e9:63:ce:82:06:91:71:17:52:e0:f2:0f:de:fa:
bf:11:f4:61:07:aa:13:65:a7:12:34:8d:a1:5c:af:b3:bf:1b:
87:a5:84:4f:79:d3:0d:9c:dd:04:cb:da:ff:0b:2c:4c:45:40:
6c:cc:23:45:77:7f:ce:44:b1:7e:53:61:4c:36:05:18:23:9a:
bf:c6:8c:ac:e7:14:a2:79:2f:3a:10:8e:4b:ad:2a:6a:b0:5d:
f4:9b:fe:4c:53:a9:3a:63:a6:6c:74:5d:e8:38:38:b5:79:ed:
f5:82:c0:6a:78:a0:aa:56:18:74:38:25:de:10:82:c4:a5:95:
dd:36:57:3b:bf:47:03:1a:75:3d:0a:c8:5e:53:f5:cd:c9:fe:
68:c5:48:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZde3QcFIZozChQqsU+SDuciMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyN2IxZTU2YWM3ZDA3ODAyYzQ1NjdjNDY3OTQzNTE1OWI0
MjIwOTYwHhcNMjUwNjExMTIwMDMyWhcNMjUwNjEyMTIwMDMyWjAzMTEwLwYDVQQD
EygyOWY0NmY3ZDJmMDQxNjdhYzAzMmJkNDNlMjljNmZiMDkwYTljNWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4KFQCjMzS1XNP97a23hVzc/lRpss
TCo+dA3v3uDsxqco4/xRvIk3Q3ZfNpGs/7ta2B8EgJ2tIIl6H80BO9DAIY/a3pJB
3qKqJ1VHLOpiHbdAeY/wb2pp9qRb14ROyica1f4NPXobHwCdGN1DKWhsSN4M5Qdg
haC32UcZtRkzI2ZXsD1ZshUXHySq8/juthRkKnkxCnQDmrlPcO5nhOkOCxYTvZrm
vuLd+c6KdNigCIx2DNIhYqtePY5vaWe9gfE2asne0WBkXgzyT29ng1F71EwijvIP
3CO6kK8UTfEdUcDqQS1FLXx8Ptc8fJybv2sI46YiCMLoHZ68E1jNiLRoiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCn0b30vBBZ6wDK9Q+Kcb7CQqcXqMB8GA1UdIwQY
MBaAFJJ7HlasfQeALEVnxGeUNRWbQiCWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva25zZVZxeDlCNEFzUldmRVo1UTFGWnRDSUpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMTFkZWEtMzA1ZS00ODk4LTkxOTIt
MzY1MzQ3ZjQxNmMwLzEva25zZVZxeDlCNEFzUldmRVo1UTFGWnRDSUpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMTFkZWEtMzA1ZS00ODk4LTkxOTItMzY1MzQ3ZjQxNmMw
LzEva25zZVZxeDlCNEFzUldmRVo1UTFGWnRDSUpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABuWof7Yj
arV/ermGX4U3S12EwBV4jtp/bUQPZv7xvyf/JA9Pg9oZHnGSgdBd2D+/AhK+qqOy
1ppjgxcu3/R9Zity04O/mVIeB0qgPT+HWXi1aWhydWiIgkjdm3xqSbtwMsJrkHKX
WBS201gZiJNyk+ljzoIGkXEXUuDyD976vxH0YQeqE2WnEjSNoVyvs78bh6WET3nT
DZzdBMva/wssTEVAbMwjRXd/zkSxflNhTDYFGCOav8aMrOcUonkvOhCOS60qarBd
9Jv+TFOpOmOmbHRd6Dg4tXnt9YLAanigqlYYdDgl3hCCxKWV3TZXO79HAxp1PQrI
XlP1zcn+aMVIvQ==
-----END CERTIFICATE-----
Generated at Wed Jun 11 14:06:17 2025 by rpki-client