Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/2d11bb-5e2e-4085-a34b-359b64d709b9/1/KiZGBSRa8gGcKTw3KPal4lXYnyU.mft
File: KiZGBSRa8gGcKTw3KPal4lXYnyU.mft (raw, json)
Hash identifier: ckdIrZ+ureRH07vbvVMJZPmSthVmm4O8CdVgEt2WdLo=
Subject key identifier: 8E:C0:A1:E6:6A:5E:56:0F:16:9D:BD:34:5A:17:3E:D2:FE:F4:14:D4
Authority key identifier: 2A:26:46:05:24:5A:F2:01:9C:29:3C:37:28:F6:A5:E2:55:D8:9F:25
Certificate issuer: /CN=2a264605245af2019c293c3728f6a5e255d89f25
Certificate serial: 01958B167643296724D87B2B10E458A121D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KiZGBSRa8gGcKTw3KPal4lXYnyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/2d11bb-5e2e-4085-a34b-359b64d709b9/1/KiZGBSRa8gGcKTw3KPal4lXYnyU.mft
Manifest number: 1495
Signing time: Wed 12 Mar 2025 16:00:59 +0000
Manifest this update: Wed 12 Mar 2025 16:00:59 +0000
Manifest next update: Thu 13 Mar 2025 16:00:59 +0000
Files and hashes: 1: 3KSN_k3KfyRIpkOpKsbbz9Bqq5E.roa (hash: iHgOduhUsida+9pHg8iFsStpH/s/1dREHiJkoJW0aww=)
2: KiZGBSRa8gGcKTw3KPal4lXYnyU.crl (hash: XeYz5Q0JEG/opPxgBTFCdqCxYwMfVbVPVfL1Ji+CJdM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/2d11bb-5e2e-4085-a34b-359b64d709b9/1/KiZGBSRa8gGcKTw3KPal4lXYnyU.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/2d11bb-5e2e-4085-a34b-359b64d709b9/1/KiZGBSRa8gGcKTw3KPal4lXYnyU.mft
rsync://rpki.ripe.net/repository/DEFAULT/KiZGBSRa8gGcKTw3KPal4lXYnyU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 16:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8b:16:76:43:29:67:24:d8:7b:2b:10:e4:58:a1:21:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a264605245af2019c293c3728f6a5e255d89f25
Validity
Not Before: Mar 12 16:00:59 2025 GMT
Not After : Mar 13 16:00:59 2025 GMT
Subject: CN=8ec0a1e66a5e560f169dbd345a173ed2fef414d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:04:4a:63:72:4d:8a:06:b1:1d:c6:d7:b7:b6:
b5:41:1a:2d:f8:ab:26:f9:02:86:4b:55:ba:f6:a1:
01:57:d1:74:8a:5b:98:0c:b1:27:5f:a8:e1:b5:2c:
d3:ca:35:89:e3:69:10:5b:d6:b8:0a:31:52:4f:b4:
ed:9d:33:b8:f4:2a:6c:7c:38:8d:69:81:d5:d2:cf:
56:b6:e0:4c:26:ff:1d:ae:1c:b5:8b:20:09:91:e0:
8a:03:32:f1:df:ab:4a:06:a5:f3:39:25:85:4a:62:
0a:cd:d3:76:84:ac:a8:ef:37:f2:bd:a9:9f:90:7d:
d0:7f:3e:c4:ce:0c:62:d2:53:7b:f6:98:75:ff:4f:
5b:aa:c1:b3:a3:a0:9b:8e:c5:c4:c0:5f:fa:cc:d7:
17:17:94:00:07:9a:0e:6b:e3:f2:66:11:fd:47:f0:
4f:98:8f:25:14:d3:fd:fd:12:3c:ca:23:20:f7:89:
4d:c9:3a:51:35:c4:94:d8:12:a6:d7:37:15:0a:99:
36:93:e7:7d:9e:d4:12:28:5f:28:32:13:aa:c8:13:
f1:42:7e:72:80:a2:7d:c4:e5:31:b8:16:83:08:75:
aa:cf:68:e2:a7:00:d0:d3:83:4d:39:66:42:8f:64:
09:5a:96:60:96:a5:84:99:3d:7f:2a:32:70:58:c8:
11:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:C0:A1:E6:6A:5E:56:0F:16:9D:BD:34:5A:17:3E:D2:FE:F4:14:D4
X509v3 Authority Key Identifier:
keyid:2A:26:46:05:24:5A:F2:01:9C:29:3C:37:28:F6:A5:E2:55:D8:9F:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KiZGBSRa8gGcKTw3KPal4lXYnyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2d11bb-5e2e-4085-a34b-359b64d709b9/1/KiZGBSRa8gGcKTw3KPal4lXYnyU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2d11bb-5e2e-4085-a34b-359b64d709b9/1/KiZGBSRa8gGcKTw3KPal4lXYnyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6c:57:7a:15:f7:63:85:eb:ce:e7:0d:92:c0:d4:5c:05:38:1c:
6d:4b:6d:41:5d:8a:65:89:be:71:82:3f:84:4e:ea:d1:b9:41:
a2:0b:34:fd:4d:6a:f5:e7:91:90:6b:ea:7d:df:ef:9e:e2:16:
7c:54:f7:81:2f:24:9a:f7:b4:29:27:f5:91:a5:df:1f:7f:0b:
c6:7c:45:10:19:b7:39:6e:40:ed:aa:9d:e1:67:0c:90:28:68:
07:35:c8:44:e2:67:fa:32:c7:a0:f4:65:76:c8:c8:43:3b:67:
0e:fa:7f:71:c5:48:0b:42:04:aa:73:25:75:8f:55:41:34:0f:
b5:45:3e:cb:08:95:11:7b:ea:66:5c:44:b1:c9:83:b3:f0:a6:
bc:09:c4:d9:99:21:57:05:40:33:f3:ff:f6:f9:1d:2f:b1:89:
5b:08:77:55:34:fa:a9:a9:18:a7:b3:8f:17:50:45:60:c6:ad:
2e:e4:0d:2c:1a:fa:18:6a:30:ef:1a:65:20:81:3f:fe:11:69:
35:33:6c:91:26:74:54:80:10:f0:76:bd:b4:5b:a0:58:bb:67:
1e:8d:56:26:6f:e9:cf:9f:f4:a0:2a:fd:5f:05:bb:3d:d8:44:
46:67:e7:50:71:a9:c2:00:c5:85:3f:85:86:98:c0:ff:94:ce:
62:11:bf:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWLFnZDKWck2HsrEORYoSHXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMjY0NjA1MjQ1YWYyMDE5YzI5M2MzNzI4ZjZhNWUyNTVk
ODlmMjUwHhcNMjUwMzEyMTYwMDU5WhcNMjUwMzEzMTYwMDU5WjAzMTEwLwYDVQQD
Eyg4ZWMwYTFlNjZhNWU1NjBmMTY5ZGJkMzQ1YTE3M2VkMmZlZjQxNGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2wRKY3JNigaxHcbXt7a1QRot+Ksm
+QKGS1W69qEBV9F0iluYDLEnX6jhtSzTyjWJ42kQW9a4CjFST7TtnTO49CpsfDiN
aYHV0s9WtuBMJv8drhy1iyAJkeCKAzLx36tKBqXzOSWFSmIKzdN2hKyo7zfyvamf
kH3Qfz7Ezgxi0lN79ph1/09bqsGzo6CbjsXEwF/6zNcXF5QAB5oOa+PyZhH9R/BP
mI8lFNP9/RI8yiMg94lNyTpRNcSU2BKm1zcVCpk2k+d9ntQSKF8oMhOqyBPxQn5y
gKJ9xOUxuBaDCHWqz2jipwDQ04NNOWZCj2QJWpZglqWEmT1/KjJwWMgR5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI7AoeZqXlYPFp29NFoXPtL+9BTUMB8GA1UdIwQY
MBaAFComRgUkWvIBnCk8Nyj2peJV2J8lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2laR0JTUmE4Z0djS1R3M0tQYWw0bFhZbnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8yZDExYmItNWUyZS00MDg1LWEzNGIt
MzU5YjY0ZDcwOWI5LzEvS2laR0JTUmE4Z0djS1R3M0tQYWw0bFhZbnlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8yZDExYmItNWUyZS00MDg1LWEzNGItMzU5YjY0ZDcwOWI5
LzEvS2laR0JTUmE4Z0djS1R3M0tQYWw0bFhZbnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbFd6Ffdj
hevO5w2SwNRcBTgcbUttQV2KZYm+cYI/hE7q0blBogs0/U1q9eeRkGvqfd/vnuIW
fFT3gS8kmve0KSf1kaXfH38LxnxFEBm3OW5A7aqd4WcMkChoBzXIROJn+jLHoPRl
dsjIQztnDvp/ccVIC0IEqnMldY9VQTQPtUU+ywiVEXvqZlxEscmDs/CmvAnE2Zkh
VwVAM/P/9vkdL7GJWwh3VTT6qakYp7OPF1BFYMatLuQNLBr6GGow7xplIIE//hFp
NTNskSZ0VIAQ8Ha9tFugWLtnHo1WJm/pz5/0oCr9XwW7PdhERmfnUHGpwgDFhT+F
hpjA/5TOYhG/2Q==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:22:24 2025 by rpki-client