Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/kdAcR_AOZPNcx1LQOzSnG3FAaz8.mft
File: kdAcR_AOZPNcx1LQOzSnG3FAaz8.mft (raw, json)
Hash identifier: 1LW+XWMJ7S4t/4sAs3X+5u9Dg2f1MQ5wQLoLoq/NqX4=
Subject key identifier: E5:EC:13:81:BA:A0:AA:EE:8B:FE:79:4C:65:1E:F1:12:D2:61:89:BE
Authority key identifier: 91:D0:1C:47:F0:0E:64:F3:5C:C7:52:D0:3B:34:A7:1B:71:40:6B:3F
Certificate issuer: /CN=91d01c47f00e64f35cc752d03b34a71b71406b3f
Certificate serial: 019749680BCA1CEFBD1A3F11CFC01352E487
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdAcR_AOZPNcx1LQOzSnG3FAaz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/kdAcR_AOZPNcx1LQOzSnG3FAaz8.mft
Manifest number: 14AA
Signing time: Sat 07 Jun 2025 08:00:44 +0000
Manifest this update: Sat 07 Jun 2025 08:00:44 +0000
Manifest next update: Sun 08 Jun 2025 08:00:44 +0000
Files and hashes: 1: 6fnAZ8W2MGF8ZNrQkh_nCxeTpv4.roa (hash: VVdXTpC74ZKSlf0OaYeG4sfAbOWwASAnFr5UUxM1yrQ=)
2: jwF2Fe8ZjLBRTo3L_7TINNi10fQ.roa (hash: Ap/raQBvujEIQc3hDUBU94DRN1La9dL+OAKrqJu5rbU=)
3: kdAcR_AOZPNcx1LQOzSnG3FAaz8.crl (hash: hPofSAgcQXoozs8BWu2dvYf4BBCzAdTaD+ZdHJ5R+wE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/kdAcR_AOZPNcx1LQOzSnG3FAaz8.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/kdAcR_AOZPNcx1LQOzSnG3FAaz8.mft
rsync://rpki.ripe.net/repository/DEFAULT/kdAcR_AOZPNcx1LQOzSnG3FAaz8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 08:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:49:68:0b:ca:1c:ef:bd:1a:3f:11:cf:c0:13:52:e4:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d01c47f00e64f35cc752d03b34a71b71406b3f
Validity
Not Before: Jun 7 08:00:44 2025 GMT
Not After : Jun 8 08:00:44 2025 GMT
Subject: CN=e5ec1381baa0aaee8bfe794c651ef112d26189be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:eb:09:ab:67:15:ef:47:21:4f:da:bd:ab:3d:
ea:7d:54:70:a7:b2:dd:d5:7a:07:9b:13:14:3a:e7:
3a:9b:a7:f3:de:2c:37:b3:26:00:21:b7:bf:13:a7:
9c:78:30:9e:7e:ee:0d:15:2a:67:c2:0b:65:97:d2:
8d:75:90:db:83:a0:cf:66:83:5b:90:03:d2:cc:21:
af:7f:44:17:31:83:5b:c9:83:4a:39:5b:1c:54:81:
60:79:e8:1d:e8:b0:1e:3e:85:03:8a:1c:c1:41:a9:
1f:6f:48:15:ec:22:bd:9d:2d:62:a5:d5:72:c6:b0:
36:10:40:95:5d:2a:85:f9:79:c5:87:24:9d:32:ba:
e8:6b:98:79:9b:7b:5a:b6:14:4b:d5:07:94:7b:35:
e7:05:15:ef:6d:ac:a8:dc:8e:03:39:bd:65:1a:32:
45:6e:d6:de:3c:5b:07:08:a2:da:d1:56:bc:bd:01:
90:4c:09:92:3a:9f:ec:69:18:89:e0:f3:33:85:bf:
ee:77:9e:44:72:79:51:b9:39:9d:8d:fe:12:be:d2:
ef:24:ef:62:2c:1e:16:6f:2c:31:35:dd:1b:c4:97:
19:ee:ec:28:6b:f2:7f:30:71:2f:9b:b5:24:5f:3c:
c2:e5:79:e2:42:e0:17:22:93:a1:e0:94:6f:84:e3:
d1:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:EC:13:81:BA:A0:AA:EE:8B:FE:79:4C:65:1E:F1:12:D2:61:89:BE
X509v3 Authority Key Identifier:
keyid:91:D0:1C:47:F0:0E:64:F3:5C:C7:52:D0:3B:34:A7:1B:71:40:6B:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdAcR_AOZPNcx1LQOzSnG3FAaz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/kdAcR_AOZPNcx1LQOzSnG3FAaz8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/kdAcR_AOZPNcx1LQOzSnG3FAaz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
46:86:6b:e7:7d:ba:a5:86:55:58:fd:5d:10:43:80:09:c4:a0:
fd:ee:33:2f:ca:ca:fe:b0:60:49:38:a0:a4:73:c5:32:1f:b3:
c6:6f:e8:6e:08:20:71:f5:0c:91:17:d9:1c:3d:e1:59:1e:50:
11:e8:90:b0:87:e5:90:08:52:26:2e:f4:3f:5a:ce:cd:af:23:
5d:56:a6:7b:cc:bd:aa:ca:be:ee:b5:18:17:1f:8c:96:85:f0:
06:19:85:75:d9:75:b3:f2:63:2b:7e:f1:18:11:cd:bb:ee:ca:
7e:2b:d4:00:a7:10:12:9d:b5:31:cd:b1:39:c1:04:a3:cb:15:
a7:57:d9:6e:cc:14:5b:b0:83:c2:eb:f9:28:e5:68:40:c1:eb:
df:c3:aa:29:f9:05:6c:74:77:12:64:96:e0:33:a9:61:06:d4:
6e:58:25:d1:ff:05:f8:18:6d:c3:ea:69:ac:d0:fa:4d:e3:2b:
d1:35:85:e3:e9:d3:dc:a3:45:40:c9:de:e2:cd:67:d9:e2:99:
26:ac:98:c6:0b:3e:27:0f:5c:ad:21:5b:b2:e6:29:32:26:30:
d2:a6:47:4d:64:b3:f3:1b:9b:fa:c3:b3:57:50:21:8e:c2:69:
f0:b8:c9:b0:96:f7:08:16:0a:2d:d8:05:bc:b6:1c:5c:94:a2:
8f:e8:2f:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJaAvKHO+9Gj8Rz8ATUuSHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDAxYzQ3ZjAwZTY0ZjM1Y2M3NTJkMDNiMzRhNzFiNzE0
MDZiM2YwHhcNMjUwNjA3MDgwMDQ0WhcNMjUwNjA4MDgwMDQ0WjAzMTEwLwYDVQQD
EyhlNWVjMTM4MWJhYTBhYWVlOGJmZTc5NGM2NTFlZjExMmQyNjE4OWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyesJq2cV70chT9q9qz3qfVRwp7Ld
1XoHmxMUOuc6m6fz3iw3syYAIbe/E6eceDCefu4NFSpnwgtll9KNdZDbg6DPZoNb
kAPSzCGvf0QXMYNbyYNKOVscVIFgeegd6LAePoUDihzBQakfb0gV7CK9nS1ipdVy
xrA2EECVXSqF+XnFhySdMrroa5h5m3tathRL1QeUezXnBRXvbayo3I4DOb1lGjJF
btbePFsHCKLa0Va8vQGQTAmSOp/saRiJ4PMzhb/ud55EcnlRuTmdjf4SvtLvJO9i
LB4WbywxNd0bxJcZ7uwoa/J/MHEvm7UkXzzC5XniQuAXIpOh4JRvhOPR+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOXsE4G6oKrui/55TGUe8RLSYYm+MB8GA1UdIwQY
MBaAFJHQHEfwDmTzXMdS0Ds0pxtxQGs/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RBY1JfQU9aUE5jeDFMUU96U25HM0ZBYXo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9iMGZjMGMtYzUzNy00MGI0LTliNWIt
NTZiMDA2ZWYwZDNiLzEva2RBY1JfQU9aUE5jeDFMUU96U25HM0ZBYXo4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9iMGZjMGMtYzUzNy00MGI0LTliNWItNTZiMDA2ZWYwZDNi
LzEva2RBY1JfQU9aUE5jeDFMUU96U25HM0ZBYXo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARoZr5326
pYZVWP1dEEOACcSg/e4zL8rK/rBgSTigpHPFMh+zxm/obgggcfUMkRfZHD3hWR5Q
EeiQsIflkAhSJi70P1rOza8jXVame8y9qsq+7rUYFx+MloXwBhmFddl1s/JjK37x
GBHNu+7KfivUAKcQEp21Mc2xOcEEo8sVp1fZbswUW7CDwuv5KOVoQMHr38OqKfkF
bHR3EmSW4DOpYQbUblgl0f8F+Bhtw+pprND6TeMr0TWF4+nT3KNFQMne4s1n2eKZ
JqyYxgs+Jw9crSFbsuYpMiYw0qZHTWSz8xub+sOzV1AhjsJp8LjJsJb3CBYKLdgF
vLYcXJSij+gv+A==
-----END CERTIFICATE-----
Generated at Sat Jun 7 13:56:11 2025 by rpki-client