Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.mft
File: kTOA6LhQRU2zgd3euawsyKL2JTE.mft (raw, json)
Hash identifier: SgZcO8O+z8nlh4wDrfEUf45EM5tfiwbV1Ny8R068Y0k=
Subject key identifier: DF:22:E3:5B:53:63:A3:69:6D:51:E0:B7:9F:B2:98:EE:BA:BD:67:6A
Authority key identifier: 91:33:80:E8:B8:50:45:4D:B3:81:DD:DE:B9:AC:2C:C8:A2:F6:25:31
Certificate issuer: /CN=913380e8b850454db381dddeb9ac2cc8a2f62531
Certificate serial: 01974A43E739787918A5E480F9A3AC90C90A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kTOA6LhQRU2zgd3euawsyKL2JTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.mft
Manifest number: 0478
Signing time: Sat 07 Jun 2025 12:00:53 +0000
Manifest this update: Sat 07 Jun 2025 12:00:53 +0000
Manifest next update: Sun 08 Jun 2025 12:00:53 +0000
Files and hashes: 1: U5Y7YWVXNPPm9KoqmwsivloXzrs.roa (hash: ca5vcs2GJ+zXpmrDaBzBSEBE+1Vnejqdln+cTCo9uxU=)
2: kTOA6LhQRU2zgd3euawsyKL2JTE.crl (hash: k0S3iP1TEHFJBNMCsuOJCl1FInKRs/vcUScbaO0J0ho=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.mft
rsync://rpki.ripe.net/repository/DEFAULT/kTOA6LhQRU2zgd3euawsyKL2JTE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4a:43:e7:39:78:79:18:a5:e4:80:f9:a3:ac:90:c9:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=913380e8b850454db381dddeb9ac2cc8a2f62531
Validity
Not Before: Jun 7 12:00:53 2025 GMT
Not After : Jun 8 12:00:53 2025 GMT
Subject: CN=df22e35b5363a3696d51e0b79fb298eebabd676a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:87:d4:87:70:1f:b4:9e:17:61:c9:15:73:a1:
30:bb:3a:34:93:a5:70:2b:72:95:af:2d:4f:03:4c:
e3:c9:d4:2c:dd:32:41:ee:1c:b3:c0:0c:3b:5f:44:
fc:09:08:60:11:df:7f:56:69:80:4c:e7:1a:3a:09:
05:db:77:4e:9f:52:78:a3:95:d2:05:91:e7:5f:38:
7e:a2:b5:1a:36:00:01:96:43:23:e7:d6:78:81:c7:
52:84:92:0f:d8:46:9a:9d:03:77:a2:d5:05:ec:10:
88:14:34:e1:0a:45:b0:89:c5:fa:ea:86:98:90:7d:
79:ef:77:d5:cb:bb:35:21:43:87:e9:b3:9b:be:a1:
a8:62:8d:67:87:36:75:f8:6c:fc:a3:8c:0c:30:e6:
c6:8a:12:da:b5:1e:27:a7:15:a3:3d:07:7c:7c:1b:
d8:8e:d1:56:fa:63:d2:fd:df:3c:e2:2e:e7:28:20:
3b:f9:1e:27:58:1c:1c:87:c4:d0:8a:5c:d0:d8:5d:
d2:c4:ee:18:bc:b0:3c:15:a1:ac:4f:9f:03:1d:c9:
55:31:ff:55:38:1b:ff:ff:cc:0d:6c:50:e5:53:e6:
a7:04:21:60:44:ed:79:b1:c5:45:c5:96:26:50:2c:
86:2d:d7:e8:03:73:0d:2d:9d:43:03:c0:3b:29:55:
c0:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:22:E3:5B:53:63:A3:69:6D:51:E0:B7:9F:B2:98:EE:BA:BD:67:6A
X509v3 Authority Key Identifier:
keyid:91:33:80:E8:B8:50:45:4D:B3:81:DD:DE:B9:AC:2C:C8:A2:F6:25:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kTOA6LhQRU2zgd3euawsyKL2JTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
28:17:ff:8f:7b:4f:69:cc:7c:ac:20:db:ed:e9:c6:c6:19:39:
23:d4:ed:48:c3:9c:99:5d:68:9e:9c:80:a3:ac:a7:06:1c:88:
f1:4d:8a:95:08:d8:c0:9a:b3:a6:f3:dc:a8:6d:dc:65:24:60:
76:87:90:a2:09:cd:26:42:02:18:33:6d:7b:75:31:ea:08:66:
04:d9:d6:79:ec:11:c6:eb:02:ef:5b:61:d7:49:33:53:83:6f:
c5:45:fe:a5:5b:8b:b4:71:3c:79:f5:39:bc:8e:66:14:5c:0c:
f3:d8:25:67:5c:6d:ef:b4:60:76:d6:9e:37:06:d3:c3:28:e9:
07:fc:68:5e:3c:a2:58:44:05:d5:83:12:ed:e5:11:94:af:5d:
18:36:5b:0b:43:f5:9d:77:1f:2f:f8:f6:71:9d:8d:5d:ab:3a:
c3:ed:72:fe:bc:f5:c9:48:4b:39:08:5b:3d:dc:63:01:3a:53:
93:04:0d:72:5b:77:79:61:37:4c:68:f9:41:50:f9:05:7a:a4:
cb:53:b3:4f:61:f0:25:45:50:f9:a6:30:7c:fd:3a:62:b1:7f:
40:eb:72:48:a2:bc:74:2a:ae:c3:8b:b3:19:bb:48:8b:74:e3:
44:be:f7:78:5b:66:13:1d:50:38:5c:56:40:6f:89:e7:2f:36:
5f:e1:03:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKQ+c5eHkYpeSA+aOskMkKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMzM4MGU4Yjg1MDQ1NGRiMzgxZGRkZWI5YWMyY2M4YTJm
NjI1MzEwHhcNMjUwNjA3MTIwMDUzWhcNMjUwNjA4MTIwMDUzWjAzMTEwLwYDVQQD
EyhkZjIyZTM1YjUzNjNhMzY5NmQ1MWUwYjc5ZmIyOThlZWJhYmQ2NzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4fUh3AftJ4XYckVc6Ewuzo0k6Vw
K3KVry1PA0zjydQs3TJB7hyzwAw7X0T8CQhgEd9/VmmATOcaOgkF23dOn1J4o5XS
BZHnXzh+orUaNgABlkMj59Z4gcdShJIP2EaanQN3otUF7BCIFDThCkWwicX66oaY
kH1573fVy7s1IUOH6bObvqGoYo1nhzZ1+Gz8o4wMMObGihLatR4npxWjPQd8fBvY
jtFW+mPS/d884i7nKCA7+R4nWBwch8TQilzQ2F3SxO4YvLA8FaGsT58DHclVMf9V
OBv//8wNbFDlU+anBCFgRO15scVFxZYmUCyGLdfoA3MNLZ1DA8A7KVXAowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN8i41tTY6NpbVHgt5+ymO66vWdqMB8GA1UdIwQY
MBaAFJEzgOi4UEVNs4Hd3rmsLMii9iUxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1RPQTZMaFFSVTJ6Z2QzZXVhd3N5S0wySlRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi84Njk0YjktMDFkNy00OGI4LWE4ODIt
OTRlNzAwYmQ1NWY1LzEva1RPQTZMaFFSVTJ6Z2QzZXVhd3N5S0wySlRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi84Njk0YjktMDFkNy00OGI4LWE4ODItOTRlNzAwYmQ1NWY1
LzEva1RPQTZMaFFSVTJ6Z2QzZXVhd3N5S0wySlRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKBf/j3tP
acx8rCDb7enGxhk5I9TtSMOcmV1onpyAo6ynBhyI8U2KlQjYwJqzpvPcqG3cZSRg
doeQognNJkICGDNte3Ux6ghmBNnWeewRxusC71th10kzU4NvxUX+pVuLtHE8efU5
vI5mFFwM89glZ1xt77RgdtaeNwbTwyjpB/xoXjyiWEQF1YMS7eURlK9dGDZbC0P1
nXcfL/j2cZ2NXas6w+1y/rz1yUhLOQhbPdxjATpTkwQNclt3eWE3TGj5QVD5BXqk
y1OzT2HwJUVQ+aYwfP06YrF/QOtySKK8dCquw4uzGbtIi3TjRL73eFtmEx1QOFxW
QG+J5y82X+EDnA==
-----END CERTIFICATE-----
Generated at Sat Jun 7 13:46:20 2025 by rpki-client