Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft
File: KeoL3n9pK8X9wLFoumFKAnLy5k0.mft (raw, json)
Hash identifier: dab98z+htD7w2To73tK6GP4qyD9Sx3xaao1PKPXVJjk=
Subject key identifier: 14:33:68:84:09:49:18:E7:3B:84:A5:1A:7F:65:3D:0E:0C:20:32:E3
Authority key identifier: 29:EA:0B:DE:7F:69:2B:C5:FD:C0:B1:68:BA:61:4A:02:72:F2:E6:4D
Certificate issuer: /CN=29ea0bde7f692bc5fdc0b168ba614a0272f2e64d
Certificate serial: 01974A7B2B3697BCBEE65ABC4B3F1857C34F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KeoL3n9pK8X9wLFoumFKAnLy5k0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft
Manifest number: 0BE8
Signing time: Sat 07 Jun 2025 13:01:15 +0000
Manifest this update: Sat 07 Jun 2025 13:01:15 +0000
Manifest next update: Sun 08 Jun 2025 13:01:15 +0000
Files and hashes: 1: 9cEvXYVcBJeRVXoK10hhOCyNhJY.roa (hash: ihTe2JjgXGvlLA7K+HxYQQd7iWcLoXsDNyag9kYHBGk=)
2: KeoL3n9pK8X9wLFoumFKAnLy5k0.crl (hash: h8VE7zCnnLnCcUx46afU2nybx7NOKS4w1D5m7X55qqo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft
rsync://rpki.ripe.net/repository/DEFAULT/KeoL3n9pK8X9wLFoumFKAnLy5k0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 11:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4a:7b:2b:36:97:bc:be:e6:5a:bc:4b:3f:18:57:c3:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29ea0bde7f692bc5fdc0b168ba614a0272f2e64d
Validity
Not Before: Jun 7 13:01:15 2025 GMT
Not After : Jun 8 13:01:15 2025 GMT
Subject: CN=14336884094918e73b84a51a7f653d0e0c2032e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:00:8c:cb:d8:6c:5f:2a:bc:d8:8b:6e:b7:34:
45:a1:c3:24:71:db:64:d7:3a:dd:3a:6b:11:02:15:
80:b5:eb:4f:ff:e3:98:b6:a7:17:19:1f:29:95:22:
a6:a4:d0:0f:5d:ba:56:4f:e9:f5:8b:51:95:e1:d0:
37:24:c3:7f:46:ea:46:73:08:8d:7b:33:b1:b5:a2:
e9:7d:f7:c9:0c:d5:c3:ac:39:bd:ae:3d:b3:e6:93:
d5:69:c7:31:10:03:4a:95:3f:aa:fc:1c:7c:2e:6e:
30:b2:94:88:d4:e4:c3:d1:b5:9c:e7:90:4d:5f:4b:
29:8f:0f:57:9d:cc:7a:b6:7c:36:36:bc:d7:44:4a:
ab:68:74:e3:17:bb:3e:d1:99:25:06:cd:72:01:3a:
75:98:62:94:45:96:8a:cc:cf:27:04:ca:af:ce:8d:
3a:44:ca:93:71:69:52:51:c3:81:5f:92:09:bf:78:
83:fe:49:44:83:98:b6:7f:fa:f9:67:d6:e5:d7:6b:
8f:19:7b:9c:ec:b2:80:ad:fd:c4:2a:a6:2e:85:53:
47:2e:df:09:f8:06:f6:91:1b:b1:19:79:0f:18:69:
86:56:fa:81:0a:3c:c1:28:8a:bc:27:d2:4e:24:8b:
4a:5d:f6:d3:34:65:cb:d5:78:ad:2e:b3:bb:04:86:
6c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:33:68:84:09:49:18:E7:3B:84:A5:1A:7F:65:3D:0E:0C:20:32:E3
X509v3 Authority Key Identifier:
keyid:29:EA:0B:DE:7F:69:2B:C5:FD:C0:B1:68:BA:61:4A:02:72:F2:E6:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KeoL3n9pK8X9wLFoumFKAnLy5k0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
55:6d:09:ef:45:ed:16:c0:f4:9c:03:19:b4:81:e1:d8:de:ba:
38:03:a3:83:24:55:7f:98:f3:d9:59:14:b5:e4:d4:f6:6f:f6:
3b:d0:1a:f4:1e:e1:ba:dc:50:21:fe:d3:f8:5e:35:a6:cc:d1:
9d:02:6d:51:cf:2e:3b:be:44:10:70:d9:ce:80:e6:1b:5d:f2:
3c:30:1f:3e:e5:c1:e6:83:ba:b8:45:29:b3:0b:00:63:14:5c:
99:39:c8:63:d5:35:34:a9:f1:03:eb:1c:3b:93:c6:87:f3:11:
ed:8f:c9:b2:67:3b:aa:9e:84:a4:46:46:bb:0a:0c:59:8c:a3:
56:09:fb:56:61:57:56:86:1c:64:98:a6:33:fa:e3:58:8b:fb:
55:22:b3:8a:00:3f:19:de:82:c0:79:66:87:7d:96:7d:b0:dd:
ad:73:7e:50:83:b8:0b:89:37:43:08:b6:3d:ae:1f:c2:04:28:
31:4a:7f:d7:18:f1:51:59:ff:c5:b2:28:f7:0f:49:d5:bf:dc:
52:45:61:56:69:6c:31:1e:db:f7:4c:51:1c:ef:e0:38:38:90:
38:38:f9:b3:f0:a6:f3:1f:0d:95:d7:c1:1e:e7:c9:19:74:61:
e0:52:32:ec:3c:5e:a8:c0:e0:3b:c3:e9:be:4f:c4:74:62:e8:
68:a5:c0:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKeys2l7y+5lq8Sz8YV8NPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZWEwYmRlN2Y2OTJiYzVmZGMwYjE2OGJhNjE0YTAyNzJm
MmU2NGQwHhcNMjUwNjA3MTMwMTE1WhcNMjUwNjA4MTMwMTE1WjAzMTEwLwYDVQQD
EygxNDMzNjg4NDA5NDkxOGU3M2I4NGE1MWE3ZjY1M2QwZTBjMjAzMmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwCMy9hsXyq82ItutzRFocMkcdtk
1zrdOmsRAhWAtetP/+OYtqcXGR8plSKmpNAPXbpWT+n1i1GV4dA3JMN/RupGcwiN
ezOxtaLpfffJDNXDrDm9rj2z5pPVaccxEANKlT+q/Bx8Lm4wspSI1OTD0bWc55BN
X0spjw9Xncx6tnw2NrzXREqraHTjF7s+0ZklBs1yATp1mGKURZaKzM8nBMqvzo06
RMqTcWlSUcOBX5IJv3iD/klEg5i2f/r5Z9bl12uPGXuc7LKArf3EKqYuhVNHLt8J
+Ab2kRuxGXkPGGmGVvqBCjzBKIq8J9JOJItKXfbTNGXL1XitLrO7BIZs/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBQzaIQJSRjnO4SlGn9lPQ4MIDLjMB8GA1UdIwQY
MBaAFCnqC95/aSvF/cCxaLphSgJy8uZNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2VvTDNuOXBLOFg5d0xGb3VtRktBbkx5NWswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9kMmZmNWItMDAwOC00NTcyLTkzODAt
OTc2YzA0YmRmMThmLzEvS2VvTDNuOXBLOFg5d0xGb3VtRktBbkx5NWswLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9kMmZmNWItMDAwOC00NTcyLTkzODAtOTc2YzA0YmRmMThm
LzEvS2VvTDNuOXBLOFg5d0xGb3VtRktBbkx5NWswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVW0J70Xt
FsD0nAMZtIHh2N66OAOjgyRVf5jz2VkUteTU9m/2O9Aa9B7hutxQIf7T+F41pszR
nQJtUc8uO75EEHDZzoDmG13yPDAfPuXB5oO6uEUpswsAYxRcmTnIY9U1NKnxA+sc
O5PGh/MR7Y/Jsmc7qp6EpEZGuwoMWYyjVgn7VmFXVoYcZJimM/rjWIv7VSKzigA/
Gd6CwHlmh32WfbDdrXN+UIO4C4k3Qwi2Pa4fwgQoMUp/1xjxUVn/xbIo9w9J1b/c
UkVhVmlsMR7b90xRHO/gODiQODj5s/Cm8x8NldfBHufJGXRh4FIy7DxeqMDgO8Pp
vk/EdGLoaKXAoA==
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:04:27 2025 by rpki-client