Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
File: kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft (raw, json)
Hash identifier: SkaruFkGOvKtu5anGeh3yjLI4lg+Tn6HurLOMBCl4s8=
Subject key identifier: 7D:90:73:00:83:17:6C:CE:09:E7:22:A7:77:51:CF:58:AB:5D:A0:1A
Authority key identifier: 91:18:8C:A6:4C:46:70:A6:EB:56:B4:2A:50:A1:05:88:AD:96:47:EE
Certificate issuer: /CN=91188ca64c4670a6eb56b42a50a10588ad9647ee
Certificate serial: 01976E508417B36996DA41B2ABA20EA2592B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
Manifest number: 0A23
Signing time: Sat 14 Jun 2025 12:00:59 +0000
Manifest this update: Sat 14 Jun 2025 12:00:59 +0000
Manifest next update: Sun 15 Jun 2025 12:00:59 +0000
Files and hashes: 1: JyQo8VWrljsbu7fdBUyCLnp2fRo.roa (hash: PYNlAKDVxyxJWLdDPpsz5WMXt3MO3ZloO8y7DclxK3I=)
2: kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl (hash: GCm6pZBzRP3QPo0+9fzqr/0hOE+qQ1/s8kCPRFNSvvQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6e:50:84:17:b3:69:96:da:41:b2:ab:a2:0e:a2:59:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91188ca64c4670a6eb56b42a50a10588ad9647ee
Validity
Not Before: Jun 14 12:00:59 2025 GMT
Not After : Jun 15 12:00:59 2025 GMT
Subject: CN=7d90730083176cce09e722a77751cf58ab5da01a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f7:63:98:d8:2c:8d:0d:04:8f:8b:16:16:76:
56:a5:62:17:cd:75:30:a0:9e:1f:13:10:51:82:08:
96:4d:3b:03:08:c5:c2:67:02:e8:88:f0:8f:e9:39:
0a:69:4e:80:b7:e6:18:2f:07:37:a9:fa:fb:a5:5c:
6e:ac:5c:56:33:9d:01:a8:8b:ac:31:2a:eb:a4:1d:
f5:9f:b3:0d:3e:f0:70:cd:fd:fa:6c:ac:a6:70:55:
c4:a3:2e:75:cc:a4:75:21:b1:27:77:cc:9c:d5:7f:
d4:e4:56:b1:f0:7e:6d:07:5a:e8:62:ef:83:8b:a2:
7a:f1:ae:d4:16:77:06:80:1b:0a:02:a3:a8:64:c0:
31:d7:85:82:f6:b2:92:6f:ec:57:88:fc:83:11:38:
16:4d:f7:07:cd:0c:d9:ed:96:77:ca:5a:ce:09:8b:
87:eb:38:32:d3:00:4d:55:56:fc:0b:e8:ec:fe:2f:
80:07:f4:9a:7b:2e:b7:e6:8d:d1:35:c8:c8:ef:2b:
6e:5e:68:f0:2d:aa:55:b4:fa:9f:b3:60:24:2d:7e:
8d:ee:2d:71:9d:71:97:d0:ce:63:d3:bf:88:f7:44:
90:9e:a1:36:ed:27:d6:7f:7d:a7:67:d1:da:43:e9:
d5:9a:b7:18:2a:11:e1:61:61:a5:e6:75:59:32:3f:
02:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:90:73:00:83:17:6C:CE:09:E7:22:A7:77:51:CF:58:AB:5D:A0:1A
X509v3 Authority Key Identifier:
keyid:91:18:8C:A6:4C:46:70:A6:EB:56:B4:2A:50:A1:05:88:AD:96:47:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
61:f9:38:4d:7f:f0:f9:9e:87:d4:1e:ab:b7:fe:a5:b9:90:c1:
38:69:e4:1c:1f:11:1f:ee:14:fb:8b:61:49:3b:53:99:5e:7a:
30:57:ec:2a:1a:24:69:90:4a:28:48:ae:35:5c:ca:60:66:dd:
5d:f6:25:cc:45:1a:d9:fa:1c:37:f6:78:31:ee:b4:7f:d4:36:
74:02:73:9f:7d:6d:f4:73:c5:16:bc:41:da:cd:fa:99:93:6e:
1b:6e:0e:8d:92:30:62:db:88:a2:5f:19:e2:29:c3:0a:17:69:
ca:10:f6:40:af:f0:ff:13:8c:68:0f:88:5e:e6:68:e4:7e:5d:
80:a7:57:aa:27:81:81:ac:05:aa:25:19:7e:c9:6d:48:1f:83:
e5:40:a8:04:83:bf:9b:96:9d:a9:e0:f0:03:3d:25:89:52:05:
4f:d5:10:58:bf:17:8a:67:5a:a5:2f:b3:9d:f8:cc:74:5c:14:
4f:be:13:ff:e2:47:f5:92:91:2e:13:12:4e:16:c2:ec:05:c1:
de:c4:15:9b:f3:fe:cc:a1:fc:a2:42:3b:ed:de:17:9a:cf:f6:
fe:9a:42:6a:54:d4:9f:75:01:41:6b:93:b4:ae:9f:5f:2d:bf:
fb:ff:16:b8:5a:f8:32:48:93:35:4b:3a:2d:d8:39:f9:95:37:
15:e2:a6:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZduUIQXs2mW2kGyq6IOolkrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMTg4Y2E2NGM0NjcwYTZlYjU2YjQyYTUwYTEwNTg4YWQ5
NjQ3ZWUwHhcNMjUwNjE0MTIwMDU5WhcNMjUwNjE1MTIwMDU5WjAzMTEwLwYDVQQD
Eyg3ZDkwNzMwMDgzMTc2Y2NlMDllNzIyYTc3NzUxY2Y1OGFiNWRhMDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPdjmNgsjQ0Ej4sWFnZWpWIXzXUw
oJ4fExBRggiWTTsDCMXCZwLoiPCP6TkKaU6At+YYLwc3qfr7pVxurFxWM50BqIus
MSrrpB31n7MNPvBwzf36bKymcFXEoy51zKR1IbEnd8yc1X/U5Fax8H5tB1roYu+D
i6J68a7UFncGgBsKAqOoZMAx14WC9rKSb+xXiPyDETgWTfcHzQzZ7ZZ3ylrOCYuH
6zgy0wBNVVb8C+js/i+AB/Saey635o3RNcjI7ytuXmjwLapVtPqfs2AkLX6N7i1x
nXGX0M5j07+I90SQnqE27SfWf32nZ9HaQ+nVmrcYKhHhYWGl5nVZMj8CaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH2QcwCDF2zOCecip3dRz1irXaAaMB8GA1UdIwQY
MBaAFJEYjKZMRnCm61a0KlChBYitlkfuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8zMWQ2YzEtMTE0Ni00NTg4LTgzOGQt
MTQ3MTc3YjgzN2RlLzEva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8zMWQ2YzEtMTE0Ni00NTg4LTgzOGQtMTQ3MTc3YjgzN2Rl
LzEva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYfk4TX/w
+Z6H1B6rt/6luZDBOGnkHB8RH+4U+4thSTtTmV56MFfsKhokaZBKKEiuNVzKYGbd
XfYlzEUa2focN/Z4Me60f9Q2dAJzn31t9HPFFrxB2s36mZNuG24OjZIwYtuIol8Z
4inDChdpyhD2QK/w/xOMaA+IXuZo5H5dgKdXqieBgawFqiUZfsltSB+D5UCoBIO/
m5adqeDwAz0liVIFT9UQWL8XimdapS+znfjMdFwUT74T/+JH9ZKRLhMSThbC7AXB
3sQVm/P+zKH8okI77d4Xms/2/ppCalTUn3UBQWuTtK6fXy2/+/8WuFr4MkiTNUs6
Ldg5+ZU3FeKmCg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 20:47:09 2025 by rpki-client