Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
File: kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft (raw, json)
Hash identifier: HcKSPpfm8e6ci7MqoLcNnXqe887TfxnZ2Kik3jaObjg=
Subject key identifier: 1A:29:D8:9D:42:5E:6C:97:7E:23:51:CD:6E:B6:95:88:88:44:83:AB
Authority key identifier: 91:18:8C:A6:4C:46:70:A6:EB:56:B4:2A:50:A1:05:88:AD:96:47:EE
Certificate issuer: /CN=91188ca64c4670a6eb56b42a50a10588ad9647ee
Certificate serial: 019644E8CA736C9FC1B8D2CF8E9D22915FC0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
Manifest number: 0989
Signing time: Thu 17 Apr 2025 18:00:28 +0000
Manifest this update: Thu 17 Apr 2025 18:00:28 +0000
Manifest next update: Fri 18 Apr 2025 18:00:28 +0000
Files and hashes: 1: JyQo8VWrljsbu7fdBUyCLnp2fRo.roa (hash: PYNlAKDVxyxJWLdDPpsz5WMXt3MO3ZloO8y7DclxK3I=)
2: kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl (hash: MmvVoA2szM3IiVa9y1aRPeKMw81A4uTkSuBi9eK6LSo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:44:e8:ca:73:6c:9f:c1:b8:d2:cf:8e:9d:22:91:5f:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91188ca64c4670a6eb56b42a50a10588ad9647ee
Validity
Not Before: Apr 17 18:00:28 2025 GMT
Not After : Apr 18 18:00:28 2025 GMT
Subject: CN=1a29d89d425e6c977e2351cd6eb69588884483ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:52:1f:30:a3:bf:cb:b3:a4:cf:2c:a5:f1:bc:
24:14:88:25:42:1c:a8:93:d2:1a:c3:4d:ae:8e:4b:
cd:6c:68:df:ba:88:31:96:33:c4:0d:6a:d9:9d:8f:
8a:9e:57:74:54:d5:ed:e8:8f:02:d9:f4:01:5e:04:
26:f0:d1:86:d0:71:66:b7:3c:d3:13:43:3e:f0:22:
c1:39:35:d3:fa:e1:c2:de:e0:7f:ff:c2:31:8d:b6:
5c:70:a7:8e:12:25:59:17:33:be:ca:19:67:07:8b:
eb:62:c9:84:74:18:10:2e:90:24:45:26:ef:cb:3d:
12:1f:f8:3e:77:2e:37:a4:8f:53:ae:28:c8:a9:05:
14:5a:e1:a8:a2:03:3e:06:61:b4:d5:1d:1a:cd:12:
37:fe:01:9d:16:08:99:64:30:ed:2f:15:e5:9f:68:
c2:ac:f9:69:85:92:37:f3:28:a6:be:52:3b:84:7c:
c8:fd:3e:fa:e5:da:c1:c1:df:ce:90:01:95:a8:c7:
02:5c:3f:7e:1a:5f:13:05:be:1f:b6:f8:a7:5d:d1:
a0:7e:53:75:19:32:10:ea:9d:1c:87:a4:d5:90:13:
ca:11:ce:0f:0e:7d:b6:a5:97:bc:32:f2:ad:d1:04:
11:65:b5:fb:eb:bf:23:21:3a:55:52:73:15:e8:4f:
c3:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:29:D8:9D:42:5E:6C:97:7E:23:51:CD:6E:B6:95:88:88:44:83:AB
X509v3 Authority Key Identifier:
keyid:91:18:8C:A6:4C:46:70:A6:EB:56:B4:2A:50:A1:05:88:AD:96:47:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
62:e7:ba:c0:48:ac:34:c0:6f:25:bf:c6:13:7c:99:27:10:5c:
6d:c0:8c:01:9f:61:f0:65:0b:bc:ba:4a:bf:b4:f4:ef:ba:cc:
a6:6b:a5:30:df:3d:72:b1:59:cb:70:93:63:70:d1:1a:f5:41:
0e:12:2f:11:11:7b:65:92:b1:25:60:56:94:67:ee:09:d3:e8:
dd:17:cc:af:65:e5:c2:b2:fe:02:95:f5:1b:c8:b2:e4:3e:b4:
a3:f8:c3:c9:ad:59:c4:4b:d8:51:f8:6e:00:65:ef:3f:0a:0b:
80:dc:64:c0:2b:0a:09:2c:bd:b8:eb:e4:57:9b:61:18:9e:00:
bc:4e:44:82:fe:cf:2e:79:e5:ed:26:74:e9:ce:44:ed:2b:64:
07:eb:ee:8a:c2:1d:bd:58:e9:11:84:13:23:9e:1a:79:0a:ad:
a7:74:6b:fe:3e:20:36:52:79:2b:5b:4a:a2:d8:2f:ea:bb:88:
8c:e0:df:15:11:5c:ae:3a:20:8c:3c:cd:ac:d9:49:a1:68:8c:
ce:5e:c7:a3:a7:eb:53:7f:9b:9b:cd:8f:65:7d:eb:8e:89:a6:
c9:56:37:b2:e2:41:91:2c:8f:3c:4e:6e:57:8d:49:d0:be:98:
eb:ef:76:00:dd:b3:c7:63:80:16:c5:6d:10:bb:4f:fd:24:be:
4c:46:66:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZE6MpzbJ/BuNLPjp0ikV/AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMTg4Y2E2NGM0NjcwYTZlYjU2YjQyYTUwYTEwNTg4YWQ5
NjQ3ZWUwHhcNMjUwNDE3MTgwMDI4WhcNMjUwNDE4MTgwMDI4WjAzMTEwLwYDVQQD
EygxYTI5ZDg5ZDQyNWU2Yzk3N2UyMzUxY2Q2ZWI2OTU4ODg4NDQ4M2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1FIfMKO/y7Okzyyl8bwkFIglQhyo
k9Iaw02ujkvNbGjfuogxljPEDWrZnY+Knld0VNXt6I8C2fQBXgQm8NGG0HFmtzzT
E0M+8CLBOTXT+uHC3uB//8IxjbZccKeOEiVZFzO+yhlnB4vrYsmEdBgQLpAkRSbv
yz0SH/g+dy43pI9TrijIqQUUWuGoogM+BmG01R0azRI3/gGdFgiZZDDtLxXln2jC
rPlphZI38yimvlI7hHzI/T765drBwd/OkAGVqMcCXD9+Gl8TBb4ftvinXdGgflN1
GTIQ6p0ch6TVkBPKEc4PDn22pZe8MvKt0QQRZbX7678jITpVUnMV6E/DdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBop2J1CXmyXfiNRzW62lYiIRIOrMB8GA1UdIwQY
MBaAFJEYjKZMRnCm61a0KlChBYitlkfuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8zMWQ2YzEtMTE0Ni00NTg4LTgzOGQt
MTQ3MTc3YjgzN2RlLzEva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8zMWQ2YzEtMTE0Ni00NTg4LTgzOGQtMTQ3MTc3YjgzN2Rl
LzEva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYue6wEis
NMBvJb/GE3yZJxBcbcCMAZ9h8GULvLpKv7T077rMpmulMN89crFZy3CTY3DRGvVB
DhIvERF7ZZKxJWBWlGfuCdPo3RfMr2XlwrL+ApX1G8iy5D60o/jDya1ZxEvYUfhu
AGXvPwoLgNxkwCsKCSy9uOvkV5thGJ4AvE5Egv7PLnnl7SZ06c5E7StkB+vuisId
vVjpEYQTI54aeQqtp3Rr/j4gNlJ5K1tKotgv6ruIjODfFRFcrjogjDzNrNlJoWiM
zl7Ho6frU3+bm82PZX3rjommyVY3suJBkSyPPE5uV41J0L6Y6+92AN2zx2OAFsVt
ELtP/SS+TEZmpQ==
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:48:53 2025 by rpki-client