Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/83cd41-7256-4d66-942f-72ecba131af8/1/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.mft
File: KZbNaFMYR-Owvg2TxlzB-2Ts0ho.mft (raw, json)
Hash identifier: kT/SzQNq5yAkTtrDFboMF5aRReVqR2lCf2IDj0xvC9s=
Subject key identifier: 35:09:17:EF:80:75:67:A2:69:57:02:05:FE:ED:60:DF:2D:4F:7D:8A
Authority key identifier: 29:96:CD:68:53:18:47:E3:B0:BE:0D:93:C6:5C:C1:FB:64:EC:D2:1A
Certificate issuer: /CN=2996cd68531847e3b0be0d93c65cc1fb64ecd21a
Certificate serial: 019653B6CE31B0061152BB7658DBDDAE182A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/83cd41-7256-4d66-942f-72ecba131af8/1/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.mft
Manifest number: CF
Signing time: Sun 20 Apr 2025 15:00:11 +0000
Manifest this update: Sun 20 Apr 2025 15:00:11 +0000
Manifest next update: Mon 21 Apr 2025 15:00:11 +0000
Files and hashes: 1: HCnZ4QlNrjo4-1ShjXI6eoqgF7Q.roa (hash: RVcqorqVBH1UK65HrDodp8HEtA0dkfr8CZIvgxvJk/w=)
2: KZbNaFMYR-Owvg2TxlzB-2Ts0ho.crl (hash: r0b4lKpxN8mqaum3vYjSJad6MQg7Wo0H7ZGwpNafdfk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/83cd41-7256-4d66-942f-72ecba131af8/1/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/83cd41-7256-4d66-942f-72ecba131af8/1/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.mft
rsync://rpki.ripe.net/repository/DEFAULT/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:53:b6:ce:31:b0:06:11:52:bb:76:58:db:dd:ae:18:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2996cd68531847e3b0be0d93c65cc1fb64ecd21a
Validity
Not Before: Apr 20 15:00:11 2025 GMT
Not After : Apr 21 15:00:11 2025 GMT
Subject: CN=350917ef807567a269570205feed60df2d4f7d8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:4a:e8:db:65:71:0a:57:8b:cd:ea:b1:98:ff:
89:72:1b:f4:ee:22:3e:4d:bf:ba:00:f9:9f:5a:d5:
a5:1e:f6:38:53:52:75:b2:53:dd:c1:1c:6a:78:07:
61:b3:10:40:1e:14:1e:71:fc:6c:43:75:e3:6f:e5:
e1:d5:19:19:49:39:d1:e5:e2:a9:02:b2:cf:23:05:
fe:67:64:57:7d:15:6f:8a:da:f6:98:ee:c6:98:b9:
e7:1d:b8:18:ad:85:1d:a9:8f:d9:3c:cb:30:ad:24:
a6:a7:21:cf:e1:46:ab:a0:4d:a1:b8:04:52:31:e5:
0a:8a:92:29:26:41:a2:09:cb:b3:b1:92:dc:e7:8c:
87:7a:05:98:24:62:53:b7:bd:08:b5:58:44:8e:07:
8e:b2:a2:31:b3:97:ea:ca:30:36:84:a0:0f:e9:f4:
a7:41:91:4e:28:6a:9e:3f:39:1d:1c:cb:bd:a8:62:
d2:f2:5a:49:8c:40:0b:4d:19:4f:8a:27:c9:f5:3c:
71:ed:4c:7d:e0:9c:da:98:8a:26:f0:2e:98:69:1f:
b4:d2:84:f5:95:fc:b0:c2:e4:9a:f1:be:65:e1:f4:
bf:9c:0f:b5:d0:14:e6:c4:0b:05:92:df:07:09:b2:
a8:2e:1a:87:4c:31:e4:3c:ae:c0:49:c8:ce:ed:1a:
9e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:09:17:EF:80:75:67:A2:69:57:02:05:FE:ED:60:DF:2D:4F:7D:8A
X509v3 Authority Key Identifier:
keyid:29:96:CD:68:53:18:47:E3:B0:BE:0D:93:C6:5C:C1:FB:64:EC:D2:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/83cd41-7256-4d66-942f-72ecba131af8/1/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/83cd41-7256-4d66-942f-72ecba131af8/1/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b5:49:40:36:e6:f5:49:f2:d6:b3:2b:09:ad:c2:60:bc:0f:c9:
44:b9:b9:ee:f9:a8:b8:fd:04:07:8a:9a:2c:d7:cb:b2:d7:e1:
57:d7:51:0f:c3:56:44:e1:a5:93:85:f8:dc:8b:0f:30:b4:26:
91:df:aa:eb:53:a7:a5:43:d4:bb:86:58:56:8b:d4:a2:ea:72:
e6:0a:e0:cd:15:4b:77:dc:08:28:2e:d3:62:5d:27:5b:a7:eb:
c1:cb:4c:67:a5:5e:99:dc:e1:cc:3d:07:56:0b:d6:9e:fb:88:
94:62:2d:93:d1:68:4b:1c:76:e7:b2:47:b2:af:d0:3d:40:8d:
59:6c:7a:ea:3f:b1:29:3c:75:56:82:f3:41:81:28:a9:10:fd:
fc:0b:0b:78:85:72:4a:02:b3:13:62:9f:92:ff:83:e0:3d:8d:
b3:cc:58:ec:75:50:91:fe:30:03:e2:88:ee:fc:83:67:37:d0:
a7:8b:be:6f:81:f0:9e:b3:1d:72:1d:6c:10:15:b8:62:3c:c0:
e8:66:81:56:01:58:75:8d:b5:1e:b1:6b:e7:0a:01:5c:db:6f:
95:66:ac:c6:04:77:02:bb:fd:b7:4a:74:d8:59:f7:d5:70:c8:
cf:31:d0:bb:ba:30:04:8f:16:87:66:90:aa:29:62:ae:f5:c6:
0b:85:e2:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZTts4xsAYRUrt2WNvdrhgqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OTZjZDY4NTMxODQ3ZTNiMGJlMGQ5M2M2NWNjMWZiNjRl
Y2QyMWEwHhcNMjUwNDIwMTUwMDExWhcNMjUwNDIxMTUwMDExWjAzMTEwLwYDVQQD
EygzNTA5MTdlZjgwNzU2N2EyNjk1NzAyMDVmZWVkNjBkZjJkNGY3ZDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUro22VxCleLzeqxmP+Jchv07iI+
Tb+6APmfWtWlHvY4U1J1slPdwRxqeAdhsxBAHhQecfxsQ3Xjb+Xh1RkZSTnR5eKp
ArLPIwX+Z2RXfRVvitr2mO7GmLnnHbgYrYUdqY/ZPMswrSSmpyHP4UaroE2huARS
MeUKipIpJkGiCcuzsZLc54yHegWYJGJTt70ItVhEjgeOsqIxs5fqyjA2hKAP6fSn
QZFOKGqePzkdHMu9qGLS8lpJjEALTRlPiifJ9Txx7Ux94JzamIom8C6YaR+00oT1
lfywwuSa8b5l4fS/nA+10BTmxAsFkt8HCbKoLhqHTDHkPK7AScjO7Rqe1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDUJF++AdWeiaVcCBf7tYN8tT32KMB8GA1UdIwQY
MBaAFCmWzWhTGEfjsL4Nk8Zcwftk7NIaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1piTmFGTVlSLU93dmcyVHhsekItMlRzMGhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC84M2NkNDEtNzI1Ni00ZDY2LTk0MmYt
NzJlY2JhMTMxYWY4LzEvS1piTmFGTVlSLU93dmcyVHhsekItMlRzMGhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC84M2NkNDEtNzI1Ni00ZDY2LTk0MmYtNzJlY2JhMTMxYWY4
LzEvS1piTmFGTVlSLU93dmcyVHhsekItMlRzMGhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtUlANub1
SfLWsysJrcJgvA/JRLm57vmouP0EB4qaLNfLstfhV9dRD8NWROGlk4X43IsPMLQm
kd+q61OnpUPUu4ZYVovUoupy5grgzRVLd9wIKC7TYl0nW6frwctMZ6VemdzhzD0H
VgvWnvuIlGItk9FoSxx257JHsq/QPUCNWWx66j+xKTx1VoLzQYEoqRD9/AsLeIVy
SgKzE2Kfkv+D4D2Ns8xY7HVQkf4wA+KI7vyDZzfQp4u+b4HwnrMdch1sEBW4YjzA
6GaBVgFYdY21HrFr5woBXNtvlWasxgR3Arv9t0p02Fn31XDIzzHQu7owBI8Wh2aQ
qilirvXGC4XijA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 17:34:07 2025 by rpki-client