Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/83cd41-7256-4d66-942f-72ecba131af8/1/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.mft
File: KZbNaFMYR-Owvg2TxlzB-2Ts0ho.mft (raw, json)
Hash identifier: BWCcSQvdVzF/CSt/IKFxt5SzukUGVTuCu7kDPemBTk0=
Subject key identifier: 4A:E1:4C:11:9A:E4:84:63:A7:17:AC:57:51:F3:C0:D4:73:A8:83:53
Authority key identifier: 29:96:CD:68:53:18:47:E3:B0:BE:0D:93:C6:5C:C1:FB:64:EC:D2:1A
Certificate issuer: /CN=2996cd68531847e3b0be0d93c65cc1fb64ecd21a
Certificate serial: 019748FA9D0F91567FD345447005DDDE3E33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/83cd41-7256-4d66-942f-72ecba131af8/1/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.mft
Manifest number: 014E
Signing time: Sat 07 Jun 2025 06:01:13 +0000
Manifest this update: Sat 07 Jun 2025 06:01:13 +0000
Manifest next update: Sun 08 Jun 2025 06:01:13 +0000
Files and hashes: 1: HCnZ4QlNrjo4-1ShjXI6eoqgF7Q.roa (hash: RVcqorqVBH1UK65HrDodp8HEtA0dkfr8CZIvgxvJk/w=)
2: KZbNaFMYR-Owvg2TxlzB-2Ts0ho.crl (hash: BwdVDyRgxQpBSlhpLK0tDypa0Oxh6IOxfsBs1JFJiAY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/83cd41-7256-4d66-942f-72ecba131af8/1/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/83cd41-7256-4d66-942f-72ecba131af8/1/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.mft
rsync://rpki.ripe.net/repository/DEFAULT/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 22:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:48:fa:9d:0f:91:56:7f:d3:45:44:70:05:dd:de:3e:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2996cd68531847e3b0be0d93c65cc1fb64ecd21a
Validity
Not Before: Jun 7 06:01:13 2025 GMT
Not After : Jun 8 06:01:13 2025 GMT
Subject: CN=4ae14c119ae48463a717ac5751f3c0d473a88353
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:52:1f:6d:f5:fc:ff:23:74:f0:b1:af:ba:16:
5d:a0:6a:40:16:b2:81:66:17:c2:b0:94:8c:90:ba:
43:c3:8a:ec:83:3f:9a:03:65:ef:70:f5:e5:86:16:
3a:4c:e7:70:da:69:cc:09:d7:11:91:f9:74:a5:2f:
e1:30:af:d0:64:ed:df:2d:45:65:da:34:dd:95:30:
92:ab:a8:96:4f:f1:9a:b7:ff:37:fe:89:de:87:fa:
cb:6a:57:a2:42:0b:2d:ca:05:81:bd:dc:cd:94:3f:
9b:48:73:a1:4a:4a:1d:d7:23:eb:7c:c5:4f:47:16:
c3:76:eb:93:45:8f:e5:ad:6e:23:b1:fa:3a:49:4c:
ba:ac:2a:a8:4c:88:1f:96:14:43:1b:17:32:57:cd:
a1:08:ee:b2:a5:e7:6d:62:58:ac:b3:f7:8b:2a:97:
68:fe:82:e7:68:9c:fe:5c:88:5b:6a:50:d0:01:06:
5f:56:17:64:c7:c4:25:11:30:fd:b2:01:1e:77:83:
a0:a5:06:2f:5c:bc:49:57:6a:89:74:58:e7:69:1f:
5c:bd:c9:d4:be:22:ba:af:26:21:11:f8:8a:ea:9c:
56:5e:d4:a4:ce:14:35:ee:ff:9f:fb:bf:e1:cc:91:
1b:3a:c6:8f:c9:5f:1c:41:d1:63:90:b8:f7:15:47:
13:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:E1:4C:11:9A:E4:84:63:A7:17:AC:57:51:F3:C0:D4:73:A8:83:53
X509v3 Authority Key Identifier:
keyid:29:96:CD:68:53:18:47:E3:B0:BE:0D:93:C6:5C:C1:FB:64:EC:D2:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/83cd41-7256-4d66-942f-72ecba131af8/1/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/83cd41-7256-4d66-942f-72ecba131af8/1/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c4:0b:9c:03:1a:a3:c8:b6:ee:e1:e3:f0:94:78:0a:e3:68:a8:
a5:12:a9:b3:c0:65:d3:83:48:8f:55:c2:31:73:0e:75:56:49:
44:1d:a4:a7:b0:4e:bb:29:c2:0f:d2:ef:e2:19:b0:4c:a8:ef:
4f:37:48:2d:af:36:41:e3:df:ab:0e:29:bb:4e:b4:2c:d9:aa:
1b:c8:6a:c0:da:fb:08:0c:9c:ac:4b:7b:0b:a6:a0:d3:82:a7:
a3:70:a9:67:a7:90:12:cb:4a:8c:81:10:81:ea:d4:5d:4b:ea:
2c:5f:d3:da:96:25:f0:04:83:8b:8d:ad:ff:7d:97:8f:d7:93:
93:e6:a0:a7:ac:9e:0f:05:c4:87:25:0e:44:b1:6f:ab:1b:3d:
a7:fe:72:58:e0:71:66:22:34:3b:ce:eb:57:0c:88:d6:66:c4:
f1:b2:b9:b7:10:1f:98:7b:f0:bf:7f:92:f7:50:fb:ec:16:22:
91:cd:b7:d8:24:f4:6a:9a:45:5e:34:a1:34:99:4d:2c:0f:24:
6f:01:96:2c:1b:7b:9c:06:6c:09:01:c4:27:73:d5:fb:9b:ce:
1f:05:d9:14:ec:1e:b1:7b:c0:aa:09:73:e1:c7:62:91:61:0c:
0e:d2:4f:74:d5:f0:0c:32:fe:b6:c5:4c:a8:07:45:95:2e:b9:
2d:75:3a:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdI+p0PkVZ/00VEcAXd3j4zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OTZjZDY4NTMxODQ3ZTNiMGJlMGQ5M2M2NWNjMWZiNjRl
Y2QyMWEwHhcNMjUwNjA3MDYwMTEzWhcNMjUwNjA4MDYwMTEzWjAzMTEwLwYDVQQD
Eyg0YWUxNGMxMTlhZTQ4NDYzYTcxN2FjNTc1MWYzYzBkNDczYTg4MzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlIfbfX8/yN08LGvuhZdoGpAFrKB
ZhfCsJSMkLpDw4rsgz+aA2XvcPXlhhY6TOdw2mnMCdcRkfl0pS/hMK/QZO3fLUVl
2jTdlTCSq6iWT/Gat/83/oneh/rLaleiQgstygWBvdzNlD+bSHOhSkod1yPrfMVP
RxbDduuTRY/lrW4jsfo6SUy6rCqoTIgflhRDGxcyV82hCO6ypedtYliss/eLKpdo
/oLnaJz+XIhbalDQAQZfVhdkx8QlETD9sgEed4OgpQYvXLxJV2qJdFjnaR9cvcnU
viK6ryYhEfiK6pxWXtSkzhQ17v+f+7/hzJEbOsaPyV8cQdFjkLj3FUcTEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFErhTBGa5IRjpxesV1HzwNRzqINTMB8GA1UdIwQY
MBaAFCmWzWhTGEfjsL4Nk8Zcwftk7NIaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1piTmFGTVlSLU93dmcyVHhsekItMlRzMGhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC84M2NkNDEtNzI1Ni00ZDY2LTk0MmYt
NzJlY2JhMTMxYWY4LzEvS1piTmFGTVlSLU93dmcyVHhsekItMlRzMGhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC84M2NkNDEtNzI1Ni00ZDY2LTk0MmYtNzJlY2JhMTMxYWY4
LzEvS1piTmFGTVlSLU93dmcyVHhsekItMlRzMGhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxAucAxqj
yLbu4ePwlHgK42iopRKps8Bl04NIj1XCMXMOdVZJRB2kp7BOuynCD9Lv4hmwTKjv
TzdILa82QePfqw4pu060LNmqG8hqwNr7CAycrEt7C6ag04Kno3CpZ6eQEstKjIEQ
gerUXUvqLF/T2pYl8ASDi42t/32Xj9eTk+agp6yeDwXEhyUORLFvqxs9p/5yWOBx
ZiI0O87rVwyI1mbE8bK5txAfmHvwv3+S91D77BYikc232CT0appFXjShNJlNLA8k
bwGWLBt7nAZsCQHEJ3PV+5vOHwXZFOwesXvAqglz4cdikWEMDtJPdNXwDDL+tsVM
qAdFlS65LXU6UQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 09:08:36 2025 by rpki-client