Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.mft
File: KgGcraFj42jMM2J2PyBrPerE0yA.mft (raw, json)
Hash identifier: fm73LCGUIAbLYL4RM7+ytiZskEnvrPRJ1th7rXZbhMA=
Subject key identifier: 6F:82:7D:FA:12:21:DD:08:BF:39:55:00:A6:62:1C:55:F6:08:CE:CD
Authority key identifier: 2A:01:9C:AD:A1:63:E3:68:CC:33:62:76:3F:20:6B:3D:EA:C4:D3:20
Certificate issuer: /CN=2a019cada163e368cc3362763f206b3deac4d320
Certificate serial: 019922C2F932079F6E2CCA2AAEA7719DDC0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KgGcraFj42jMM2J2PyBrPerE0yA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.mft
Manifest number: 0BE0
Signing time: Sun 07 Sep 2025 06:00:27 +0000
Manifest this update: Sun 07 Sep 2025 06:00:27 +0000
Manifest next update: Mon 08 Sep 2025 06:00:27 +0000
Files and hashes: 1: KgGcraFj42jMM2J2PyBrPerE0yA.crl (hash: J3uLQPsy6SCbFK+w8d6eKX4rd2wF7MgiWOLLXSJJvNg=)
2: aZtA3Tb82BUczOl9SsTYverE7lI.roa (hash: LK8Z2BqrNCcDSNuABGRySwkLhGqKgLJf/sHl1VyEOIw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KgGcraFj42jMM2J2PyBrPerE0yA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:c2:f9:32:07:9f:6e:2c:ca:2a:ae:a7:71:9d:dc:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a019cada163e368cc3362763f206b3deac4d320
Validity
Not Before: Sep 7 06:00:27 2025 GMT
Not After : Sep 8 06:00:27 2025 GMT
Subject: CN=6f827dfa1221dd08bf395500a6621c55f608cecd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d7:0b:ba:b4:5c:97:dd:47:16:0a:14:8c:25:
35:9e:c5:91:db:03:c9:f0:74:5a:2d:f5:89:4a:07:
2c:8d:29:ff:71:52:18:c2:43:ea:36:51:40:92:c2:
e1:6d:19:b7:d4:ee:da:6d:f2:2b:5f:14:88:cd:d5:
c3:bb:54:63:a9:7a:ae:bb:b0:50:60:e5:34:ec:71:
da:49:a4:c6:d5:6c:fb:26:f9:1a:cd:6d:97:4a:b3:
a8:43:7a:c4:c3:ca:16:8e:b1:b0:44:f5:a0:b6:9b:
22:96:a3:4a:1b:fb:3b:b9:4e:11:9b:01:a1:11:25:
79:fe:18:c3:eb:f4:20:7a:6d:07:5d:07:f1:c4:c6:
6b:07:79:81:0c:4e:05:07:62:65:c0:a8:b7:10:de:
e2:01:e8:e7:9c:8e:f6:19:30:9b:eb:23:72:a3:c4:
e2:2c:7b:fd:a6:0e:9b:11:8d:72:66:89:1e:d6:0a:
10:cc:1d:a9:11:5c:b6:7c:df:04:e4:d2:05:91:09:
13:fc:8f:7a:d7:a9:f2:0c:28:fc:a3:5c:12:2f:e2:
b0:1d:5b:f2:ee:bd:58:ec:81:55:d4:3b:df:fc:ce:
40:df:58:4b:1e:6d:f5:79:62:ab:65:aa:2d:f8:e5:
03:56:1f:67:69:05:5c:d4:ac:4f:5c:90:33:36:3d:
b4:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:82:7D:FA:12:21:DD:08:BF:39:55:00:A6:62:1C:55:F6:08:CE:CD
X509v3 Authority Key Identifier:
keyid:2A:01:9C:AD:A1:63:E3:68:CC:33:62:76:3F:20:6B:3D:EA:C4:D3:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KgGcraFj42jMM2J2PyBrPerE0yA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
08:09:e6:28:62:e2:94:03:50:ee:93:38:b4:06:c5:5c:0b:ee:
02:4b:3e:79:f5:a7:8f:e8:40:7d:9e:e8:ba:19:ba:22:3e:c9:
9d:19:13:68:44:58:d0:09:6d:72:67:b0:16:1a:6f:58:6e:8b:
d6:07:67:61:d8:9b:7c:8f:68:21:f2:5b:af:81:39:6f:25:f0:
a4:22:6b:58:87:d4:c8:2a:95:61:bf:c8:1c:b2:8a:aa:c3:d4:
25:01:35:79:99:a7:2a:a2:3d:dc:a7:0f:e6:03:3a:a7:36:c4:
e6:3a:56:36:f3:a5:37:0a:66:32:ce:13:7b:b6:cb:64:7a:3c:
e9:2f:5a:2a:cd:28:56:98:4a:c4:74:89:0f:c7:09:94:76:46:
5e:28:8f:41:4e:b1:cb:ed:7f:3c:3d:e3:0f:1c:49:80:71:6f:
ec:33:96:9d:72:d0:79:c4:bf:f9:e8:4e:bf:9e:34:57:94:73:
aa:1c:ed:14:72:1b:b9:4b:8a:36:a8:c5:87:eb:90:00:4a:e9:
66:e0:88:1d:bc:7f:73:6c:df:f7:38:97:42:c4:4c:41:1c:8e:
01:91:ca:c2:bb:a6:d0:ec:6e:48:16:f0:a7:00:6d:16:ea:d4:
09:c0:7e:15:65:89:7f:03:4f:9e:b5:62:c8:92:66:6a:2f:c0:
70:93:16:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiwvkyB59uLMoqrqdxndwKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMDE5Y2FkYTE2M2UzNjhjYzMzNjI3NjNmMjA2YjNkZWFj
NGQzMjAwHhcNMjUwOTA3MDYwMDI3WhcNMjUwOTA4MDYwMDI3WjAzMTEwLwYDVQQD
Eyg2ZjgyN2RmYTEyMjFkZDA4YmYzOTU1MDBhNjYyMWM1NWY2MDhjZWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9cLurRcl91HFgoUjCU1nsWR2wPJ
8HRaLfWJSgcsjSn/cVIYwkPqNlFAksLhbRm31O7abfIrXxSIzdXDu1RjqXquu7BQ
YOU07HHaSaTG1Wz7JvkazW2XSrOoQ3rEw8oWjrGwRPWgtpsilqNKG/s7uU4RmwGh
ESV5/hjD6/Qgem0HXQfxxMZrB3mBDE4FB2JlwKi3EN7iAejnnI72GTCb6yNyo8Ti
LHv9pg6bEY1yZoke1goQzB2pEVy2fN8E5NIFkQkT/I9616nyDCj8o1wSL+KwHVvy
7r1Y7IFV1Dvf/M5A31hLHm31eWKrZaot+OUDVh9naQVc1KxPXJAzNj209wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG+CffoSId0IvzlVAKZiHFX2CM7NMB8GA1UdIwQY
MBaAFCoBnK2hY+NozDNidj8gaz3qxNMgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2dHY3JhRmo0MmpNTTJKMlB5QnJQZXJFMHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi80M2E2NzItZDE1MS00YzRlLTk4MDkt
MTQ5ZjYzNjVmZmRhLzEvS2dHY3JhRmo0MmpNTTJKMlB5QnJQZXJFMHlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi80M2E2NzItZDE1MS00YzRlLTk4MDktMTQ5ZjYzNjVmZmRh
LzEvS2dHY3JhRmo0MmpNTTJKMlB5QnJQZXJFMHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACAnmKGLi
lANQ7pM4tAbFXAvuAks+efWnj+hAfZ7ouhm6Ij7JnRkTaERY0AltcmewFhpvWG6L
1gdnYdibfI9oIfJbr4E5byXwpCJrWIfUyCqVYb/IHLKKqsPUJQE1eZmnKqI93KcP
5gM6pzbE5jpWNvOlNwpmMs4Te7bLZHo86S9aKs0oVphKxHSJD8cJlHZGXiiPQU6x
y+1/PD3jDxxJgHFv7DOWnXLQecS/+ehOv540V5RzqhztFHIbuUuKNqjFh+uQAErp
ZuCIHbx/c2zf9ziXQsRMQRyOAZHKwrum0OxuSBbwpwBtFurUCcB+FWWJfwNPnrVi
yJJmai/AcJMW5Q==
-----END CERTIFICATE-----
Generated at Sun Sep 7 11:42:44 2025 by rpki-client