Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.mft
File: KANYk6JXplTz-FSVxBaevobeGNE.mft (raw, json)
Hash identifier: Hw+AQvXfUtmysI3OR9xv+NL44+OZrOMgt8Auh3Be5OQ=
Subject key identifier: 46:90:E3:74:CD:99:08:4A:B6:92:9A:91:00:DB:87:D5:8C:14:CE:FB
Authority key identifier: 28:03:58:93:A2:57:A6:54:F3:F8:54:95:C4:16:9E:BE:86:DE:18:D1
Certificate issuer: /CN=28035893a257a654f3f85495c4169ebe86de18d1
Certificate serial: 0196515B7589526A67F0BDBF57FE8B53C23F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KANYk6JXplTz-FSVxBaevobeGNE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.mft
Manifest number: 0A38
Signing time: Sun 20 Apr 2025 04:01:10 +0000
Manifest this update: Sun 20 Apr 2025 04:01:10 +0000
Manifest next update: Mon 21 Apr 2025 04:01:10 +0000
Files and hashes: 1: 1lrtH8qIV5e3th4jMCPobjKiYaU.roa (hash: xgADT5hDJzpgst28AckBVIlM/BW2ECMOC24fNQS3BL0=)
2: KANYk6JXplTz-FSVxBaevobeGNE.crl (hash: 0pGmlPHDmmBeYjrQ2MCcU1DxV4NoB7EzAOjs6a2Q6dE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.mft
rsync://rpki.ripe.net/repository/DEFAULT/KANYk6JXplTz-FSVxBaevobeGNE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 04:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:51:5b:75:89:52:6a:67:f0:bd:bf:57:fe:8b:53:c2:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28035893a257a654f3f85495c4169ebe86de18d1
Validity
Not Before: Apr 20 04:01:10 2025 GMT
Not After : Apr 21 04:01:10 2025 GMT
Subject: CN=4690e374cd99084ab6929a9100db87d58c14cefb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b7:3f:ee:41:71:85:d3:b9:e3:0e:4f:89:0f:
13:ea:56:1e:90:30:e5:78:aa:e2:34:83:0e:9f:f8:
e1:c2:99:2b:c0:16:01:b3:cd:43:33:52:24:69:dc:
6a:d0:22:8d:36:4e:18:c1:be:b9:e1:a1:9a:12:f9:
fb:cd:22:4b:51:a3:59:ad:8c:a9:0f:e5:d5:e5:28:
9d:2c:3d:a9:cb:aa:6b:88:16:1e:bd:d2:a0:ca:5e:
a3:59:33:70:7e:b0:00:b5:ed:0e:f0:28:ca:45:e7:
26:bf:83:33:97:77:76:2c:6c:e1:7d:5f:ae:aa:c5:
07:41:5a:13:3e:0a:3e:21:5b:3c:97:4c:12:71:fa:
29:47:5b:6b:2f:97:af:16:e7:9d:bb:8c:36:85:74:
ac:04:ff:fa:cc:42:e2:e9:7a:d6:14:37:fe:3b:93:
bb:aa:64:77:28:4a:cc:39:60:cd:48:28:f0:ad:0f:
d2:3e:d0:d9:b0:1b:31:1d:d3:4a:91:b2:3a:56:b1:
e8:fc:2b:2f:c8:1e:c5:33:14:1c:f1:c9:76:4b:e5:
78:4b:f2:79:8f:52:63:b6:de:7b:43:ec:d0:48:54:
7e:44:18:d6:92:80:f0:04:a4:6c:a6:fc:6e:e8:c3:
f3:64:5f:a3:65:21:d5:43:c3:37:cc:be:6d:8d:b0:
db:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:90:E3:74:CD:99:08:4A:B6:92:9A:91:00:DB:87:D5:8C:14:CE:FB
X509v3 Authority Key Identifier:
keyid:28:03:58:93:A2:57:A6:54:F3:F8:54:95:C4:16:9E:BE:86:DE:18:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KANYk6JXplTz-FSVxBaevobeGNE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
be:c1:c9:fd:98:66:cd:fd:76:94:ea:eb:3f:34:30:2d:c8:e4:
f0:b0:d1:20:7c:9e:cf:d6:47:c0:36:cd:ba:7d:c7:15:cc:9b:
a8:02:73:cd:b4:c0:b1:23:d1:13:2c:e4:92:76:95:18:3b:44:
52:77:ad:fe:f0:11:e3:f9:ae:8b:50:54:3c:62:c3:6d:c2:75:
4b:b7:c9:da:6d:89:1b:08:c1:03:9b:a2:b0:90:c0:9a:96:62:
2b:a6:9a:da:7a:f1:79:89:1e:c9:d4:1f:71:e9:89:da:28:0b:
6f:bb:84:af:42:55:d9:cc:9f:62:c0:87:fc:9e:88:08:e5:80:
f3:f3:48:0d:24:a3:c1:0f:05:46:5d:06:80:d9:01:c5:56:0a:
d5:53:dd:f4:c2:3b:c5:ee:3e:f3:b8:2b:46:fc:11:68:0e:ab:
0a:f9:f2:3a:99:7c:c5:e2:37:57:6c:6d:79:fe:85:65:c4:a4:
1f:09:f5:bc:a5:67:b5:a7:05:4f:3c:b4:6d:cf:17:3b:35:fa:
25:a1:ae:4a:57:4e:d5:a6:e2:b0:ec:0a:22:53:b0:c3:80:80:
2b:ed:03:e4:d6:8d:dc:5b:d9:a5:85:40:27:e0:eb:01:1f:2c:
fa:44:50:91:8a:52:51:cd:1c:ba:cc:6f:91:ad:18:22:3f:b1:
99:b9:38:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZRW3WJUmpn8L2/V/6LU8I/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MDM1ODkzYTI1N2E2NTRmM2Y4NTQ5NWM0MTY5ZWJlODZk
ZTE4ZDEwHhcNMjUwNDIwMDQwMTEwWhcNMjUwNDIxMDQwMTEwWjAzMTEwLwYDVQQD
Eyg0NjkwZTM3NGNkOTkwODRhYjY5MjlhOTEwMGRiODdkNThjMTRjZWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbc/7kFxhdO54w5PiQ8T6lYekDDl
eKriNIMOn/jhwpkrwBYBs81DM1Ikadxq0CKNNk4Ywb654aGaEvn7zSJLUaNZrYyp
D+XV5SidLD2py6priBYevdKgyl6jWTNwfrAAte0O8CjKRecmv4Mzl3d2LGzhfV+u
qsUHQVoTPgo+IVs8l0wScfopR1trL5evFuedu4w2hXSsBP/6zELi6XrWFDf+O5O7
qmR3KErMOWDNSCjwrQ/SPtDZsBsxHdNKkbI6VrHo/CsvyB7FMxQc8cl2S+V4S/J5
j1Jjtt57Q+zQSFR+RBjWkoDwBKRspvxu6MPzZF+jZSHVQ8M3zL5tjbDbXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEaQ43TNmQhKtpKakQDbh9WMFM77MB8GA1UdIwQY
MBaAFCgDWJOiV6ZU8/hUlcQWnr6G3hjRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0FOWWs2SlhwbFR6LUZTVnhCYWV2b2JlR05FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS85Yjc2ZTMtZTRmMS00MWEyLTlmMGUt
OTM3ZTAwZDA3MzJmLzEvS0FOWWs2SlhwbFR6LUZTVnhCYWV2b2JlR05FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS85Yjc2ZTMtZTRmMS00MWEyLTlmMGUtOTM3ZTAwZDA3MzJm
LzEvS0FOWWs2SlhwbFR6LUZTVnhCYWV2b2JlR05FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvsHJ/Zhm
zf12lOrrPzQwLcjk8LDRIHyez9ZHwDbNun3HFcybqAJzzbTAsSPREyzkknaVGDtE
Unet/vAR4/mui1BUPGLDbcJ1S7fJ2m2JGwjBA5uisJDAmpZiK6aa2nrxeYkeydQf
cemJ2igLb7uEr0JV2cyfYsCH/J6ICOWA8/NIDSSjwQ8FRl0GgNkBxVYK1VPd9MI7
xe4+87grRvwRaA6rCvnyOpl8xeI3V2xtef6FZcSkHwn1vKVntacFTzy0bc8XOzX6
JaGuSldO1abisOwKIlOww4CAK+0D5NaN3FvZpYVAJ+DrAR8s+kRQkYpSUc0cusxv
ka0YIj+xmbk4jg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:09:35 2025 by rpki-client