Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.mft
File: KANYk6JXplTz-FSVxBaevobeGNE.mft (raw, json)
Hash identifier: V4mzlonkvlhWjT6/LfyL5N84hdEH3oYQSGLLWmJcEAk=
Subject key identifier: 37:6D:B7:26:15:40:93:4A:F6:C0:38:54:28:D3:C6:EE:58:77:DB:20
Authority key identifier: 28:03:58:93:A2:57:A6:54:F3:F8:54:95:C4:16:9E:BE:86:DE:18:D1
Certificate issuer: /CN=28035893a257a654f3f85495c4169ebe86de18d1
Certificate serial: 019922C30CA6D8D0A87A807CA2AFD803D99D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KANYk6JXplTz-FSVxBaevobeGNE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.mft
Manifest number: 0BAE
Signing time: Sun 07 Sep 2025 06:00:32 +0000
Manifest this update: Sun 07 Sep 2025 06:00:32 +0000
Manifest next update: Mon 08 Sep 2025 06:00:32 +0000
Files and hashes: 1: HzZn0ba7QItzyWun3HWfVhfe2Mw.roa (hash: iE4IEBeKKD6peBsX5m6y9GBML1LTBu1RqbqOosqLhr0=)
2: KANYk6JXplTz-FSVxBaevobeGNE.crl (hash: retM1EdlMhErmCTess9fJ2BKeq4/q7Xt++MWgiG2UwA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.mft
rsync://rpki.ripe.net/repository/DEFAULT/KANYk6JXplTz-FSVxBaevobeGNE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:c3:0c:a6:d8:d0:a8:7a:80:7c:a2:af:d8:03:d9:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28035893a257a654f3f85495c4169ebe86de18d1
Validity
Not Before: Sep 7 06:00:32 2025 GMT
Not After : Sep 8 06:00:32 2025 GMT
Subject: CN=376db7261540934af6c0385428d3c6ee5877db20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:e3:9c:c9:c5:5a:c4:05:e1:40:4e:21:bd:50:
3a:e9:e7:25:60:cf:c5:dc:48:f7:9f:4d:1d:8a:7d:
9c:83:bf:8f:5e:5c:96:e2:54:dd:3b:c0:3c:30:35:
41:d9:be:4e:32:b4:aa:27:e0:df:39:42:73:bc:73:
87:4a:58:a7:2e:98:dd:2f:12:9d:f0:9f:9e:13:59:
aa:42:59:39:08:68:7a:88:19:ac:47:04:e7:98:04:
e7:84:45:01:30:3d:da:40:4f:70:75:c6:ad:e1:a3:
0c:d1:bd:49:b9:ea:b5:d7:4d:ef:64:aa:ea:b9:18:
a4:4e:37:b0:1f:09:e1:e5:6a:91:04:36:c5:6b:9e:
4a:99:b0:9f:23:ec:a0:fb:7a:68:55:cc:3f:d1:2e:
3f:d7:06:64:5f:22:91:2d:e7:5b:64:20:9b:61:c4:
de:9b:ea:50:46:64:d8:6c:43:99:53:ad:a1:38:b0:
7d:2d:df:06:ce:75:a3:6f:41:4f:94:ee:5b:81:e1:
5f:2f:10:b4:d6:29:33:8b:4b:56:b0:96:da:e0:a4:
3d:a0:13:4b:33:3e:15:23:9d:6b:14:02:6a:87:44:
c6:65:af:01:7d:e1:82:a9:60:2c:b1:6d:3a:ad:52:
05:dd:41:99:eb:6e:7c:89:3a:29:cf:07:d8:09:ca:
86:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:6D:B7:26:15:40:93:4A:F6:C0:38:54:28:D3:C6:EE:58:77:DB:20
X509v3 Authority Key Identifier:
keyid:28:03:58:93:A2:57:A6:54:F3:F8:54:95:C4:16:9E:BE:86:DE:18:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KANYk6JXplTz-FSVxBaevobeGNE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ab:4d:f9:8c:54:79:d6:23:36:27:49:2e:51:9f:f7:34:ec:09:
44:fa:9c:80:04:a0:f6:cb:5a:6b:c9:10:5a:80:6c:94:7e:4d:
f6:f7:7d:ec:fd:9a:5c:65:75:3d:c2:9e:c5:d5:10:53:ed:f2:
7d:2b:82:86:23:9f:b2:ba:a8:77:3e:e6:d5:58:f5:52:c6:d8:
ed:a1:8e:ff:5c:12:05:cc:b0:a2:f8:59:f7:d1:f2:ac:30:d9:
4e:48:78:c9:11:f9:8f:19:d0:58:e0:5e:0d:b8:77:be:52:7e:
09:91:3d:d8:a8:00:6c:bd:91:48:bc:0a:31:f6:b0:54:12:30:
bd:c9:69:0b:d4:db:16:c8:62:c9:5a:c2:0b:5c:84:f8:83:df:
01:47:ac:86:e9:18:ee:7a:3b:35:a5:5e:9b:05:09:2a:22:62:
5e:d5:ac:5b:ad:09:ea:0e:85:5f:23:25:0e:4e:6e:90:5d:49:
ac:2e:22:82:0c:34:33:63:f6:c7:30:5b:b7:8a:1f:f3:34:e1:
59:79:c4:16:90:49:c3:66:d3:ab:ac:21:5a:b5:1b:d3:12:b0:
e6:13:b4:c9:89:2e:9f:71:95:a0:23:4f:3b:f7:bb:ed:7a:aa:
fb:62:6f:34:b4:32:61:77:a0:0f:2d:57:bc:fa:69:bf:b2:d3:
d6:cc:c2:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiwwym2NCoeoB8oq/YA9mdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MDM1ODkzYTI1N2E2NTRmM2Y4NTQ5NWM0MTY5ZWJlODZk
ZTE4ZDEwHhcNMjUwOTA3MDYwMDMyWhcNMjUwOTA4MDYwMDMyWjAzMTEwLwYDVQQD
EygzNzZkYjcyNjE1NDA5MzRhZjZjMDM4NTQyOGQzYzZlZTU4NzdkYjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+OcycVaxAXhQE4hvVA66eclYM/F
3Ej3n00din2cg7+PXlyW4lTdO8A8MDVB2b5OMrSqJ+DfOUJzvHOHSlinLpjdLxKd
8J+eE1mqQlk5CGh6iBmsRwTnmATnhEUBMD3aQE9wdcat4aMM0b1Jueq1103vZKrq
uRikTjewHwnh5WqRBDbFa55KmbCfI+yg+3poVcw/0S4/1wZkXyKRLedbZCCbYcTe
m+pQRmTYbEOZU62hOLB9Ld8GznWjb0FPlO5bgeFfLxC01ikzi0tWsJba4KQ9oBNL
Mz4VI51rFAJqh0TGZa8BfeGCqWAssW06rVIF3UGZ6258iTopzwfYCcqGAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDdttyYVQJNK9sA4VCjTxu5Yd9sgMB8GA1UdIwQY
MBaAFCgDWJOiV6ZU8/hUlcQWnr6G3hjRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0FOWWs2SlhwbFR6LUZTVnhCYWV2b2JlR05FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS85Yjc2ZTMtZTRmMS00MWEyLTlmMGUt
OTM3ZTAwZDA3MzJmLzEvS0FOWWs2SlhwbFR6LUZTVnhCYWV2b2JlR05FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS85Yjc2ZTMtZTRmMS00MWEyLTlmMGUtOTM3ZTAwZDA3MzJm
LzEvS0FOWWs2SlhwbFR6LUZTVnhCYWV2b2JlR05FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq035jFR5
1iM2J0kuUZ/3NOwJRPqcgASg9staa8kQWoBslH5N9vd97P2aXGV1PcKexdUQU+3y
fSuChiOfsrqodz7m1Vj1UsbY7aGO/1wSBcywovhZ99HyrDDZTkh4yRH5jxnQWOBe
Dbh3vlJ+CZE92KgAbL2RSLwKMfawVBIwvclpC9TbFshiyVrCC1yE+IPfAUeshukY
7no7NaVemwUJKiJiXtWsW60J6g6FXyMlDk5ukF1JrC4iggw0M2P2xzBbt4of8zTh
WXnEFpBJw2bTq6whWrUb0xKw5hO0yYkun3GVoCNPO/e77Xqq+2JvNLQyYXegDy1X
vPppv7LT1szCkA==
-----END CERTIFICATE-----
Generated at Sun Sep 7 11:39:01 2025 by rpki-client