Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
File: KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft (raw, json)
Hash identifier: uwtcNEyM7XQcbFJrWJ9leZ2AW4kEzw416/8BMqyeDec=
Subject key identifier: E2:44:80:61:0C:01:B2:E0:5C:68:16:05:13:4A:13:DF:13:09:4F:27
Authority key identifier: 2A:21:B1:AB:E7:87:E2:54:64:39:1F:AD:61:D0:0E:3F:37:6B:98:CF
Certificate issuer: /CN=2a21b1abe787e25464391fad61d00e3f376b98cf
Certificate serial: 0197B6A13CB29A770FD6BC3825E68A999D75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
Manifest number: 0AD0
Signing time: Sat 28 Jun 2025 13:01:49 +0000
Manifest this update: Sat 28 Jun 2025 13:01:49 +0000
Manifest next update: Sun 29 Jun 2025 13:01:49 +0000
Files and hashes: 1: HDOhzz0jBa_Gp9AJUMy27D9Cjlg.roa (hash: lm71x5ibbc8ZUL32IG9cJWwnD/vjqa8xr80jq2AaleE=)
2: KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl (hash: JnOrjeWXori4RynRtnz5mxqCaRdVr2wSGLXRgASc/5k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 10:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b6:a1:3c:b2:9a:77:0f:d6:bc:38:25:e6:8a:99:9d:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a21b1abe787e25464391fad61d00e3f376b98cf
Validity
Not Before: Jun 28 13:01:49 2025 GMT
Not After : Jun 29 13:01:49 2025 GMT
Subject: CN=e24480610c01b2e05c681605134a13df13094f27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:d3:82:b7:f1:00:b7:d5:74:f6:96:f2:c7:63:
07:de:0d:6d:99:88:55:1c:37:8d:e8:5a:7f:14:fc:
ea:b1:26:10:5f:05:d3:ec:b0:a6:2b:b0:67:18:71:
87:e5:58:89:ae:c2:68:22:a9:9e:a7:d9:c3:f1:e5:
03:2b:c6:9c:9d:0e:d9:22:af:14:02:a7:0b:b0:f9:
e1:a9:84:e7:d0:53:68:11:15:99:c2:ed:e7:36:51:
16:b1:a6:85:50:2a:78:e0:65:30:e5:d2:65:6a:54:
2b:3b:ce:79:e7:96:c6:7a:29:56:60:87:ad:0d:2b:
26:ab:36:a2:0b:1b:63:68:08:4c:16:b6:2e:0b:d5:
ba:d8:3a:a5:e7:bd:46:87:0c:e8:6b:e7:5b:1c:5c:
59:77:63:0d:e3:13:ae:a5:a1:8c:aa:f1:d1:99:f5:
9b:c5:b8:13:92:42:a7:e4:e9:00:55:a1:72:f9:10:
db:db:7a:c6:c9:8a:59:6b:53:b7:7f:3e:b3:47:c0:
82:8a:d9:2f:16:c2:10:19:fe:75:15:fb:d3:6d:ec:
eb:3d:63:c6:f7:67:ef:eb:68:49:9d:6b:df:cb:ed:
92:ea:5b:59:ea:17:30:0e:fb:81:93:ef:fc:d8:38:
2d:98:70:3f:98:b3:be:81:54:91:2d:bb:cd:68:1e:
f6:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:44:80:61:0C:01:B2:E0:5C:68:16:05:13:4A:13:DF:13:09:4F:27
X509v3 Authority Key Identifier:
keyid:2A:21:B1:AB:E7:87:E2:54:64:39:1F:AD:61:D0:0E:3F:37:6B:98:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7a:c7:ca:b0:4b:f3:44:1c:c6:02:60:ba:d5:83:48:e3:e0:e4:
ce:32:22:cd:d7:f0:3d:02:92:54:ff:49:e5:30:e0:95:8d:27:
4f:af:59:13:90:43:48:43:5e:fc:d1:82:d8:1b:84:39:8d:e9:
9e:78:0a:2f:94:83:50:24:db:d0:40:cf:15:f4:28:14:8a:b4:
10:bd:15:c9:80:36:49:b1:cb:e1:4b:1b:3b:95:1a:c6:82:a5:
ab:69:28:1a:7a:c4:a5:fe:50:cb:20:90:57:ff:b0:0f:12:7a:
49:64:af:7b:d4:f6:96:06:18:5a:5a:dd:a8:f7:02:bc:3d:d7:
2c:a8:03:51:24:50:dc:de:a4:47:5e:1b:74:9a:b4:ea:d3:39:
10:1f:50:14:5d:44:01:6e:3e:bf:d2:b3:d8:28:1a:c7:e7:2d:
30:99:1b:b4:93:ab:42:3b:ce:b3:b1:53:30:9c:93:79:79:69:
be:2a:4f:79:d8:5a:55:66:b2:31:17:b2:e9:92:bb:dd:4f:90:
c4:6b:8c:69:c6:a7:7e:7d:41:c9:88:32:00:74:25:ba:b2:d7:
5d:d9:62:7c:59:85:49:d3:96:f9:0c:28:87:be:44:f4:82:a3:
7d:8a:90:e6:6c:0c:45:38:35:67:d8:1f:79:b0:3c:d4:3f:87:
c8:a7:ff:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oTyymncP1rw4JeaKmZ11MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMjFiMWFiZTc4N2UyNTQ2NDM5MWZhZDYxZDAwZTNmMzc2
Yjk4Y2YwHhcNMjUwNjI4MTMwMTQ5WhcNMjUwNjI5MTMwMTQ5WjAzMTEwLwYDVQQD
EyhlMjQ0ODA2MTBjMDFiMmUwNWM2ODE2MDUxMzRhMTNkZjEzMDk0ZjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0tOCt/EAt9V09pbyx2MH3g1tmYhV
HDeN6Fp/FPzqsSYQXwXT7LCmK7BnGHGH5ViJrsJoIqmep9nD8eUDK8acnQ7ZIq8U
AqcLsPnhqYTn0FNoERWZwu3nNlEWsaaFUCp44GUw5dJlalQrO85555bGeilWYIet
DSsmqzaiCxtjaAhMFrYuC9W62Dql571Ghwzoa+dbHFxZd2MN4xOupaGMqvHRmfWb
xbgTkkKn5OkAVaFy+RDb23rGyYpZa1O3fz6zR8CCitkvFsIQGf51FfvTbezrPWPG
92fv62hJnWvfy+2S6ltZ6hcwDvuBk+/82DgtmHA/mLO+gVSRLbvNaB724wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOJEgGEMAbLgXGgWBRNKE98TCU8nMB8GA1UdIwQY
MBaAFCohsavnh+JUZDkfrWHQDj83a5jPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZDA2NTQtNzI0Yy00ZTkwLTgxZmYt
OTlmNWNiN2EzY2E1LzEvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZDA2NTQtNzI0Yy00ZTkwLTgxZmYtOTlmNWNiN2EzY2E1
LzEvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAesfKsEvz
RBzGAmC61YNI4+DkzjIizdfwPQKSVP9J5TDglY0nT69ZE5BDSENe/NGC2BuEOY3p
nngKL5SDUCTb0EDPFfQoFIq0EL0VyYA2SbHL4UsbO5UaxoKlq2koGnrEpf5QyyCQ
V/+wDxJ6SWSve9T2lgYYWlrdqPcCvD3XLKgDUSRQ3N6kR14bdJq06tM5EB9QFF1E
AW4+v9Kz2Cgax+ctMJkbtJOrQjvOs7FTMJyTeXlpvipPedhaVWayMRey6ZK73U+Q
xGuMacanfn1ByYgyAHQlurLXXdlifFmFSdOW+Qwoh75E9IKjfYqQ5mwMRTg1Z9gf
ebA81D+HyKf/bw==
-----END CERTIFICATE-----
Generated at Sat Jun 28 18:54:46 2025 by rpki-client