Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
File: KfFNQRwg7PxJYhX82w9D2EchkJY.mft (raw, json)
Hash identifier: 8w8FRXwa8cSpYgdKo13RwS/Fi27R2zY5UNoWBYnfHXU=
Subject key identifier: 52:01:5B:B5:60:D8:0A:A9:4B:E6:2E:77:6D:40:11:5F:F7:4F:ED:25
Authority key identifier: 29:F1:4D:41:1C:20:EC:FC:49:62:15:FC:DB:0F:43:D8:47:21:90:96
Certificate issuer: /CN=29f14d411c20ecfc496215fcdb0f43d847219096
Certificate serial: 0197B88EE525E490C1BA6803B9D335931B54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
Manifest number: 1249
Signing time: Sat 28 Jun 2025 22:01:01 +0000
Manifest this update: Sat 28 Jun 2025 22:01:01 +0000
Manifest next update: Sun 29 Jun 2025 22:01:01 +0000
Files and hashes: 1: K3k_GCXnaMv59dLKq-rHfPOR6HE.roa (hash: 5Q6jyJMRb9gad/mJLct+/fYWsLJ0GiEE1wJJESuoLsM=)
2: KfFNQRwg7PxJYhX82w9D2EchkJY.crl (hash: b7yPgLC1vafk7PwdiD5eghmWPozD0FbPmMASK4ATZYY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b8:8e:e5:25:e4:90:c1:ba:68:03:b9:d3:35:93:1b:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29f14d411c20ecfc496215fcdb0f43d847219096
Validity
Not Before: Jun 28 22:01:01 2025 GMT
Not After : Jun 29 22:01:01 2025 GMT
Subject: CN=52015bb560d80aa94be62e776d40115ff74fed25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d1:c4:22:44:70:d4:e9:72:32:44:9a:ff:b4:
66:08:34:ef:40:39:c4:bf:a2:b6:46:3f:f6:10:73:
af:f4:52:1a:a0:4d:d1:24:a4:2a:35:3e:2c:c6:87:
a5:10:6b:7f:d1:80:ac:b0:0a:6d:b5:3c:75:3f:a7:
64:f3:31:00:0e:cb:9b:05:4d:1c:f0:ae:88:67:ef:
11:d9:71:eb:43:c2:d0:9c:cb:9a:ff:0f:a3:b3:8c:
08:71:b3:e3:51:b5:92:fa:b0:c3:f5:e0:70:0e:51:
73:19:5c:d5:4b:c5:97:16:dc:a2:27:98:f7:91:6a:
a4:a3:7c:c4:05:fb:5a:32:06:91:95:8e:7e:5d:6e:
1b:14:2d:26:54:6f:47:b8:1e:e5:f8:2c:d8:9f:31:
5c:9a:ec:8c:f3:e1:a7:9a:e7:50:c6:ac:a8:e1:b8:
52:43:30:1a:a6:77:56:e9:ef:43:6f:fc:d7:4d:f6:
0a:20:41:1b:c9:32:83:ca:d4:63:48:9c:f8:bb:65:
cd:61:02:a5:d3:d0:39:84:5b:3c:df:4f:de:5d:8f:
8c:1d:b4:6d:10:5a:2d:a7:99:5c:65:34:e0:d4:0f:
d7:96:b3:32:62:7b:49:d7:0e:d4:df:51:a1:cc:42:
e1:6a:50:d9:e3:e0:92:26:d0:16:ce:77:a7:28:71:
92:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:01:5B:B5:60:D8:0A:A9:4B:E6:2E:77:6D:40:11:5F:F7:4F:ED:25
X509v3 Authority Key Identifier:
keyid:29:F1:4D:41:1C:20:EC:FC:49:62:15:FC:DB:0F:43:D8:47:21:90:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9d:24:a3:e3:8a:3b:f0:bb:c4:3e:b6:fd:1d:03:4c:be:60:2b:
4e:1a:c3:a8:e7:db:2f:0c:64:3d:6f:0d:32:a5:30:ce:4e:d1:
8d:0a:98:72:98:ca:c8:b8:f8:51:f4:c9:eb:2c:2f:77:f3:55:
99:a6:1a:25:e5:95:03:32:7b:2e:00:fe:8f:91:e6:db:ac:77:
55:58:04:39:4c:da:21:c7:83:14:4d:9d:a9:23:75:47:8c:0a:
ac:96:0c:22:62:b8:c8:79:44:f8:8c:8e:bd:33:0c:00:e9:d1:
67:84:ef:28:09:27:5a:c2:8f:79:38:1b:6a:d9:a0:e8:bf:f6:
4a:66:67:98:1b:39:da:b1:6b:4f:cc:2d:18:9b:d9:cb:03:d3:
c3:f1:11:42:9c:8e:f5:76:3b:73:fa:07:0f:06:af:30:86:6a:
91:1c:f7:34:79:b0:14:b5:e6:27:93:1b:37:4f:6f:4d:83:17:
a6:8a:b4:00:3b:6f:f9:de:3c:8e:10:97:89:43:80:14:66:a2:
b2:6b:9b:5b:5c:18:64:81:2f:e2:c0:f4:43:bc:68:07:62:99:
21:92:47:a3:28:ad:fc:54:25:db:10:a5:ec:40:f2:74:8a:d2:
97:4b:f8:82:d2:0f:2e:c2:2b:69:12:0a:09:b8:67:34:79:4f:
2f:59:e9:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4juUl5JDBumgDudM1kxtUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZjE0ZDQxMWMyMGVjZmM0OTYyMTVmY2RiMGY0M2Q4NDcy
MTkwOTYwHhcNMjUwNjI4MjIwMTAxWhcNMjUwNjI5MjIwMTAxWjAzMTEwLwYDVQQD
Eyg1MjAxNWJiNTYwZDgwYWE5NGJlNjJlNzc2ZDQwMTE1ZmY3NGZlZDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldHEIkRw1OlyMkSa/7RmCDTvQDnE
v6K2Rj/2EHOv9FIaoE3RJKQqNT4sxoelEGt/0YCssApttTx1P6dk8zEADsubBU0c
8K6IZ+8R2XHrQ8LQnMua/w+js4wIcbPjUbWS+rDD9eBwDlFzGVzVS8WXFtyiJ5j3
kWqko3zEBftaMgaRlY5+XW4bFC0mVG9HuB7l+CzYnzFcmuyM8+GnmudQxqyo4bhS
QzAapndW6e9Db/zXTfYKIEEbyTKDytRjSJz4u2XNYQKl09A5hFs830/eXY+MHbRt
EFotp5lcZTTg1A/XlrMyYntJ1w7U31GhzELhalDZ4+CSJtAWznenKHGSQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFIBW7Vg2AqpS+Yud21AEV/3T+0lMB8GA1UdIwQY
MBaAFCnxTUEcIOz8SWIV/NsPQ9hHIZCWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iY2YyNzItZDc1MS00NWJlLTk4NTYt
MDE4YTM3NzBkYTc3LzEvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iY2YyNzItZDc1MS00NWJlLTk4NTYtMDE4YTM3NzBkYTc3
LzEvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnSSj44o7
8LvEPrb9HQNMvmArThrDqOfbLwxkPW8NMqUwzk7RjQqYcpjKyLj4UfTJ6ywvd/NV
maYaJeWVAzJ7LgD+j5Hm26x3VVgEOUzaIceDFE2dqSN1R4wKrJYMImK4yHlE+IyO
vTMMAOnRZ4TvKAknWsKPeTgbatmg6L/2SmZnmBs52rFrT8wtGJvZywPTw/ERQpyO
9XY7c/oHDwavMIZqkRz3NHmwFLXmJ5MbN09vTYMXpoq0ADtv+d48jhCXiUOAFGai
smubW1wYZIEv4sD0Q7xoB2KZIZJHoyit/FQl2xCl7EDydIrSl0v4gtIPLsIraRIK
CbhnNHlPL1npeg==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:35:48 2025 by rpki-client