Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
File: sd_KrmUzbQycpCWFpG2Yyawk9eU.mft (raw, json)
Hash identifier: Jd9cVUN4L5+D1ZEzLFgDHXds6wdw5e9GCjZxzfMCJ/k=
Subject key identifier: BE:F8:72:92:B3:DE:B9:33:B5:03:66:13:0B:7B:ED:4D:3D:07:BC:16
Authority key identifier: B1:DF:CA:AE:65:33:6D:0C:9C:A4:25:85:A4:6D:98:C9:AC:24:F5:E5
Certificate issuer: /CN=b1dfcaae65336d0c9ca42585a46d98c9ac24f5e5
Certificate serial: 0198D7738DD1FB10727D4097F22246180507
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
Manifest number: 0291
Signing time: Sat 23 Aug 2025 15:02:11 +0000
Manifest this update: Sat 23 Aug 2025 15:02:11 +0000
Manifest next update: Sun 24 Aug 2025 15:02:11 +0000
Files and hashes: 1: sd_KrmUzbQycpCWFpG2Yyawk9eU.crl (hash: y6qx2zwsN82UO83VehLPrWxQvhZBac6zQZKPQA+oCqY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d7:73:8d:d1:fb:10:72:7d:40:97:f2:22:46:18:05:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1dfcaae65336d0c9ca42585a46d98c9ac24f5e5
Validity
Not Before: Aug 23 15:02:11 2025 GMT
Not After : Aug 24 15:02:11 2025 GMT
Subject: CN=bef87292b3deb933b50366130b7bed4d3d07bc16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e7:2f:09:67:55:6b:fe:df:0c:46:03:0f:9a:
d7:7d:11:be:a0:c4:d7:24:cc:77:e1:12:27:3e:08:
68:6d:cb:72:93:1b:fa:92:b3:b9:09:f2:5d:65:8f:
0f:62:60:b4:78:3f:4f:2c:c9:4f:2d:d4:04:2a:35:
3e:42:07:58:92:c4:4c:3d:cd:2b:6c:fc:3a:e1:ee:
81:c4:0d:da:13:ae:74:53:cd:53:72:c4:dd:03:9e:
ea:8e:bf:fe:53:85:17:0c:76:4c:5a:cc:a2:61:b1:
78:62:d0:2c:e5:dd:8f:77:bc:61:cc:16:8f:8b:03:
d0:38:98:db:24:89:58:9a:52:6b:72:13:13:f6:64:
39:de:99:f4:89:b3:84:8b:15:39:36:53:af:86:6d:
97:18:e5:72:61:34:d7:bb:40:b0:a7:13:7b:3a:b5:
f5:3d:6c:a8:fb:08:26:7f:a8:bc:a6:9b:38:e2:59:
6c:58:15:41:33:4b:04:b9:a1:83:c1:47:b4:92:f7:
aa:6d:07:46:c7:89:ab:92:c1:43:93:e8:11:6e:dd:
70:53:b2:eb:4f:a6:d8:56:e9:bd:63:40:c9:09:71:
04:92:cf:14:3a:70:ba:07:fe:e6:ee:96:01:a2:38:
9d:e1:32:d1:87:09:6c:a7:c5:07:6a:ed:b9:68:76:
40:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:F8:72:92:B3:DE:B9:33:B5:03:66:13:0B:7B:ED:4D:3D:07:BC:16
X509v3 Authority Key Identifier:
keyid:B1:DF:CA:AE:65:33:6D:0C:9C:A4:25:85:A4:6D:98:C9:AC:24:F5:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6f:9e:80:3e:a6:49:34:33:70:20:cf:83:25:80:3e:3f:2a:74:
a5:ab:58:86:1e:08:ff:26:3c:e6:1f:5e:03:84:1f:0c:84:4b:
b8:54:ab:b7:0d:10:f3:cc:f7:08:c3:b7:81:15:df:72:a4:12:
39:36:b5:86:ca:5e:88:b3:9f:72:ba:b8:3a:5e:0d:3d:8a:5e:
30:3d:b8:87:ff:40:eb:ef:cb:67:1b:d3:46:a5:8e:66:70:7f:
c7:39:38:9c:93:a1:66:28:00:0b:fd:cd:a8:f4:d6:a9:f4:71:
c6:a0:08:98:1c:c1:a9:07:e7:c3:11:0f:77:d6:d7:60:ce:4b:
4d:c7:00:f6:e1:1a:a8:86:e5:76:88:68:03:83:fc:7f:e3:a8:
5a:78:96:8a:48:fb:ff:86:d2:7d:b7:8c:6a:2a:04:3a:fb:0b:
f2:c8:3e:a4:84:f0:a2:2d:fd:84:e7:ea:a4:13:c8:0d:43:0f:
87:95:51:a4:88:18:85:fd:09:4b:40:80:47:57:da:b3:b8:09:
56:f2:92:5c:22:c4:99:5b:f6:26:55:fb:0f:50:04:60:b1:de:
93:99:aa:7b:08:b2:ad:02:6f:5a:de:d4:3c:38:bf:7a:ce:05:
2e:d2:5c:40:c5:b6:6b:39:19:ef:25:76:d6:83:b8:d7:c5:cd:
af:73:66:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXc43R+xByfUCX8iJGGAUHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZGZjYWFlNjUzMzZkMGM5Y2E0MjU4NWE0NmQ5OGM5YWMy
NGY1ZTUwHhcNMjUwODIzMTUwMjExWhcNMjUwODI0MTUwMjExWjAzMTEwLwYDVQQD
EyhiZWY4NzI5MmIzZGViOTMzYjUwMzY2MTMwYjdiZWQ0ZDNkMDdiYzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArucvCWdVa/7fDEYDD5rXfRG+oMTX
JMx34RInPghobctykxv6krO5CfJdZY8PYmC0eD9PLMlPLdQEKjU+QgdYksRMPc0r
bPw64e6BxA3aE650U81TcsTdA57qjr/+U4UXDHZMWsyiYbF4YtAs5d2Pd7xhzBaP
iwPQOJjbJIlYmlJrchMT9mQ53pn0ibOEixU5NlOvhm2XGOVyYTTXu0CwpxN7OrX1
PWyo+wgmf6i8pps44llsWBVBM0sEuaGDwUe0kveqbQdGx4mrksFDk+gRbt1wU7Lr
T6bYVum9Y0DJCXEEks8UOnC6B/7m7pYBojid4TLRhwlsp8UHau25aHZAdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL74cpKz3rkztQNmEwt77U09B7wWMB8GA1UdIwQY
MBaAFLHfyq5lM20MnKQlhaRtmMmsJPXlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8xOTg3N2QtMzkzMi00NzJlLTllNjQt
YzQ1ZTg5MjRjNTRhLzEvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8xOTg3N2QtMzkzMi00NzJlLTllNjQtYzQ1ZTg5MjRjNTRh
LzEvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb56APqZJ
NDNwIM+DJYA+Pyp0patYhh4I/yY85h9eA4QfDIRLuFSrtw0Q88z3CMO3gRXfcqQS
OTa1hspeiLOfcrq4Ol4NPYpeMD24h/9A6+/LZxvTRqWOZnB/xzk4nJOhZigAC/3N
qPTWqfRxxqAImBzBqQfnwxEPd9bXYM5LTccA9uEaqIbldohoA4P8f+OoWniWikj7
/4bSfbeMaioEOvsL8sg+pITwoi39hOfqpBPIDUMPh5VRpIgYhf0JS0CAR1fas7gJ
VvKSXCLEmVv2JlX7D1AEYLHek5mqewiyrQJvWt7UPDi/es4FLtJcQMW2azkZ7yV2
1oO418XNr3Nm8Q==
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:06:05 2025 by rpki-client