Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft
File: KL8ecjI3QqxNgTarbI6F33ujfus.mft (raw, json)
Hash identifier: ALldOdrLNfDoxijNa1hCRKPXOHPFH8T+gXYIYjZGDFE=
Subject key identifier: 3B:3B:B8:34:45:81:5A:E3:29:C5:B8:36:62:D3:10:9D:C7:3F:11:30
Authority key identifier: 28:BF:1E:72:32:37:42:AC:4D:81:36:AB:6C:8E:85:DF:7B:A3:7E:EB
Certificate issuer: /CN=28bf1e72323742ac4d8136ab6c8e85df7ba37eeb
Certificate serial: 0196CB3BD3F8D4FB9C228D72D7F1FACC6298
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft
Manifest number: 153C
Signing time: Tue 13 May 2025 20:00:17 +0000
Manifest this update: Tue 13 May 2025 20:00:17 +0000
Manifest next update: Wed 14 May 2025 20:00:17 +0000
Files and hashes: 1: KL8ecjI3QqxNgTarbI6F33ujfus.crl (hash: hCdbCv4h2Zh5Rbqrpx5VPTrLHm2g1cgESCvvFf0AO50=)
2: tkt4SudQfK9uwQrgGKvvYflAjl8.roa (hash: dFUnqKo0rasEdebFDefgA9DnqivcqZmMoexL2NOUY5M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft
rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 14 May 2025 20:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:cb:3b:d3:f8:d4:fb:9c:22:8d:72:d7:f1:fa:cc:62:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28bf1e72323742ac4d8136ab6c8e85df7ba37eeb
Validity
Not Before: May 13 20:00:17 2025 GMT
Not After : May 14 20:00:17 2025 GMT
Subject: CN=3b3bb83445815ae329c5b83662d3109dc73f1130
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f8:7b:a4:6b:54:30:85:c8:48:33:58:4b:f1:
70:ed:9c:cc:ec:3a:6a:f3:07:33:09:0d:b3:b9:34:
11:20:37:5d:d2:aa:10:48:30:2f:02:99:1d:1f:c3:
f4:88:08:50:a6:fc:ce:02:19:82:43:be:ac:31:e7:
e8:60:1d:c2:76:ac:85:91:27:cf:9d:fa:6c:f0:0f:
2e:06:1b:15:7b:12:98:7d:22:a5:d7:8c:3e:a5:d5:
53:ec:f7:3e:20:50:ae:1a:a4:78:a5:f0:fa:00:b1:
b2:e7:54:ac:e4:aa:d4:4c:25:75:41:15:db:dc:b6:
f6:fa:a3:d2:fb:a1:81:93:88:e2:ab:fd:56:8b:6e:
0a:a5:0a:37:59:f3:ea:0a:9b:6a:bf:70:7d:2a:6f:
2a:d3:9f:70:70:7e:69:ac:2b:66:70:2f:2b:76:73:
07:51:76:c1:7d:f4:4d:19:11:e7:f0:7a:fb:ff:70:
07:10:9d:0a:35:5e:a3:60:d2:9b:f5:09:06:a2:6a:
01:de:de:a4:c0:61:f4:28:23:65:b9:ec:4e:44:7a:
a9:34:6c:51:d6:b3:a7:b1:31:82:24:9e:71:af:f4:
18:f4:4d:ad:fb:e7:5b:23:9f:17:09:f1:bb:5e:89:
1f:1e:56:96:e2:a6:d8:d0:c0:c4:06:83:08:15:99:
5e:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:3B:B8:34:45:81:5A:E3:29:C5:B8:36:62:D3:10:9D:C7:3F:11:30
X509v3 Authority Key Identifier:
keyid:28:BF:1E:72:32:37:42:AC:4D:81:36:AB:6C:8E:85:DF:7B:A3:7E:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
55:e7:ea:65:f6:72:25:4d:10:28:94:0a:f0:e7:c2:2f:f7:68:
97:6f:49:e8:b3:43:8e:2a:b6:35:12:3c:b2:97:d7:97:e4:2a:
a3:4e:fc:1f:08:f1:cf:c5:39:72:9b:19:0b:36:d0:2b:34:aa:
ae:e8:4b:a1:0e:38:17:9b:48:c4:9e:01:1a:91:f1:44:8c:e7:
cd:4c:b9:2d:41:66:04:dc:d5:fe:f8:be:08:48:0c:55:d6:74:
20:12:03:16:4d:87:a6:62:88:8f:7d:a0:fa:4b:8d:ee:0c:af:
c5:fd:35:26:40:12:ed:ca:28:11:4d:02:c6:87:53:30:c4:8d:
b7:db:d7:18:69:12:46:c4:5b:9a:d4:d0:65:6f:d3:bb:2e:4a:
39:09:f5:73:e8:54:87:5f:10:45:f0:ba:c3:94:51:27:d7:85:
2b:f4:d1:ed:35:00:3f:51:4c:51:75:9d:73:fa:40:7c:4e:42:
d3:05:17:22:8e:68:55:1f:58:e4:ed:72:48:75:32:f6:ca:9f:
78:a9:65:37:6a:36:f8:28:a2:e0:d2:e5:4b:31:5a:1f:1c:a5:
59:31:03:8d:b7:78:8b:76:ee:01:fe:88:08:8a:d8:68:07:45:
c9:24:91:54:9e:99:26:25:a2:48:4f:9c:a9:95:97:ff:a6:98:
4c:17:d8:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbLO9P41PucIo1y1/H6zGKYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YmYxZTcyMzIzNzQyYWM0ZDgxMzZhYjZjOGU4NWRmN2Jh
MzdlZWIwHhcNMjUwNTEzMjAwMDE3WhcNMjUwNTE0MjAwMDE3WjAzMTEwLwYDVQQD
EygzYjNiYjgzNDQ1ODE1YWUzMjljNWI4MzY2MmQzMTA5ZGM3M2YxMTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvh7pGtUMIXISDNYS/Fw7ZzM7Dpq
8wczCQ2zuTQRIDdd0qoQSDAvApkdH8P0iAhQpvzOAhmCQ76sMefoYB3CdqyFkSfP
nfps8A8uBhsVexKYfSKl14w+pdVT7Pc+IFCuGqR4pfD6ALGy51Ss5KrUTCV1QRXb
3Lb2+qPS+6GBk4jiq/1Wi24KpQo3WfPqCptqv3B9Km8q059wcH5prCtmcC8rdnMH
UXbBffRNGRHn8Hr7/3AHEJ0KNV6jYNKb9QkGomoB3t6kwGH0KCNluexORHqpNGxR
1rOnsTGCJJ5xr/QY9E2t++dbI58XCfG7XokfHlaW4qbY0MDEBoMIFZleqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDs7uDRFgVrjKcW4NmLTEJ3HPxEwMB8GA1UdIwQY
MBaAFCi/HnIyN0KsTYE2q2yOhd97o37rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9iYTZkZjctZjMyNS00MTg0LWE1NGEt
MGM0ODFmMGFkMjBlLzEvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9iYTZkZjctZjMyNS00MTg0LWE1NGEtMGM0ODFmMGFkMjBl
LzEvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVefqZfZy
JU0QKJQK8OfCL/dol29J6LNDjiq2NRI8spfXl+Qqo078Hwjxz8U5cpsZCzbQKzSq
ruhLoQ44F5tIxJ4BGpHxRIznzUy5LUFmBNzV/vi+CEgMVdZ0IBIDFk2HpmKIj32g
+kuN7gyvxf01JkAS7cooEU0CxodTMMSNt9vXGGkSRsRbmtTQZW/Tuy5KOQn1c+hU
h18QRfC6w5RRJ9eFK/TR7TUAP1FMUXWdc/pAfE5C0wUXIo5oVR9Y5O1ySHUy9sqf
eKllN2o2+Cii4NLlSzFaHxylWTEDjbd4i3buAf6ICIrYaAdFySSRVJ6ZJiWiSE+c
qZWX/6aYTBfYsA==
-----END CERTIFICATE-----
Generated at Wed May 14 02:58:50 2025 by rpki-client