Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
File: kaEXOnDkH0WTVHZpraIvDX9o81Q.mft (raw, json)
Hash identifier: 9S04T3EkngyLffCaV5/C0XdPjTAz+tddoOGs8zdkSM0=
Subject key identifier: 8A:A5:F0:2D:1C:4F:EB:23:1A:EB:03:62:4D:20:94:F3:65:7A:4A:2C
Authority key identifier: 91:A1:17:3A:70:E4:1F:45:93:54:76:69:AD:A2:2F:0D:7F:68:F3:54
Certificate issuer: /CN=91a1173a70e41f4593547669ada22f0d7f68f354
Certificate serial: 0196BA7F1E4E180BC7FB2C10DFE62C2DBE02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
Manifest number: 1534
Signing time: Sat 10 May 2025 14:00:15 +0000
Manifest this update: Sat 10 May 2025 14:00:15 +0000
Manifest next update: Sun 11 May 2025 14:00:15 +0000
Files and hashes: 1: kaEXOnDkH0WTVHZpraIvDX9o81Q.crl (hash: 7VJYE6dJQU7+4/tvUKbOva+OavDgHUpp6d7osAskbDo=)
2: xREpLh3GVdj1ODzVkMBccz2oKXk.roa (hash: xbsUY7nQRM1AibU2b9y10o7TiQNt9Xvh0b0IzmFT71c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 13:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ba:7f:1e:4e:18:0b:c7:fb:2c:10:df:e6:2c:2d:be:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91a1173a70e41f4593547669ada22f0d7f68f354
Validity
Not Before: May 10 14:00:15 2025 GMT
Not After : May 11 14:00:15 2025 GMT
Subject: CN=8aa5f02d1c4feb231aeb03624d2094f3657a4a2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:2e:5e:72:cf:a4:9e:08:0f:72:d2:c8:67:e7:
df:e7:d5:83:d3:e6:5a:1c:16:0f:94:e4:25:ca:83:
8c:70:8b:c6:55:e8:6d:14:69:cb:12:3e:d3:76:92:
da:5b:6e:0e:fb:2b:c9:58:2a:64:75:e2:e1:df:fc:
e0:18:e9:6f:fd:67:38:27:6e:ae:a0:53:02:d8:18:
d2:85:6a:2a:62:af:d9:e3:ce:4f:fd:84:fa:fa:ca:
3d:38:ab:a3:ff:d1:7d:25:5e:43:31:3c:6b:72:1a:
22:6a:4d:4c:61:15:f4:8d:ae:9c:2d:fd:cc:8f:21:
98:c2:a1:4d:20:d6:cf:20:b1:89:0e:a0:95:df:a0:
12:40:02:8e:d8:e7:7e:70:44:36:a2:6d:5c:8c:73:
b8:f5:00:d1:f6:95:01:2d:fc:bc:92:35:69:e6:77:
61:79:8f:ae:a0:05:45:57:97:f8:b4:e5:e2:d7:1c:
91:71:c0:22:46:87:61:54:80:d1:96:a0:54:6f:9c:
e8:f0:ce:40:52:dd:83:a1:b8:8d:38:81:2d:ad:42:
65:26:e8:70:ed:c9:53:a0:96:dc:b0:17:db:b6:d7:
ad:8a:50:7a:91:26:88:81:cb:c2:18:c5:46:f9:39:
f6:c3:e1:7b:9f:94:24:14:66:98:0f:f9:1c:34:4a:
84:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:A5:F0:2D:1C:4F:EB:23:1A:EB:03:62:4D:20:94:F3:65:7A:4A:2C
X509v3 Authority Key Identifier:
keyid:91:A1:17:3A:70:E4:1F:45:93:54:76:69:AD:A2:2F:0D:7F:68:F3:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
69:2c:b7:4b:6b:c6:09:ba:6c:be:51:11:43:39:41:0e:39:b6:
a9:b6:66:e5:b0:f4:4c:0e:36:95:41:58:69:c4:a2:9c:81:5e:
d5:e6:ff:e0:15:67:04:cc:1e:30:84:5d:48:53:e3:7f:06:63:
a7:2c:55:4e:db:15:7a:4b:c2:8e:8f:a6:48:fa:e8:4c:d2:65:
2f:2c:c8:49:6d:cb:4c:36:04:40:d0:bc:96:5f:ba:34:e1:8a:
64:9a:4b:eb:e4:a0:34:ab:4a:52:0b:92:7e:6f:e4:23:30:5a:
e3:00:b2:83:f1:e9:1e:b7:fd:af:17:ec:60:15:ae:28:59:a6:
86:a4:11:dc:67:72:0a:82:69:24:e1:3b:5c:74:e3:37:bf:8c:
c9:e7:28:b1:f2:f0:69:4f:1b:09:a2:d5:61:c4:c6:d1:cd:f5:
12:10:cb:c7:09:15:b8:1a:eb:0f:7c:b9:d1:12:da:11:7d:ba:
65:63:e0:6d:11:4d:8a:9d:4d:1d:ac:0a:64:ee:cd:01:87:4f:
be:b6:7a:5f:6a:d3:30:59:dc:f7:bc:b6:c3:d9:d5:60:91:de:
d3:66:4d:37:45:ba:40:ab:47:70:ed:ae:00:ef:79:80:75:8a:
08:27:4c:b6:6f:f1:72:41:e2:99:96:b6:60:e0:36:2f:8e:19:
d1:67:80:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa6fx5OGAvH+ywQ3+YsLb4CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYTExNzNhNzBlNDFmNDU5MzU0NzY2OWFkYTIyZjBkN2Y2
OGYzNTQwHhcNMjUwNTEwMTQwMDE1WhcNMjUwNTExMTQwMDE1WjAzMTEwLwYDVQQD
Eyg4YWE1ZjAyZDFjNGZlYjIzMWFlYjAzNjI0ZDIwOTRmMzY1N2E0YTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3i5ecs+knggPctLIZ+ff59WD0+Za
HBYPlOQlyoOMcIvGVehtFGnLEj7TdpLaW24O+yvJWCpkdeLh3/zgGOlv/Wc4J26u
oFMC2BjShWoqYq/Z485P/YT6+so9OKuj/9F9JV5DMTxrchoiak1MYRX0ja6cLf3M
jyGYwqFNINbPILGJDqCV36ASQAKO2Od+cEQ2om1cjHO49QDR9pUBLfy8kjVp5ndh
eY+uoAVFV5f4tOXi1xyRccAiRodhVIDRlqBUb5zo8M5AUt2DobiNOIEtrUJlJuhw
7clToJbcsBfbttetilB6kSaIgcvCGMVG+Tn2w+F7n5QkFGaYD/kcNEqEqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIql8C0cT+sjGusDYk0glPNlekosMB8GA1UdIwQY
MBaAFJGhFzpw5B9Fk1R2aa2iLw1/aPNUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8zNGU1M2YtNjc1OS00Y2Y1LTk4MDEt
NWQ2MzBlMjAzZmQ1LzEva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8zNGU1M2YtNjc1OS00Y2Y1LTk4MDEtNWQ2MzBlMjAzZmQ1
LzEva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaSy3S2vG
CbpsvlERQzlBDjm2qbZm5bD0TA42lUFYacSinIFe1eb/4BVnBMweMIRdSFPjfwZj
pyxVTtsVekvCjo+mSProTNJlLyzISW3LTDYEQNC8ll+6NOGKZJpL6+SgNKtKUguS
fm/kIzBa4wCyg/HpHrf9rxfsYBWuKFmmhqQR3GdyCoJpJOE7XHTjN7+MyecosfLw
aU8bCaLVYcTG0c31EhDLxwkVuBrrD3y50RLaEX26ZWPgbRFNip1NHawKZO7NAYdP
vrZ6X2rTMFnc97y2w9nVYJHe02ZNN0W6QKtHcO2uAO95gHWKCCdMtm/xckHimZa2
YOA2L44Z0WeAJA==
-----END CERTIFICATE-----
Generated at Sat May 10 16:13:01 2025 by rpki-client