Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
File: KbOnF2ZaETfpncj60i4-f5jbiXM.mft (raw, json)
Hash identifier: FZixKrQt1gfED7Mis8NeVAnpUF3oqQNLBdcYwVXwo9A=
Subject key identifier: B1:EB:2E:46:04:71:8F:90:17:B3:38:54:58:71:DD:C2:7F:9A:E2:9D
Authority key identifier: 29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
Certificate issuer: /CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Certificate serial: 0196B8C7F285072B116EA7614ABA706D578B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
Manifest number: 1537
Signing time: Sat 10 May 2025 06:00:33 +0000
Manifest this update: Sat 10 May 2025 06:00:33 +0000
Manifest next update: Sun 11 May 2025 06:00:33 +0000
Files and hashes: 1: 0l-uuc0ta--zZGivAH1vRPmB_34.roa (hash: N3+ixN59bx1CAdzBVH5dBhTA7XSG6tSZGbX7+qQ9kkU=)
2: KbOnF2ZaETfpncj60i4-f5jbiXM.crl (hash: suXOcsswRuB2fIFcBRhWBXJ0qyDy+KdiA6+lW/HWT4Y=)
3: ZjCHU3LEGq34M383f_KumGN_eB4.roa (hash: YxlGAgs8g3hAPxhoH9iP3cLnbEfE9zXQU/84spENz30=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b8:c7:f2:85:07:2b:11:6e:a7:61:4a:ba:70:6d:57:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Validity
Not Before: May 10 06:00:33 2025 GMT
Not After : May 11 06:00:33 2025 GMT
Subject: CN=b1eb2e4604718f9017b338545871ddc27f9ae29d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:2d:bc:7c:fb:30:af:b6:ed:08:5d:0d:16:7f:
31:5e:65:e5:8b:9f:2b:95:7e:e7:56:5c:96:44:41:
65:e6:a1:e4:d8:22:aa:1e:23:2f:2e:ac:35:8d:ac:
43:40:fb:64:30:78:fa:e8:90:57:b4:e1:b5:7c:20:
30:5a:6a:c8:ca:cc:91:ca:b2:6e:89:ea:05:be:2b:
73:f5:93:e0:59:d6:72:00:e7:85:bb:a9:d6:7b:2a:
38:3a:69:2e:6c:1f:f9:28:6a:42:48:5d:02:de:29:
2e:9f:ce:9c:d2:a1:09:e4:b3:ce:dc:3e:af:ee:93:
d8:0b:a0:99:f2:3f:88:18:12:d3:49:49:a6:76:97:
9b:3b:61:5e:8c:f6:25:2d:31:d0:c7:5d:be:51:27:
a0:e0:51:ed:db:bf:90:f5:71:5d:62:1c:00:27:b7:
a3:e9:52:1f:e2:2c:a3:6e:be:08:1c:d6:11:d1:71:
9e:b6:eb:15:e9:e9:ec:13:18:25:97:9f:06:0f:e3:
dd:b6:f8:66:37:19:01:ae:08:8c:72:35:19:31:71:
d9:82:68:09:65:11:1c:80:a7:b8:0a:2a:b5:69:b0:
7f:1d:18:27:c3:05:41:46:c6:f9:f1:64:4c:dd:9a:
f6:ea:45:92:17:eb:e8:01:05:5c:4e:19:da:45:6a:
7f:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:EB:2E:46:04:71:8F:90:17:B3:38:54:58:71:DD:C2:7F:9A:E2:9D
X509v3 Authority Key Identifier:
keyid:29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3c:ef:39:97:a3:f7:99:d7:42:69:e6:a3:a3:90:6b:9b:f8:50:
cd:bf:6b:af:83:25:ae:57:46:d3:1f:ec:0a:15:30:05:7b:75:
28:be:26:45:ef:5f:d4:a1:b1:48:32:a5:5a:d7:65:55:da:28:
46:60:f4:d3:b5:94:47:1a:3c:22:cf:e5:b4:b5:6f:d8:5a:ca:
00:a0:9b:1e:5e:57:37:f8:cc:73:98:48:1d:41:ba:ff:25:ad:
cd:82:af:40:92:72:78:77:30:e1:98:33:5e:71:67:18:c4:9e:
87:2b:a9:6a:7e:0b:6a:bc:58:f8:1f:b6:6b:15:7f:f6:8f:27:
93:b8:99:6a:93:f2:5a:1a:12:32:8c:75:80:0d:f2:8a:70:1b:
ce:b8:31:65:87:a8:2b:09:86:d8:3e:aa:76:96:91:37:a6:11:
d9:d0:01:3f:b8:62:b1:da:ae:8b:7b:70:b9:67:e8:19:f2:d3:
a0:56:f1:5b:05:f5:5c:8a:0f:b2:3d:38:d9:65:cc:a8:e1:76:
7c:0b:c7:b6:24:12:5c:a1:ef:04:41:cf:57:be:79:bc:94:fa:
7a:f6:63:db:0e:48:40:76:ab:74:06:d2:72:0b:2b:af:69:9c:
09:5d:cd:f2:53:c5:a6:8c:0c:bc:0e:fb:87:92:1d:5e:8d:69:
3c:20:61:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa4x/KFBysRbqdhSrpwbVeLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YjNhNzE3NjY1YTExMzdlOTlkYzhmYWQyMmUzZTdmOThk
Yjg5NzMwHhcNMjUwNTEwMDYwMDMzWhcNMjUwNTExMDYwMDMzWjAzMTEwLwYDVQQD
EyhiMWViMmU0NjA0NzE4ZjkwMTdiMzM4NTQ1ODcxZGRjMjdmOWFlMjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxC28fPswr7btCF0NFn8xXmXli58r
lX7nVlyWREFl5qHk2CKqHiMvLqw1jaxDQPtkMHj66JBXtOG1fCAwWmrIysyRyrJu
ieoFvitz9ZPgWdZyAOeFu6nWeyo4OmkubB/5KGpCSF0C3ikun86c0qEJ5LPO3D6v
7pPYC6CZ8j+IGBLTSUmmdpebO2FejPYlLTHQx12+USeg4FHt27+Q9XFdYhwAJ7ej
6VIf4iyjbr4IHNYR0XGetusV6ensExgll58GD+PdtvhmNxkBrgiMcjUZMXHZgmgJ
ZREcgKe4Ciq1abB/HRgnwwVBRsb58WRM3Zr26kWSF+voAQVcThnaRWp/aQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLHrLkYEcY+QF7M4VFhx3cJ/muKdMB8GA1UdIwQY
MBaAFCmzpxdmWhE36Z3I+tIuPn+Y24lzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgt
NjY5ZjdhNzYxNjMxLzEvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgtNjY5ZjdhNzYxNjMx
LzEvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPO85l6P3
mddCaeajo5Brm/hQzb9rr4MlrldG0x/sChUwBXt1KL4mRe9f1KGxSDKlWtdlVdoo
RmD007WURxo8Is/ltLVv2FrKAKCbHl5XN/jMc5hIHUG6/yWtzYKvQJJyeHcw4Zgz
XnFnGMSehyupan4LarxY+B+2axV/9o8nk7iZapPyWhoSMox1gA3yinAbzrgxZYeo
KwmG2D6qdpaRN6YR2dABP7hisdqui3twuWfoGfLToFbxWwX1XIoPsj042WXMqOF2
fAvHtiQSXKHvBEHPV755vJT6evZj2w5IQHardAbScgsrr2mcCV3N8lPFpowMvA77
h5IdXo1pPCBh7g==
-----END CERTIFICATE-----
Generated at Sat May 10 13:38:07 2025 by rpki-client