Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
File: KbOnF2ZaETfpncj60i4-f5jbiXM.mft (raw, json)
Hash identifier: 7JiKYI8tw3oa8Nq2AEumuuBiwATO6iUFYu7BdkJMk+k=
Subject key identifier: BE:54:A5:EA:20:1C:5E:F0:79:90:A2:33:44:1D:BD:5E:C2:04:8D:FB
Authority key identifier: 29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
Certificate issuer: /CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Certificate serial: 0198D583CE59E8A2AED4A6E139BCC04EF232
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
Manifest number: 164F
Signing time: Sat 23 Aug 2025 06:00:41 +0000
Manifest this update: Sat 23 Aug 2025 06:00:41 +0000
Manifest next update: Sun 24 Aug 2025 06:00:41 +0000
Files and hashes: 1: 0l-uuc0ta--zZGivAH1vRPmB_34.roa (hash: N3+ixN59bx1CAdzBVH5dBhTA7XSG6tSZGbX7+qQ9kkU=)
2: KbOnF2ZaETfpncj60i4-f5jbiXM.crl (hash: ynfmGGtMuqnuZZ/PQMntwgQtnM24cnP2RZtylMv9kmQ=)
3: ZjCHU3LEGq34M383f_KumGN_eB4.roa (hash: YxlGAgs8g3hAPxhoH9iP3cLnbEfE9zXQU/84spENz30=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:83:ce:59:e8:a2:ae:d4:a6:e1:39:bc:c0:4e:f2:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Validity
Not Before: Aug 23 06:00:41 2025 GMT
Not After : Aug 24 06:00:41 2025 GMT
Subject: CN=be54a5ea201c5ef07990a233441dbd5ec2048dfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:19:8d:a7:96:14:a7:b8:15:bd:9e:fa:a2:0f:
2c:eb:a4:30:7f:a8:9f:48:d9:3c:a7:fb:aa:21:78:
1e:23:ed:ae:9a:05:6b:63:6e:42:dd:0a:d7:bb:29:
aa:e6:a8:66:35:b2:0d:59:80:2f:c2:df:4f:98:8d:
e2:39:72:d1:3f:a8:5b:45:7e:43:ab:a4:80:dc:81:
c2:a9:dc:9d:e6:32:b8:cb:51:1b:71:3b:80:1a:0b:
af:c6:d6:e2:63:ce:75:6c:e9:24:9e:e3:04:e2:2c:
7c:57:ec:15:53:7b:46:7f:c1:ed:19:d5:00:94:8b:
ea:a5:5f:bd:5b:16:0c:b2:fd:2e:61:7e:e2:7a:f4:
eb:dd:0f:6c:a7:35:20:53:6b:90:a3:28:74:e5:e8:
20:39:bf:63:3c:1d:a7:d6:75:58:6c:e1:2d:fd:68:
9e:9f:12:02:f9:1f:1b:24:01:f8:9d:5c:ab:6b:d7:
cf:12:00:4e:ed:e2:5d:db:af:fc:15:a3:51:31:63:
01:09:40:e7:4e:e2:77:e6:82:80:a4:a9:22:24:22:
d9:1a:74:f1:07:c3:ef:d6:5e:e8:c6:fb:c0:ff:df:
bf:9c:42:5e:03:74:87:0e:7e:81:77:92:19:17:e4:
b7:cd:e1:72:a6:ff:30:64:71:4c:e8:a6:22:69:0b:
c6:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:54:A5:EA:20:1C:5E:F0:79:90:A2:33:44:1D:BD:5E:C2:04:8D:FB
X509v3 Authority Key Identifier:
keyid:29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9d:0b:e5:2d:44:c5:0e:e2:d0:c5:a4:64:9b:2b:b9:76:fc:07:
af:08:28:cb:a4:23:80:07:c6:e2:c7:1a:0a:03:07:eb:95:a8:
c4:23:40:a5:91:38:6d:97:23:b1:d1:5f:0b:3e:42:49:77:ee:
d4:7d:73:80:59:fa:e2:2b:f2:b5:fd:f9:32:30:78:79:1e:99:
c0:3b:75:cb:6b:6c:9f:c2:d7:47:61:6c:ab:4e:fb:4f:f8:34:
44:7e:41:54:5e:79:ee:ec:cc:3e:af:84:0c:7a:17:b2:11:bd:
8c:eb:fc:d4:0e:25:a9:33:67:9b:3e:e1:69:9e:68:08:79:ca:
5c:44:d6:b7:72:af:c1:6c:5b:99:80:be:69:c6:db:c0:cb:a8:
ec:13:c0:6c:c4:b6:4e:7d:1e:fb:60:09:cc:7b:3a:cf:68:d4:
ae:87:32:22:f4:3b:f0:ef:b8:da:ec:7c:64:00:70:95:e8:00:
d2:ce:11:35:b9:d2:b0:18:bb:46:cf:9e:b8:3c:eb:8c:15:84:
c2:33:45:b3:f3:46:3e:ff:e3:d1:27:d5:fb:12:9c:ba:81:6e:
01:6d:91:a2:b6:71:d6:4b:43:90:25:40:d6:ef:6d:04:ee:52:
50:3a:6f:40:21:dd:82:58:22:ad:83:19:84:37:61:70:d1:ee:
44:e5:37:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVg85Z6KKu1KbhObzATvIyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YjNhNzE3NjY1YTExMzdlOTlkYzhmYWQyMmUzZTdmOThk
Yjg5NzMwHhcNMjUwODIzMDYwMDQxWhcNMjUwODI0MDYwMDQxWjAzMTEwLwYDVQQD
EyhiZTU0YTVlYTIwMWM1ZWYwNzk5MGEyMzM0NDFkYmQ1ZWMyMDQ4ZGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRmNp5YUp7gVvZ76og8s66Qwf6if
SNk8p/uqIXgeI+2umgVrY25C3QrXuymq5qhmNbINWYAvwt9PmI3iOXLRP6hbRX5D
q6SA3IHCqdyd5jK4y1EbcTuAGguvxtbiY851bOkknuME4ix8V+wVU3tGf8HtGdUA
lIvqpV+9WxYMsv0uYX7ievTr3Q9spzUgU2uQoyh05eggOb9jPB2n1nVYbOEt/Wie
nxIC+R8bJAH4nVyra9fPEgBO7eJd26/8FaNRMWMBCUDnTuJ35oKApKkiJCLZGnTx
B8Pv1l7oxvvA/9+/nEJeA3SHDn6Bd5IZF+S3zeFypv8wZHFM6KYiaQvGHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL5UpeogHF7weZCiM0QdvV7CBI37MB8GA1UdIwQY
MBaAFCmzpxdmWhE36Z3I+tIuPn+Y24lzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgt
NjY5ZjdhNzYxNjMxLzEvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgtNjY5ZjdhNzYxNjMx
LzEvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnQvlLUTF
DuLQxaRkmyu5dvwHrwgoy6QjgAfG4scaCgMH65WoxCNApZE4bZcjsdFfCz5CSXfu
1H1zgFn64ivytf35MjB4eR6ZwDt1y2tsn8LXR2Fsq077T/g0RH5BVF557uzMPq+E
DHoXshG9jOv81A4lqTNnmz7haZ5oCHnKXETWt3KvwWxbmYC+acbbwMuo7BPAbMS2
Tn0e+2AJzHs6z2jUrocyIvQ78O+42ux8ZABwlegA0s4RNbnSsBi7Rs+euDzrjBWE
wjNFs/NGPv/j0SfV+xKcuoFuAW2RorZx1ktDkCVA1u9tBO5SUDpvQCHdglgirYMZ
hDdhcNHuROU32Q==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:37:17 2025 by rpki-client