Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/219be2-396f-427f-942c-1f8e522408a5/1/KaA5l7KPWbCAMciYQH3V5RN93bE.mft
File: KaA5l7KPWbCAMciYQH3V5RN93bE.mft (raw, json)
Hash identifier: h+oXOpRHd7Ft7syQzHkjTc4qrSm4xz9WCYd5HoaKfMI=
Subject key identifier: 75:EF:76:22:B1:5A:D0:A8:B9:F8:A5:1C:3B:BC:47:10:80:EA:F5:3F
Authority key identifier: 29:A0:39:97:B2:8F:59:B0:80:31:C8:98:40:7D:D5:E5:13:7D:DD:B1
Certificate issuer: /CN=29a03997b28f59b08031c898407dd5e5137dddb1
Certificate serial: 0196C238ED794F4494E27E1911FDAFFD3343
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KaA5l7KPWbCAMciYQH3V5RN93bE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/219be2-396f-427f-942c-1f8e522408a5/1/KaA5l7KPWbCAMciYQH3V5RN93bE.mft
Manifest number: 1222
Signing time: Mon 12 May 2025 02:00:32 +0000
Manifest this update: Mon 12 May 2025 02:00:32 +0000
Manifest next update: Tue 13 May 2025 02:00:32 +0000
Files and hashes: 1: KaA5l7KPWbCAMciYQH3V5RN93bE.crl (hash: B1S25ApxU+p/6mZc7Uw3zXLHjVkzRIkpPedk9B0syrA=)
2: TFGcxJc1hz5sSLNvCaBuhb3JcFY.roa (hash: IVGRn6jYdKaVvVkrmcrSKzMRsOoEhE2vOI0riR6WQTo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/219be2-396f-427f-942c-1f8e522408a5/1/KaA5l7KPWbCAMciYQH3V5RN93bE.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/219be2-396f-427f-942c-1f8e522408a5/1/KaA5l7KPWbCAMciYQH3V5RN93bE.mft
rsync://rpki.ripe.net/repository/DEFAULT/KaA5l7KPWbCAMciYQH3V5RN93bE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c2:38:ed:79:4f:44:94:e2:7e:19:11:fd:af:fd:33:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29a03997b28f59b08031c898407dd5e5137dddb1
Validity
Not Before: May 12 02:00:32 2025 GMT
Not After : May 13 02:00:32 2025 GMT
Subject: CN=75ef7622b15ad0a8b9f8a51c3bbc471080eaf53f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d6:0f:78:a2:05:1f:e6:1b:37:1e:5e:d8:55:
31:47:16:3f:24:20:26:61:8a:96:fe:c4:e9:a4:ef:
01:7c:f3:96:ca:ef:1f:66:4a:51:ec:78:6a:82:c5:
c2:49:60:11:77:7e:59:62:c3:53:19:2f:57:a7:ba:
1f:33:4c:7e:be:6d:69:f4:cd:6f:ca:17:38:10:3a:
ad:7e:cf:6b:01:7f:4e:09:8d:38:94:b8:6c:68:ed:
3a:ee:a2:d0:a4:13:56:90:42:1f:65:76:58:25:04:
94:49:0e:ef:7a:09:e3:26:11:c7:d4:55:46:6e:90:
f8:54:04:47:05:f4:c1:f4:d8:5b:2f:11:92:7e:7c:
63:b9:70:7b:fa:c6:a5:ef:b7:e7:cf:90:49:ad:66:
3e:d7:c1:ac:ef:17:a7:64:17:6f:45:2c:8c:4e:8a:
30:31:16:ca:98:7e:41:73:da:04:f5:39:01:2a:54:
63:46:24:86:f2:fb:fa:97:d5:57:1b:7f:80:41:94:
b2:83:cd:ea:dd:9f:92:44:59:20:cc:c3:7b:9d:b2:
26:0d:13:99:e0:cc:64:64:02:e2:7f:fe:f1:fd:17:
5c:2e:fa:5f:dc:ab:37:7c:b9:9d:0a:fa:41:09:34:
a1:f7:fd:50:77:ae:df:d4:8a:4f:bc:32:50:18:b0:
90:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:EF:76:22:B1:5A:D0:A8:B9:F8:A5:1C:3B:BC:47:10:80:EA:F5:3F
X509v3 Authority Key Identifier:
keyid:29:A0:39:97:B2:8F:59:B0:80:31:C8:98:40:7D:D5:E5:13:7D:DD:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KaA5l7KPWbCAMciYQH3V5RN93bE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/219be2-396f-427f-942c-1f8e522408a5/1/KaA5l7KPWbCAMciYQH3V5RN93bE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/219be2-396f-427f-942c-1f8e522408a5/1/KaA5l7KPWbCAMciYQH3V5RN93bE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0f:55:a4:cf:f8:ac:e9:99:78:2e:ea:bf:1d:ad:1b:f5:3a:87:
82:80:48:41:fa:ca:00:15:c0:a1:1f:ed:b1:31:ed:41:d7:8b:
a1:ba:a3:af:d8:c2:5b:31:c3:0c:bd:b1:06:4c:5b:b5:3b:bb:
d1:77:17:50:0e:f2:c3:aa:b4:f6:62:13:74:73:3b:5d:2b:85:
36:43:a3:91:d9:75:96:4f:60:d2:89:ed:b4:b7:54:fd:28:67:
d2:8e:7d:38:6d:70:bb:2f:6c:3d:f5:2c:1e:75:45:3e:f5:de:
dc:c0:51:b9:af:dc:ea:07:9a:08:a7:85:8e:2b:1f:ec:e8:1e:
b9:b0:8f:b6:2d:f6:42:96:8a:28:49:d0:9b:ba:08:ac:6d:a8:
7d:50:53:25:8e:20:5d:a7:2a:28:0f:54:d5:21:6c:62:09:4d:
0b:e5:12:ca:b5:a2:46:23:b9:b0:df:b4:33:3d:9a:1c:6e:3f:
cb:0f:36:0a:72:a0:ff:51:2e:8f:77:27:b7:11:e7:c4:3d:92:
a0:ad:f7:a9:d7:e2:9a:e3:35:76:0f:63:7d:de:17:91:0c:4e:
33:71:e2:e2:0b:dc:58:95:ee:49:e4:9e:84:77:16:98:5c:f0:
e4:5c:64:a2:be:2c:05:64:7b:00:5b:cb:5f:6f:c0:13:e5:df:
dd:fc:3f:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbCOO15T0SU4n4ZEf2v/TNDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YTAzOTk3YjI4ZjU5YjA4MDMxYzg5ODQwN2RkNWU1MTM3
ZGRkYjEwHhcNMjUwNTEyMDIwMDMyWhcNMjUwNTEzMDIwMDMyWjAzMTEwLwYDVQQD
Eyg3NWVmNzYyMmIxNWFkMGE4YjlmOGE1MWMzYmJjNDcxMDgwZWFmNTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNYPeKIFH+YbNx5e2FUxRxY/JCAm
YYqW/sTppO8BfPOWyu8fZkpR7HhqgsXCSWARd35ZYsNTGS9Xp7ofM0x+vm1p9M1v
yhc4EDqtfs9rAX9OCY04lLhsaO067qLQpBNWkEIfZXZYJQSUSQ7vegnjJhHH1FVG
bpD4VARHBfTB9NhbLxGSfnxjuXB7+sal77fnz5BJrWY+18Gs7xenZBdvRSyMToow
MRbKmH5Bc9oE9TkBKlRjRiSG8vv6l9VXG3+AQZSyg83q3Z+SRFkgzMN7nbImDROZ
4MxkZALif/7x/RdcLvpf3Ks3fLmdCvpBCTSh9/1Qd67f1IpPvDJQGLCQfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHXvdiKxWtCoufilHDu8RxCA6vU/MB8GA1UdIwQY
MBaAFCmgOZeyj1mwgDHImEB91eUTfd2xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2FBNWw3S1BXYkNBTWNpWVFIM1Y1Uk45M2JFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8yMTliZTItMzk2Zi00MjdmLTk0MmMt
MWY4ZTUyMjQwOGE1LzEvS2FBNWw3S1BXYkNBTWNpWVFIM1Y1Uk45M2JFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8yMTliZTItMzk2Zi00MjdmLTk0MmMtMWY4ZTUyMjQwOGE1
LzEvS2FBNWw3S1BXYkNBTWNpWVFIM1Y1Uk45M2JFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD1Wkz/is
6Zl4Luq/Ha0b9TqHgoBIQfrKABXAoR/tsTHtQdeLobqjr9jCWzHDDL2xBkxbtTu7
0XcXUA7yw6q09mITdHM7XSuFNkOjkdl1lk9g0onttLdU/Shn0o59OG1wuy9sPfUs
HnVFPvXe3MBRua/c6geaCKeFjisf7OgeubCPti32QpaKKEnQm7oIrG2ofVBTJY4g
XacqKA9U1SFsYglNC+USyrWiRiO5sN+0Mz2aHG4/yw82CnKg/1Euj3cntxHnxD2S
oK33qdfimuM1dg9jfd4XkQxOM3Hi4gvcWJXuSeSehHcWmFzw5Fxkor4sBWR7AFvL
X2/AE+Xf3fw/aA==
-----END CERTIFICATE-----
Generated at Mon May 12 10:49:23 2025 by rpki-client