
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
File: kpbYTmTVXsgSR2-4BvD-daCL-ys.mft (raw, json)
Hash identifier: BTugPPShQBe6GGbVLJDjkWa6k3WnzvzkY520tarww+Q=
Subject key identifier: 3D:6B:70:F1:2A:98:6B:53:EC:E6:7B:16:B4:17:C3:1D:00:91:1E:7A
Authority key identifier: 92:96:D8:4E:64:D5:5E:C8:12:47:6F:B8:06:F0:FE:75:A0:8B:FB:2B
Certificate issuer: /CN=9296d84e64d55ec812476fb806f0fe75a08bfb2b
Certificate serial: 0197C6137C72DF38CC0DDD3C61FC8458B8F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
Manifest number: 15BE
Signing time: Tue 01 Jul 2025 13:00:55 +0000
Manifest this update: Tue 01 Jul 2025 13:00:55 +0000
Manifest next update: Wed 02 Jul 2025 13:00:55 +0000
Files and hashes: 1: kpbYTmTVXsgSR2-4BvD-daCL-ys.crl (hash: gZyA+MtvD+50phTLU0SeLB+JtyXEzJzxHbSeKiKNfNg=)
2: r4bjJ2cCOInhIlG1f9hIdTm3g6M.roa (hash: aZToxg96BEY8Qvj4uVJxCXKyOgQmRt2zg6OKjNY/eQ0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c6:13:7c:72:df:38:cc:0d:dd:3c:61:fc:84:58:b8:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9296d84e64d55ec812476fb806f0fe75a08bfb2b
Validity
Not Before: Jul 1 13:00:55 2025 GMT
Not After : Jul 2 13:00:55 2025 GMT
Subject: CN=3d6b70f12a986b53ece67b16b417c31d00911e7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:24:aa:1f:f6:5c:f8:40:8e:c3:ed:f3:dc:15:
da:d7:9e:0b:c1:12:93:7f:b8:5a:ce:21:9b:3d:cc:
ff:be:1c:8f:71:51:f9:e9:91:9c:05:eb:1d:53:cf:
7c:3c:98:38:48:3e:ae:63:14:07:89:97:fa:e4:fd:
36:14:e4:9e:87:35:c4:a1:c4:5a:36:51:08:b1:cd:
5b:29:60:52:95:ab:d9:22:bd:f8:2c:85:0b:cc:9a:
fb:b7:f8:9c:c9:4c:4a:7d:f0:cd:22:b5:b6:cc:f3:
b5:0f:e8:93:81:11:9d:3c:0c:24:74:a2:ec:38:9b:
8e:e9:82:6e:5b:63:ba:24:cc:d0:b8:4e:89:48:3c:
6b:5f:cd:18:89:96:e0:33:47:83:bd:c0:88:bb:5f:
f5:0b:10:fd:08:ee:14:50:6e:6c:7c:0a:95:a9:a9:
22:fe:45:66:7b:81:7c:b1:71:e0:cb:74:31:66:e7:
a4:2a:6d:b8:91:62:34:65:c1:c1:61:64:52:97:e6:
23:ec:4a:fd:1a:56:19:54:f5:68:ef:2e:65:92:f8:
6c:35:03:30:65:df:e4:bd:f9:b7:3e:50:50:c2:9c:
41:3e:67:d4:20:b6:f6:2d:f5:29:c6:d7:82:1b:9a:
43:9a:c0:3b:9d:90:3d:22:c4:69:33:ab:50:e1:93:
2f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:6B:70:F1:2A:98:6B:53:EC:E6:7B:16:B4:17:C3:1D:00:91:1E:7A
X509v3 Authority Key Identifier:
keyid:92:96:D8:4E:64:D5:5E:C8:12:47:6F:B8:06:F0:FE:75:A0:8B:FB:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:0e:4d:b1:23:e3:78:b9:ec:1e:49:87:1b:5d:67:0a:e9:ef:
d9:e3:c0:e7:f1:06:20:5a:aa:30:ae:a0:b9:03:34:48:c0:21:
79:f5:d1:c7:f5:98:8d:60:27:92:ec:80:26:d8:46:21:e2:98:
e8:fc:a2:c3:ca:bb:ff:3b:7c:fd:b9:4b:2b:8a:fe:e2:8d:af:
7b:df:67:a3:3c:cf:be:1e:87:1f:cf:30:90:f2:97:59:9b:e9:
fa:43:e8:be:21:61:e1:13:5f:b6:3a:14:e3:a2:c2:10:0f:08:
e5:0f:a1:0d:3e:d8:8f:68:f6:d3:37:47:26:d6:18:4e:cc:19:
2e:40:f4:40:c4:f4:0c:ea:62:4f:1c:91:cd:80:6f:1f:22:03:
a5:92:08:70:e1:b6:7f:dc:9e:75:35:64:d5:f7:ed:22:ef:09:
b9:41:36:c5:23:b2:af:32:19:74:2f:ee:25:de:8c:cf:8a:42:
73:c5:e4:bf:86:b4:9e:ae:6d:e6:bf:e4:86:bb:d7:7f:dc:01:
75:79:b8:f6:3a:1e:6d:0c:0f:a5:c1:63:3d:95:61:46:5e:a6:
3e:09:69:26:22:a2:fe:b6:2d:0f:00:18:da:c7:53:ea:64:da:
f7:62:e0:e5:06:cf:43:97:f8:c7:61:6e:ee:a3:f0:d6:7e:53:
07:bd:60:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfGE3xy3zjMDd08YfyEWLjzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTZkODRlNjRkNTVlYzgxMjQ3NmZiODA2ZjBmZTc1YTA4
YmZiMmIwHhcNMjUwNzAxMTMwMDU1WhcNMjUwNzAyMTMwMDU1WjAzMTEwLwYDVQQD
EygzZDZiNzBmMTJhOTg2YjUzZWNlNjdiMTZiNDE3YzMxZDAwOTExZTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmySqH/Zc+ECOw+3z3BXa154LwRKT
f7haziGbPcz/vhyPcVH56ZGcBesdU898PJg4SD6uYxQHiZf65P02FOSehzXEocRa
NlEIsc1bKWBSlavZIr34LIULzJr7t/icyUxKffDNIrW2zPO1D+iTgRGdPAwkdKLs
OJuO6YJuW2O6JMzQuE6JSDxrX80YiZbgM0eDvcCIu1/1CxD9CO4UUG5sfAqVqaki
/kVme4F8sXHgy3QxZuekKm24kWI0ZcHBYWRSl+Yj7Er9GlYZVPVo7y5lkvhsNQMw
Zd/kvfm3PlBQwpxBPmfUILb2LfUpxteCG5pDmsA7nZA9IsRpM6tQ4ZMvZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD1rcPEqmGtT7OZ7FrQXwx0AkR56MB8GA1UdIwQY
MBaAFJKW2E5k1V7IEkdvuAbw/nWgi/srMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9hNTRlYjEtMzNkZS00MDFmLTkzNWEt
ZjM0OTI4NDUwOWI3LzEva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9hNTRlYjEtMzNkZS00MDFmLTkzNWEtZjM0OTI4NDUwOWI3
LzEva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApA5NsSPj
eLnsHkmHG11nCunv2ePA5/EGIFqqMK6guQM0SMAhefXRx/WYjWAnkuyAJthGIeKY
6Pyiw8q7/zt8/blLK4r+4o2ve99nozzPvh6HH88wkPKXWZvp+kPoviFh4RNftjoU
46LCEA8I5Q+hDT7Yj2j20zdHJtYYTswZLkD0QMT0DOpiTxyRzYBvHyIDpZIIcOG2
f9yedTVk1fftIu8JuUE2xSOyrzIZdC/uJd6Mz4pCc8Xkv4a0nq5t5r/khrvXf9wB
dXm49joebQwPpcFjPZVhRl6mPglpJiKi/rYtDwAY2sdT6mTa92Lg5QbPQ5f4x2Fu
7qPw1n5TB71gmQ==
-----END CERTIFICATE-----
Generated at Tue Jul 1 17:57:27 2025 by rpki-client