Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
File: KYXMQ9gGohtjMwIZ62OLsbpJroA.mft (raw, json)
Hash identifier: pWBzFSDSMGOT1HA1yl6OXBUN5um92Nt+r/4aygicO5A=
Subject key identifier: 66:C2:0E:DD:15:B9:26:46:9A:91:8B:46:10:78:0E:7D:9C:10:FB:16
Authority key identifier: 29:85:CC:43:D8:06:A2:1B:63:33:02:19:EB:63:8B:B1:BA:49:AE:80
Certificate issuer: /CN=2985cc43d806a21b63330219eb638bb1ba49ae80
Certificate serial: 0198D404A66C6CC61EC3E6708D4857D9CACD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
Manifest number: 0432
Signing time: Fri 22 Aug 2025 23:02:11 +0000
Manifest this update: Fri 22 Aug 2025 23:02:11 +0000
Manifest next update: Sat 23 Aug 2025 23:02:11 +0000
Files and hashes: 1: 2Erepc7c7P1VRx_bLNiYu7weRzk.roa (hash: k2SMyfwtPMsgu8pAJX36t6HmVMk0LqM07DF6s7B27wo=)
2: KYXMQ9gGohtjMwIZ62OLsbpJroA.crl (hash: RWsSeRtpUEVdJ/S49QJXbWm68jktq9ejt7ZmRwt41t0=)
3: L_UMuGgef__KCIxYo719-pYnMY0.roa (hash: qQUOKChy81kdhWvOW3DW3K7T6hbp7d9kPXUCB0/Qv9Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Aug 2025 23:02:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:04:a6:6c:6c:c6:1e:c3:e6:70:8d:48:57:d9:ca:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2985cc43d806a21b63330219eb638bb1ba49ae80
Validity
Not Before: Aug 22 23:02:11 2025 GMT
Not After : Aug 23 23:02:11 2025 GMT
Subject: CN=66c20edd15b926469a918b4610780e7d9c10fb16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:5e:90:8e:5d:31:6e:55:f6:c2:bc:ea:16:4f:
e0:b7:38:56:db:ad:63:29:bd:83:05:6e:49:c7:19:
61:54:93:e7:51:8e:6b:66:ff:ea:d8:61:2b:e3:23:
e8:cf:12:29:b0:c4:b7:90:db:45:6c:98:4f:a0:03:
24:ae:e2:c8:15:af:4a:f3:f7:d4:09:ea:60:a9:d2:
cf:37:5d:82:21:ba:36:cd:34:76:4d:75:9d:39:1e:
d1:3e:ed:54:41:3d:d6:a1:9e:f5:6a:66:4e:96:9f:
5d:4a:80:d2:22:a4:3f:f9:7a:49:32:74:67:db:dc:
10:12:e9:08:38:92:60:23:55:3d:c2:77:9b:12:67:
c9:c2:10:fa:b8:9c:40:a1:06:e1:9e:f4:ce:34:ce:
37:6d:42:73:a3:58:0a:43:38:0e:ca:68:85:3d:a5:
11:bc:57:08:64:be:3c:d5:52:cb:26:2d:ff:39:1d:
50:2a:09:94:8e:86:23:a3:93:20:dc:02:13:79:4a:
e5:df:6b:05:62:af:12:25:52:18:eb:83:06:cf:f5:
f8:3a:88:9f:e4:72:5b:6b:6f:bb:97:1d:f5:05:52:
63:8f:f3:36:1a:e3:17:5c:9f:95:0d:db:38:9d:93:
ac:fa:af:53:37:92:7a:d9:25:ae:78:56:47:10:bb:
5d:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:C2:0E:DD:15:B9:26:46:9A:91:8B:46:10:78:0E:7D:9C:10:FB:16
X509v3 Authority Key Identifier:
keyid:29:85:CC:43:D8:06:A2:1B:63:33:02:19:EB:63:8B:B1:BA:49:AE:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
90:8a:2e:02:7b:9e:6d:88:99:48:bd:b0:9f:4f:fd:31:ea:a1:
11:93:b3:8d:ba:cd:86:c1:3d:bf:b7:0b:6f:93:88:6b:f9:a8:
bc:31:3f:91:23:e7:28:57:f8:31:15:8d:9b:6b:56:4f:bd:32:
9e:c6:c2:dd:6a:4c:c9:fd:e1:47:5a:76:ca:24:1b:de:3a:c1:
3f:39:4a:22:ec:1c:25:1d:56:aa:44:5f:34:b6:8c:8d:33:43:
55:5d:09:91:6c:c3:3b:80:67:7c:ec:a3:b7:01:a6:4d:e3:fc:
1f:1a:1b:47:70:83:6a:82:c4:86:61:62:09:34:dc:7b:de:2b:
03:5e:e4:ee:91:26:0b:e0:78:80:32:7b:5d:19:2d:2b:8f:37:
86:a8:2f:98:80:e9:aa:d1:86:3a:8d:c6:2f:f4:86:3d:f0:31:
ff:80:52:28:df:a0:e0:f2:44:11:d3:57:7a:98:d2:b4:f6:3d:
6b:84:9e:df:87:2e:8e:6c:cb:33:4a:c5:c6:7e:4e:e4:6b:43:
5a:e2:6a:07:90:eb:49:66:22:69:e9:2f:8e:77:9b:0c:32:f9:
3f:65:de:f5:d8:59:7d:9b:cb:92:6d:d7:9f:73:3d:b6:d1:92:
fc:d6:fe:c6:a9:b9:ed:95:18:c0:cc:2c:19:ac:49:69:a8:73:
19:3e:e2:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUBKZsbMYew+ZwjUhX2crNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ODVjYzQzZDgwNmEyMWI2MzMzMDIxOWViNjM4YmIxYmE0
OWFlODAwHhcNMjUwODIyMjMwMjExWhcNMjUwODIzMjMwMjExWjAzMTEwLwYDVQQD
Eyg2NmMyMGVkZDE1YjkyNjQ2OWE5MThiNDYxMDc4MGU3ZDljMTBmYjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwl6Qjl0xblX2wrzqFk/gtzhW261j
Kb2DBW5JxxlhVJPnUY5rZv/q2GEr4yPozxIpsMS3kNtFbJhPoAMkruLIFa9K8/fU
CepgqdLPN12CIbo2zTR2TXWdOR7RPu1UQT3WoZ71amZOlp9dSoDSIqQ/+XpJMnRn
29wQEukIOJJgI1U9wnebEmfJwhD6uJxAoQbhnvTONM43bUJzo1gKQzgOymiFPaUR
vFcIZL481VLLJi3/OR1QKgmUjoYjo5Mg3AITeUrl32sFYq8SJVIY64MGz/X4Ooif
5HJba2+7lx31BVJjj/M2GuMXXJ+VDds4nZOs+q9TN5J62SWueFZHELtdYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGbCDt0VuSZGmpGLRhB4Dn2cEPsWMB8GA1UdIwQY
MBaAFCmFzEPYBqIbYzMCGetji7G6Sa6AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9mM2ZlZjQtNDVkYS00YjQzLTk4YzIt
NGRmODg0MGVmYjE3LzEvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9mM2ZlZjQtNDVkYS00YjQzLTk4YzItNGRmODg0MGVmYjE3
LzEvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkIouAnue
bYiZSL2wn0/9MeqhEZOzjbrNhsE9v7cLb5OIa/movDE/kSPnKFf4MRWNm2tWT70y
nsbC3WpMyf3hR1p2yiQb3jrBPzlKIuwcJR1WqkRfNLaMjTNDVV0JkWzDO4BnfOyj
twGmTeP8HxobR3CDaoLEhmFiCTTce94rA17k7pEmC+B4gDJ7XRktK483hqgvmIDp
qtGGOo3GL/SGPfAx/4BSKN+g4PJEEdNXepjStPY9a4Se34cujmzLM0rFxn5O5GtD
WuJqB5DrSWYiaekvjnebDDL5P2Xe9dhZfZvLkm3Xn3M9ttGS/Nb+xqm57ZUYwMws
GaxJaahzGT7i5g==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:26:57 2025 by rpki-client