Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
File: KYXMQ9gGohtjMwIZ62OLsbpJroA.mft (raw, json)
Hash identifier: qCmE8o8MfLS6FcN2nzYIgIPWFzRpjKFB1KJWfzj4aq4=
Subject key identifier: 90:2B:A6:B2:44:74:B9:A6:9F:93:A5:04:6A:DA:C7:3A:75:EF:CC:58
Authority key identifier: 29:85:CC:43:D8:06:A2:1B:63:33:02:19:EB:63:8B:B1:BA:49:AE:80
Certificate issuer: /CN=2985cc43d806a21b63330219eb638bb1ba49ae80
Certificate serial: 0197B82141D1040776D3D6FFD167ADB115B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
Manifest number: 039F
Signing time: Sat 28 Jun 2025 20:01:16 +0000
Manifest this update: Sat 28 Jun 2025 20:01:16 +0000
Manifest next update: Sun 29 Jun 2025 20:01:16 +0000
Files and hashes: 1: 2Erepc7c7P1VRx_bLNiYu7weRzk.roa (hash: k2SMyfwtPMsgu8pAJX36t6HmVMk0LqM07DF6s7B27wo=)
2: KYXMQ9gGohtjMwIZ62OLsbpJroA.crl (hash: DVLLr4i3yNIUsq6ZFxfgN/bHsJqkcGKCbtts4cm17F8=)
3: L_UMuGgef__KCIxYo719-pYnMY0.roa (hash: qQUOKChy81kdhWvOW3DW3K7T6hbp7d9kPXUCB0/Qv9Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b8:21:41:d1:04:07:76:d3:d6:ff:d1:67:ad:b1:15:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2985cc43d806a21b63330219eb638bb1ba49ae80
Validity
Not Before: Jun 28 20:01:16 2025 GMT
Not After : Jun 29 20:01:16 2025 GMT
Subject: CN=902ba6b24474b9a69f93a5046adac73a75efcc58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d9:1e:79:ca:ef:a9:62:65:fb:02:35:8b:7b:
97:8e:66:a7:5c:d2:7a:8a:28:39:98:3f:b3:f6:68:
e2:86:a7:44:39:f8:d3:c9:3a:74:45:d3:8f:14:c0:
14:d3:b4:f4:bd:65:37:7b:28:23:c9:f9:fe:49:7a:
8b:b1:e0:13:49:97:11:89:80:be:fa:af:f2:b1:5c:
28:77:15:79:37:61:ce:95:5f:01:0a:4d:bf:e2:15:
c6:0b:db:8e:6b:9e:8a:fa:a1:6f:f7:09:84:11:c4:
f1:52:29:60:1d:33:c4:09:9a:08:6d:64:04:2d:c2:
86:93:78:93:4c:e7:67:2f:63:19:d1:ff:06:48:6d:
24:d5:17:78:b2:dc:87:87:2a:f1:18:6b:d9:3c:fe:
c5:15:e3:05:67:1d:88:54:d6:eb:4f:11:91:e4:28:
de:56:80:2e:86:a0:2a:2a:eb:95:c7:05:92:fb:3e:
58:97:ff:a2:22:65:35:6d:8d:64:1f:df:36:f5:ae:
78:62:ff:75:b1:6c:fb:ab:cc:e3:84:fc:38:1d:a4:
fe:b1:64:9a:4b:f3:80:75:83:fe:c4:e1:55:57:29:
50:8b:54:e7:a7:57:d2:d7:61:43:75:e8:34:d6:21:
2d:9c:42:81:0c:66:4f:4b:b2:d5:d3:b6:97:ac:f9:
d4:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:2B:A6:B2:44:74:B9:A6:9F:93:A5:04:6A:DA:C7:3A:75:EF:CC:58
X509v3 Authority Key Identifier:
keyid:29:85:CC:43:D8:06:A2:1B:63:33:02:19:EB:63:8B:B1:BA:49:AE:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:c9:a2:94:0e:47:ca:1d:dc:23:a2:cf:c6:49:ba:dd:1a:1d:
86:d4:c9:b9:93:b3:56:71:37:1b:25:dd:12:2e:c8:e4:f0:e0:
d0:ce:d7:1f:ee:42:4d:c6:a8:35:be:bd:76:a6:7f:02:01:a1:
e5:15:ef:fa:7d:72:dc:8b:14:7c:81:1f:72:18:a9:02:91:39:
6f:c4:47:72:a5:4f:3a:26:d7:7a:f4:85:27:bb:16:27:29:98:
84:7e:42:4e:3b:2f:41:95:21:e6:cd:8a:d0:54:29:56:1e:32:
30:94:df:74:54:d0:e8:02:5d:ef:8d:cd:76:cd:28:23:17:3c:
88:46:a6:10:77:06:86:3c:f1:c2:e2:16:3a:c3:82:1b:aa:ee:
59:28:96:b6:5c:7b:d9:b3:7a:f7:d8:42:f0:43:f3:e0:ca:3b:
e9:94:f4:2c:89:47:de:59:f3:2f:24:c2:31:55:bb:91:06:9e:
f6:06:51:3b:0e:e4:63:e3:bd:25:3d:02:9c:ad:37:f4:fe:50:
a4:cd:bf:f4:fa:9e:45:76:07:f0:9e:74:28:da:a6:a9:1c:41:
65:82:22:de:bb:a2:52:1e:73:f6:32:b1:81:7a:f1:2b:7e:7a:
68:50:85:45:77:11:23:83:ce:ce:81:a9:04:ac:68:8a:9a:78:
e4:fa:56:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4IUHRBAd209b/0WetsRW0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ODVjYzQzZDgwNmEyMWI2MzMzMDIxOWViNjM4YmIxYmE0
OWFlODAwHhcNMjUwNjI4MjAwMTE2WhcNMjUwNjI5MjAwMTE2WjAzMTEwLwYDVQQD
Eyg5MDJiYTZiMjQ0NzRiOWE2OWY5M2E1MDQ2YWRhYzczYTc1ZWZjYzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtkeecrvqWJl+wI1i3uXjmanXNJ6
iig5mD+z9mjihqdEOfjTyTp0RdOPFMAU07T0vWU3eygjyfn+SXqLseATSZcRiYC+
+q/ysVwodxV5N2HOlV8BCk2/4hXGC9uOa56K+qFv9wmEEcTxUilgHTPECZoIbWQE
LcKGk3iTTOdnL2MZ0f8GSG0k1Rd4styHhyrxGGvZPP7FFeMFZx2IVNbrTxGR5Cje
VoAuhqAqKuuVxwWS+z5Yl/+iImU1bY1kH9829a54Yv91sWz7q8zjhPw4HaT+sWSa
S/OAdYP+xOFVVylQi1Tnp1fS12FDdeg01iEtnEKBDGZPS7LV07aXrPnUUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJArprJEdLmmn5OlBGraxzp178xYMB8GA1UdIwQY
MBaAFCmFzEPYBqIbYzMCGetji7G6Sa6AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9mM2ZlZjQtNDVkYS00YjQzLTk4YzIt
NGRmODg0MGVmYjE3LzEvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9mM2ZlZjQtNDVkYS00YjQzLTk4YzItNGRmODg0MGVmYjE3
LzEvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG8milA5H
yh3cI6LPxkm63RodhtTJuZOzVnE3GyXdEi7I5PDg0M7XH+5CTcaoNb69dqZ/AgGh
5RXv+n1y3IsUfIEfchipApE5b8RHcqVPOibXevSFJ7sWJymYhH5CTjsvQZUh5s2K
0FQpVh4yMJTfdFTQ6AJd743Nds0oIxc8iEamEHcGhjzxwuIWOsOCG6ruWSiWtlx7
2bN699hC8EPz4Mo76ZT0LIlH3lnzLyTCMVW7kQae9gZROw7kY+O9JT0CnK039P5Q
pM2/9PqeRXYH8J50KNqmqRxBZYIi3ruiUh5z9jKxgXrxK356aFCFRXcRI4POzoGp
BKxoipp45PpWYw==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:15:25 2025 by rpki-client