Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.mft
File: KYm1iRINOeoU_1OWO_IxV9Mkleo.mft (raw, json)
Hash identifier: 5JrvWjGaJYgA+mGA01CdyA74a/Cg/l6TBZr/5si1vZw=
Subject key identifier: AC:26:E5:DC:27:0C:CF:04:27:0F:D0:22:80:37:E6:53:0D:14:8B:F6
Authority key identifier: 29:89:B5:89:12:0D:39:EA:14:FF:53:96:3B:F2:31:57:D3:24:95:EA
Certificate issuer: /CN=2989b589120d39ea14ff53963bf23157d32495ea
Certificate serial: 0197B9D8FEF43DED5C4B860C29239B910004
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYm1iRINOeoU_1OWO_IxV9Mkleo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.mft
Manifest number: 15B4
Signing time: Sun 29 Jun 2025 04:01:35 +0000
Manifest this update: Sun 29 Jun 2025 04:01:35 +0000
Manifest next update: Mon 30 Jun 2025 04:01:35 +0000
Files and hashes: 1: KYm1iRINOeoU_1OWO_IxV9Mkleo.crl (hash: L4/XNP5AaeQZBMBssK4rbkiq7IzUxK1Z7KsdqFwAXjs=)
2: qCYAPp7Dim0U2WN8VdnzBt9dUOY.roa (hash: A0zVfMWFcmAvQiJtyOik4/Esuwb1ukoj8nbTE0+n850=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.mft
rsync://rpki.ripe.net/repository/DEFAULT/KYm1iRINOeoU_1OWO_IxV9Mkleo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b9:d8:fe:f4:3d:ed:5c:4b:86:0c:29:23:9b:91:00:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2989b589120d39ea14ff53963bf23157d32495ea
Validity
Not Before: Jun 29 04:01:35 2025 GMT
Not After : Jun 30 04:01:35 2025 GMT
Subject: CN=ac26e5dc270ccf04270fd0228037e6530d148bf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:6e:b8:bb:c0:6c:e6:c3:40:a5:77:42:a1:97:
50:d4:ad:a2:68:6d:e8:1a:91:fd:6b:05:ca:22:d9:
56:b0:4e:f0:dc:e4:cc:57:e9:96:7e:fd:ef:26:13:
0a:91:52:a2:ac:d9:41:6a:ee:cd:4c:1e:1b:da:a4:
d0:c3:83:eb:f4:59:c2:84:69:f0:0e:80:cd:72:1e:
ce:e1:22:a9:e9:73:b6:02:08:04:fc:09:56:4a:f9:
92:60:95:81:7d:39:eb:01:a3:4a:33:dc:dd:43:e7:
67:17:cd:cf:2e:02:62:66:26:c6:f0:13:eb:5f:55:
ce:ed:7b:d5:c8:88:0a:27:80:f6:6f:08:5d:35:b7:
48:03:c5:4d:d9:db:2e:13:0c:be:d9:5f:4d:db:dd:
c7:a8:9a:bd:f7:58:b6:f3:29:9b:96:ef:ef:65:21:
c1:57:3a:30:a6:e3:bb:48:92:2d:fc:75:fe:ac:0f:
52:25:bc:0e:e2:48:45:d3:35:a9:1b:69:c5:c4:e8:
f6:68:13:21:ac:1d:99:8f:49:d8:1c:04:6a:77:68:
c1:2b:d1:8f:86:f4:07:a2:fd:34:4a:fc:20:4b:d1:
79:5b:13:8a:66:fc:b1:54:44:d2:77:14:6a:50:3d:
d1:f8:d1:f6:f3:90:c9:d9:e9:c6:53:13:33:76:d2:
48:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:26:E5:DC:27:0C:CF:04:27:0F:D0:22:80:37:E6:53:0D:14:8B:F6
X509v3 Authority Key Identifier:
keyid:29:89:B5:89:12:0D:39:EA:14:FF:53:96:3B:F2:31:57:D3:24:95:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYm1iRINOeoU_1OWO_IxV9Mkleo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
63:74:4c:45:a8:c3:0c:f3:42:e6:b1:5e:cd:47:d8:79:9c:4d:
ab:3b:f1:60:f0:c8:14:f0:9e:df:cd:ff:4b:76:f1:49:ed:ac:
a2:08:7c:32:6b:db:9b:98:13:3d:23:ba:0d:c9:f7:9e:37:67:
0c:1c:a1:8b:32:1b:ab:0b:60:56:69:d3:6b:38:15:4f:5c:bf:
f6:22:0a:45:20:cd:db:a3:33:c3:0b:36:99:30:bb:14:89:1e:
a8:0e:c9:9b:dd:34:83:94:84:c0:3b:5e:31:89:d5:41:56:49:
8d:45:69:f9:07:1a:01:9c:28:af:0e:39:87:ef:60:27:d1:08:
d3:c9:e7:4a:68:a0:e6:cb:e4:df:f5:00:7d:46:4d:96:d5:38:
e2:f7:f3:38:a6:e2:9a:b5:43:d2:a2:56:72:b2:48:c5:35:ce:
d3:b6:76:38:4c:2c:af:b8:e9:74:99:7c:c3:8f:c7:36:78:f0:
27:76:98:8a:fc:45:c6:fa:8f:53:a6:5b:a1:3d:ca:0b:ba:87:
d3:45:a3:b0:86:06:87:07:95:b7:a6:0d:49:ac:cf:c5:3b:ca:
0d:9c:8a:c1:3b:d1:1c:52:cc:2b:ec:f5:af:61:57:fd:1e:48:
2c:85:3d:2e:5e:50:bb:57:c2:17:6d:76:d5:de:65:95:c4:28:
0f:3c:e2:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe52P70Pe1cS4YMKSObkQAEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ODliNTg5MTIwZDM5ZWExNGZmNTM5NjNiZjIzMTU3ZDMy
NDk1ZWEwHhcNMjUwNjI5MDQwMTM1WhcNMjUwNjMwMDQwMTM1WjAzMTEwLwYDVQQD
EyhhYzI2ZTVkYzI3MGNjZjA0MjcwZmQwMjI4MDM3ZTY1MzBkMTQ4YmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7264u8Bs5sNApXdCoZdQ1K2iaG3o
GpH9awXKItlWsE7w3OTMV+mWfv3vJhMKkVKirNlBau7NTB4b2qTQw4Pr9FnChGnw
DoDNch7O4SKp6XO2AggE/AlWSvmSYJWBfTnrAaNKM9zdQ+dnF83PLgJiZibG8BPr
X1XO7XvVyIgKJ4D2bwhdNbdIA8VN2dsuEwy+2V9N293HqJq991i28ymblu/vZSHB
VzowpuO7SJIt/HX+rA9SJbwO4khF0zWpG2nFxOj2aBMhrB2Zj0nYHARqd2jBK9GP
hvQHov00SvwgS9F5WxOKZvyxVETSdxRqUD3R+NH285DJ2enGUxMzdtJIrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKwm5dwnDM8EJw/QIoA35lMNFIv2MB8GA1UdIwQY
MBaAFCmJtYkSDTnqFP9TljvyMVfTJJXqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1ltMWlSSU5PZW9VXzFPV09fSXhWOU1rbGVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9mMDgxNzAtOGQ5Mi00Y2ZhLWI3MzMt
ZmJkYmU1MTRkZjVhLzEvS1ltMWlSSU5PZW9VXzFPV09fSXhWOU1rbGVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9mMDgxNzAtOGQ5Mi00Y2ZhLWI3MzMtZmJkYmU1MTRkZjVh
LzEvS1ltMWlSSU5PZW9VXzFPV09fSXhWOU1rbGVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY3RMRajD
DPNC5rFezUfYeZxNqzvxYPDIFPCe383/S3bxSe2sogh8Mmvbm5gTPSO6Dcn3njdn
DByhizIbqwtgVmnTazgVT1y/9iIKRSDN26Mzwws2mTC7FIkeqA7Jm900g5SEwDte
MYnVQVZJjUVp+QcaAZworw45h+9gJ9EI08nnSmig5svk3/UAfUZNltU44vfzOKbi
mrVD0qJWcrJIxTXO07Z2OEwsr7jpdJl8w4/HNnjwJ3aYivxFxvqPU6ZboT3KC7qH
00WjsIYGhweVt6YNSazPxTvKDZyKwTvRHFLMK+z1r2FX/R5ILIU9Ll5Qu1fCF212
1d5llcQoDzzi0Q==
-----END CERTIFICATE-----
Generated at Sun Jun 29 08:14:39 2025 by rpki-client