Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft
File: KNX3dyLGFlf4HJ965JznKbWA9ng.mft (raw, json)
Hash identifier: mGg9UVj5ClbROkEU1R3mBHdmJNRzrryecfhhdrCs57A=
Subject key identifier: 29:2C:EB:11:74:91:53:B2:0C:1C:C1:E5:D1:07:74:7F:26:27:2E:1D
Authority key identifier: 28:D5:F7:77:22:C6:16:57:F8:1C:9F:7A:E4:9C:E7:29:B5:80:F6:78
Certificate issuer: /CN=28d5f77722c61657f81c9f7ae49ce729b580f678
Certificate serial: 0198D66121FBA648D56FBC59512CA0C7FFF2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KNX3dyLGFlf4HJ965JznKbWA9ng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft
Manifest number: 1647
Signing time: Sat 23 Aug 2025 10:02:26 +0000
Manifest this update: Sat 23 Aug 2025 10:02:26 +0000
Manifest next update: Sun 24 Aug 2025 10:02:26 +0000
Files and hashes: 1: KNX3dyLGFlf4HJ965JznKbWA9ng.crl (hash: s0B+1oN2Q3PQFJa0I9ujFNof6MccYkvWpIiq5YCACZE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft
rsync://rpki.ripe.net/repository/DEFAULT/KNX3dyLGFlf4HJ965JznKbWA9ng.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:61:21:fb:a6:48:d5:6f:bc:59:51:2c:a0:c7:ff:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28d5f77722c61657f81c9f7ae49ce729b580f678
Validity
Not Before: Aug 23 10:02:26 2025 GMT
Not After : Aug 24 10:02:26 2025 GMT
Subject: CN=292ceb11749153b20c1cc1e5d107747f26272e1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:95:62:0c:09:de:5b:78:52:17:fc:80:ce:43:
97:19:79:b1:e8:33:7c:9c:d3:c4:e3:de:bd:67:f6:
6c:62:56:f1:7b:83:0a:36:b3:f1:36:99:69:2d:13:
a4:d9:5a:1d:10:cd:35:83:c9:cb:af:24:fd:3b:df:
46:ab:24:26:dc:57:fe:d1:d1:3f:84:ff:2e:37:e4:
4d:97:01:88:4f:88:b6:6d:76:63:4c:43:e9:60:c5:
da:2f:02:cd:d8:62:d7:79:cc:3c:46:36:eb:f9:63:
d8:50:56:91:d7:70:0f:7a:f9:79:61:bc:47:a7:4e:
6f:88:30:1f:78:41:1e:9d:7a:9c:4e:dd:59:9b:1f:
a9:00:87:0d:eb:ab:b7:ec:d2:19:6c:63:9f:66:b2:
1a:69:77:ce:53:55:fc:8a:8b:d8:15:3d:9c:4b:09:
69:58:55:8b:cd:da:c2:03:61:0c:5a:da:0e:3b:77:
96:75:06:ea:60:46:1b:82:69:64:f9:27:b4:bc:8c:
9d:3b:f2:73:24:36:eb:e9:33:b5:dc:1d:66:5b:0d:
d3:b0:df:f2:30:03:04:1a:37:3d:46:dc:5a:41:13:
ac:4e:08:a6:88:75:69:83:7a:ab:81:9c:25:1a:d0:
00:d4:1c:c4:3d:b0:c8:fc:32:82:4b:e3:67:e3:ec:
b4:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:2C:EB:11:74:91:53:B2:0C:1C:C1:E5:D1:07:74:7F:26:27:2E:1D
X509v3 Authority Key Identifier:
keyid:28:D5:F7:77:22:C6:16:57:F8:1C:9F:7A:E4:9C:E7:29:B5:80:F6:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KNX3dyLGFlf4HJ965JznKbWA9ng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
29:79:21:6b:51:3f:eb:f8:82:8c:96:bf:69:56:b9:7e:03:8f:
75:3a:30:20:07:9d:17:82:9b:60:43:53:5d:65:f4:93:ee:2f:
55:04:1e:35:60:c0:f0:5e:c2:d0:d7:70:f1:6a:ff:0c:4e:1f:
96:82:7f:ca:4e:d2:5a:10:21:d5:05:3a:c7:92:2a:db:ae:08:
73:fd:19:60:a4:b7:bc:dc:64:42:e3:0d:8c:4a:0a:91:bc:40:
f8:da:26:bf:05:4a:9d:50:b6:be:60:0d:38:5f:8d:19:45:a3:
99:91:54:b3:51:94:e8:e8:90:33:0b:01:aa:28:5e:e5:c1:1f:
a9:3b:1e:f3:33:cc:73:e9:77:74:53:a6:f9:eb:48:98:80:aa:
7c:7b:49:4f:df:6e:2c:3b:21:bc:21:c0:19:f5:72:20:05:26:
5c:b5:ea:46:26:08:81:f7:0f:c6:0f:df:40:ca:0e:20:ef:2a:
6b:b6:42:9e:17:97:75:26:0d:17:fc:d4:67:31:0b:1f:7d:50:
6b:69:8d:7a:27:07:08:61:fb:76:34:6b:76:26:05:22:2b:37:
79:55:7e:47:e6:58:0b:20:22:b9:68:06:f6:29:c9:bc:e6:f5:
3b:e9:f0:fc:30:49:e8:b4:da:a6:5b:bc:5a:7b:31:b0:3a:b4:
0f:3c:e1:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYSH7pkjVb7xZUSygx//yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ZDVmNzc3MjJjNjE2NTdmODFjOWY3YWU0OWNlNzI5YjU4
MGY2NzgwHhcNMjUwODIzMTAwMjI2WhcNMjUwODI0MTAwMjI2WjAzMTEwLwYDVQQD
EygyOTJjZWIxMTc0OTE1M2IyMGMxY2MxZTVkMTA3NzQ3ZjI2MjcyZTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1pViDAneW3hSF/yAzkOXGXmx6DN8
nNPE4969Z/ZsYlbxe4MKNrPxNplpLROk2VodEM01g8nLryT9O99GqyQm3Ff+0dE/
hP8uN+RNlwGIT4i2bXZjTEPpYMXaLwLN2GLXecw8Rjbr+WPYUFaR13APevl5YbxH
p05viDAfeEEenXqcTt1Zmx+pAIcN66u37NIZbGOfZrIaaXfOU1X8iovYFT2cSwlp
WFWLzdrCA2EMWtoOO3eWdQbqYEYbgmlk+Se0vIydO/JzJDbr6TO13B1mWw3TsN/y
MAMEGjc9RtxaQROsTgimiHVpg3qrgZwlGtAA1BzEPbDI/DKCS+Nn4+y0CwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCks6xF0kVOyDBzB5dEHdH8mJy4dMB8GA1UdIwQY
MBaAFCjV93cixhZX+ByfeuSc5ym1gPZ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS05YM2R5TEdGbGY0SEo5NjVKem5LYldBOW5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85ZTgxZjMtMmUwMi00ODU3LWFmNDkt
NjFiZThhMDZmM2FmLzEvS05YM2R5TEdGbGY0SEo5NjVKem5LYldBOW5nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85ZTgxZjMtMmUwMi00ODU3LWFmNDktNjFiZThhMDZmM2Fm
LzEvS05YM2R5TEdGbGY0SEo5NjVKem5LYldBOW5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKXkha1E/
6/iCjJa/aVa5fgOPdTowIAedF4KbYENTXWX0k+4vVQQeNWDA8F7C0Ndw8Wr/DE4f
loJ/yk7SWhAh1QU6x5Iq264Ic/0ZYKS3vNxkQuMNjEoKkbxA+NomvwVKnVC2vmAN
OF+NGUWjmZFUs1GU6OiQMwsBqihe5cEfqTse8zPMc+l3dFOm+etImICqfHtJT99u
LDshvCHAGfVyIAUmXLXqRiYIgfcPxg/fQMoOIO8qa7ZCnheXdSYNF/zUZzELH31Q
a2mNeicHCGH7djRrdiYFIis3eVV+R+ZYCyAiuWgG9inJvOb1O+nw/DBJ6LTaplu8
WnsxsDq0DzzhXA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:59:56 2025 by rpki-client