Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
File: KY2bT7TP4nih65-iA1oInEwlaFg.mft (raw, json)
Hash identifier: cWlM4WNjH6HUzOk0tVc1I6ly7UUj6Cwt/Vj685fA3Yw=
Subject key identifier: 8B:4D:DD:09:67:BA:C3:7A:CF:F1:F5:C4:6B:31:CE:54:E2:AB:86:10
Authority key identifier: 29:8D:9B:4F:B4:CF:E2:78:A1:EB:9F:A2:03:5A:08:9C:4C:25:68:58
Certificate issuer: /CN=298d9b4fb4cfe278a1eb9fa2035a089c4c256858
Certificate serial: 0198D73B2BB59C8282092EAF9E6DBE1FC74F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
Manifest number: 0BD0
Signing time: Sat 23 Aug 2025 14:00:35 +0000
Manifest this update: Sat 23 Aug 2025 14:00:35 +0000
Manifest next update: Sun 24 Aug 2025 14:00:35 +0000
Files and hashes: 1: KY2bT7TP4nih65-iA1oInEwlaFg.crl (hash: ACeuHXXU6aV4e8Y5c5+DQLeWXgYSMcTLwoOomwBHJ3w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d7:3b:2b:b5:9c:82:82:09:2e:af:9e:6d:be:1f:c7:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=298d9b4fb4cfe278a1eb9fa2035a089c4c256858
Validity
Not Before: Aug 23 14:00:35 2025 GMT
Not After : Aug 24 14:00:35 2025 GMT
Subject: CN=8b4ddd0967bac37acff1f5c46b31ce54e2ab8610
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:41:c0:8d:b9:ec:d5:0d:11:bb:3b:e4:bf:c4:
33:82:3e:42:4b:cf:2a:38:6e:20:98:69:b6:8c:06:
15:aa:9b:41:65:42:4d:29:74:cb:04:d5:5e:0b:67:
dc:e5:be:9c:3e:f6:50:67:a0:8c:92:c5:e3:e7:55:
8e:17:4a:2b:b3:49:df:ac:76:e7:4f:2f:ac:ee:28:
99:f3:85:15:35:81:bf:ee:98:b1:41:e8:79:82:d1:
af:bb:8a:ce:69:45:48:a7:bb:aa:09:be:e7:7b:6f:
5c:1d:57:b8:75:bf:0e:13:3a:1a:84:bb:65:54:a6:
b8:91:85:a6:64:0e:4a:d3:cf:62:97:52:00:cf:7c:
8a:8b:27:7f:4a:d9:3b:64:36:f6:c7:1a:b1:11:34:
01:52:98:39:88:00:7d:d9:ba:81:25:e2:b8:f0:67:
2e:92:53:63:26:c0:31:ba:ab:10:04:72:48:3b:6e:
86:4d:33:a7:d7:82:02:72:40:73:fc:f6:75:6d:4e:
84:f9:dc:cf:ec:03:12:13:33:ce:52:5c:6e:6e:db:
fe:79:24:c4:16:6d:65:e2:3d:06:97:43:d3:a5:72:
88:65:13:8f:f2:44:25:41:9a:d0:31:6a:36:01:54:
0f:31:28:bc:dd:07:d7:ec:ef:1d:82:a9:86:37:b3:
42:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:4D:DD:09:67:BA:C3:7A:CF:F1:F5:C4:6B:31:CE:54:E2:AB:86:10
X509v3 Authority Key Identifier:
keyid:29:8D:9B:4F:B4:CF:E2:78:A1:EB:9F:A2:03:5A:08:9C:4C:25:68:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
28:3f:a4:62:48:1e:25:89:4d:d0:39:92:42:a1:c1:d9:f5:32:
25:bf:a4:72:8e:c1:bf:3f:97:b5:8d:c2:8d:93:d7:95:1b:a5:
30:84:5d:80:a2:73:d2:fd:9f:57:b1:dc:55:03:b9:00:d5:75:
4a:5f:35:a4:6c:23:f1:06:b5:26:4f:50:af:e2:61:3c:9d:cf:
11:89:be:4c:d3:60:65:27:30:ad:a6:1a:80:97:44:16:44:3b:
f8:2f:fb:9e:20:20:50:6c:48:27:e3:64:00:37:1c:d0:40:d6:
da:a8:2d:19:d5:fd:4f:10:5a:6e:3c:3e:51:67:5b:f0:b6:92:
2b:38:06:1c:28:76:9f:36:96:06:53:27:9f:03:ce:aa:bf:26:
75:b0:7c:1e:32:07:cb:2b:ac:85:3c:b3:26:c6:60:9f:ac:1e:
91:6d:1c:11:d4:34:f0:9a:27:aa:61:ff:84:df:8a:58:87:c8:
81:dc:91:22:ec:d0:19:74:b9:31:c4:b0:76:86:5a:2b:c6:64:
7f:5b:46:af:e9:3a:44:b9:90:4c:e7:9a:8b:4a:f6:6b:8e:00:
cd:35:43:89:e2:cb:ee:88:b7:e9:5c:f3:21:05:b2:1e:fe:a5:
99:67:ad:44:73:0c:0a:c0:f6:21:c6:d1:1f:10:02:ab:6d:18:
26:58:e0:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXOyu1nIKCCS6vnm2+H8dPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OGQ5YjRmYjRjZmUyNzhhMWViOWZhMjAzNWEwODljNGMy
NTY4NTgwHhcNMjUwODIzMTQwMDM1WhcNMjUwODI0MTQwMDM1WjAzMTEwLwYDVQQD
Eyg4YjRkZGQwOTY3YmFjMzdhY2ZmMWY1YzQ2YjMxY2U1NGUyYWI4NjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUHAjbns1Q0Ruzvkv8Qzgj5CS88q
OG4gmGm2jAYVqptBZUJNKXTLBNVeC2fc5b6cPvZQZ6CMksXj51WOF0ors0nfrHbn
Ty+s7iiZ84UVNYG/7pixQeh5gtGvu4rOaUVIp7uqCb7ne29cHVe4db8OEzoahLtl
VKa4kYWmZA5K089il1IAz3yKiyd/Stk7ZDb2xxqxETQBUpg5iAB92bqBJeK48Gcu
klNjJsAxuqsQBHJIO26GTTOn14ICckBz/PZ1bU6E+dzP7AMSEzPOUlxubtv+eSTE
Fm1l4j0Gl0PTpXKIZROP8kQlQZrQMWo2AVQPMSi83QfX7O8dgqmGN7NCdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFItN3QlnusN6z/H1xGsxzlTiq4YQMB8GA1UdIwQY
MBaAFCmNm0+0z+J4oeufogNaCJxMJWhYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83Mzc3MDMtYzhjMS00NjgyLWJiMDIt
ZDgwMGJkZDY4NmUzLzEvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83Mzc3MDMtYzhjMS00NjgyLWJiMDItZDgwMGJkZDY4NmUz
LzEvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKD+kYkge
JYlN0DmSQqHB2fUyJb+kco7Bvz+XtY3CjZPXlRulMIRdgKJz0v2fV7HcVQO5ANV1
Sl81pGwj8Qa1Jk9Qr+JhPJ3PEYm+TNNgZScwraYagJdEFkQ7+C/7niAgUGxIJ+Nk
ADcc0EDW2qgtGdX9TxBabjw+UWdb8LaSKzgGHCh2nzaWBlMnnwPOqr8mdbB8HjIH
yyushTyzJsZgn6wekW0cEdQ08JonqmH/hN+KWIfIgdyRIuzQGXS5McSwdoZaK8Zk
f1tGr+k6RLmQTOeai0r2a44AzTVDieLL7oi36VzzIQWyHv6lmWetRHMMCsD2IcbR
HxACq20YJljg9g==
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:47:51 2025 by rpki-client