Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
File: KRKNnU8aVulw-HRtaCesESD5Jmc.mft (raw, json)
Hash identifier: ZxXX9Dm+TXBOLwjVftaWJdyhF4ZxM1pZI5CJD/eZ0p0=
Subject key identifier: E3:CB:98:36:B8:81:67:7B:70:4F:60:54:E2:59:C5:1E:3C:26:53:0E
Authority key identifier: 29:12:8D:9D:4F:1A:56:E9:70:F8:74:6D:68:27:AC:11:20:F9:26:67
Certificate issuer: /CN=29128d9d4f1a56e970f8746d6827ac1120f92667
Certificate serial: 0196BB245C8B3A708BD1B166EC60045F1A25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
Manifest number: 38
Signing time: Sat 10 May 2025 17:00:44 +0000
Manifest this update: Sat 10 May 2025 17:00:44 +0000
Manifest next update: Sun 11 May 2025 17:00:44 +0000
Files and hashes: 1: F89K3Q0XwdNsBMWEF-9n8HX8seQ.roa (hash: k36l/8lxtcKwAJTjrdDRO46ly7DD3aRm+mH7GwvYLjg=)
2: KRKNnU8aVulw-HRtaCesESD5Jmc.crl (hash: a0FahxJ/kNNttnIAOwm5kFmXgakA5txyNTyp4mtJdz4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 13:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:bb:24:5c:8b:3a:70:8b:d1:b1:66:ec:60:04:5f:1a:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29128d9d4f1a56e970f8746d6827ac1120f92667
Validity
Not Before: May 10 17:00:44 2025 GMT
Not After : May 11 17:00:44 2025 GMT
Subject: CN=e3cb9836b881677b704f6054e259c51e3c26530e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d1:90:16:28:16:e2:1b:60:32:bc:90:6b:65:
00:b9:c8:ad:fb:01:7b:0c:92:b6:d6:77:73:d1:be:
50:ee:e2:c3:a6:7f:e3:c0:4d:19:d6:29:10:61:20:
f2:e7:ab:45:8a:ec:df:2c:71:62:2a:ed:11:6f:58:
ce:35:bb:8c:03:b5:11:d7:fb:e1:4a:8f:fc:95:82:
7d:2e:80:f9:07:a2:98:6c:df:68:06:03:3b:7a:41:
f4:d7:f6:38:ea:4a:ed:04:8b:c8:92:ec:7f:95:fc:
b3:34:39:e2:70:57:34:92:79:ed:a7:35:7c:13:3a:
03:d0:29:0f:e6:1b:71:58:7b:18:b7:de:d4:96:6c:
eb:5a:db:74:f6:d6:04:31:dd:db:27:55:a1:2f:76:
35:a7:72:48:55:7a:37:5a:80:85:b7:d5:9a:0e:c6:
14:4b:5a:97:ca:02:16:07:57:ca:a8:bd:11:89:46:
53:b7:fe:d7:69:55:ac:4e:2f:23:11:30:81:50:9c:
72:d5:6e:79:0a:10:96:0d:a5:80:f0:01:c8:64:e8:
c5:f7:9f:ee:b6:a6:ab:12:e2:91:17:58:fa:6f:08:
94:56:a6:cc:31:60:54:15:7b:a1:24:1d:3d:2b:3e:
12:e2:d4:56:59:8e:fc:97:05:3e:03:dd:8d:b5:c8:
f9:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:CB:98:36:B8:81:67:7B:70:4F:60:54:E2:59:C5:1E:3C:26:53:0E
X509v3 Authority Key Identifier:
keyid:29:12:8D:9D:4F:1A:56:E9:70:F8:74:6D:68:27:AC:11:20:F9:26:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0f:58:fd:ab:5e:3d:74:67:1a:59:03:4d:32:8e:fd:68:91:57:
2f:83:dc:cb:9d:8d:8d:78:41:97:5d:5d:0b:95:cc:bd:f4:50:
4a:52:03:fd:c2:78:bc:ed:fd:bb:77:f7:d9:63:4a:9f:8a:4e:
e7:a9:40:a3:17:ac:25:d3:44:89:a8:0b:9c:11:eb:6d:66:62:
a1:ad:b4:6b:bb:83:f1:7f:dc:bc:83:e3:6b:15:b4:90:cb:06:
0f:9a:11:8a:c2:cb:c7:32:c6:1e:b9:bf:e4:12:d1:95:6d:15:
f5:fc:53:3c:6d:d0:96:88:04:ed:23:2e:67:e0:66:83:b9:ef:
0d:59:c1:34:f1:e9:28:8d:73:d1:9f:a0:c4:0e:78:5b:39:a3:
b8:63:97:a5:b5:d5:87:c4:f4:ba:e9:16:48:70:fe:41:da:f2:
b9:8d:b1:23:59:c5:35:6d:91:bd:e1:5a:97:4a:cf:b0:27:bc:
23:f3:50:45:eb:fb:ff:c7:06:bc:e5:83:28:8f:b9:09:1a:7c:
36:ce:53:70:26:c8:c3:5c:d7:4a:9e:85:ab:73:42:23:b1:9f:
0f:fb:16:78:21:5b:91:1a:a8:ab:fe:80:51:1e:ab:40:d2:87:
35:b1:b5:ae:db:8a:48:23:ef:71:ad:95:8b:39:64:b1:d3:f9:
87:7a:21:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa7JFyLOnCL0bFm7GAEXxolMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MTI4ZDlkNGYxYTU2ZTk3MGY4NzQ2ZDY4MjdhYzExMjBm
OTI2NjcwHhcNMjUwNTEwMTcwMDQ0WhcNMjUwNTExMTcwMDQ0WjAzMTEwLwYDVQQD
EyhlM2NiOTgzNmI4ODE2NzdiNzA0ZjYwNTRlMjU5YzUxZTNjMjY1MzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntGQFigW4htgMryQa2UAucit+wF7
DJK21ndz0b5Q7uLDpn/jwE0Z1ikQYSDy56tFiuzfLHFiKu0Rb1jONbuMA7UR1/vh
So/8lYJ9LoD5B6KYbN9oBgM7ekH01/Y46krtBIvIkux/lfyzNDnicFc0knntpzV8
EzoD0CkP5htxWHsYt97UlmzrWtt09tYEMd3bJ1WhL3Y1p3JIVXo3WoCFt9WaDsYU
S1qXygIWB1fKqL0RiUZTt/7XaVWsTi8jETCBUJxy1W55ChCWDaWA8AHIZOjF95/u
tqarEuKRF1j6bwiUVqbMMWBUFXuhJB09Kz4S4tRWWY78lwU+A92Ntcj5JQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOPLmDa4gWd7cE9gVOJZxR48JlMOMB8GA1UdIwQY
MBaAFCkSjZ1PGlbpcPh0bWgnrBEg+SZnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8xMTQ3N2MtODQ1Mi00YWJiLTkxNDct
ZjBiMDljMGM5MGM3LzEvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8xMTQ3N2MtODQ1Mi00YWJiLTkxNDctZjBiMDljMGM5MGM3
LzEvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD1j9q149
dGcaWQNNMo79aJFXL4Pcy52NjXhBl11dC5XMvfRQSlID/cJ4vO39u3f32WNKn4pO
56lAoxesJdNEiagLnBHrbWZioa20a7uD8X/cvIPjaxW0kMsGD5oRisLLxzLGHrm/
5BLRlW0V9fxTPG3QlogE7SMuZ+Bmg7nvDVnBNPHpKI1z0Z+gxA54WzmjuGOXpbXV
h8T0uukWSHD+QdryuY2xI1nFNW2RveFal0rPsCe8I/NQRev7/8cGvOWDKI+5CRp8
Ns5TcCbIw1zXSp6Fq3NCI7GfD/sWeCFbkRqoq/6AUR6rQNKHNbG1rtuKSCPvca2V
izlksdP5h3ohjA==
-----END CERTIFICATE-----
Generated at Sat May 10 22:11:36 2025 by rpki-client