Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
File: KRKNnU8aVulw-HRtaCesESD5Jmc.mft (raw, json)
Hash identifier: e0t64asRkkz1rDtn4ml3ema1p9QyX84nbc7JC1/YjYE=
Subject key identifier: DA:74:62:B7:5C:BF:EC:DB:EF:23:30:0A:EB:9C:0F:D2:58:0A:FF:BB
Authority key identifier: 29:12:8D:9D:4F:1A:56:E9:70:F8:74:6D:68:27:AC:11:20:F9:26:67
Certificate issuer: /CN=29128d9d4f1a56e970f8746d6827ac1120f92667
Certificate serial: 0197B820BDE77DC413D7A45372A3869A2328
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
Manifest number: BB
Signing time: Sat 28 Jun 2025 20:00:42 +0000
Manifest this update: Sat 28 Jun 2025 20:00:42 +0000
Manifest next update: Sun 29 Jun 2025 20:00:42 +0000
Files and hashes: 1: F89K3Q0XwdNsBMWEF-9n8HX8seQ.roa (hash: k36l/8lxtcKwAJTjrdDRO46ly7DD3aRm+mH7GwvYLjg=)
2: KRKNnU8aVulw-HRtaCesESD5Jmc.crl (hash: HDtpDDA/RLqv9YxDjb5sg1hB+oaVbCKPlPBoiW2p/o8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b8:20:bd:e7:7d:c4:13:d7:a4:53:72:a3:86:9a:23:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29128d9d4f1a56e970f8746d6827ac1120f92667
Validity
Not Before: Jun 28 20:00:42 2025 GMT
Not After : Jun 29 20:00:42 2025 GMT
Subject: CN=da7462b75cbfecdbef23300aeb9c0fd2580affbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ea:46:e6:38:81:10:f5:23:07:5b:78:5b:ce:
ee:c3:39:74:4a:fb:49:00:8d:99:72:d9:70:73:0c:
14:4f:2f:b1:fa:a7:be:77:db:af:6f:e9:9a:b6:ea:
03:df:f9:de:91:d5:60:84:9a:a8:3f:6e:b6:0e:f0:
f0:03:32:4a:32:14:64:06:2d:11:1f:09:43:eb:e2:
d7:11:70:e3:40:5e:93:67:1b:5a:d1:96:c6:e0:81:
65:0c:d9:c2:ab:fe:f9:ee:d6:9d:f3:8f:42:bc:df:
27:c0:64:fb:94:04:cd:10:97:77:4a:3b:70:a4:a3:
49:8f:49:c3:a9:4c:4c:67:53:63:f9:c8:db:13:c7:
bc:3e:91:66:bd:e3:c5:3a:96:4e:00:97:cc:bd:60:
95:74:6c:77:72:f6:f5:cb:08:7b:f8:c7:a8:89:4a:
39:26:f3:58:64:6b:e2:00:cb:69:5e:cd:86:cd:8b:
09:7a:4d:54:e3:60:ac:08:dd:8c:25:48:6a:c4:ea:
4a:51:f7:e9:aa:c1:e9:84:46:c9:70:84:9a:89:3e:
09:f9:cc:01:34:29:15:9c:76:fd:b8:e1:b4:d0:91:
be:b3:b5:80:c6:90:60:dc:60:37:fa:bd:0d:db:ad:
9f:9a:d5:32:92:8d:02:f7:6d:ab:17:8b:75:4b:65:
af:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:74:62:B7:5C:BF:EC:DB:EF:23:30:0A:EB:9C:0F:D2:58:0A:FF:BB
X509v3 Authority Key Identifier:
keyid:29:12:8D:9D:4F:1A:56:E9:70:F8:74:6D:68:27:AC:11:20:F9:26:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6b:23:0c:68:c0:18:09:29:c6:5c:51:fd:60:29:f6:c2:9c:f2:
be:4f:75:c2:61:48:03:eb:69:f8:69:8f:ea:6e:06:07:b8:7b:
85:d6:e6:ab:06:7d:10:a1:53:26:43:e2:fe:71:38:f2:b6:68:
31:40:8c:1a:25:4d:95:6f:f0:70:02:74:75:82:e1:42:74:63:
c7:f1:1a:15:4b:bd:93:6d:b5:fa:0b:fc:2d:25:2e:8c:40:dc:
c3:a7:65:7d:c7:c7:25:22:a3:f7:d3:f4:87:ab:eb:e5:fd:bc:
b4:a5:81:20:2c:b0:9f:84:76:8f:4a:e2:5b:0d:39:7b:c3:47:
7e:41:b6:b6:f5:89:db:16:29:47:73:5f:d0:6d:9c:d1:d9:d4:
32:4e:12:95:fc:75:3a:d9:39:46:7c:a0:e9:4a:9b:03:e5:25:
90:98:cd:b6:5c:4a:0f:2b:5e:6b:88:3d:47:37:00:b2:d8:70:
99:b6:32:84:19:76:59:df:4c:b2:e9:bc:3e:cd:ba:b4:88:0b:
cf:cd:16:6a:22:13:fd:a0:a6:b6:33:c2:50:35:61:29:bc:91:
d1:33:46:44:23:5d:e9:7e:49:6a:cc:f0:92:bc:82:07:8c:80:
0b:19:a6:8f:25:37:ed:7e:21:1c:df:1c:c2:76:bc:69:28:0c:
3b:bd:51:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4IL3nfcQT16RTcqOGmiMoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MTI4ZDlkNGYxYTU2ZTk3MGY4NzQ2ZDY4MjdhYzExMjBm
OTI2NjcwHhcNMjUwNjI4MjAwMDQyWhcNMjUwNjI5MjAwMDQyWjAzMTEwLwYDVQQD
EyhkYTc0NjJiNzVjYmZlY2RiZWYyMzMwMGFlYjljMGZkMjU4MGFmZmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuupG5jiBEPUjB1t4W87uwzl0SvtJ
AI2ZctlwcwwUTy+x+qe+d9uvb+matuoD3/nekdVghJqoP262DvDwAzJKMhRkBi0R
HwlD6+LXEXDjQF6TZxta0ZbG4IFlDNnCq/757tad849CvN8nwGT7lATNEJd3Sjtw
pKNJj0nDqUxMZ1Nj+cjbE8e8PpFmvePFOpZOAJfMvWCVdGx3cvb1ywh7+MeoiUo5
JvNYZGviAMtpXs2GzYsJek1U42CsCN2MJUhqxOpKUffpqsHphEbJcISaiT4J+cwB
NCkVnHb9uOG00JG+s7WAxpBg3GA3+r0N262fmtUyko0C922rF4t1S2WvqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNp0Yrdcv+zb7yMwCuucD9JYCv+7MB8GA1UdIwQY
MBaAFCkSjZ1PGlbpcPh0bWgnrBEg+SZnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8xMTQ3N2MtODQ1Mi00YWJiLTkxNDct
ZjBiMDljMGM5MGM3LzEvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8xMTQ3N2MtODQ1Mi00YWJiLTkxNDctZjBiMDljMGM5MGM3
LzEvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAayMMaMAY
CSnGXFH9YCn2wpzyvk91wmFIA+tp+GmP6m4GB7h7hdbmqwZ9EKFTJkPi/nE48rZo
MUCMGiVNlW/wcAJ0dYLhQnRjx/EaFUu9k221+gv8LSUujEDcw6dlfcfHJSKj99P0
h6vr5f28tKWBICywn4R2j0riWw05e8NHfkG2tvWJ2xYpR3Nf0G2c0dnUMk4Slfx1
Otk5Rnyg6UqbA+UlkJjNtlxKDytea4g9RzcAsthwmbYyhBl2Wd9Msum8Ps26tIgL
z80WaiIT/aCmtjPCUDVhKbyR0TNGRCNd6X5JaszwkryCB4yACxmmjyU37X4hHN8c
wna8aSgMO71RMQ==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:11:12 2025 by rpki-client