Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9d56a3-4417-4940-baa2-9e962cd9dd82/1/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.mft
File: kb1Yg8gq7SX-8bGNcNAhWwf3J9g.mft (raw, json)
Hash identifier: p21oDkYDbRJd9Y1zLl8wuniKIvjOZK9mBU16ILOcEbg=
Subject key identifier: 87:33:E7:86:A6:25:03:0C:2F:05:69:30:04:D8:CA:77:BE:AC:B6:CC
Authority key identifier: 91:BD:58:83:C8:2A:ED:25:FE:F1:B1:8D:70:D0:21:5B:07:F7:27:D8
Certificate issuer: /CN=91bd5883c82aed25fef1b18d70d0215b07f727d8
Certificate serial: 0197B7455E73B5F74614515F5B23262C5240
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9d56a3-4417-4940-baa2-9e962cd9dd82/1/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.mft
Manifest number: DC
Signing time: Sat 28 Jun 2025 16:01:05 +0000
Manifest this update: Sat 28 Jun 2025 16:01:05 +0000
Manifest next update: Sun 29 Jun 2025 16:01:05 +0000
Files and hashes: 1: kb1Yg8gq7SX-8bGNcNAhWwf3J9g.crl (hash: 7D5yfed6GjjjxFAgMM4FEAE2U9Y7/NinIIqYiG3JxqA=)
2: t_GXvizzbbtQwSd_rqjoEMAWE2Y.roa (hash: ZkiqsfUq4HUiMQwjqugEWSy9vPbelZw6D7VGclM/F3k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/9d56a3-4417-4940-baa2-9e962cd9dd82/1/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/9d56a3-4417-4940-baa2-9e962cd9dd82/1/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:45:5e:73:b5:f7:46:14:51:5f:5b:23:26:2c:52:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91bd5883c82aed25fef1b18d70d0215b07f727d8
Validity
Not Before: Jun 28 16:01:05 2025 GMT
Not After : Jun 29 16:01:05 2025 GMT
Subject: CN=8733e786a625030c2f05693004d8ca77beacb6cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:11:46:14:f4:2c:31:e2:c0:4f:a2:74:c0:d4:
3b:1b:ed:57:73:7a:0d:9e:3f:2e:38:35:9b:c3:71:
06:e2:87:19:94:bb:5f:0b:c5:dd:c5:29:eb:21:84:
3c:e5:ec:e3:f9:82:20:77:b6:fc:b7:b0:5e:ae:f1:
7e:de:c1:26:f4:b8:c7:9e:7c:ea:39:70:4d:3a:d7:
1b:d6:93:63:ad:04:67:12:9c:e3:4e:29:8e:46:92:
42:ce:a9:c0:5a:96:7a:6b:55:8d:c6:a2:4f:ae:79:
b7:63:17:b0:c3:b7:b6:f2:3c:c2:98:97:63:5e:c7:
b6:0a:26:cf:60:31:65:3e:e5:1d:37:60:07:32:a8:
c4:e5:35:22:2b:da:69:2d:f4:d8:e9:4c:a1:23:7a:
09:a1:dc:90:64:16:e2:af:35:00:8b:14:55:fb:0c:
6a:4f:da:7f:27:18:ef:69:2e:cf:1f:a7:00:5c:6a:
83:14:71:8b:c3:72:a8:11:af:31:87:ff:54:4b:b8:
58:59:7e:0c:d9:2b:44:f1:82:35:0f:1e:56:4b:fe:
aa:ed:73:6e:6a:71:b1:96:c2:a4:f7:fa:9f:10:6a:
38:62:84:4d:48:59:b6:d6:07:48:ad:b5:a7:f0:03:
3a:a3:fe:90:1f:16:7b:84:11:18:66:53:49:46:f3:
4c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:33:E7:86:A6:25:03:0C:2F:05:69:30:04:D8:CA:77:BE:AC:B6:CC
X509v3 Authority Key Identifier:
keyid:91:BD:58:83:C8:2A:ED:25:FE:F1:B1:8D:70:D0:21:5B:07:F7:27:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9d56a3-4417-4940-baa2-9e962cd9dd82/1/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9d56a3-4417-4940-baa2-9e962cd9dd82/1/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:95:96:99:92:3e:d8:a0:2d:51:9b:ac:17:b1:2e:96:0f:3f:
31:56:0d:1c:57:a4:29:69:ca:5d:9f:c5:82:b8:f0:5f:13:76:
3d:40:82:d6:28:2b:47:b5:67:9f:05:37:87:2c:29:53:77:e0:
6f:f1:c8:6b:ee:77:4a:1a:96:30:bf:73:fc:63:f7:84:fd:c9:
ff:ad:31:0e:f4:04:18:04:df:ef:45:df:28:b5:d7:fc:1e:9d:
12:79:d0:8b:2f:21:71:87:3d:27:71:66:80:91:dc:86:71:5c:
be:33:6b:3e:c5:14:ba:d7:47:d0:bc:42:13:32:9b:13:2e:21:
0f:fe:22:b4:01:e8:ce:41:61:f4:be:f5:fc:3f:85:94:2a:8e:
7b:6f:47:5e:88:15:67:8c:e3:ae:89:29:b7:16:78:4d:a6:20:
6e:e3:f6:d2:da:90:ea:48:79:a1:4f:6a:2b:c4:bf:15:5e:00:
c8:7b:cf:63:b4:22:74:c5:4a:93:65:49:4f:ab:93:7b:a4:9d:
41:ef:28:45:48:e3:1a:6c:a6:1b:56:9a:a0:d4:30:0b:4b:93:
94:5d:00:d2:a2:70:10:4c:d9:ad:f1:95:c6:1a:10:da:f7:cb:
08:0c:fc:23:b7:9e:0b:6f:e8:f9:fe:4c:ed:4a:ff:18:ac:37:
ed:06:80:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RV5ztfdGFFFfWyMmLFJAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYmQ1ODgzYzgyYWVkMjVmZWYxYjE4ZDcwZDAyMTViMDdm
NzI3ZDgwHhcNMjUwNjI4MTYwMTA1WhcNMjUwNjI5MTYwMTA1WjAzMTEwLwYDVQQD
Eyg4NzMzZTc4NmE2MjUwMzBjMmYwNTY5MzAwNGQ4Y2E3N2JlYWNiNmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRFGFPQsMeLAT6J0wNQ7G+1Xc3oN
nj8uODWbw3EG4ocZlLtfC8XdxSnrIYQ85ezj+YIgd7b8t7BervF+3sEm9LjHnnzq
OXBNOtcb1pNjrQRnEpzjTimORpJCzqnAWpZ6a1WNxqJPrnm3Yxeww7e28jzCmJdj
Xse2CibPYDFlPuUdN2AHMqjE5TUiK9ppLfTY6UyhI3oJodyQZBbirzUAixRV+wxq
T9p/JxjvaS7PH6cAXGqDFHGLw3KoEa8xh/9US7hYWX4M2StE8YI1Dx5WS/6q7XNu
anGxlsKk9/qfEGo4YoRNSFm21gdIrbWn8AM6o/6QHxZ7hBEYZlNJRvNMJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIcz54amJQMMLwVpMATYyne+rLbMMB8GA1UdIwQY
MBaAFJG9WIPIKu0l/vGxjXDQIVsH9yfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2IxWWc4Z3E3U1gtOGJHTmNOQWhXd2YzSjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85ZDU2YTMtNDQxNy00OTQwLWJhYTIt
OWU5NjJjZDlkZDgyLzEva2IxWWc4Z3E3U1gtOGJHTmNOQWhXd2YzSjlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85ZDU2YTMtNDQxNy00OTQwLWJhYTItOWU5NjJjZDlkZDgy
LzEva2IxWWc4Z3E3U1gtOGJHTmNOQWhXd2YzSjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEZWWmZI+
2KAtUZusF7Eulg8/MVYNHFekKWnKXZ/FgrjwXxN2PUCC1igrR7VnnwU3hywpU3fg
b/HIa+53ShqWML9z/GP3hP3J/60xDvQEGATf70XfKLXX/B6dEnnQiy8hcYc9J3Fm
gJHchnFcvjNrPsUUutdH0LxCEzKbEy4hD/4itAHozkFh9L71/D+FlCqOe29HXogV
Z4zjrokptxZ4TaYgbuP20tqQ6kh5oU9qK8S/FV4AyHvPY7QidMVKk2VJT6uTe6Sd
Qe8oRUjjGmymG1aaoNQwC0uTlF0A0qJwEEzZrfGVxhoQ2vfLCAz8I7eeC2/o+f5M
7Ur/GKw37QaAAQ==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:05:53 2025 by rpki-client