Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/c60f08-b24b-4dc4-a27c-fc0aa72e8ead/1/KC5DLtiL7BrRRURJYygU1DmWseA.mft
File: KC5DLtiL7BrRRURJYygU1DmWseA.mft (raw, json)
Hash identifier: tedMQ+ffWvrgr0V2Emc9+fdxnimSleETBMkTCO3DzPo=
Subject key identifier: A7:8D:F2:F1:93:1B:16:D7:2C:AC:5D:0D:EB:8A:9D:6B:18:96:93:BD
Authority key identifier: 28:2E:43:2E:D8:8B:EC:1A:D1:45:44:49:63:28:14:D4:39:96:B1:E0
Certificate issuer: /CN=282e432ed88bec1ad1454449632814d43996b1e0
Certificate serial: 0198D5BC3B5BDEC7018A984E9B065EE69B5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KC5DLtiL7BrRRURJYygU1DmWseA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/c60f08-b24b-4dc4-a27c-fc0aa72e8ead/1/KC5DLtiL7BrRRURJYygU1DmWseA.mft
Manifest number: 0CA1
Signing time: Sat 23 Aug 2025 07:02:19 +0000
Manifest this update: Sat 23 Aug 2025 07:02:19 +0000
Manifest next update: Sun 24 Aug 2025 07:02:19 +0000
Files and hashes: 1: 9FnOB-XBygoB-RgBBWEsPTbvFTc.roa (hash: faK52ZKxn8mhj7q+v4KziaARqXuKQdUnupgh7Jp3IVk=)
2: KC5DLtiL7BrRRURJYygU1DmWseA.crl (hash: ZL2jtMnRyqTje/OCrS1nP8wBXw2Pn4ZZpbba7f4hQ1E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/c60f08-b24b-4dc4-a27c-fc0aa72e8ead/1/KC5DLtiL7BrRRURJYygU1DmWseA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/c60f08-b24b-4dc4-a27c-fc0aa72e8ead/1/KC5DLtiL7BrRRURJYygU1DmWseA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KC5DLtiL7BrRRURJYygU1DmWseA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:bc:3b:5b:de:c7:01:8a:98:4e:9b:06:5e:e6:9b:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=282e432ed88bec1ad1454449632814d43996b1e0
Validity
Not Before: Aug 23 07:02:19 2025 GMT
Not After : Aug 24 07:02:19 2025 GMT
Subject: CN=a78df2f1931b16d72cac5d0deb8a9d6b189693bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a6:42:a5:8e:07:5c:40:d3:51:7e:02:8e:7e:
d2:25:d0:d9:e5:87:4e:8d:9c:69:19:fb:cf:5e:3f:
70:ee:99:99:32:ed:0f:f8:a2:3e:10:ee:12:23:8a:
b4:0f:d3:29:fc:7b:73:a7:cb:53:05:7a:08:1e:6b:
16:22:03:b7:17:92:96:ba:00:e0:2b:cc:34:46:6a:
cd:87:e6:1a:84:1e:a4:b3:49:9b:1e:e0:32:85:1c:
ea:80:64:79:36:52:43:52:f3:e3:85:98:8a:5e:0f:
2b:1a:f5:08:de:a3:af:1d:04:4e:7f:81:b2:15:c4:
7e:93:77:a1:e6:15:0a:ec:29:26:01:da:25:04:3a:
18:94:7f:3a:fc:ba:6f:76:38:98:3f:dc:48:75:c8:
17:23:6c:54:3d:7a:e6:d2:6a:5c:f5:ea:88:69:b5:
d8:7b:96:0a:96:3c:63:f2:65:aa:39:e1:e7:4b:53:
40:7d:ce:de:26:e5:60:23:64:3d:15:fa:3e:82:32:
d5:d6:9c:e7:e8:cf:9a:3f:2a:c1:34:c4:f0:56:61:
4e:18:1c:eb:66:c8:76:2c:de:2a:94:fc:42:a0:42:
4c:16:e6:db:eb:dd:c4:3c:61:2d:02:e9:30:5b:10:
69:8b:83:fc:c2:76:cf:df:b2:df:3a:b4:96:93:09:
10:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:8D:F2:F1:93:1B:16:D7:2C:AC:5D:0D:EB:8A:9D:6B:18:96:93:BD
X509v3 Authority Key Identifier:
keyid:28:2E:43:2E:D8:8B:EC:1A:D1:45:44:49:63:28:14:D4:39:96:B1:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KC5DLtiL7BrRRURJYygU1DmWseA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/c60f08-b24b-4dc4-a27c-fc0aa72e8ead/1/KC5DLtiL7BrRRURJYygU1DmWseA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/c60f08-b24b-4dc4-a27c-fc0aa72e8ead/1/KC5DLtiL7BrRRURJYygU1DmWseA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3a:b6:42:d2:0e:9d:82:10:9f:e9:7a:44:15:44:12:a2:6f:fc:
fb:54:ca:eb:cf:9b:ad:13:09:23:d9:5e:20:11:c6:37:5f:30:
a8:77:27:64:57:3f:4f:a8:1c:bb:d6:d2:9c:1b:5f:c1:40:95:
7c:0c:d5:4f:37:2d:85:39:e3:37:6e:e4:fa:e9:72:36:55:99:
bf:68:e4:9f:91:c7:8a:85:c7:4f:20:3e:88:92:8f:98:a5:c8:
e1:33:ec:75:63:bb:44:9d:0b:08:46:19:3b:6b:22:5b:a7:e9:
4b:11:cc:94:3d:f1:27:18:d1:0d:98:5b:66:de:84:6c:77:de:
4f:eb:8d:e2:bc:fd:49:08:5d:ed:b5:46:8f:c9:38:cf:f5:2c:
b7:7c:79:3c:7b:c8:49:80:e7:fa:17:2d:e8:c8:e8:91:12:e5:
13:c7:c6:f4:b9:6d:f7:95:42:ad:2b:15:fa:e0:aa:c8:f0:1d:
f5:e6:c0:ed:12:f7:14:e4:ff:86:af:51:0d:3a:c3:63:25:92:
d3:b2:90:43:6b:40:02:0a:5b:ec:fb:d5:46:12:e7:34:d9:e6:
4a:b3:ad:39:a5:9e:bf:29:2d:d6:f8:f9:b2:50:7a:63:e6:8e:
97:14:20:60:ea:e9:b9:29:df:fe:4d:84:4b:af:8b:af:71:7c:
8d:17:d4:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVvDtb3scBiphOmwZe5pteMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MmU0MzJlZDg4YmVjMWFkMTQ1NDQ0OTYzMjgxNGQ0Mzk5
NmIxZTAwHhcNMjUwODIzMDcwMjE5WhcNMjUwODI0MDcwMjE5WjAzMTEwLwYDVQQD
EyhhNzhkZjJmMTkzMWIxNmQ3MmNhYzVkMGRlYjhhOWQ2YjE4OTY5M2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6ZCpY4HXEDTUX4Cjn7SJdDZ5YdO
jZxpGfvPXj9w7pmZMu0P+KI+EO4SI4q0D9Mp/Htzp8tTBXoIHmsWIgO3F5KWugDg
K8w0RmrNh+YahB6ks0mbHuAyhRzqgGR5NlJDUvPjhZiKXg8rGvUI3qOvHQROf4Gy
FcR+k3eh5hUK7CkmAdolBDoYlH86/LpvdjiYP9xIdcgXI2xUPXrm0mpc9eqIabXY
e5YKljxj8mWqOeHnS1NAfc7eJuVgI2Q9Ffo+gjLV1pzn6M+aPyrBNMTwVmFOGBzr
Zsh2LN4qlPxCoEJMFubb693EPGEtAukwWxBpi4P8wnbP37LfOrSWkwkQ/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKeN8vGTGxbXLKxdDeuKnWsYlpO9MB8GA1UdIwQY
MBaAFCguQy7Yi+wa0UVESWMoFNQ5lrHgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0M1REx0aUw3QnJSUlVSSll5Z1UxRG1Xc2VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9jNjBmMDgtYjI0Yi00ZGM0LWEyN2Mt
ZmMwYWE3MmU4ZWFkLzEvS0M1REx0aUw3QnJSUlVSSll5Z1UxRG1Xc2VBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9jNjBmMDgtYjI0Yi00ZGM0LWEyN2MtZmMwYWE3MmU4ZWFk
LzEvS0M1REx0aUw3QnJSUlVSSll5Z1UxRG1Xc2VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOrZC0g6d
ghCf6XpEFUQSom/8+1TK68+brRMJI9leIBHGN18wqHcnZFc/T6gcu9bSnBtfwUCV
fAzVTzcthTnjN27k+ulyNlWZv2jkn5HHioXHTyA+iJKPmKXI4TPsdWO7RJ0LCEYZ
O2siW6fpSxHMlD3xJxjRDZhbZt6EbHfeT+uN4rz9SQhd7bVGj8k4z/Ust3x5PHvI
SYDn+hct6MjokRLlE8fG9Llt95VCrSsV+uCqyPAd9ebA7RL3FOT/hq9RDTrDYyWS
07KQQ2tAAgpb7PvVRhLnNNnmSrOtOaWevykt1vj5slB6Y+aOlxQgYOrpuSnf/k2E
S6+Lr3F8jRfUog==
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:33:04 2025 by rpki-client