Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
File: KMID1l3y1lvbzzyINELdq1WjvN4.mft (raw, json)
Hash identifier: f91ESDd2qfifLZibIUH56Hc1Y79ds1W8/9/koJIKvew=
Subject key identifier: B0:AC:D5:2D:99:66:23:E6:C8:71:72:DC:7E:97:87:15:CA:1A:87:16
Authority key identifier: 28:C2:03:D6:5D:F2:D6:5B:DB:CF:3C:88:34:42:DD:AB:55:A3:BC:DE
Certificate issuer: /CN=28c203d65df2d65bdbcf3c883442ddab55a3bcde
Certificate serial: 0197B6D7AAF4962F1AE9CCC9FB8CC6C166E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KMID1l3y1lvbzzyINELdq1WjvN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
Manifest number: 0BA3
Signing time: Sat 28 Jun 2025 14:01:16 +0000
Manifest this update: Sat 28 Jun 2025 14:01:16 +0000
Manifest next update: Sun 29 Jun 2025 14:01:16 +0000
Files and hashes: 1: KMID1l3y1lvbzzyINELdq1WjvN4.crl (hash: FI7EnEGTRdi2U/UFTQN6dFSiAOXQmWjytKhUd2Qnu+k=)
2: eEe-w2donDCxX-tAzaEpFb0UtVY.roa (hash: g2d5FELl0EWl1pKF09WRuqqNzRt0N8/ZzyiwDHce4Xk=)
3: kA_OSzYdIA2vmO2YYor5kHVNHTQ.roa (hash: na+fNS4+KPnZVKtvI9VPkmEDxvmlZJBhohUxDwUJWbE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
rsync://rpki.ripe.net/repository/DEFAULT/KMID1l3y1lvbzzyINELdq1WjvN4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 14:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b6:d7:aa:f4:96:2f:1a:e9:cc:c9:fb:8c:c6:c1:66:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28c203d65df2d65bdbcf3c883442ddab55a3bcde
Validity
Not Before: Jun 28 14:01:16 2025 GMT
Not After : Jun 29 14:01:16 2025 GMT
Subject: CN=b0acd52d996623e6c87172dc7e978715ca1a8716
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:7f:fa:b6:8f:f9:f3:05:70:91:41:7d:df:ca:
89:62:63:92:14:ea:40:77:09:24:12:02:d2:1e:27:
68:56:35:38:5a:59:50:bd:ef:3d:32:f3:c0:f9:35:
19:26:52:0e:af:b4:93:6b:2f:c4:f6:30:be:9e:1b:
68:86:b5:c9:94:bb:9f:ed:f7:fc:6e:0e:12:6d:43:
3d:32:fe:c1:98:bf:6b:57:6e:be:53:04:c6:b2:1f:
f7:54:3c:3e:bf:24:07:af:96:54:62:88:35:64:cb:
57:25:0f:51:04:b3:1d:37:7b:d0:14:b8:34:32:06:
d8:fd:8c:ac:ca:05:5d:29:e2:93:d8:5d:c8:17:4d:
6b:a1:6b:2b:0f:2e:5d:45:a4:88:62:60:4e:0d:eb:
0a:f6:e0:fb:a7:13:38:1d:39:79:a1:c6:81:af:90:
c0:3e:10:01:ce:c8:71:99:b7:1c:c3:07:e0:32:49:
13:ec:d0:ed:20:95:44:30:a6:68:a7:88:f2:e3:a2:
f3:ca:02:fe:80:dd:89:0f:fc:1d:7e:ea:99:99:9c:
8f:48:ef:47:39:73:25:ff:00:97:45:c9:e2:02:9c:
5b:0d:35:6b:ea:e4:60:36:22:fa:d3:a9:ce:5e:df:
45:02:93:57:70:e3:58:b8:3c:84:6e:1f:6c:d5:52:
6c:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:AC:D5:2D:99:66:23:E6:C8:71:72:DC:7E:97:87:15:CA:1A:87:16
X509v3 Authority Key Identifier:
keyid:28:C2:03:D6:5D:F2:D6:5B:DB:CF:3C:88:34:42:DD:AB:55:A3:BC:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMID1l3y1lvbzzyINELdq1WjvN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
66:0c:e5:a1:15:c9:ac:78:4e:d8:1f:e4:6e:1c:51:cf:dd:05:
42:48:8c:57:31:66:05:a7:70:36:76:7b:32:f8:0a:f6:00:80:
81:54:72:da:64:d4:e4:f5:c8:80:92:51:4b:88:e4:fc:96:b9:
d6:cb:e1:85:67:a1:44:19:30:ca:8f:81:01:45:58:de:53:8d:
9d:a6:d9:41:5b:30:fa:32:4f:f5:4c:94:09:d5:b8:06:a8:fb:
a0:38:9e:5f:7c:f8:74:84:a3:f6:4a:ca:88:31:94:7b:cd:82:
df:b2:6e:c4:2d:76:a6:13:5e:27:f8:21:7b:3f:3b:0a:ff:03:
41:37:39:dd:73:59:49:99:fe:2c:98:12:97:62:95:34:aa:68:
44:9d:b1:dd:7a:43:19:f4:7d:0b:c4:37:c2:a4:66:be:04:48:
20:cf:34:14:d5:35:2d:7c:3f:a3:8d:fe:09:a4:52:5c:2e:52:
e5:d7:97:62:ee:d6:bf:e9:1f:9b:d5:54:19:a0:a4:2c:79:d9:
ac:ff:48:18:16:60:95:1a:29:6b:9a:a8:09:55:91:4a:8b:e2:
46:0a:9a:12:0d:13:27:8e:e9:bf:64:05:b5:c6:75:72:67:d5:
23:6f:99:43:04:bb:42:db:c7:5e:a5:42:d4:8e:c8:6b:b6:d0:
59:24:82:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe216r0li8a6czJ+4zGwWbgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YzIwM2Q2NWRmMmQ2NWJkYmNmM2M4ODM0NDJkZGFiNTVh
M2JjZGUwHhcNMjUwNjI4MTQwMTE2WhcNMjUwNjI5MTQwMTE2WjAzMTEwLwYDVQQD
EyhiMGFjZDUyZDk5NjYyM2U2Yzg3MTcyZGM3ZTk3ODcxNWNhMWE4NzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3/6to/58wVwkUF938qJYmOSFOpA
dwkkEgLSHidoVjU4WllQve89MvPA+TUZJlIOr7STay/E9jC+nhtohrXJlLuf7ff8
bg4SbUM9Mv7BmL9rV26+UwTGsh/3VDw+vyQHr5ZUYog1ZMtXJQ9RBLMdN3vQFLg0
MgbY/YysygVdKeKT2F3IF01roWsrDy5dRaSIYmBODesK9uD7pxM4HTl5ocaBr5DA
PhABzshxmbccwwfgMkkT7NDtIJVEMKZop4jy46LzygL+gN2JD/wdfuqZmZyPSO9H
OXMl/wCXRcniApxbDTVr6uRgNiL606nOXt9FApNXcONYuDyEbh9s1VJsDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLCs1S2ZZiPmyHFy3H6XhxXKGocWMB8GA1UdIwQY
MBaAFCjCA9Zd8tZb2888iDRC3atVo7zeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS01JRDFsM3kxbHZienp5SU5FTGRxMVdqdk40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS80OWMzZTEtMWY3Zi00ZTU4LWIwMmIt
ODg1OTIwNDMwMjZmLzEvS01JRDFsM3kxbHZienp5SU5FTGRxMVdqdk40Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS80OWMzZTEtMWY3Zi00ZTU4LWIwMmItODg1OTIwNDMwMjZm
LzEvS01JRDFsM3kxbHZienp5SU5FTGRxMVdqdk40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZgzloRXJ
rHhO2B/kbhxRz90FQkiMVzFmBadwNnZ7MvgK9gCAgVRy2mTU5PXIgJJRS4jk/Ja5
1svhhWehRBkwyo+BAUVY3lONnabZQVsw+jJP9UyUCdW4Bqj7oDieX3z4dISj9krK
iDGUe82C37JuxC12phNeJ/ghez87Cv8DQTc53XNZSZn+LJgSl2KVNKpoRJ2x3XpD
GfR9C8Q3wqRmvgRIIM80FNU1LXw/o43+CaRSXC5S5deXYu7Wv+kfm9VUGaCkLHnZ
rP9IGBZglRopa5qoCVWRSoviRgqaEg0TJ47pv2QFtcZ1cmfVI2+ZQwS7QtvHXqVC
1I7Ia7bQWSSCMA==
-----END CERTIFICATE-----
Generated at Sat Jun 28 22:48:11 2025 by rpki-client