Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
File: KMID1l3y1lvbzzyINELdq1WjvN4.mft (raw, json)
Hash identifier: aFtUJC5IyfwT5E2M0DPCGdgqQuNjxanJhsykG6ipquU=
Subject key identifier: 8D:1E:74:CE:BC:A6:1D:12:47:E5:D1:08:2E:71:0C:17:B4:2B:5A:9B
Authority key identifier: 28:C2:03:D6:5D:F2:D6:5B:DB:CF:3C:88:34:42:DD:AB:55:A3:BC:DE
Certificate issuer: /CN=28c203d65df2d65bdbcf3c883442ddab55a3bcde
Certificate serial: 0198D697F1ADC375E6BDF06CFAF5F6193A0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KMID1l3y1lvbzzyINELdq1WjvN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
Manifest number: 0C38
Signing time: Sat 23 Aug 2025 11:02:18 +0000
Manifest this update: Sat 23 Aug 2025 11:02:18 +0000
Manifest next update: Sun 24 Aug 2025 11:02:18 +0000
Files and hashes: 1: KMID1l3y1lvbzzyINELdq1WjvN4.crl (hash: nJOlt3gvWqAnDdclXjoPEGWBxBy5rxjbNavAiGQLRts=)
2: eEe-w2donDCxX-tAzaEpFb0UtVY.roa (hash: g2d5FELl0EWl1pKF09WRuqqNzRt0N8/ZzyiwDHce4Xk=)
3: kA_OSzYdIA2vmO2YYor5kHVNHTQ.roa (hash: na+fNS4+KPnZVKtvI9VPkmEDxvmlZJBhohUxDwUJWbE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
rsync://rpki.ripe.net/repository/DEFAULT/KMID1l3y1lvbzzyINELdq1WjvN4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:97:f1:ad:c3:75:e6:bd:f0:6c:fa:f5:f6:19:3a:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28c203d65df2d65bdbcf3c883442ddab55a3bcde
Validity
Not Before: Aug 23 11:02:18 2025 GMT
Not After : Aug 24 11:02:18 2025 GMT
Subject: CN=8d1e74cebca61d1247e5d1082e710c17b42b5a9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:2a:c4:f5:d0:9f:15:b7:88:76:91:cd:f8:78:
3b:60:19:3c:7d:08:53:82:12:b0:32:49:ae:04:c8:
d8:fd:41:66:28:f2:ce:a7:f9:b4:5b:b2:a0:11:12:
46:d9:ef:4a:36:29:98:d8:61:7b:b2:09:d0:10:5e:
3d:41:c7:27:6d:f7:25:96:c1:a5:54:bc:6a:7e:f6:
a9:7f:32:05:bb:35:ab:c1:40:16:e4:22:06:6b:e6:
e2:62:58:51:17:28:04:48:08:08:ed:12:d4:23:7c:
14:c8:c3:06:fc:95:e6:71:df:ba:36:73:7a:63:97:
45:c9:bd:bb:f3:1d:ea:8e:1c:7f:01:33:e8:4d:e7:
40:d1:5f:34:fc:96:ce:0a:be:91:f4:88:bf:d9:e5:
0b:10:3e:bb:dc:0f:46:3f:18:dd:5f:f4:ab:db:3d:
a8:80:0a:72:81:3c:dc:7a:1a:71:a6:b4:3c:7e:ce:
35:a0:e3:6d:53:fb:69:f3:6e:52:94:82:76:49:ba:
40:31:b0:7d:7e:45:19:b3:f5:ce:d8:90:81:82:be:
39:4d:cb:3b:48:31:90:4b:3f:4d:d8:6d:fe:e2:8e:
d5:f0:12:27:42:d7:a1:80:3a:87:35:1a:91:26:dc:
47:5c:51:95:fb:7d:0d:0d:26:07:bb:9e:a4:50:9a:
48:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:1E:74:CE:BC:A6:1D:12:47:E5:D1:08:2E:71:0C:17:B4:2B:5A:9B
X509v3 Authority Key Identifier:
keyid:28:C2:03:D6:5D:F2:D6:5B:DB:CF:3C:88:34:42:DD:AB:55:A3:BC:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMID1l3y1lvbzzyINELdq1WjvN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
40:95:8a:b6:1d:23:60:92:68:e0:cb:d7:87:58:27:71:12:d2:
45:95:9c:c0:2a:bf:64:08:85:0c:2b:43:be:24:71:aa:d6:16:
ac:32:e8:ee:46:2d:c2:7f:3a:30:43:3c:51:38:41:20:a6:d5:
e9:ba:1b:19:05:ca:b5:92:f3:b3:2d:9a:fb:0b:e8:50:09:b7:
f3:e3:bd:f1:d0:66:72:e8:c6:fc:d7:e2:ab:12:ab:04:02:04:
7c:d2:44:e9:95:bc:4c:40:09:20:12:08:75:37:3b:f8:45:b0:
64:c5:3c:e4:b9:e1:c3:5b:d2:7e:d6:29:7f:fb:d4:d3:35:19:
8b:3c:7b:f3:b4:bc:e1:8c:37:d3:a2:ad:7a:5e:8b:33:62:78:
1a:fb:fa:ea:eb:f7:dc:15:00:16:e8:72:eb:5d:ad:a4:8a:cb:
83:4f:5f:df:d4:4a:61:32:7c:f7:0e:1a:d6:d8:e7:fb:c0:d4:
ff:a2:a6:8b:83:80:e5:3a:f5:07:aa:d3:cd:f3:51:30:f9:c2:
94:61:96:41:6a:7d:ea:25:3e:e9:50:e9:9f:65:13:6a:58:e6:
24:d6:14:3e:1f:c8:b9:b7:42:a3:d5:5e:fe:f3:82:c5:91:5f:
4e:5d:35:9b:70:b1:e4:4e:26:81:98:75:a9:b2:9b:de:d9:85:
1b:82:ff:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWl/Gtw3XmvfBs+vX2GToOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YzIwM2Q2NWRmMmQ2NWJkYmNmM2M4ODM0NDJkZGFiNTVh
M2JjZGUwHhcNMjUwODIzMTEwMjE4WhcNMjUwODI0MTEwMjE4WjAzMTEwLwYDVQQD
Eyg4ZDFlNzRjZWJjYTYxZDEyNDdlNWQxMDgyZTcxMGMxN2I0MmI1YTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSrE9dCfFbeIdpHN+Hg7YBk8fQhT
ghKwMkmuBMjY/UFmKPLOp/m0W7KgERJG2e9KNimY2GF7sgnQEF49QccnbfcllsGl
VLxqfvapfzIFuzWrwUAW5CIGa+biYlhRFygESAgI7RLUI3wUyMMG/JXmcd+6NnN6
Y5dFyb278x3qjhx/ATPoTedA0V80/JbOCr6R9Ii/2eULED673A9GPxjdX/Sr2z2o
gApygTzcehpxprQ8fs41oONtU/tp825SlIJ2SbpAMbB9fkUZs/XO2JCBgr45Tcs7
SDGQSz9N2G3+4o7V8BInQtehgDqHNRqRJtxHXFGV+30NDSYHu56kUJpIIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI0edM68ph0SR+XRCC5xDBe0K1qbMB8GA1UdIwQY
MBaAFCjCA9Zd8tZb2888iDRC3atVo7zeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS01JRDFsM3kxbHZienp5SU5FTGRxMVdqdk40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS80OWMzZTEtMWY3Zi00ZTU4LWIwMmIt
ODg1OTIwNDMwMjZmLzEvS01JRDFsM3kxbHZienp5SU5FTGRxMVdqdk40Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS80OWMzZTEtMWY3Zi00ZTU4LWIwMmItODg1OTIwNDMwMjZm
LzEvS01JRDFsM3kxbHZienp5SU5FTGRxMVdqdk40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQJWKth0j
YJJo4MvXh1gncRLSRZWcwCq/ZAiFDCtDviRxqtYWrDLo7kYtwn86MEM8UThBIKbV
6bobGQXKtZLzsy2a+wvoUAm38+O98dBmcujG/NfiqxKrBAIEfNJE6ZW8TEAJIBII
dTc7+EWwZMU85Lnhw1vSftYpf/vU0zUZizx787S84Yw306Ktel6LM2J4Gvv66uv3
3BUAFuhy612tpIrLg09f39RKYTJ89w4a1tjn+8DU/6Kmi4OA5Tr1B6rTzfNRMPnC
lGGWQWp96iU+6VDpn2UTaljmJNYUPh/IubdCo9Ve/vOCxZFfTl01m3Cx5E4mgZh1
qbKb3tmFG4L/QQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:12:55 2025 by rpki-client