Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.mft
File: KANYk6JXplTz-FSVxBaevobeGNE.mft (raw, json)
Hash identifier: PyTN4l90HIDRRkmFu1t4zj5O5FMKZoPoW3MXCaPeyr4=
Subject key identifier: 0A:E7:B5:42:42:73:34:ED:14:8E:46:36:E1:26:96:67:7C:F8:09:F3
Authority key identifier: 28:03:58:93:A2:57:A6:54:F3:F8:54:95:C4:16:9E:BE:86:DE:18:D1
Certificate issuer: /CN=28035893a257a654f3f85495c4169ebe86de18d1
Certificate serial: 0197B5C4C6DF195C60658844BE4DB0EEBD74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KANYk6JXplTz-FSVxBaevobeGNE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.mft
Manifest number: 0AF1
Signing time: Sat 28 Jun 2025 09:01:01 +0000
Manifest this update: Sat 28 Jun 2025 09:01:01 +0000
Manifest next update: Sun 29 Jun 2025 09:01:01 +0000
Files and hashes: 1: HzZn0ba7QItzyWun3HWfVhfe2Mw.roa (hash: iE4IEBeKKD6peBsX5m6y9GBML1LTBu1RqbqOosqLhr0=)
2: KANYk6JXplTz-FSVxBaevobeGNE.crl (hash: aHcqcdkbwkWxfQ32UtmSCN8H2P7VE12/Q/ZcpZpiTpw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.mft
rsync://rpki.ripe.net/repository/DEFAULT/KANYk6JXplTz-FSVxBaevobeGNE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 09:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b5:c4:c6:df:19:5c:60:65:88:44:be:4d:b0:ee:bd:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28035893a257a654f3f85495c4169ebe86de18d1
Validity
Not Before: Jun 28 09:01:01 2025 GMT
Not After : Jun 29 09:01:01 2025 GMT
Subject: CN=0ae7b542427334ed148e4636e12696677cf809f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:e4:cf:b9:51:ca:30:89:e6:56:38:84:0f:86:
44:fd:94:0b:d7:43:c8:cf:cc:c7:62:b6:09:57:f5:
45:3a:1c:7f:2b:d6:5e:eb:0a:45:3a:cc:9d:09:de:
dc:ac:83:d4:32:e4:e2:65:67:bb:e9:63:4b:52:17:
6e:83:2b:1c:31:10:64:1a:d1:61:e5:53:2c:d6:74:
89:c4:3c:c0:30:50:85:19:4e:3f:8b:22:4f:06:6a:
5c:5c:5e:87:98:3f:37:f9:5c:19:92:4c:25:3e:49:
ce:f3:da:1c:a7:bb:60:f7:98:2a:1d:1a:99:a3:94:
8b:9f:a4:e4:99:35:46:eb:3f:32:06:73:09:6c:fa:
32:f3:51:64:23:c2:f4:d0:c4:71:7c:ee:b5:26:46:
ad:ce:3f:31:2d:c8:99:8b:70:bf:ce:6a:df:bd:7d:
b7:05:7d:fb:fd:49:7c:06:5e:48:0d:df:4b:41:8e:
62:d2:e5:6b:dd:b7:61:3a:56:cc:ab:c8:6c:56:09:
89:5d:60:c4:92:2e:a6:7b:f6:81:48:ed:2f:b3:10:
7b:38:83:b6:10:b2:c2:83:35:40:32:6b:34:24:4b:
d0:b3:8b:82:1f:07:0d:7a:16:47:2b:02:45:7f:11:
09:99:06:cf:9e:29:41:95:fe:ee:69:8f:37:28:1b:
b4:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:E7:B5:42:42:73:34:ED:14:8E:46:36:E1:26:96:67:7C:F8:09:F3
X509v3 Authority Key Identifier:
keyid:28:03:58:93:A2:57:A6:54:F3:F8:54:95:C4:16:9E:BE:86:DE:18:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KANYk6JXplTz-FSVxBaevobeGNE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ca:b1:ad:21:29:f2:9b:25:ce:28:fa:ed:de:40:75:6b:cf:7c:
37:74:c0:60:06:5c:57:54:ee:d6:57:61:18:35:37:55:32:63:
ed:4b:1c:37:19:3a:dc:a4:90:76:f5:f4:d1:0f:2a:a9:cf:52:
63:80:b2:47:fd:d1:a1:04:b1:26:b2:00:48:76:1e:e7:57:61:
00:d3:21:b0:fe:67:d5:63:7e:69:ed:92:3f:e7:d4:6f:9c:ec:
64:62:0c:c4:e7:1e:1b:ae:8e:8b:89:b2:aa:57:c6:ef:de:c8:
ce:01:39:2f:1f:b2:e2:90:b8:62:de:36:25:0a:bf:17:f9:7d:
45:ef:e9:bd:cd:77:c8:83:65:5d:7a:94:e6:bb:6f:ad:3a:eb:
50:23:84:6d:1b:b2:72:c7:5d:90:d0:97:f6:7f:18:8c:fe:b4:
6c:7f:a7:3d:aa:28:b4:20:e3:04:77:61:c2:5f:84:05:7b:a7:
5f:a4:38:e2:83:12:27:34:20:08:a6:7d:23:8a:e0:db:f4:85:
25:90:01:8a:18:07:a1:a6:88:00:66:72:99:f8:b3:d3:db:e8:
74:3a:da:a3:a7:5d:a1:cf:ef:03:3a:b0:e4:1b:57:64:eb:97:
74:7c:47:69:47:28:e6:65:e5:7a:8d:76:60:1d:6e:04:d4:86:
8e:27:ac:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe1xMbfGVxgZYhEvk2w7r10MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MDM1ODkzYTI1N2E2NTRmM2Y4NTQ5NWM0MTY5ZWJlODZk
ZTE4ZDEwHhcNMjUwNjI4MDkwMTAxWhcNMjUwNjI5MDkwMTAxWjAzMTEwLwYDVQQD
EygwYWU3YjU0MjQyNzMzNGVkMTQ4ZTQ2MzZlMTI2OTY2NzdjZjgwOWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOTPuVHKMInmVjiED4ZE/ZQL10PI
z8zHYrYJV/VFOhx/K9Ze6wpFOsydCd7crIPUMuTiZWe76WNLUhdugyscMRBkGtFh
5VMs1nSJxDzAMFCFGU4/iyJPBmpcXF6HmD83+VwZkkwlPknO89ocp7tg95gqHRqZ
o5SLn6TkmTVG6z8yBnMJbPoy81FkI8L00MRxfO61Jkatzj8xLciZi3C/zmrfvX23
BX37/Ul8Bl5IDd9LQY5i0uVr3bdhOlbMq8hsVgmJXWDEki6me/aBSO0vsxB7OIO2
ELLCgzVAMms0JEvQs4uCHwcNehZHKwJFfxEJmQbPnilBlf7uaY83KBu0zwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFArntUJCczTtFI5GNuEmlmd8+AnzMB8GA1UdIwQY
MBaAFCgDWJOiV6ZU8/hUlcQWnr6G3hjRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0FOWWs2SlhwbFR6LUZTVnhCYWV2b2JlR05FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS85Yjc2ZTMtZTRmMS00MWEyLTlmMGUt
OTM3ZTAwZDA3MzJmLzEvS0FOWWs2SlhwbFR6LUZTVnhCYWV2b2JlR05FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS85Yjc2ZTMtZTRmMS00MWEyLTlmMGUtOTM3ZTAwZDA3MzJm
LzEvS0FOWWs2SlhwbFR6LUZTVnhCYWV2b2JlR05FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyrGtISny
myXOKPrt3kB1a898N3TAYAZcV1Tu1ldhGDU3VTJj7UscNxk63KSQdvX00Q8qqc9S
Y4CyR/3RoQSxJrIASHYe51dhANMhsP5n1WN+ae2SP+fUb5zsZGIMxOceG66Oi4my
qlfG797IzgE5Lx+y4pC4Yt42JQq/F/l9Re/pvc13yINlXXqU5rtvrTrrUCOEbRuy
csddkNCX9n8YjP60bH+nPaootCDjBHdhwl+EBXunX6Q44oMSJzQgCKZ9I4rg2/SF
JZABihgHoaaIAGZymfiz09vodDrao6ddoc/vAzqw5BtXZOuXdHxHaUco5mXleo12
YB1uBNSGjiesYA==
-----END CERTIFICATE-----
Generated at Sat Jun 28 19:07:20 2025 by rpki-client