Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft
File: cvpBoKemgQK1OrMXQtthJC91kIw.mft (raw, json)
Hash identifier: kOwF7g0OlAMvGITAbOQjETV5pIKXSMfra8/SH+lkJ/A=
Subject key identifier: 1B:8D:AE:AD:AF:23:1A:DA:89:9B:BF:2D:D4:AB:BD:6B:D4:C6:95:15
Authority key identifier: 72:FA:41:A0:A7:A6:81:02:B5:3A:B3:17:42:DB:61:24:2F:75:90:8C
Certificate issuer: /CN=72fa41a0a7a68102b53ab31742db61242f75908c
Certificate serial: 0197B70E91DBAB750D5B9119C5FA7F8BF703
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft
Manifest number: 13FF
Signing time: Sat 28 Jun 2025 15:01:14 +0000
Manifest this update: Sat 28 Jun 2025 15:01:14 +0000
Manifest next update: Sun 29 Jun 2025 15:01:14 +0000
Files and hashes: 1: LPL5COduulE_WMolEzZwrGXijT4.roa (hash: H3PvlGhuhwCJd5x48Dt0jme9fPhyxLV/+QRuAD/R+ek=)
2: cvpBoKemgQK1OrMXQtthJC91kIw.crl (hash: ee5NBeQFxN9wNgC8iOjpgzGi6PRqezmkQNDjtmxXkCA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft
rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:0e:91:db:ab:75:0d:5b:91:19:c5:fa:7f:8b:f7:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72fa41a0a7a68102b53ab31742db61242f75908c
Validity
Not Before: Jun 28 15:01:14 2025 GMT
Not After : Jun 29 15:01:14 2025 GMT
Subject: CN=1b8daeadaf231ada899bbf2dd4abbd6bd4c69515
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b8:77:ee:cd:33:37:e1:88:ec:40:aa:2b:d9:
6a:5e:c0:cf:43:c3:69:72:b7:71:72:e4:8b:af:ac:
b6:f3:35:5b:3f:6e:3e:87:c5:02:41:d3:3b:95:26:
2b:28:9d:91:e5:d0:8c:fc:c7:49:60:89:f6:b7:0e:
74:c6:69:3e:b3:4e:01:76:dc:39:0b:7d:55:42:2b:
3b:9d:0e:92:5f:78:71:d3:b7:1f:be:84:54:d0:db:
11:83:65:2a:f4:08:f6:43:0a:6e:48:fd:26:f2:65:
be:c5:7d:45:c9:5a:2b:83:f4:18:14:b2:39:72:98:
33:2d:5e:8f:9a:55:4d:ca:a0:b2:63:ff:5a:a9:47:
0b:8f:d2:a5:4e:11:d9:ec:fb:b3:09:15:20:8f:c3:
a5:8c:ed:01:3f:c0:89:5e:bb:0e:d6:82:56:8d:46:
4a:b3:1d:0b:f8:d4:e2:f8:ea:12:2d:04:13:fb:fe:
60:25:ae:56:bd:79:61:17:a8:ad:58:e2:2a:60:08:
8b:2c:92:da:91:ee:96:35:0e:40:a7:98:b2:01:00:
1c:eb:20:f0:38:f0:14:2e:b1:79:17:b2:15:a8:d8:
4e:1a:6e:f3:2f:da:33:02:60:74:5b:c9:e5:2f:37:
cc:74:7f:ee:2a:65:2c:18:e9:18:71:31:5c:ed:34:
41:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:8D:AE:AD:AF:23:1A:DA:89:9B:BF:2D:D4:AB:BD:6B:D4:C6:95:15
X509v3 Authority Key Identifier:
keyid:72:FA:41:A0:A7:A6:81:02:B5:3A:B3:17:42:DB:61:24:2F:75:90:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
88:db:13:d1:3c:69:a3:70:1c:a3:51:d1:43:e1:32:ea:f1:6b:
8b:40:36:53:c2:42:ff:48:cc:65:8c:9a:6a:d8:12:c8:93:4f:
13:3d:cc:bc:07:16:f9:a6:14:bf:a6:13:51:a7:26:fa:48:73:
70:9d:f1:1a:fd:ea:0f:92:26:49:7e:e6:73:72:6c:93:a8:6f:
8a:28:b7:99:37:2f:75:c9:cb:53:f4:e1:a5:25:34:c3:0e:67:
b3:d6:0a:ee:c7:6b:f3:6c:bb:a7:6f:ce:7b:b4:fa:46:76:4c:
03:da:d5:aa:88:ac:0c:34:b7:b3:47:2e:5d:24:21:d4:94:e9:
e3:c4:64:10:47:81:57:48:97:ab:e6:86:5e:d2:ad:57:3a:91:
eb:72:0c:08:67:09:0d:8c:b7:53:9d:61:b2:bc:cf:77:b0:c2:
00:39:cb:dc:96:b2:36:77:61:f9:6d:89:7f:66:88:47:19:e0:
44:ce:d1:f3:73:ea:d0:1a:d3:6e:66:f4:40:ba:e8:c3:73:7f:
5c:9c:f4:0b:74:08:cd:44:c3:01:94:61:9b:1a:a2:73:4f:d8:
81:5b:0a:b4:f1:79:05:f9:a7:be:0f:b1:17:5e:55:4b:aa:98:
fc:8d:dc:31:03:d8:9b:d7:d5:08:09:2f:02:b7:dd:45:67:83:
c2:95:f9:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DpHbq3UNW5EZxfp/i/cDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZmE0MWEwYTdhNjgxMDJiNTNhYjMxNzQyZGI2MTI0MmY3
NTkwOGMwHhcNMjUwNjI4MTUwMTE0WhcNMjUwNjI5MTUwMTE0WjAzMTEwLwYDVQQD
EygxYjhkYWVhZGFmMjMxYWRhODk5YmJmMmRkNGFiYmQ2YmQ0YzY5NTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrh37s0zN+GI7ECqK9lqXsDPQ8Np
crdxcuSLr6y28zVbP24+h8UCQdM7lSYrKJ2R5dCM/MdJYIn2tw50xmk+s04Bdtw5
C31VQis7nQ6SX3hx07cfvoRU0NsRg2Uq9Aj2QwpuSP0m8mW+xX1FyVorg/QYFLI5
cpgzLV6PmlVNyqCyY/9aqUcLj9KlThHZ7PuzCRUgj8OljO0BP8CJXrsO1oJWjUZK
sx0L+NTi+OoSLQQT+/5gJa5WvXlhF6itWOIqYAiLLJLake6WNQ5Ap5iyAQAc6yDw
OPAULrF5F7IVqNhOGm7zL9ozAmB0W8nlLzfMdH/uKmUsGOkYcTFc7TRBNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBuNrq2vIxraiZu/LdSrvWvUxpUVMB8GA1UdIwQY
MBaAFHL6QaCnpoECtTqzF0LbYSQvdZCMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3ZwQm9LZW1nUUsxT3JNWFF0dGhKQzkxa0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hOTBkYjEtZDJmMy00OGQxLTkxOGMt
ZmNlYmRjMGRmYzNmLzEvY3ZwQm9LZW1nUUsxT3JNWFF0dGhKQzkxa0l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hOTBkYjEtZDJmMy00OGQxLTkxOGMtZmNlYmRjMGRmYzNm
LzEvY3ZwQm9LZW1nUUsxT3JNWFF0dGhKQzkxa0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiNsT0Txp
o3Aco1HRQ+Ey6vFri0A2U8JC/0jMZYyaatgSyJNPEz3MvAcW+aYUv6YTUacm+khz
cJ3xGv3qD5ImSX7mc3Jsk6hviii3mTcvdcnLU/ThpSU0ww5ns9YK7sdr82y7p2/O
e7T6RnZMA9rVqoisDDS3s0cuXSQh1JTp48RkEEeBV0iXq+aGXtKtVzqR63IMCGcJ
DYy3U51hsrzPd7DCADnL3JayNndh+W2Jf2aIRxngRM7R83Pq0BrTbmb0QLrow3N/
XJz0C3QIzUTDAZRhmxqic0/YgVsKtPF5Bfmnvg+xF15VS6qY/I3cMQPYm9fVCAkv
ArfdRWeDwpX5VA==
-----END CERTIFICATE-----
Generated at Sat Jun 28 21:20:19 2025 by rpki-client