Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.mft
File: lQPIUJD5zC4inTj96rrmJlCL3rg.mft (raw, json)
Hash identifier: BdCMIWm8E4TJ1M6nWqSFteANpw+0n/V8R9mhemxz7Bc=
Subject key identifier: 58:03:3C:B3:CA:B2:33:38:F2:C9:79:EA:4F:C1:40:74:2B:A4:13:97
Authority key identifier: 95:03:C8:50:90:F9:CC:2E:22:9D:38:FD:EA:BA:E6:26:50:8B:DE:B8
Certificate issuer: /CN=9503c85090f9cc2e229d38fdeabae626508bdeb8
Certificate serial: 0197B820EC2D3FD2FA9266AEB233FE4A5A8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lQPIUJD5zC4inTj96rrmJlCL3rg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.mft
Manifest number: 02D7
Signing time: Sat 28 Jun 2025 20:00:54 +0000
Manifest this update: Sat 28 Jun 2025 20:00:54 +0000
Manifest next update: Sun 29 Jun 2025 20:00:54 +0000
Files and hashes: 1: lQPIUJD5zC4inTj96rrmJlCL3rg.crl (hash: ppBQ3sGRtxNN//uJAiOI+0Z/8NjiQW2u8ds3dKo8a/w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.mft
rsync://rpki.ripe.net/repository/DEFAULT/lQPIUJD5zC4inTj96rrmJlCL3rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b8:20:ec:2d:3f:d2:fa:92:66:ae:b2:33:fe:4a:5a:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9503c85090f9cc2e229d38fdeabae626508bdeb8
Validity
Not Before: Jun 28 20:00:54 2025 GMT
Not After : Jun 29 20:00:54 2025 GMT
Subject: CN=58033cb3cab23338f2c979ea4fc140742ba41397
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9d:6b:4c:6e:15:73:a9:fa:6d:42:23:83:f9:
e5:6d:48:df:32:02:1c:af:df:49:c1:81:06:91:e8:
22:ee:d0:ca:d5:32:59:9d:3b:39:e3:35:76:aa:41:
74:f7:fd:04:43:25:74:8c:6b:10:13:dd:e7:3b:0f:
56:e0:cd:4c:9a:03:20:58:68:cc:cc:ae:f2:5a:47:
fe:76:fc:97:e9:b6:b2:6d:a9:e5:0c:69:01:06:b9:
e6:dd:5f:05:0f:0f:8a:99:27:9d:15:43:3c:34:b1:
2a:e4:c5:73:3c:1b:96:69:bb:13:67:d8:c7:c5:e9:
fd:d9:2d:5d:aa:ae:9a:56:9f:cf:3c:f9:b3:de:ae:
83:45:fd:43:67:51:c3:c4:c7:01:a5:d5:fa:0a:d5:
1d:41:8e:ed:75:4f:d5:88:25:1f:37:79:f1:5f:e3:
57:a1:db:47:14:92:01:55:47:1b:31:3c:14:6e:36:
2d:31:8a:4c:f9:3f:7b:9d:3c:16:88:cc:5a:e1:a6:
cc:a1:3e:0d:e2:a8:b4:2a:7e:5b:c4:08:a4:15:f3:
29:95:e3:f7:a3:5c:8a:64:80:e9:61:40:98:0f:2b:
4e:8d:6e:06:b5:e5:33:b4:1e:8b:6c:72:00:0b:41:
72:94:09:a2:8e:27:67:14:b9:c6:50:d4:93:10:61:
bb:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:03:3C:B3:CA:B2:33:38:F2:C9:79:EA:4F:C1:40:74:2B:A4:13:97
X509v3 Authority Key Identifier:
keyid:95:03:C8:50:90:F9:CC:2E:22:9D:38:FD:EA:BA:E6:26:50:8B:DE:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQPIUJD5zC4inTj96rrmJlCL3rg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
68:b5:da:01:22:7a:6d:0a:7b:71:a7:88:8d:3d:68:88:ad:b2:
d6:24:20:4c:f1:ce:8e:91:49:9f:93:b5:73:36:78:70:b2:f2:
15:88:9e:69:e1:69:0a:c2:4d:f7:13:ef:9f:ea:6a:f3:a9:61:
c4:8e:e8:9a:c6:0e:fb:20:1c:96:01:37:5c:a2:cd:15:ac:30:
d2:26:97:6b:ce:bd:13:95:75:9b:d6:6f:b1:ce:8a:d4:19:9a:
81:da:50:c0:1c:f9:79:f8:c6:ae:29:7d:4d:83:60:bc:86:4b:
3f:ea:2b:d1:2e:a3:a6:ca:2d:50:b6:0b:40:61:1b:81:52:7c:
1a:a8:8e:ff:53:78:2c:d1:6b:dd:da:44:f2:02:0f:31:0f:42:
7b:3a:5d:28:e2:19:4d:5e:32:f1:85:78:78:ee:34:b8:41:23:
2b:45:02:a0:9e:22:b6:09:91:ee:56:8c:95:d7:1b:ee:d6:2b:
9c:fe:82:8d:39:39:6e:40:61:b3:0c:40:9a:0b:87:32:7e:13:
d2:cc:9c:fd:82:83:05:a1:7c:8e:90:0d:e8:6b:f5:b2:c3:34:
91:49:69:5c:6c:c0:63:77:ca:23:cf:c8:15:9a:f7:60:99:1f:
73:9e:6c:13:7c:7e:48:8d:21:44:12:da:94:fc:a9:70:35:43:
c2:8f:42:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4IOwtP9L6kmausjP+SlqMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MDNjODUwOTBmOWNjMmUyMjlkMzhmZGVhYmFlNjI2NTA4
YmRlYjgwHhcNMjUwNjI4MjAwMDU0WhcNMjUwNjI5MjAwMDU0WjAzMTEwLwYDVQQD
Eyg1ODAzM2NiM2NhYjIzMzM4ZjJjOTc5ZWE0ZmMxNDA3NDJiYTQxMzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJ1rTG4Vc6n6bUIjg/nlbUjfMgIc
r99JwYEGkegi7tDK1TJZnTs54zV2qkF09/0EQyV0jGsQE93nOw9W4M1MmgMgWGjM
zK7yWkf+dvyX6baybanlDGkBBrnm3V8FDw+KmSedFUM8NLEq5MVzPBuWabsTZ9jH
xen92S1dqq6aVp/PPPmz3q6DRf1DZ1HDxMcBpdX6CtUdQY7tdU/ViCUfN3nxX+NX
odtHFJIBVUcbMTwUbjYtMYpM+T97nTwWiMxa4abMoT4N4qi0Kn5bxAikFfMpleP3
o1yKZIDpYUCYDytOjW4GteUztB6LbHIAC0FylAmijidnFLnGUNSTEGG7DwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFgDPLPKsjM48sl56k/BQHQrpBOXMB8GA1UdIwQY
MBaAFJUDyFCQ+cwuIp04/eq65iZQi964MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFFQSVVKRDV6QzRpblRqOTZycm1KbENMM3JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8zOTI5NGMtZWJkMS00ZWY0LTkxNWUt
ZjBkZDg3OWFlNTNhLzEvbFFQSVVKRDV6QzRpblRqOTZycm1KbENMM3JnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8zOTI5NGMtZWJkMS00ZWY0LTkxNWUtZjBkZDg3OWFlNTNh
LzEvbFFQSVVKRDV6QzRpblRqOTZycm1KbENMM3JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaLXaASJ6
bQp7caeIjT1oiK2y1iQgTPHOjpFJn5O1czZ4cLLyFYieaeFpCsJN9xPvn+pq86lh
xI7omsYO+yAclgE3XKLNFaww0iaXa869E5V1m9Zvsc6K1BmagdpQwBz5efjGril9
TYNgvIZLP+or0S6jpsotULYLQGEbgVJ8GqiO/1N4LNFr3dpE8gIPMQ9CezpdKOIZ
TV4y8YV4eO40uEEjK0UCoJ4itgmR7laMldcb7tYrnP6CjTk5bkBhswxAmguHMn4T
0syc/YKDBaF8jpAN6Gv1ssM0kUlpXGzAY3fKI8/IFZr3YJkfc55sE3x+SI0hRBLa
lPypcDVDwo9CIw==
-----END CERTIFICATE-----
Generated at Sat Jun 28 22:43:36 2025 by rpki-client