Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/9ff86c-1f7b-4bc7-976a-dfb79bba1b68/1/uv5tfV8eRHjRoCUXHaawObJjAR8.mft
File: uv5tfV8eRHjRoCUXHaawObJjAR8.mft (raw, json)
Hash identifier: v9zHa2I8h8HeG/YXUt78+a4uy4PJ4WVWrrcLhkDzObY=
Subject key identifier: 40:BE:FA:FC:AA:A3:F4:E2:DD:42:68:33:74:57:2D:03:FC:27:D8:17
Authority key identifier: BA:FE:6D:7D:5F:1E:44:78:D1:A0:25:17:1D:A6:B0:39:B2:63:01:1F
Certificate issuer: /CN=bafe6d7d5f1e4478d1a025171da6b039b263011f
Certificate serial: 0197B6A0C3BFDF3A03B70964C405EC7703ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uv5tfV8eRHjRoCUXHaawObJjAR8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/9ff86c-1f7b-4bc7-976a-dfb79bba1b68/1/uv5tfV8eRHjRoCUXHaawObJjAR8.mft
Manifest number: 0958
Signing time: Sat 28 Jun 2025 13:01:18 +0000
Manifest this update: Sat 28 Jun 2025 13:01:18 +0000
Manifest next update: Sun 29 Jun 2025 13:01:18 +0000
Files and hashes: 1: uv5tfV8eRHjRoCUXHaawObJjAR8.crl (hash: YvMn30HiM9CxeCwqTYmVkZ8qS/JkCmv0ZOv3UUA4sq8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/9ff86c-1f7b-4bc7-976a-dfb79bba1b68/1/uv5tfV8eRHjRoCUXHaawObJjAR8.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/9ff86c-1f7b-4bc7-976a-dfb79bba1b68/1/uv5tfV8eRHjRoCUXHaawObJjAR8.mft
rsync://rpki.ripe.net/repository/DEFAULT/uv5tfV8eRHjRoCUXHaawObJjAR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 13:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b6:a0:c3:bf:df:3a:03:b7:09:64:c4:05:ec:77:03:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bafe6d7d5f1e4478d1a025171da6b039b263011f
Validity
Not Before: Jun 28 13:01:18 2025 GMT
Not After : Jun 29 13:01:18 2025 GMT
Subject: CN=40befafcaaa3f4e2dd42683374572d03fc27d817
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d6:63:1f:dd:ef:b1:ab:35:6b:99:c9:8f:03:
18:6d:a1:d9:d8:91:f2:bd:0d:66:6b:92:65:14:a6:
d0:c5:68:66:3f:32:90:a9:66:f7:8e:20:45:a8:7e:
70:f1:82:5a:bb:2d:e2:00:72:9c:0e:fe:48:bb:dc:
92:21:81:82:d1:d2:6b:d6:d1:e6:7f:ae:43:a9:a1:
39:73:37:0d:d1:a5:72:69:0c:6e:ca:49:66:c0:a4:
9f:9c:cb:53:a4:b1:91:fa:b0:e9:e5:59:f1:22:4b:
7e:a2:b1:4e:1c:60:c7:70:b7:15:e5:49:a6:20:35:
b3:e6:dc:6d:0f:0a:d7:11:d6:b2:a8:6f:8f:c4:4c:
e9:7d:3a:47:23:b1:01:8a:b9:49:ee:09:ed:7d:6b:
2d:6f:2b:66:98:e7:f8:d3:49:e9:49:c4:f6:60:3c:
f0:21:c7:fe:3c:07:33:39:72:db:72:0d:46:a9:d9:
ac:5c:2d:45:98:cd:cf:35:71:63:ad:44:0d:9d:6c:
06:0c:45:56:1a:7c:1a:39:c2:98:b5:6a:a1:97:73:
ca:16:54:ec:0e:2c:46:4f:9d:30:1b:f2:8c:ab:f4:
b5:d6:ff:22:27:c3:4c:45:ed:e8:e3:73:61:f5:d3:
f8:19:3b:46:fc:86:0e:ba:ad:c0:68:7c:58:5b:a4:
89:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:BE:FA:FC:AA:A3:F4:E2:DD:42:68:33:74:57:2D:03:FC:27:D8:17
X509v3 Authority Key Identifier:
keyid:BA:FE:6D:7D:5F:1E:44:78:D1:A0:25:17:1D:A6:B0:39:B2:63:01:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uv5tfV8eRHjRoCUXHaawObJjAR8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/9ff86c-1f7b-4bc7-976a-dfb79bba1b68/1/uv5tfV8eRHjRoCUXHaawObJjAR8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/9ff86c-1f7b-4bc7-976a-dfb79bba1b68/1/uv5tfV8eRHjRoCUXHaawObJjAR8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:fd:19:db:b1:4b:e3:8d:dd:da:19:39:cb:d4:3f:97:bf:66:
a7:5a:79:d2:39:a4:09:91:ee:e6:ac:fb:de:eb:40:8a:05:b1:
83:a4:3f:ba:05:00:14:81:70:cf:4e:df:90:4b:42:83:5d:f2:
1b:96:48:ab:4a:23:39:74:a8:43:e6:88:3c:b9:83:45:54:77:
f1:2e:11:5b:86:68:14:da:7e:8a:16:47:96:e9:09:a8:aa:8d:
3a:51:52:46:5d:f6:d9:be:c0:66:bf:f1:04:09:d6:61:22:ae:
ae:a7:02:55:ad:b9:f7:35:53:14:97:a0:cd:9a:15:ff:4d:88:
d7:73:28:75:12:77:db:3c:b3:4b:a0:d5:1f:d0:dc:5c:63:d1:
80:89:8e:4d:df:7a:4c:69:7c:a5:bc:3b:02:60:07:f6:6c:af:
03:dd:df:0e:64:d0:6a:f3:4d:25:4c:b6:7f:93:d4:33:a9:5c:
f2:25:61:43:fc:85:2d:2c:17:81:30:16:75:0a:a2:b1:cd:73:
63:8e:f0:7e:cb:97:0f:d0:43:c6:b0:c7:03:93:2f:e5:4d:6d:
1a:7f:9e:46:4b:f4:03:35:41:82:e5:e9:f7:11:52:34:d8:2d:
29:f9:8a:31:1b:47:79:77:d3:95:66:36:8c:b7:bf:a0:66:40:
19:8d:2e:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oMO/3zoDtwlkxAXsdwPtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhZmU2ZDdkNWYxZTQ0NzhkMWEwMjUxNzFkYTZiMDM5YjI2
MzAxMWYwHhcNMjUwNjI4MTMwMTE4WhcNMjUwNjI5MTMwMTE4WjAzMTEwLwYDVQQD
Eyg0MGJlZmFmY2FhYTNmNGUyZGQ0MjY4MzM3NDU3MmQwM2ZjMjdkODE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotZjH93vsas1a5nJjwMYbaHZ2JHy
vQ1ma5JlFKbQxWhmPzKQqWb3jiBFqH5w8YJauy3iAHKcDv5Iu9ySIYGC0dJr1tHm
f65DqaE5czcN0aVyaQxuyklmwKSfnMtTpLGR+rDp5VnxIkt+orFOHGDHcLcV5Umm
IDWz5txtDwrXEdayqG+PxEzpfTpHI7EBirlJ7gntfWstbytmmOf400npScT2YDzw
Icf+PAczOXLbcg1GqdmsXC1FmM3PNXFjrUQNnWwGDEVWGnwaOcKYtWqhl3PKFlTs
DixGT50wG/KMq/S11v8iJ8NMRe3o43Nh9dP4GTtG/IYOuq3AaHxYW6SJpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEC++vyqo/Ti3UJoM3RXLQP8J9gXMB8GA1UdIwQY
MBaAFLr+bX1fHkR40aAlFx2msDmyYwEfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXY1dGZWOGVSSGpSb0NVWEhhYXdPYkpqQVI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS85ZmY4NmMtMWY3Yi00YmM3LTk3NmEt
ZGZiNzliYmExYjY4LzEvdXY1dGZWOGVSSGpSb0NVWEhhYXdPYkpqQVI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS85ZmY4NmMtMWY3Yi00YmM3LTk3NmEtZGZiNzliYmExYjY4
LzEvdXY1dGZWOGVSSGpSb0NVWEhhYXdPYkpqQVI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW/0Z27FL
443d2hk5y9Q/l79mp1p50jmkCZHu5qz73utAigWxg6Q/ugUAFIFwz07fkEtCg13y
G5ZIq0ojOXSoQ+aIPLmDRVR38S4RW4ZoFNp+ihZHlukJqKqNOlFSRl322b7AZr/x
BAnWYSKurqcCVa259zVTFJegzZoV/02I13ModRJ32zyzS6DVH9DcXGPRgImOTd96
TGl8pbw7AmAH9myvA93fDmTQavNNJUy2f5PUM6lc8iVhQ/yFLSwXgTAWdQqisc1z
Y47wfsuXD9BDxrDHA5Mv5U1tGn+eRkv0AzVBguXp9xFSNNgtKfmKMRtHeXfTlWY2
jLe/oGZAGY0uGw==
-----END CERTIFICATE-----
Generated at Sat Jun 28 21:26:59 2025 by rpki-client