Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.mft
File: D6j7U5miekMK5yfFMs0iSZnohk8.mft (raw, json)
Hash identifier: ogXCVUEfP6ZIDM0bVa3vk0IgC6Q1uGUHXSTCjuAbUow=
Subject key identifier: F9:E1:26:29:38:AA:60:28:ED:CB:C2:B8:14:01:4C:A7:85:3C:3C:BD
Authority key identifier: 0F:A8:FB:53:99:A2:7A:43:0A:E7:27:C5:32:CD:22:49:99:E8:86:4F
Certificate issuer: /CN=0fa8fb5399a27a430ae727c532cd224999e8864f
Certificate serial: 0196C45E51E710196062F2ED086EBB7EDCCA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D6j7U5miekMK5yfFMs0iSZnohk8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.mft
Manifest number: 01C1
Signing time: Mon 12 May 2025 12:00:37 +0000
Manifest this update: Mon 12 May 2025 12:00:37 +0000
Manifest next update: Tue 13 May 2025 12:00:37 +0000
Files and hashes: 1: 5jBhyCclhjBWCSh1O-0WT6aKzvs.roa (hash: MRjgNDdW46vQb+SgK5+muMmigtF72q9wmhV3HqxuIuc=)
2: D6j7U5miekMK5yfFMs0iSZnohk8.crl (hash: 4uD8s9OC2K7CMNfL4FQuiP0xbKw+uqdfxhx0F0nLass=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.mft
rsync://rpki.ripe.net/repository/DEFAULT/D6j7U5miekMK5yfFMs0iSZnohk8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 12:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c4:5e:51:e7:10:19:60:62:f2:ed:08:6e:bb:7e:dc:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0fa8fb5399a27a430ae727c532cd224999e8864f
Validity
Not Before: May 12 12:00:37 2025 GMT
Not After : May 13 12:00:37 2025 GMT
Subject: CN=f9e1262938aa6028edcbc2b814014ca7853c3cbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:2c:6e:d6:b4:ca:60:8f:36:79:df:73:9e:95:
85:c7:a2:8c:0a:ba:87:fc:ec:32:2d:f4:14:57:1f:
2a:6c:5f:89:c9:c1:30:bb:97:5c:98:66:21:f0:82:
36:55:7a:5a:7f:1a:8e:a1:1a:2a:e9:c3:e7:c0:40:
c8:21:16:c9:60:d2:0f:d8:ce:1c:16:ab:12:4c:47:
09:eb:e0:51:5e:5d:c1:d8:b3:a8:24:db:4c:98:ba:
c6:79:68:1f:53:e6:27:a7:70:5f:60:64:57:87:60:
16:d7:4a:e6:18:0e:92:56:6d:7a:02:be:37:b5:55:
84:af:9f:cb:fb:5e:f8:cc:0d:a3:66:9e:d0:2d:fb:
19:6f:38:37:4a:1e:b6:ef:62:ef:45:ec:8e:cf:30:
ae:cd:ac:3c:8e:9f:ea:50:4d:a5:e2:dd:53:c9:81:
39:6d:0f:f9:30:09:a5:47:b3:e2:b2:fa:60:6d:84:
6b:63:f8:c4:a9:85:8b:e1:f6:00:00:6d:28:2d:56:
b8:59:8c:5a:3c:e4:b3:01:71:69:b6:77:c6:01:9a:
d1:61:d7:d8:0e:24:4d:57:29:3f:5f:60:f9:d8:05:
91:e5:2a:bf:6e:0a:5e:c6:b8:e3:ed:41:41:88:d7:
b9:a8:0c:7e:d5:c1:1c:02:e6:90:0d:a8:b7:58:b1:
d7:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:E1:26:29:38:AA:60:28:ED:CB:C2:B8:14:01:4C:A7:85:3C:3C:BD
X509v3 Authority Key Identifier:
keyid:0F:A8:FB:53:99:A2:7A:43:0A:E7:27:C5:32:CD:22:49:99:E8:86:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D6j7U5miekMK5yfFMs0iSZnohk8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
96:34:84:b1:61:83:90:fc:0f:83:f3:eb:60:fe:f3:63:ce:aa:
4c:9c:c3:93:d8:34:1f:a7:5d:e0:1f:71:39:65:0b:5a:1b:2c:
a4:cc:d9:4f:80:7e:1b:b4:03:de:cc:54:7a:69:68:75:64:96:
c1:0f:83:93:65:d4:f6:a2:57:66:d2:84:fd:48:8a:d8:37:2b:
61:22:ab:b7:db:b9:bc:8e:89:d2:08:d5:92:72:13:76:49:86:
a4:09:ab:12:31:4c:d9:d7:40:d9:a6:e1:97:7c:e7:b2:22:25:
6e:5e:09:cc:e4:01:1c:95:01:8c:0c:60:48:b4:f2:2b:c8:c8:
9c:cc:b9:b2:c1:db:06:3a:fb:e2:2d:dc:b7:8a:f9:64:90:dc:
17:24:e6:ed:07:19:36:23:d0:88:1e:63:e3:64:0a:b7:95:f9:
e7:ae:dc:bd:53:76:24:d1:f0:d6:cb:37:80:a2:2e:f7:8f:f6:
5a:35:12:bb:c0:5d:fd:1e:d3:2e:13:ca:40:e5:58:cd:23:5b:
2f:b9:17:b8:87:06:94:74:28:29:47:f1:a4:78:2a:16:87:e2:
f8:1f:3e:9a:67:71:ec:ed:95:f2:8c:0e:99:cc:da:37:d6:8d:
67:c2:59:d3:67:db:3b:71:a1:ed:94:a0:18:d8:0a:b3:d5:6a:
4c:fc:02:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbEXlHnEBlgYvLtCG67ftzKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmYThmYjUzOTlhMjdhNDMwYWU3MjdjNTMyY2QyMjQ5OTll
ODg2NGYwHhcNMjUwNTEyMTIwMDM3WhcNMjUwNTEzMTIwMDM3WjAzMTEwLwYDVQQD
EyhmOWUxMjYyOTM4YWE2MDI4ZWRjYmMyYjgxNDAxNGNhNzg1M2MzY2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Sxu1rTKYI82ed9znpWFx6KMCrqH
/OwyLfQUVx8qbF+JycEwu5dcmGYh8II2VXpafxqOoRoq6cPnwEDIIRbJYNIP2M4c
FqsSTEcJ6+BRXl3B2LOoJNtMmLrGeWgfU+Ynp3BfYGRXh2AW10rmGA6SVm16Ar43
tVWEr5/L+174zA2jZp7QLfsZbzg3Sh6272LvReyOzzCuzaw8jp/qUE2l4t1TyYE5
bQ/5MAmlR7PisvpgbYRrY/jEqYWL4fYAAG0oLVa4WYxaPOSzAXFptnfGAZrRYdfY
DiRNVyk/X2D52AWR5Sq/bgpexrjj7UFBiNe5qAx+1cEcAuaQDai3WLHXxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPnhJik4qmAo7cvCuBQBTKeFPDy9MB8GA1UdIwQY
MBaAFA+o+1OZonpDCucnxTLNIkmZ6IZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDZqN1U1bWlla01LNXlmRk1zMGlTWm5vaGs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8zODZmODEtYjEzOS00OGFmLWJjZWEt
YTcxZmI0NjM1MDY1LzEvRDZqN1U1bWlla01LNXlmRk1zMGlTWm5vaGs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8zODZmODEtYjEzOS00OGFmLWJjZWEtYTcxZmI0NjM1MDY1
LzEvRDZqN1U1bWlla01LNXlmRk1zMGlTWm5vaGs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAljSEsWGD
kPwPg/PrYP7zY86qTJzDk9g0H6dd4B9xOWULWhsspMzZT4B+G7QD3sxUemlodWSW
wQ+Dk2XU9qJXZtKE/UiK2DcrYSKrt9u5vI6J0gjVknITdkmGpAmrEjFM2ddA2abh
l3znsiIlbl4JzOQBHJUBjAxgSLTyK8jInMy5ssHbBjr74i3ct4r5ZJDcFyTm7QcZ
NiPQiB5j42QKt5X5567cvVN2JNHw1ss3gKIu94/2WjUSu8Bd/R7TLhPKQOVYzSNb
L7kXuIcGlHQoKUfxpHgqFofi+B8+mmdx7O2V8owOmczaN9aNZ8JZ02fbO3Gh7ZSg
GNgKs9VqTPwCzA==
-----END CERTIFICATE-----
Generated at Mon May 12 16:50:21 2025 by rpki-client