Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/47e909-7744-4db3-b691-a7b9c7115c1e/1/AMz6LBZvhsPNAcbrrhk3ReHrDyk.mft
File: AMz6LBZvhsPNAcbrrhk3ReHrDyk.mft (raw, json)
Hash identifier: vQt5rtDbdpgqbKQeEwlFc/3T4306X48o9vBE94dhm5A=
Subject key identifier: 0F:03:E5:EE:07:29:02:80:95:B7:B7:2F:DA:49:58:F5:8D:38:87:DE
Authority key identifier: 00:CC:FA:2C:16:6F:86:C3:CD:01:C6:EB:AE:19:37:45:E1:EB:0F:29
Certificate issuer: /CN=00ccfa2c166f86c3cd01c6ebae193745e1eb0f29
Certificate serial: 0197B7B32E1AD09D90A7A3B4F562C2F483A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AMz6LBZvhsPNAcbrrhk3ReHrDyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/47e909-7744-4db3-b691-a7b9c7115c1e/1/AMz6LBZvhsPNAcbrrhk3ReHrDyk.mft
Manifest number: 0523
Signing time: Sat 28 Jun 2025 18:01:02 +0000
Manifest this update: Sat 28 Jun 2025 18:01:02 +0000
Manifest next update: Sun 29 Jun 2025 18:01:02 +0000
Files and hashes: 1: AMz6LBZvhsPNAcbrrhk3ReHrDyk.crl (hash: tDrXoiLIKQA+r2xyDaPLLgdVmqasyM4UBRTSHcBkZ0c=)
2: e0RKB6c0KB07YznYp0xB1MsPmzk.roa (hash: qPmTA1Xz3mqQ1fzxdYI8NmB7dWpfMeJeVGXYLIJQJaY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/47e909-7744-4db3-b691-a7b9c7115c1e/1/AMz6LBZvhsPNAcbrrhk3ReHrDyk.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/47e909-7744-4db3-b691-a7b9c7115c1e/1/AMz6LBZvhsPNAcbrrhk3ReHrDyk.mft
rsync://rpki.ripe.net/repository/DEFAULT/AMz6LBZvhsPNAcbrrhk3ReHrDyk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:b3:2e:1a:d0:9d:90:a7:a3:b4:f5:62:c2:f4:83:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00ccfa2c166f86c3cd01c6ebae193745e1eb0f29
Validity
Not Before: Jun 28 18:01:02 2025 GMT
Not After : Jun 29 18:01:02 2025 GMT
Subject: CN=0f03e5ee0729028095b7b72fda4958f58d3887de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:71:4d:7b:ea:89:f0:07:bc:f5:08:68:fd:70:
44:be:7b:fe:04:7a:b7:0e:27:2f:b4:26:1f:e1:2a:
fc:0a:47:f1:1d:05:ef:d6:e8:df:84:92:5e:f6:7d:
c6:08:92:99:02:ed:91:f9:e5:62:9f:c0:38:ff:97:
b7:e7:31:cd:01:a3:17:14:41:85:6a:3c:94:b3:bd:
3d:7b:fa:2e:b2:54:ca:2f:b4:29:e8:3d:e7:dd:a3:
b0:8f:1b:2f:76:57:df:15:d5:d6:ac:9f:83:71:14:
d1:b0:83:52:4b:08:19:3c:ea:a1:36:0c:96:27:b3:
b7:b3:be:30:a3:cf:8f:d6:d3:42:8e:dc:8d:c4:70:
19:2d:b2:2d:d1:e5:f1:40:91:c3:1a:f9:79:07:5f:
00:25:5d:f8:15:a2:56:11:5f:1d:38:92:18:d2:7b:
0a:d2:c2:4a:84:72:9a:46:8f:0b:e9:5a:72:7e:da:
4e:78:46:00:bf:1d:98:66:8b:23:6c:e0:04:e5:8c:
6a:f1:60:cf:2b:2c:11:2c:ba:a2:2d:1b:e8:06:76:
e1:9d:2a:0a:72:2c:16:3b:52:d6:44:79:b9:ba:de:
d7:07:a5:eb:a5:67:24:f5:53:76:bf:ac:5c:7e:3b:
47:7b:4f:51:86:12:4b:a7:dc:71:a0:88:02:1d:96:
aa:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:03:E5:EE:07:29:02:80:95:B7:B7:2F:DA:49:58:F5:8D:38:87:DE
X509v3 Authority Key Identifier:
keyid:00:CC:FA:2C:16:6F:86:C3:CD:01:C6:EB:AE:19:37:45:E1:EB:0F:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AMz6LBZvhsPNAcbrrhk3ReHrDyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/47e909-7744-4db3-b691-a7b9c7115c1e/1/AMz6LBZvhsPNAcbrrhk3ReHrDyk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/47e909-7744-4db3-b691-a7b9c7115c1e/1/AMz6LBZvhsPNAcbrrhk3ReHrDyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
36:e2:34:d1:8b:be:f6:3d:89:31:0f:5b:27:19:4d:42:f7:a3:
d0:67:cb:dc:6b:70:c9:ae:a3:25:e6:89:46:83:d6:17:78:6b:
8f:0f:80:4d:92:94:0a:43:0a:f7:cc:13:57:9d:ea:20:a4:69:
a8:bc:89:e1:2f:dd:2a:0d:bd:2d:13:08:a6:5b:ae:66:31:89:
79:ae:a1:10:37:1e:a6:d3:41:1c:54:8d:04:35:c2:5c:cc:b3:
41:90:95:8d:f0:20:cb:82:2c:d6:d6:61:38:ce:28:33:d6:98:
86:82:8d:89:9b:90:fd:17:0b:85:ac:44:2b:5e:8f:51:d0:2b:
3c:8b:04:73:88:23:2c:6f:f7:5a:e9:5d:b1:3e:7b:b2:1c:ca:
1d:58:46:3e:5e:34:5f:2e:14:d7:44:db:f1:62:40:b2:00:e0:
ab:ed:f0:89:2f:f5:a9:10:10:27:6c:7a:1a:be:bc:f0:2f:92:
c2:2e:b3:cb:19:36:a6:74:69:5d:e0:f7:54:d0:ff:50:fc:70:
06:fa:3a:ca:d8:72:66:e2:61:ca:26:1f:ae:33:e6:97:e1:4b:
e3:47:d5:81:e9:f1:ba:9a:d0:5a:34:54:61:e8:fe:f1:a9:de:
0b:fd:61:a5:be:7c:b8:e0:26:21:59:f4:a1:e2:36:64:99:db:
3d:ce:b2:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3sy4a0J2Qp6O09WLC9IOpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwY2NmYTJjMTY2Zjg2YzNjZDAxYzZlYmFlMTkzNzQ1ZTFl
YjBmMjkwHhcNMjUwNjI4MTgwMTAyWhcNMjUwNjI5MTgwMTAyWjAzMTEwLwYDVQQD
EygwZjAzZTVlZTA3MjkwMjgwOTViN2I3MmZkYTQ5NThmNThkMzg4N2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXFNe+qJ8Ae89Qho/XBEvnv+BHq3
DicvtCYf4Sr8CkfxHQXv1ujfhJJe9n3GCJKZAu2R+eVin8A4/5e35zHNAaMXFEGF
ajyUs709e/ouslTKL7Qp6D3n3aOwjxsvdlffFdXWrJ+DcRTRsINSSwgZPOqhNgyW
J7O3s74wo8+P1tNCjtyNxHAZLbIt0eXxQJHDGvl5B18AJV34FaJWEV8dOJIY0nsK
0sJKhHKaRo8L6VpyftpOeEYAvx2YZosjbOAE5Yxq8WDPKywRLLqiLRvoBnbhnSoK
ciwWO1LWRHm5ut7XB6XrpWck9VN2v6xcfjtHe09RhhJLp9xxoIgCHZaqFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA8D5e4HKQKAlbe3L9pJWPWNOIfeMB8GA1UdIwQY
MBaAFADM+iwWb4bDzQHG664ZN0Xh6w8pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQU16NkxCWnZoc1BOQWNicnJoazNSZUhyRHlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi80N2U5MDktNzc0NC00ZGIzLWI2OTEt
YTdiOWM3MTE1YzFlLzEvQU16NkxCWnZoc1BOQWNicnJoazNSZUhyRHlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi80N2U5MDktNzc0NC00ZGIzLWI2OTEtYTdiOWM3MTE1YzFl
LzEvQU16NkxCWnZoc1BOQWNicnJoazNSZUhyRHlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANuI00Yu+
9j2JMQ9bJxlNQvej0GfL3Gtwya6jJeaJRoPWF3hrjw+ATZKUCkMK98wTV53qIKRp
qLyJ4S/dKg29LRMIpluuZjGJea6hEDceptNBHFSNBDXCXMyzQZCVjfAgy4Is1tZh
OM4oM9aYhoKNiZuQ/RcLhaxEK16PUdArPIsEc4gjLG/3WuldsT57shzKHVhGPl40
Xy4U10Tb8WJAsgDgq+3wiS/1qRAQJ2x6Gr688C+Swi6zyxk2pnRpXeD3VND/UPxw
Bvo6ythyZuJhyiYfrjPml+FL40fVgenxuprQWjRUYej+8aneC/1hpb58uOAmIVn0
oeI2ZJnbPc6yCA==
-----END CERTIFICATE-----
Generated at Sat Jun 28 20:50:48 2025 by rpki-client