Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/267966-f039-4174-810d-3f4ef81a2e53/1/S8hY5QhWNUaEpdBKPsw1klgNVI0.mft
File: S8hY5QhWNUaEpdBKPsw1klgNVI0.mft (raw, json)
Hash identifier: ZD0oT+kmNZ9Eu8WYS8fZJ6/xEWgOor5R0/QC1PC3EU8=
Subject key identifier: 96:F5:FE:82:77:20:95:B3:C8:CF:B2:26:52:4A:19:35:6B:D4:FA:10
Authority key identifier: 4B:C8:58:E5:08:56:35:46:84:A5:D0:4A:3E:CC:35:92:58:0D:54:8D
Certificate issuer: /CN=4bc858e50856354684a5d04a3ecc3592580d548d
Certificate serial: 0197B7B36AEA48B166D59B76B96CAF04A5B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S8hY5QhWNUaEpdBKPsw1klgNVI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/267966-f039-4174-810d-3f4ef81a2e53/1/S8hY5QhWNUaEpdBKPsw1klgNVI0.mft
Manifest number: 0873
Signing time: Sat 28 Jun 2025 18:01:18 +0000
Manifest this update: Sat 28 Jun 2025 18:01:18 +0000
Manifest next update: Sun 29 Jun 2025 18:01:18 +0000
Files and hashes: 1: 1kPYBeHFqZcRahwRlHXvuPvT0zI.roa (hash: qhycFEi6FwqVVERso5+P+dTV24QXX6z3cT56YMpxbXU=)
2: S8hY5QhWNUaEpdBKPsw1klgNVI0.crl (hash: +Pcr60t3Ng42KLrINVw45/VG4ToaxynXDp7eSDkd2FM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/267966-f039-4174-810d-3f4ef81a2e53/1/S8hY5QhWNUaEpdBKPsw1klgNVI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/267966-f039-4174-810d-3f4ef81a2e53/1/S8hY5QhWNUaEpdBKPsw1klgNVI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/S8hY5QhWNUaEpdBKPsw1klgNVI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:b3:6a:ea:48:b1:66:d5:9b:76:b9:6c:af:04:a5:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4bc858e50856354684a5d04a3ecc3592580d548d
Validity
Not Before: Jun 28 18:01:18 2025 GMT
Not After : Jun 29 18:01:18 2025 GMT
Subject: CN=96f5fe82772095b3c8cfb226524a19356bd4fa10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:0c:33:b0:a9:80:e8:f2:13:78:fb:d5:37:79:
c2:3b:7f:73:ee:85:12:b3:36:3b:54:63:77:fd:fe:
ff:56:8d:e4:32:dc:9c:06:6d:7f:3b:12:17:f0:f0:
bd:7f:21:a8:fd:77:1b:f0:c0:c7:d1:89:f6:0f:c9:
22:df:8a:a7:81:48:59:c2:ec:32:22:ef:fb:a9:5a:
0c:5d:f0:df:2b:27:73:e4:b0:9c:a2:96:05:a1:2d:
3b:e3:ce:7b:c8:a7:db:4f:91:41:a1:66:ad:c6:b5:
4c:3d:af:09:11:9e:e0:c0:37:33:07:21:ee:d8:60:
06:af:d2:b0:78:bd:e7:4c:93:60:08:fa:d3:09:e8:
84:d1:3b:8d:6d:90:a0:90:18:bd:d3:15:85:92:a9:
0e:be:fc:b5:15:c3:15:1b:ad:f4:68:f5:52:5b:02:
a3:a9:c8:0b:b8:a1:e4:fb:b6:84:7d:02:3a:f2:36:
de:73:07:68:39:f6:49:51:1a:dd:5f:d5:17:99:1b:
c0:86:f0:b7:c1:bf:12:5e:22:21:cf:1e:1c:c7:b2:
0d:4f:41:0a:d9:35:57:62:25:3e:ed:79:ee:57:7d:
5c:fb:0a:da:08:eb:e2:e1:e0:87:1c:08:3a:12:09:
06:ed:e1:1a:e3:5a:b8:d7:fe:41:f7:ee:c5:a7:1a:
33:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:F5:FE:82:77:20:95:B3:C8:CF:B2:26:52:4A:19:35:6B:D4:FA:10
X509v3 Authority Key Identifier:
keyid:4B:C8:58:E5:08:56:35:46:84:A5:D0:4A:3E:CC:35:92:58:0D:54:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S8hY5QhWNUaEpdBKPsw1klgNVI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/267966-f039-4174-810d-3f4ef81a2e53/1/S8hY5QhWNUaEpdBKPsw1klgNVI0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/267966-f039-4174-810d-3f4ef81a2e53/1/S8hY5QhWNUaEpdBKPsw1klgNVI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:64:b0:4a:0e:96:aa:8d:5c:99:22:16:c6:2f:38:36:56:e2:
48:e4:82:99:a6:f8:2b:24:7f:c3:ff:25:98:50:63:a6:8e:db:
d6:1d:33:92:d1:db:fc:39:c4:54:bb:0f:92:aa:9b:98:ca:d0:
37:50:06:d2:6a:73:22:1b:24:d0:a8:b4:25:42:c3:d0:f4:19:
2d:5a:cb:e8:a2:d7:80:5c:65:df:8e:07:19:32:00:59:e7:60:
a0:e4:a3:01:7f:86:23:f1:4c:f5:59:44:69:28:a2:7e:02:25:
a1:70:27:7a:7a:0b:0b:9d:61:b1:41:29:b3:5b:fe:4e:de:fe:
a4:4e:1c:a6:9e:01:8a:f9:7d:60:b2:1d:63:30:8a:38:71:86:
b6:b3:02:7d:63:34:1e:4d:22:92:a8:1d:3f:1b:fe:25:cf:22:
be:c8:d7:ab:cd:24:47:ed:69:07:c9:f9:cd:6f:15:f3:42:4d:
26:7c:42:01:62:bb:f2:07:b5:d5:15:7b:97:22:77:36:b0:73:
69:1e:57:f6:4a:94:f1:0d:3a:d7:16:9e:29:49:bf:f3:7d:eb:
7b:b9:40:0f:13:1c:00:16:67:a8:3a:59:44:ba:80:1a:63:33:
55:97:97:8a:29:64:87:55:c6:5c:db:55:ca:ed:a5:63:e3:40:
d5:d3:c7:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3s2rqSLFm1Zt2uWyvBKW2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiYzg1OGU1MDg1NjM1NDY4NGE1ZDA0YTNlY2MzNTkyNTgw
ZDU0OGQwHhcNMjUwNjI4MTgwMTE4WhcNMjUwNjI5MTgwMTE4WjAzMTEwLwYDVQQD
Eyg5NmY1ZmU4Mjc3MjA5NWIzYzhjZmIyMjY1MjRhMTkzNTZiZDRmYTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwwzsKmA6PITePvVN3nCO39z7oUS
szY7VGN3/f7/Vo3kMtycBm1/OxIX8PC9fyGo/Xcb8MDH0Yn2D8ki34qngUhZwuwy
Iu/7qVoMXfDfKydz5LCcopYFoS074857yKfbT5FBoWatxrVMPa8JEZ7gwDczByHu
2GAGr9KweL3nTJNgCPrTCeiE0TuNbZCgkBi90xWFkqkOvvy1FcMVG630aPVSWwKj
qcgLuKHk+7aEfQI68jbecwdoOfZJURrdX9UXmRvAhvC3wb8SXiIhzx4cx7INT0EK
2TVXYiU+7XnuV31c+wraCOvi4eCHHAg6EgkG7eEa41q41/5B9+7FpxoztwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJb1/oJ3IJWzyM+yJlJKGTVr1PoQMB8GA1UdIwQY
MBaAFEvIWOUIVjVGhKXQSj7MNZJYDVSNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzhoWTVRaFdOVWFFcGRCS1BzdzFrbGdOVkkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8yNjc5NjYtZjAzOS00MTc0LTgxMGQt
M2Y0ZWY4MWEyZTUzLzEvUzhoWTVRaFdOVWFFcGRCS1BzdzFrbGdOVkkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8yNjc5NjYtZjAzOS00MTc0LTgxMGQtM2Y0ZWY4MWEyZTUz
LzEvUzhoWTVRaFdOVWFFcGRCS1BzdzFrbGdOVkkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG2SwSg6W
qo1cmSIWxi84NlbiSOSCmab4KyR/w/8lmFBjpo7b1h0zktHb/DnEVLsPkqqbmMrQ
N1AG0mpzIhsk0Ki0JULD0PQZLVrL6KLXgFxl344HGTIAWedgoOSjAX+GI/FM9VlE
aSiifgIloXAnenoLC51hsUEps1v+Tt7+pE4cpp4Bivl9YLIdYzCKOHGGtrMCfWM0
Hk0ikqgdPxv+Jc8ivsjXq80kR+1pB8n5zW8V80JNJnxCAWK78ge11RV7lyJ3NrBz
aR5X9kqU8Q061xaeKUm/833re7lADxMcABZnqDpZRLqAGmMzVZeXiilkh1XGXNtV
yu2lY+NA1dPHdQ==
-----END CERTIFICATE-----
Generated at Sat Jun 28 22:06:55 2025 by rpki-client