Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/6b8ea6-f907-40d1-9e7d-d94e601843d1/1/r4poziKkwZ8XcA9izPi7bC2vUeE.mft
File: r4poziKkwZ8XcA9izPi7bC2vUeE.mft (raw, json)
Hash identifier: /Mk0Idy4EVfdLtjkOqHV46j34t8FRMCUsKWMgT2JEZo=
Subject key identifier: F1:94:E5:68:D3:94:57:FD:89:E4:62:B4:E6:A7:FD:CF:2B:AC:D3:05
Authority key identifier: AF:8A:68:CE:22:A4:C1:9F:17:70:0F:62:CC:F8:BB:6C:2D:AF:51:E1
Certificate issuer: /CN=af8a68ce22a4c19f17700f62ccf8bb6c2daf51e1
Certificate serial: 0197B77C29AFD32E39A58C77838CECB3B6EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4poziKkwZ8XcA9izPi7bC2vUeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/6b8ea6-f907-40d1-9e7d-d94e601843d1/1/r4poziKkwZ8XcA9izPi7bC2vUeE.mft
Manifest number: 0F31
Signing time: Sat 28 Jun 2025 17:00:57 +0000
Manifest this update: Sat 28 Jun 2025 17:00:57 +0000
Manifest next update: Sun 29 Jun 2025 17:00:57 +0000
Files and hashes: 1: r4poziKkwZ8XcA9izPi7bC2vUeE.crl (hash: doZLXpLsAYRXCaZ+/ANlgN3Bozs8tALw3316ZZlLOrU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/6b8ea6-f907-40d1-9e7d-d94e601843d1/1/r4poziKkwZ8XcA9izPi7bC2vUeE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/6b8ea6-f907-40d1-9e7d-d94e601843d1/1/r4poziKkwZ8XcA9izPi7bC2vUeE.mft
rsync://rpki.ripe.net/repository/DEFAULT/r4poziKkwZ8XcA9izPi7bC2vUeE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:7c:29:af:d3:2e:39:a5:8c:77:83:8c:ec:b3:b6:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af8a68ce22a4c19f17700f62ccf8bb6c2daf51e1
Validity
Not Before: Jun 28 17:00:57 2025 GMT
Not After : Jun 29 17:00:57 2025 GMT
Subject: CN=f194e568d39457fd89e462b4e6a7fdcf2bacd305
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ff:d1:11:0d:0d:fd:68:35:db:d7:94:29:55:
cc:75:17:43:58:60:92:ab:6f:23:1f:ed:71:87:e5:
cd:7c:b0:1f:58:e4:e0:cc:3f:7c:79:08:a2:00:c7:
ee:3f:27:c6:1e:5a:4d:21:7b:b9:3e:cb:c7:21:ce:
f3:ad:b0:e7:04:fd:ed:83:83:a7:4f:b8:58:33:29:
3d:44:45:a1:08:a3:b3:a0:41:5a:53:b5:85:4e:ec:
7f:6d:34:a4:59:0a:df:8c:a1:93:3d:ed:81:1d:dc:
5d:e1:0e:e4:72:3d:b0:90:92:3b:85:ca:82:97:69:
31:55:8e:e6:c6:8e:1a:f1:25:03:69:81:c9:6d:27:
05:e3:97:64:b8:cc:85:4b:a8:69:cb:0a:f0:b7:d0:
aa:d0:9f:82:d9:e8:26:cd:0a:3f:c2:e1:69:17:1f:
87:bb:42:03:e8:97:ff:5d:03:a9:0f:87:d5:d5:f7:
56:ec:44:64:8a:68:fc:7e:a0:26:fb:5b:bf:90:9c:
e6:68:1b:b2:a6:e8:17:4d:94:7a:d8:2a:0e:94:e9:
05:d5:c5:d3:c1:36:52:9b:0a:bd:69:23:c6:9e:95:
a0:ad:fd:2a:90:11:0c:90:a1:f7:cc:55:d4:01:76:
65:ba:4a:4e:9d:62:8b:5e:43:28:a0:ca:9c:40:e4:
84:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:94:E5:68:D3:94:57:FD:89:E4:62:B4:E6:A7:FD:CF:2B:AC:D3:05
X509v3 Authority Key Identifier:
keyid:AF:8A:68:CE:22:A4:C1:9F:17:70:0F:62:CC:F8:BB:6C:2D:AF:51:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4poziKkwZ8XcA9izPi7bC2vUeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/6b8ea6-f907-40d1-9e7d-d94e601843d1/1/r4poziKkwZ8XcA9izPi7bC2vUeE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/6b8ea6-f907-40d1-9e7d-d94e601843d1/1/r4poziKkwZ8XcA9izPi7bC2vUeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ad:82:69:4d:c1:a2:77:e1:e0:25:d3:44:2e:39:4e:87:18:f9:
55:33:c8:5d:ea:a1:18:06:ee:b5:09:cf:a3:f0:99:a4:f9:d3:
88:45:e3:19:cb:90:69:42:57:d5:20:6e:51:7f:58:85:29:61:
a1:30:3a:ee:93:b2:d1:12:19:d7:75:11:4c:9e:37:e5:6e:9e:
05:3b:89:e2:c8:2d:b9:90:17:4c:4c:84:a8:eb:a6:6c:b0:4a:
34:39:37:03:f6:1b:dd:71:d7:b1:04:93:84:0f:e7:d5:f3:f6:
03:8b:db:70:69:40:13:c1:11:82:34:57:ce:f4:91:76:f2:b7:
dc:a8:db:08:99:00:80:d8:fe:10:22:b1:ae:75:36:49:b6:b4:
ef:5f:ac:e6:43:c4:da:6d:39:74:7d:e8:a0:db:d3:e1:ec:f7:
1a:c4:89:35:7a:34:e9:19:f0:08:ba:b9:32:db:62:78:36:78:
0a:4a:c3:2a:0d:0d:18:d0:d8:e1:37:af:6e:69:53:22:1b:73:
68:6a:bb:e5:b6:0d:37:7d:6e:be:00:23:b9:a7:d0:98:ec:6e:
81:26:ec:84:d7:ff:6d:9f:45:fc:15:9d:c7:c9:51:9a:eb:42:
d7:a6:f0:5a:3c:37:13:f5:5a:da:0b:e5:f0:3d:98:32:50:fd:
1d:a6:b4:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fCmv0y45pYx3g4zss7bqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOGE2OGNlMjJhNGMxOWYxNzcwMGY2MmNjZjhiYjZjMmRh
ZjUxZTEwHhcNMjUwNjI4MTcwMDU3WhcNMjUwNjI5MTcwMDU3WjAzMTEwLwYDVQQD
EyhmMTk0ZTU2OGQzOTQ1N2ZkODllNDYyYjRlNmE3ZmRjZjJiYWNkMzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoP/REQ0N/Wg129eUKVXMdRdDWGCS
q28jH+1xh+XNfLAfWOTgzD98eQiiAMfuPyfGHlpNIXu5PsvHIc7zrbDnBP3tg4On
T7hYMyk9REWhCKOzoEFaU7WFTux/bTSkWQrfjKGTPe2BHdxd4Q7kcj2wkJI7hcqC
l2kxVY7mxo4a8SUDaYHJbScF45dkuMyFS6hpywrwt9Cq0J+C2egmzQo/wuFpFx+H
u0ID6Jf/XQOpD4fV1fdW7ERkimj8fqAm+1u/kJzmaBuypugXTZR62CoOlOkF1cXT
wTZSmwq9aSPGnpWgrf0qkBEMkKH3zFXUAXZlukpOnWKLXkMooMqcQOSESQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPGU5WjTlFf9ieRitOan/c8rrNMFMB8GA1UdIwQY
MBaAFK+KaM4ipMGfF3APYsz4u2wtr1HhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRwb3ppS2t3WjhYY0E5aXpQaTdiQzJ2VWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi82YjhlYTYtZjkwNy00MGQxLTllN2Qt
ZDk0ZTYwMTg0M2QxLzEvcjRwb3ppS2t3WjhYY0E5aXpQaTdiQzJ2VWVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi82YjhlYTYtZjkwNy00MGQxLTllN2QtZDk0ZTYwMTg0M2Qx
LzEvcjRwb3ppS2t3WjhYY0E5aXpQaTdiQzJ2VWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArYJpTcGi
d+HgJdNELjlOhxj5VTPIXeqhGAbutQnPo/CZpPnTiEXjGcuQaUJX1SBuUX9YhSlh
oTA67pOy0RIZ13URTJ435W6eBTuJ4sgtuZAXTEyEqOumbLBKNDk3A/Yb3XHXsQST
hA/n1fP2A4vbcGlAE8ERgjRXzvSRdvK33KjbCJkAgNj+ECKxrnU2Sba071+s5kPE
2m05dH3ooNvT4ez3GsSJNXo06RnwCLq5MttieDZ4CkrDKg0NGNDY4TevbmlTIhtz
aGq75bYNN31uvgAjuafQmOxugSbshNf/bZ9F/BWdx8lRmutC16bwWjw3E/Va2gvl
8D2YMlD9Haa0WQ==
-----END CERTIFICATE-----
Generated at Sat Jun 28 21:34:16 2025 by rpki-client