Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
File: gh8Shdd1qfWJJD6shErcWridl8k.mft (raw, json)
Hash identifier: 3DECd7r2iJqQtqddC45yJIPPPO9wyUu4EzJ6kZgQ95g=
Subject key identifier: 28:68:CD:0E:38:81:A8:BD:50:E9:73:A9:BF:4C:FA:0B:9B:A3:29:DD
Authority key identifier: 82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
Certificate issuer: /CN=821f1285d775a9f589243eac844adc5ab89d97c9
Certificate serial: 0197BF35C45211C7E0A2EB05302A79206161
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
Manifest number: 0A5E
Signing time: Mon 30 Jun 2025 05:01:01 +0000
Manifest this update: Mon 30 Jun 2025 05:01:01 +0000
Manifest next update: Tue 01 Jul 2025 05:01:01 +0000
Files and hashes: 1: 9ZpW1MFLfzhcDdO5wTaJpRND5LI.roa (hash: eD8scxSV/Ipj3PNHolMKD1Dy5Nq6O0rfumsVRuff780=)
2: gh8Shdd1qfWJJD6shErcWridl8k.crl (hash: xrTXhz4s9tVfM1MgFYblC36XvcbrxhSdFkkT0RlslAw=)
3: yGExv6aT2zwwq4E64R4PQ7ZXbjU.roa (hash: UK4ZT9heAIw8jcnXNcqfBznXiBKMuH0NwH/ajGH3z/U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 05:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:bf:35:c4:52:11:c7:e0:a2:eb:05:30:2a:79:20:61:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821f1285d775a9f589243eac844adc5ab89d97c9
Validity
Not Before: Jun 30 05:01:01 2025 GMT
Not After : Jul 1 05:01:01 2025 GMT
Subject: CN=2868cd0e3881a8bd50e973a9bf4cfa0b9ba329dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:1e:a5:b2:8a:04:22:59:90:b4:15:8f:ba:99:
29:dc:8e:ab:40:4f:79:fd:5d:11:3c:23:db:8d:f8:
f4:52:d1:22:10:cc:8b:65:59:81:52:33:4e:2d:93:
9e:ee:61:32:5d:00:ad:84:69:1d:1f:cc:32:e2:94:
03:2a:fc:f9:d3:fa:9f:13:7c:3a:e6:dd:15:c9:d9:
61:b3:4b:59:f4:39:8b:59:85:c3:f8:02:18:8d:3f:
ab:28:28:8f:e5:43:45:b6:9e:46:f9:ed:8b:1c:d3:
ab:be:76:24:db:ae:ee:98:52:cd:fc:29:17:23:d0:
c1:03:c1:c3:7a:1a:41:d5:0b:b9:3d:84:45:be:c0:
09:74:db:45:bc:12:bc:59:c1:da:2b:a4:29:62:5b:
9c:93:d0:87:fd:34:35:09:99:25:e1:3b:c8:79:38:
2a:e8:9b:4c:ee:b5:4a:20:40:8d:12:0e:a5:e5:17:
c1:e9:83:e7:27:57:bd:04:fc:b5:f3:ad:24:ca:94:
67:f5:00:d3:cc:a7:86:c6:76:24:a7:ce:32:1a:bb:
91:cc:62:dd:bc:97:df:f0:bb:c2:63:7c:7c:a3:97:
53:cf:bb:4d:ba:be:e6:90:ab:32:50:0f:84:c8:4d:
43:0f:5b:a0:b3:e0:a3:aa:37:13:07:be:c7:c5:69:
78:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:68:CD:0E:38:81:A8:BD:50:E9:73:A9:BF:4C:FA:0B:9B:A3:29:DD
X509v3 Authority Key Identifier:
keyid:82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
61:ee:b9:d6:b3:60:8f:0d:eb:f5:35:29:99:c5:d9:9f:1f:61:
7c:33:1b:ed:be:fc:36:06:cc:af:12:70:01:f5:f3:63:67:a9:
11:f9:6d:3e:7a:bb:79:19:12:45:92:f0:0c:36:38:7b:da:77:
31:1f:3e:20:ce:3a:44:a1:54:11:84:ef:43:79:75:3f:19:e3:
ff:56:73:2c:58:57:a2:02:8b:2a:b2:bf:73:36:66:32:63:d7:
80:dd:e8:83:e1:06:13:b0:f9:bd:83:a9:11:c5:d8:51:f0:02:
af:9f:f0:de:a5:62:03:c9:34:be:36:8e:16:aa:6c:dd:8a:77:
89:78:8e:ba:02:77:aa:e5:36:a6:93:92:45:fd:76:85:45:ee:
92:ad:86:25:75:b4:ce:cb:ad:bd:27:ff:75:93:a2:9f:be:5a:
fe:43:40:3f:e0:33:21:09:1b:01:cc:6c:57:c7:19:41:cb:6d:
a3:c4:ce:ec:b1:9f:c6:e5:c1:de:e5:0f:10:50:0c:0c:cb:bb:
2d:2a:e6:14:b6:0c:f0:79:79:e2:35:be:87:e2:e0:65:71:1a:
bc:30:db:29:3c:33:ae:5f:71:87:3d:c6:f4:32:0d:d3:ce:7e:
6e:86:30:a2:dc:bc:9a:4e:cc:37:cf:20:6e:d7:2b:17:cf:af:
fe:70:e4:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe/NcRSEcfgousFMCp5IGFhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWYxMjg1ZDc3NWE5ZjU4OTI0M2VhYzg0NGFkYzVhYjg5
ZDk3YzkwHhcNMjUwNjMwMDUwMTAxWhcNMjUwNzAxMDUwMTAxWjAzMTEwLwYDVQQD
EygyODY4Y2QwZTM4ODFhOGJkNTBlOTczYTliZjRjZmEwYjliYTMyOWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoh6lsooEIlmQtBWPupkp3I6rQE95
/V0RPCPbjfj0UtEiEMyLZVmBUjNOLZOe7mEyXQCthGkdH8wy4pQDKvz50/qfE3w6
5t0Vydlhs0tZ9DmLWYXD+AIYjT+rKCiP5UNFtp5G+e2LHNOrvnYk267umFLN/CkX
I9DBA8HDehpB1Qu5PYRFvsAJdNtFvBK8WcHaK6QpYluck9CH/TQ1CZkl4TvIeTgq
6JtM7rVKIECNEg6l5RfB6YPnJ1e9BPy1860kypRn9QDTzKeGxnYkp84yGruRzGLd
vJff8LvCY3x8o5dTz7tNur7mkKsyUA+EyE1DD1ugs+CjqjcTB77HxWl4cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFChozQ44gai9UOlzqb9M+guboyndMB8GA1UdIwQY
MBaAFIIfEoXXdan1iSQ+rIRK3Fq4nZfJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQt
NDhlZWE4ZDVmZWYxLzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQtNDhlZWE4ZDVmZWYx
LzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYe651rNg
jw3r9TUpmcXZnx9hfDMb7b78NgbMrxJwAfXzY2epEfltPnq7eRkSRZLwDDY4e9p3
MR8+IM46RKFUEYTvQ3l1Pxnj/1ZzLFhXogKLKrK/czZmMmPXgN3og+EGE7D5vYOp
EcXYUfACr5/w3qViA8k0vjaOFqps3Yp3iXiOugJ3quU2ppOSRf12hUXukq2GJXW0
zsutvSf/dZOin75a/kNAP+AzIQkbAcxsV8cZQctto8TO7LGfxuXB3uUPEFAMDMu7
LSrmFLYM8Hl54jW+h+LgZXEavDDbKTwzrl9xhz3G9DIN085+boYwoty8mk7MN88g
btcrF8+v/nDkKg==
-----END CERTIFICATE-----
Generated at Mon Jun 30 15:01:15 2025 by rpki-client