Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/6dac86-224b-4ae5-b2a8-496ba82492ce/1/nFVnZyAcUPayqVXbah5uAR36XUQ.mft
File: nFVnZyAcUPayqVXbah5uAR36XUQ.mft (raw, json)
Hash identifier: bbfpNCBkvOIkqbgTqxq5h/WBZkk76rkxbl6AwpBgfR8=
Subject key identifier: A5:8F:82:4C:0B:73:8B:37:0B:8A:D0:F2:0E:FB:98:06:32:66:DF:0A
Authority key identifier: 9C:55:67:67:20:1C:50:F6:B2:A9:55:DB:6A:1E:6E:01:1D:FA:5D:44
Certificate issuer: /CN=9c556767201c50f6b2a955db6a1e6e011dfa5d44
Certificate serial: 0197C8035B69F86212820A287B95EBC758E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nFVnZyAcUPayqVXbah5uAR36XUQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/6dac86-224b-4ae5-b2a8-496ba82492ce/1/nFVnZyAcUPayqVXbah5uAR36XUQ.mft
Manifest number: 0AE6
Signing time: Tue 01 Jul 2025 22:02:32 +0000
Manifest this update: Tue 01 Jul 2025 22:02:32 +0000
Manifest next update: Wed 02 Jul 2025 22:02:32 +0000
Files and hashes: 1: cmsoMlIRCcbLziNipTUjZc3lrew.roa (hash: a1CFCcY0jADOuS6DTKGkRSmsv5gzH4GzUcir7HG6pUE=)
2: nFVnZyAcUPayqVXbah5uAR36XUQ.crl (hash: TNyADpMPTGSYfEDwAfsqrsIDJatvlBNaKQUiT7l62EI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/6dac86-224b-4ae5-b2a8-496ba82492ce/1/nFVnZyAcUPayqVXbah5uAR36XUQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/6dac86-224b-4ae5-b2a8-496ba82492ce/1/nFVnZyAcUPayqVXbah5uAR36XUQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/nFVnZyAcUPayqVXbah5uAR36XUQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 22:02:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c8:03:5b:69:f8:62:12:82:0a:28:7b:95:eb:c7:58:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c556767201c50f6b2a955db6a1e6e011dfa5d44
Validity
Not Before: Jul 1 22:02:32 2025 GMT
Not After : Jul 2 22:02:32 2025 GMT
Subject: CN=a58f824c0b738b370b8ad0f20efb98063266df0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:2b:c9:1c:b0:87:d2:ac:65:72:0c:b5:33:c0:
b1:f2:97:6a:2f:03:c5:ea:0a:9c:ec:4e:cf:7e:57:
c0:77:bb:e9:ae:4f:64:4b:ba:4b:0f:f5:0f:d4:37:
f6:f8:a0:5d:2b:7b:84:63:65:78:c7:41:59:55:4d:
18:11:7b:c3:c6:67:7d:39:0a:74:ea:62:0c:db:81:
60:f8:07:43:82:4c:d2:d9:21:3f:68:b5:71:fa:98:
a8:ba:4a:eb:3a:10:7f:60:b3:db:ba:2e:1c:d2:fd:
dd:da:67:87:ae:e9:7d:29:f3:64:81:ac:3d:01:7a:
0c:5a:25:0d:90:47:7a:32:00:da:d6:64:9d:7e:bd:
41:96:45:f8:ab:7c:c1:4f:2d:26:08:3a:07:ce:a1:
53:6a:3e:20:78:56:02:8a:d5:e6:1a:18:89:65:5f:
ef:0f:94:77:e8:55:6d:61:79:f4:92:ab:10:73:b8:
5c:4f:45:5a:86:71:d7:b2:dc:15:00:f1:f6:81:ee:
f2:8a:26:5f:87:ac:10:f4:cb:08:a5:53:fc:19:e5:
c7:52:d2:30:5f:c5:79:8a:17:71:65:0f:b7:55:a1:
29:0d:09:3e:93:ee:5f:37:88:de:94:a7:a6:57:50:
9c:d4:02:ee:62:77:f3:5b:ed:de:8d:64:ed:98:ba:
27:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:8F:82:4C:0B:73:8B:37:0B:8A:D0:F2:0E:FB:98:06:32:66:DF:0A
X509v3 Authority Key Identifier:
keyid:9C:55:67:67:20:1C:50:F6:B2:A9:55:DB:6A:1E:6E:01:1D:FA:5D:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFVnZyAcUPayqVXbah5uAR36XUQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/6dac86-224b-4ae5-b2a8-496ba82492ce/1/nFVnZyAcUPayqVXbah5uAR36XUQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/6dac86-224b-4ae5-b2a8-496ba82492ce/1/nFVnZyAcUPayqVXbah5uAR36XUQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:96:9f:2d:f6:79:df:15:e1:db:8a:b1:44:ee:0d:d9:3a:f8:
65:ea:b7:8d:7c:46:56:bf:83:ff:55:e9:fe:c0:eb:ca:0b:5a:
94:4c:d5:8e:25:1d:28:90:67:c8:2f:43:50:5f:cf:bf:a4:32:
5f:06:d4:cc:97:65:8f:78:da:56:8a:b7:61:d4:ee:e2:d0:0e:
28:54:86:b8:00:82:4e:67:3d:7c:1f:8c:36:cc:7a:6d:fb:df:
c7:85:04:67:19:09:54:8e:78:d7:84:4d:51:b7:83:2d:31:bc:
db:85:a8:f8:06:e5:00:1d:1b:ae:96:00:a8:d3:71:0b:c1:4c:
d1:59:89:ea:76:43:07:8e:d1:fd:cf:35:0b:b2:68:6c:af:df:
e2:99:13:98:2f:91:74:bd:dc:66:c3:bf:4f:d5:94:09:b1:08:
68:ab:03:b0:72:db:42:98:4b:99:ec:58:55:82:a7:eb:ba:86:
f3:9b:1f:cc:64:bc:f6:e4:fe:b7:20:9e:27:c3:4b:b2:e3:78:
1d:e4:cf:b6:b6:83:ac:33:08:37:29:cf:81:92:d4:bd:38:29:
e3:45:9c:77:57:72:7b:4d:da:7a:ea:39:38:5c:33:02:e6:51:
57:65:0c:e0:86:bd:2c:25:ab:1f:c0:a7:14:20:fb:50:5a:f5:
ad:86:4f:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfIA1tp+GISggooe5Xrx1jnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTU2NzY3MjAxYzUwZjZiMmE5NTVkYjZhMWU2ZTAxMWRm
YTVkNDQwHhcNMjUwNzAxMjIwMjMyWhcNMjUwNzAyMjIwMjMyWjAzMTEwLwYDVQQD
EyhhNThmODI0YzBiNzM4YjM3MGI4YWQwZjIwZWZiOTgwNjMyNjZkZjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySvJHLCH0qxlcgy1M8Cx8pdqLwPF
6gqc7E7PflfAd7vprk9kS7pLD/UP1Df2+KBdK3uEY2V4x0FZVU0YEXvDxmd9OQp0
6mIM24Fg+AdDgkzS2SE/aLVx+pioukrrOhB/YLPbui4c0v3d2meHrul9KfNkgaw9
AXoMWiUNkEd6MgDa1mSdfr1BlkX4q3zBTy0mCDoHzqFTaj4geFYCitXmGhiJZV/v
D5R36FVtYXn0kqsQc7hcT0VahnHXstwVAPH2ge7yiiZfh6wQ9MsIpVP8GeXHUtIw
X8V5ihdxZQ+3VaEpDQk+k+5fN4jelKemV1Cc1ALuYnfzW+3ejWTtmLonfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKWPgkwLc4s3C4rQ8g77mAYyZt8KMB8GA1UdIwQY
MBaAFJxVZ2cgHFD2sqlV22oebgEd+l1EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZWblp5QWNVUGF5cVZYYmFoNXVBUjM2WFVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82ZGFjODYtMjI0Yi00YWU1LWIyYTgt
NDk2YmE4MjQ5MmNlLzEvbkZWblp5QWNVUGF5cVZYYmFoNXVBUjM2WFVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi82ZGFjODYtMjI0Yi00YWU1LWIyYTgtNDk2YmE4MjQ5MmNl
LzEvbkZWblp5QWNVUGF5cVZYYmFoNXVBUjM2WFVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh5afLfZ5
3xXh24qxRO4N2Tr4Zeq3jXxGVr+D/1Xp/sDrygtalEzVjiUdKJBnyC9DUF/Pv6Qy
XwbUzJdlj3jaVoq3YdTu4tAOKFSGuACCTmc9fB+MNsx6bfvfx4UEZxkJVI5414RN
UbeDLTG824Wo+AblAB0brpYAqNNxC8FM0VmJ6nZDB47R/c81C7JobK/f4pkTmC+R
dL3cZsO/T9WUCbEIaKsDsHLbQphLmexYVYKn67qG85sfzGS89uT+tyCeJ8NLsuN4
HeTPtraDrDMINynPgZLUvTgp40Wcd1dye03aeuo5OFwzAuZRV2UM4Ia9LCWrH8Cn
FCD7UFr1rYZPtQ==
-----END CERTIFICATE-----
Generated at Wed Jul 2 05:23:31 2025 by rpki-client