Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/11cdac-6411-454d-b973-4762b010ef1e/1/0KHbRmz4CCBik9B-ZfISH-tJoz4.mft
File: 0KHbRmz4CCBik9B-ZfISH-tJoz4.mft (raw, json)
Hash identifier: VBp8ukEqkdfCavbLrfIDY/hbWqTgBLzux1yNlgWAfPU=
Subject key identifier: 88:F3:53:49:22:AB:A3:BC:B1:60:B3:8B:67:86:47:BA:92:4E:2C:31
Authority key identifier: D0:A1:DB:46:6C:F8:08:20:62:93:D0:7E:65:F2:12:1F:EB:49:A3:3E
Certificate issuer: /CN=d0a1db466cf808206293d07e65f2121feb49a33e
Certificate serial: 0197B7EA2DD0BC7E4AE8F9BDDEA93E166B42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0KHbRmz4CCBik9B-ZfISH-tJoz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/11cdac-6411-454d-b973-4762b010ef1e/1/0KHbRmz4CCBik9B-ZfISH-tJoz4.mft
Manifest number: 13A4
Signing time: Sat 28 Jun 2025 19:01:07 +0000
Manifest this update: Sat 28 Jun 2025 19:01:07 +0000
Manifest next update: Sun 29 Jun 2025 19:01:07 +0000
Files and hashes: 1: 0KHbRmz4CCBik9B-ZfISH-tJoz4.crl (hash: nOGwiJfLt9Qqs7a22mW4e7Z/BxrU1zprXQAB3lJthVQ=)
2: wC7Ohmh2aveKOZ7_Cl4a1vLomLo.roa (hash: hPiN8yhRbkkwhBqX7IPJBoamojlDhfcUtcDIIbpri30=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/11cdac-6411-454d-b973-4762b010ef1e/1/0KHbRmz4CCBik9B-ZfISH-tJoz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/11cdac-6411-454d-b973-4762b010ef1e/1/0KHbRmz4CCBik9B-ZfISH-tJoz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/0KHbRmz4CCBik9B-ZfISH-tJoz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:ea:2d:d0:bc:7e:4a:e8:f9:bd:de:a9:3e:16:6b:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0a1db466cf808206293d07e65f2121feb49a33e
Validity
Not Before: Jun 28 19:01:07 2025 GMT
Not After : Jun 29 19:01:07 2025 GMT
Subject: CN=88f3534922aba3bcb160b38b678647ba924e2c31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:eb:f4:4a:4c:2e:29:20:72:6f:d7:ac:23:cc:
f3:f8:97:8e:6e:2f:ab:55:07:99:0d:c1:5b:11:15:
3a:92:77:24:31:89:d0:79:e3:78:aa:e0:18:26:33:
af:db:e8:67:70:72:04:2d:e8:8d:e9:5a:fd:d9:90:
b6:da:c0:f2:bf:f5:72:b7:bd:79:cf:9c:12:1b:a7:
3d:30:22:8e:32:70:78:c3:fc:e2:6f:83:cd:8e:96:
b7:d6:53:14:2a:a5:62:45:40:f9:0b:d7:58:8f:07:
61:b8:de:b2:6c:a5:2d:de:e5:6c:84:cc:bb:52:e7:
eb:11:eb:06:6d:32:18:91:f2:1c:ba:bc:52:03:54:
8f:34:31:f3:2b:07:76:e1:bd:bd:c5:ab:67:64:57:
b8:9e:ff:d3:42:4a:98:5f:18:6f:3e:b4:3d:26:c6:
c5:80:9c:54:7e:c5:a9:e7:90:c7:fd:1f:57:e4:25:
8e:47:74:b4:4f:cc:6d:c4:71:20:5d:c1:7c:50:71:
a2:1c:13:cd:f0:d0:90:2e:55:15:8b:1e:07:23:db:
3d:b9:50:aa:20:cf:32:fb:61:47:27:34:f2:ad:d9:
10:8d:fb:3e:a6:cc:a3:b0:0f:ee:c8:9e:ea:5f:91:
e1:0b:8f:7d:a3:60:aa:0a:7b:39:ea:0e:ca:f6:87:
b3:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:F3:53:49:22:AB:A3:BC:B1:60:B3:8B:67:86:47:BA:92:4E:2C:31
X509v3 Authority Key Identifier:
keyid:D0:A1:DB:46:6C:F8:08:20:62:93:D0:7E:65:F2:12:1F:EB:49:A3:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0KHbRmz4CCBik9B-ZfISH-tJoz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/11cdac-6411-454d-b973-4762b010ef1e/1/0KHbRmz4CCBik9B-ZfISH-tJoz4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/11cdac-6411-454d-b973-4762b010ef1e/1/0KHbRmz4CCBik9B-ZfISH-tJoz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
85:ed:69:e2:9d:d2:cb:99:7f:4c:b7:c1:f6:54:4c:24:f1:a5:
95:1e:97:d8:7d:d6:dd:67:47:48:4e:28:3f:20:71:39:ca:46:
e4:2e:06:cc:be:e1:df:23:01:9a:76:6b:02:87:b0:3a:18:d0:
89:4b:51:fe:d5:ba:56:1a:4d:79:97:8f:56:8d:67:24:d6:a5:
8a:99:c1:90:51:12:30:ee:18:03:ef:af:02:44:51:99:2c:6d:
be:33:85:01:ed:eb:2a:81:a0:66:4a:9b:a8:5f:52:dd:74:de:
f5:2c:07:2f:81:c2:fc:d9:5d:6f:c2:7c:88:23:0e:dd:5f:e5:
57:4f:cb:20:a9:24:c0:aa:0d:1a:de:08:40:e7:ac:3c:f3:29:
5f:83:39:9e:a6:48:13:bb:d3:8e:14:26:f9:15:d6:95:4f:6e:
62:7d:74:6d:7b:92:19:59:a7:42:f2:4b:9c:15:5c:2b:9c:81:
7b:bf:ae:0e:41:db:c1:77:bd:95:ab:c8:63:3f:c8:cb:6e:ed:
45:ae:a7:cf:82:56:88:2f:9e:dd:9b:cd:a4:7e:e4:bd:58:f9:
6e:62:e7:0d:1b:50:d5:80:50:97:ef:8b:77:a1:d4:c5:1c:ee:
ce:f6:35:c8:4b:ff:e7:fc:20:27:59:c9:07:e3:03:b3:94:b3:
4b:43:bb:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36i3QvH5K6Pm93qk+FmtCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwYTFkYjQ2NmNmODA4MjA2MjkzZDA3ZTY1ZjIxMjFmZWI0
OWEzM2UwHhcNMjUwNjI4MTkwMTA3WhcNMjUwNjI5MTkwMTA3WjAzMTEwLwYDVQQD
Eyg4OGYzNTM0OTIyYWJhM2JjYjE2MGIzOGI2Nzg2NDdiYTkyNGUyYzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6uv0SkwuKSByb9esI8zz+JeObi+r
VQeZDcFbERU6knckMYnQeeN4quAYJjOv2+hncHIELeiN6Vr92ZC22sDyv/Vyt715
z5wSG6c9MCKOMnB4w/zib4PNjpa31lMUKqViRUD5C9dYjwdhuN6ybKUt3uVshMy7
UufrEesGbTIYkfIcurxSA1SPNDHzKwd24b29xatnZFe4nv/TQkqYXxhvPrQ9JsbF
gJxUfsWp55DH/R9X5CWOR3S0T8xtxHEgXcF8UHGiHBPN8NCQLlUVix4HI9s9uVCq
IM8y+2FHJzTyrdkQjfs+psyjsA/uyJ7qX5HhC499o2CqCns56g7K9oezDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIjzU0kiq6O8sWCzi2eGR7qSTiwxMB8GA1UdIwQY
MBaAFNCh20Zs+AggYpPQfmXyEh/rSaM+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEtIYlJtejRDQ0JpazlCLVpmSVNILXRKb3o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8xMWNkYWMtNjQxMS00NTRkLWI5NzMt
NDc2MmIwMTBlZjFlLzEvMEtIYlJtejRDQ0JpazlCLVpmSVNILXRKb3o0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8xMWNkYWMtNjQxMS00NTRkLWI5NzMtNDc2MmIwMTBlZjFl
LzEvMEtIYlJtejRDQ0JpazlCLVpmSVNILXRKb3o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhe1p4p3S
y5l/TLfB9lRMJPGllR6X2H3W3WdHSE4oPyBxOcpG5C4GzL7h3yMBmnZrAoewOhjQ
iUtR/tW6VhpNeZePVo1nJNalipnBkFESMO4YA++vAkRRmSxtvjOFAe3rKoGgZkqb
qF9S3XTe9SwHL4HC/Nldb8J8iCMO3V/lV0/LIKkkwKoNGt4IQOesPPMpX4M5nqZI
E7vTjhQm+RXWlU9uYn10bXuSGVmnQvJLnBVcK5yBe7+uDkHbwXe9lavIYz/Iy27t
Ra6nz4JWiC+e3ZvNpH7kvVj5bmLnDRtQ1YBQl++Ld6HUxRzuzvY1yEv/5/wgJ1nJ
B+MDs5SzS0O78Q==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:25:30 2025 by rpki-client