Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft
File: imgZHKtu8GsyKwsSSHhdSEpFJPM.mft (raw, json)
Hash identifier: Teoo+61lfax/G5e+rAwWnAtoRMxJzJHTKXYTDnrVnhw=
Subject key identifier: D4:92:02:61:19:9C:FD:73:39:EB:48:51:31:00:4E:F5:A6:E2:27:BF
Authority key identifier: 8A:68:19:1C:AB:6E:F0:6B:32:2B:0B:12:48:78:5D:48:4A:45:24:F3
Certificate issuer: /CN=8a68191cab6ef06b322b0b1248785d484a4524f3
Certificate serial: 0197C493CC518003F7B12C68D2B805F0E64F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft
Manifest number: 100B
Signing time: Tue 01 Jul 2025 06:01:49 +0000
Manifest this update: Tue 01 Jul 2025 06:01:49 +0000
Manifest next update: Wed 02 Jul 2025 06:01:49 +0000
Files and hashes: 1: U8GRHKScYdSNdnB2mr1xryjNCyA.roa (hash: gCSVLFeQA2Qb3RyGGtdWNAIaM4Y9u0sDXVDglP6HH5k=)
2: imgZHKtu8GsyKwsSSHhdSEpFJPM.crl (hash: PhkWD0jmmeB+YVMIM95VRPhomQ/LANOmoIAOSjpXZxk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft
rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 06:01:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c4:93:cc:51:80:03:f7:b1:2c:68:d2:b8:05:f0:e6:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a68191cab6ef06b322b0b1248785d484a4524f3
Validity
Not Before: Jul 1 06:01:49 2025 GMT
Not After : Jul 2 06:01:49 2025 GMT
Subject: CN=d4920261199cfd7339eb485131004ef5a6e227bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:7c:ac:4a:a2:5f:a5:80:4c:c5:74:e1:4b:64:
6b:84:7d:7b:4b:2a:b8:73:09:cb:10:1a:e9:e0:6a:
c6:19:cb:4a:a0:82:92:47:b6:04:54:f2:86:96:b7:
95:1d:b4:b4:a3:69:56:d8:77:82:c6:cc:de:09:9c:
92:5f:c6:9f:32:03:fb:14:de:12:a2:fe:92:74:36:
d4:b3:3f:a8:96:a0:5b:80:13:03:1a:74:ef:35:66:
89:78:cc:a9:a3:d2:ba:f8:26:f7:9c:1f:d7:42:2c:
25:2a:3b:5f:aa:0a:18:96:1b:5c:29:0a:00:72:ab:
33:db:5b:08:43:11:6d:0f:5b:e9:d8:27:b8:93:1e:
4d:56:a6:f5:1b:ab:ac:16:b9:20:8d:99:44:9d:18:
a1:de:69:4a:77:f3:77:ac:bd:d2:6f:8e:e5:ad:1c:
a5:e5:0a:83:6d:64:8c:6e:af:e6:f3:8d:3d:fe:ac:
e7:bd:4e:18:38:48:35:f1:c1:fe:ed:d7:b7:c7:51:
9d:18:f1:a7:ef:98:81:2e:63:80:50:46:85:7d:f9:
59:b7:ff:c5:93:ae:e7:1e:52:50:72:bb:6b:6b:73:
a5:87:84:ae:67:50:13:7a:d6:2e:e3:d9:ec:15:7b:
d5:e6:b2:c1:70:45:b8:4d:15:02:7a:89:6e:dd:8b:
1e:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:92:02:61:19:9C:FD:73:39:EB:48:51:31:00:4E:F5:A6:E2:27:BF
X509v3 Authority Key Identifier:
keyid:8A:68:19:1C:AB:6E:F0:6B:32:2B:0B:12:48:78:5D:48:4A:45:24:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
53:8f:e6:c8:9d:55:e1:ca:05:f1:32:d4:59:a5:a6:00:a5:51:
95:c9:e2:d4:01:eb:ed:22:94:88:2f:6a:b9:be:ae:4b:49:e0:
59:26:2f:94:2d:c5:7c:b9:58:f6:c5:db:9e:c0:ca:86:c2:2d:
99:c0:8a:7e:54:b6:9b:99:a2:1c:bd:a6:62:44:38:1a:97:3b:
12:7f:7d:62:0e:4e:a7:fc:bd:49:06:b9:6b:f5:a1:e2:01:d8:
a9:aa:db:46:8f:f3:78:d0:77:16:61:1f:2b:0e:8c:b6:b0:7e:
e6:f9:01:89:ad:77:64:e3:89:f6:c5:89:24:8b:a5:e5:c9:12:
bd:e6:8b:1e:92:65:aa:a6:37:07:c5:69:87:f8:14:ab:f9:e5:
d6:69:48:4c:e1:9d:f9:62:f3:3f:84:74:a8:71:de:75:d4:55:
84:08:ff:d5:45:46:4f:43:ee:0c:1f:a5:af:0c:96:5a:90:fa:
7f:97:cc:f5:1b:59:e9:c6:06:37:94:d3:19:cd:49:73:64:97:
92:3c:36:28:20:cc:b3:77:d6:76:01:f3:9d:52:aa:0c:16:f8:
4b:de:d3:84:fb:c9:5d:59:af:63:42:b8:45:16:aa:63:c8:21:
38:08:0e:d8:f0:58:bf:48:98:77:ea:ee:14:c4:dd:e8:36:88:
3e:50:47:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfEk8xRgAP3sSxo0rgF8OZPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNjgxOTFjYWI2ZWYwNmIzMjJiMGIxMjQ4Nzg1ZDQ4NGE0
NTI0ZjMwHhcNMjUwNzAxMDYwMTQ5WhcNMjUwNzAyMDYwMTQ5WjAzMTEwLwYDVQQD
EyhkNDkyMDI2MTE5OWNmZDczMzllYjQ4NTEzMTAwNGVmNWE2ZTIyN2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3ysSqJfpYBMxXThS2RrhH17Syq4
cwnLEBrp4GrGGctKoIKSR7YEVPKGlreVHbS0o2lW2HeCxszeCZySX8afMgP7FN4S
ov6SdDbUsz+olqBbgBMDGnTvNWaJeMypo9K6+Cb3nB/XQiwlKjtfqgoYlhtcKQoA
cqsz21sIQxFtD1vp2Ce4kx5NVqb1G6usFrkgjZlEnRih3mlKd/N3rL3Sb47lrRyl
5QqDbWSMbq/m8409/qznvU4YOEg18cH+7de3x1GdGPGn75iBLmOAUEaFfflZt//F
k67nHlJQcrtra3Olh4SuZ1ATetYu49nsFXvV5rLBcEW4TRUCeolu3Yse4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNSSAmEZnP1zOetIUTEATvWm4ie/MB8GA1UdIwQY
MBaAFIpoGRyrbvBrMisLEkh4XUhKRSTzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW1nWkhLdHU4R3N5S3dzU1NIaGRTRXBGSlBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lM2VlOGQtZTQ1OS00ZjQ3LWI3NWQt
OTcxMTdlZWI0ODkxLzEvaW1nWkhLdHU4R3N5S3dzU1NIaGRTRXBGSlBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lM2VlOGQtZTQ1OS00ZjQ3LWI3NWQtOTcxMTdlZWI0ODkx
LzEvaW1nWkhLdHU4R3N5S3dzU1NIaGRTRXBGSlBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU4/myJ1V
4coF8TLUWaWmAKVRlcni1AHr7SKUiC9qub6uS0ngWSYvlC3FfLlY9sXbnsDKhsIt
mcCKflS2m5miHL2mYkQ4Gpc7En99Yg5Op/y9SQa5a/Wh4gHYqarbRo/zeNB3FmEf
Kw6MtrB+5vkBia13ZOOJ9sWJJIul5ckSveaLHpJlqqY3B8Vph/gUq/nl1mlITOGd
+WLzP4R0qHHeddRVhAj/1UVGT0PuDB+lrwyWWpD6f5fM9RtZ6cYGN5TTGc1Jc2SX
kjw2KCDMs3fWdgHznVKqDBb4S97ThPvJXVmvY0K4RRaqY8ghOAgO2PBYv0iYd+ru
FMTd6DaIPlBHHg==
-----END CERTIFICATE-----
Generated at Tue Jul 1 16:05:22 2025 by rpki-client