Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft
File: u0WFtGeSNzbELHly4QQvGy4w3GY.mft (raw, json)
Hash identifier: TAz8OyAQlDNzci1PoAeiBPsHjTrFl5j0Z6RfUjVBdu8=
Subject key identifier: F6:83:45:09:86:0A:AC:C0:88:3D:49:7D:ED:8B:AE:C1:59:B1:82:05
Authority key identifier: BB:45:85:B4:67:92:37:36:C4:2C:79:72:E1:04:2F:1B:2E:30:DC:66
Certificate issuer: /CN=bb4585b467923736c42c7972e1042f1b2e30dc66
Certificate serial: 0197B6A12805142F56DD33ACEF2B98096807
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft
Manifest number: 15B3
Signing time: Sat 28 Jun 2025 13:01:44 +0000
Manifest this update: Sat 28 Jun 2025 13:01:44 +0000
Manifest next update: Sun 29 Jun 2025 13:01:44 +0000
Files and hashes: 1: u0WFtGeSNzbELHly4QQvGy4w3GY.crl (hash: 9PgSuIOgc55zPQMHbACaIqIWhgXeiCiekgOzwDYDYA0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft
rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 13:01:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b6:a1:28:05:14:2f:56:dd:33:ac:ef:2b:98:09:68:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb4585b467923736c42c7972e1042f1b2e30dc66
Validity
Not Before: Jun 28 13:01:44 2025 GMT
Not After : Jun 29 13:01:44 2025 GMT
Subject: CN=f6834509860aacc0883d497ded8baec159b18205
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:bb:d3:a4:4b:12:6d:5e:e6:4b:52:aa:09:42:
35:43:91:d3:54:60:89:de:b1:37:11:8b:5a:f1:88:
14:1d:75:8c:81:2b:12:0f:de:b3:09:d3:0b:a6:fe:
04:e7:e1:0b:3a:f6:59:aa:38:9c:7b:59:e1:95:06:
17:25:3c:8a:02:30:60:64:c6:84:c7:e4:3f:94:88:
15:06:c8:41:d0:76:12:b7:63:6f:48:13:26:48:d7:
02:80:ab:a3:5c:98:3b:97:47:a7:6c:6a:c1:a2:02:
6a:a4:91:da:5f:07:44:78:d2:1b:4c:20:06:ef:6c:
ba:40:b2:cd:39:ee:6a:70:fb:aa:4e:dd:73:5d:85:
35:81:7a:43:bf:ad:d0:a0:da:53:5f:7d:d3:ab:2d:
02:83:25:c4:44:92:67:02:c1:1d:86:83:45:c6:31:
46:80:f5:12:68:b8:94:68:e4:36:21:5b:51:d9:4b:
2f:e1:74:63:42:0a:f0:6b:5c:bf:83:8f:96:81:2b:
26:ff:08:b9:99:30:6c:87:c0:00:d4:d2:a1:81:cd:
bf:e9:7a:ba:0d:89:d7:f0:5e:c3:eb:59:3f:23:fc:
ba:64:24:0c:49:c6:c6:62:09:b2:0e:e9:fb:37:c1:
be:c1:7e:f5:09:f4:8b:df:ad:9e:50:76:4f:fa:eb:
e8:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:83:45:09:86:0A:AC:C0:88:3D:49:7D:ED:8B:AE:C1:59:B1:82:05
X509v3 Authority Key Identifier:
keyid:BB:45:85:B4:67:92:37:36:C4:2C:79:72:E1:04:2F:1B:2E:30:DC:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:1b:89:ac:2f:9e:2f:01:de:54:97:6c:1c:dd:8e:31:38:99:
93:60:0b:1b:23:e3:c0:1a:3a:22:ef:93:6e:c8:7f:1d:e9:da:
33:f4:5d:db:01:0a:37:8f:57:49:92:4e:75:f3:60:44:1b:22:
d0:41:93:a9:a8:a4:ca:44:65:98:06:b1:6e:f5:4e:39:15:c5:
cc:b9:c0:cc:d1:56:09:8b:05:b0:79:86:81:ba:c8:4c:fd:62:
6a:86:bb:91:dd:b0:bb:ea:a9:d3:a6:25:f7:80:4d:49:71:3b:
11:76:09:42:da:c6:89:48:18:d6:32:e2:f6:af:ae:dc:70:b8:
51:d6:bd:52:c9:7b:e0:42:68:39:3b:cf:58:50:b6:2e:b6:49:
cc:52:99:87:8c:c8:eb:78:80:db:4b:5f:35:4e:e3:dc:36:23:
a6:eb:98:b2:e3:6a:aa:ed:1a:f6:46:32:0f:6e:8c:dc:6f:60:
f7:13:be:55:55:30:ff:6c:f4:74:59:40:9f:35:fd:b5:22:e8:
fb:40:f5:33:e5:48:cd:e8:5b:49:78:33:b0:1d:fa:23:6c:bb:
73:4a:e1:8b:eb:0b:a6:ed:b0:8f:e6:6b:e6:87:5c:bf:37:45:
a3:6d:b6:ec:18:ff:52:b8:1f:89:c3:03:db:80:37:7c:39:a5:
aa:69:c3:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oSgFFC9W3TOs7yuYCWgHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNDU4NWI0Njc5MjM3MzZjNDJjNzk3MmUxMDQyZjFiMmUz
MGRjNjYwHhcNMjUwNjI4MTMwMTQ0WhcNMjUwNjI5MTMwMTQ0WjAzMTEwLwYDVQQD
EyhmNjgzNDUwOTg2MGFhY2MwODgzZDQ5N2RlZDhiYWVjMTU5YjE4MjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1bvTpEsSbV7mS1KqCUI1Q5HTVGCJ
3rE3EYta8YgUHXWMgSsSD96zCdMLpv4E5+ELOvZZqjice1nhlQYXJTyKAjBgZMaE
x+Q/lIgVBshB0HYSt2NvSBMmSNcCgKujXJg7l0enbGrBogJqpJHaXwdEeNIbTCAG
72y6QLLNOe5qcPuqTt1zXYU1gXpDv63QoNpTX33Tqy0CgyXERJJnAsEdhoNFxjFG
gPUSaLiUaOQ2IVtR2Usv4XRjQgrwa1y/g4+WgSsm/wi5mTBsh8AA1NKhgc2/6Xq6
DYnX8F7D61k/I/y6ZCQMScbGYgmyDun7N8G+wX71CfSL362eUHZP+uvouQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPaDRQmGCqzAiD1Jfe2LrsFZsYIFMB8GA1UdIwQY
MBaAFLtFhbRnkjc2xCx5cuEELxsuMNxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9kY2I4NDYtM2ZhMi00NTdmLTg5ODUt
NjYzODEwMWUzMTliLzEvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9kY2I4NDYtM2ZhMi00NTdmLTg5ODUtNjYzODEwMWUzMTli
LzEvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYBuJrC+e
LwHeVJdsHN2OMTiZk2ALGyPjwBo6Iu+Tbsh/HenaM/Rd2wEKN49XSZJOdfNgRBsi
0EGTqaikykRlmAaxbvVOORXFzLnAzNFWCYsFsHmGgbrITP1iaoa7kd2wu+qp06Yl
94BNSXE7EXYJQtrGiUgY1jLi9q+u3HC4Uda9Usl74EJoOTvPWFC2LrZJzFKZh4zI
63iA20tfNU7j3DYjpuuYsuNqqu0a9kYyD26M3G9g9xO+VVUw/2z0dFlAnzX9tSLo
+0D1M+VIzehbSXgzsB36I2y7c0rhi+sLpu2wj+Zr5odcvzdFo2227Bj/UrgficMD
24A3fDmlqmnDEw==
-----END CERTIFICATE-----
Generated at Sat Jun 28 22:36:47 2025 by rpki-client