Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
File: v99XKOyr1W70Y3NWlVhmylRoaRo.mft (raw, json)
Hash identifier: TpxBwp1jbk4GrYjMF63x8dq7nctnrSbolm/Eedths4Q=
Subject key identifier: B0:FC:45:B2:3A:06:5E:D7:8F:10:7D:4C:E2:45:DC:DD:4E:1C:B9:B1
Authority key identifier: BF:DF:57:28:EC:AB:D5:6E:F4:63:73:56:95:58:66:CA:54:68:69:1A
Certificate issuer: /CN=bfdf5728ecabd56ef4637356955866ca5468691a
Certificate serial: 0196C45E01A143C7928E2E48164099B15C65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
Manifest number: 015A
Signing time: Mon 12 May 2025 12:00:17 +0000
Manifest this update: Mon 12 May 2025 12:00:17 +0000
Manifest next update: Tue 13 May 2025 12:00:17 +0000
Files and hashes: 1: 5ZRHOA8DDg_XhJ8JjCvhTOGiC1w.roa (hash: eWpgjaoVJC0L+xFRvzTJa/HrtM2zzM7SykfE1sq9g2I=)
2: v99XKOyr1W70Y3NWlVhmylRoaRo.crl (hash: NrOU4boSTEb0OtnR/wLQ4TrFPmqfk7DncaTlcEeVD2o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c4:5e:01:a1:43:c7:92:8e:2e:48:16:40:99:b1:5c:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfdf5728ecabd56ef4637356955866ca5468691a
Validity
Not Before: May 12 12:00:17 2025 GMT
Not After : May 13 12:00:17 2025 GMT
Subject: CN=b0fc45b23a065ed78f107d4ce245dcdd4e1cb9b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ea:1c:04:fa:c3:2c:42:fa:be:79:e0:99:b3:
e7:68:95:a6:0c:c5:9d:fb:cf:12:9f:bc:14:61:8c:
46:ba:b6:30:1a:5a:a6:ad:eb:38:19:a6:19:88:ba:
77:c4:6f:71:ef:de:8c:fe:ea:34:5f:69:66:32:c8:
fb:79:3a:0b:21:c8:19:a7:e1:41:61:9f:64:79:30:
70:41:89:0a:a1:94:20:68:0a:8e:5a:28:99:96:14:
97:98:b4:07:0f:6c:0e:8b:52:0c:58:5c:b7:ee:aa:
00:16:ae:49:d1:20:5f:d5:32:98:5a:38:9d:39:98:
a8:93:f9:07:cc:e1:f6:7a:07:85:89:a8:29:a9:5b:
c2:6f:71:a1:9e:2d:55:03:58:64:c2:87:76:c5:ec:
37:45:f2:21:35:eb:c0:3d:0f:b5:07:27:7f:4d:90:
5b:64:b5:fb:1f:d4:7b:08:6c:f8:bd:64:e4:f3:41:
65:66:cc:a2:79:33:ad:03:96:97:97:36:40:d7:bf:
08:53:d8:c6:d5:a6:bb:73:d8:2c:97:33:3e:5f:12:
b1:2a:1c:3b:d1:87:c4:60:4c:0c:8c:ff:a2:7e:57:
7c:1d:6e:61:ab:6c:22:0d:eb:da:40:7c:36:ce:1b:
99:0b:28:7b:47:77:67:67:52:fd:6a:ad:22:78:a7:
c9:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:FC:45:B2:3A:06:5E:D7:8F:10:7D:4C:E2:45:DC:DD:4E:1C:B9:B1
X509v3 Authority Key Identifier:
keyid:BF:DF:57:28:EC:AB:D5:6E:F4:63:73:56:95:58:66:CA:54:68:69:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
47:8b:89:2e:54:e9:09:e9:cd:99:4f:8d:65:0d:4e:ea:76:00:
6d:07:d9:eb:c9:a8:03:18:a3:9f:d0:95:86:7b:73:33:9c:85:
48:12:a3:8d:a7:ad:a3:ec:59:08:40:72:09:21:81:0c:6a:de:
bb:23:24:7d:d2:61:1a:d2:d6:c7:0b:17:51:f7:5e:cf:0e:55:
a6:ba:35:c9:71:1d:12:d2:6c:31:b3:64:d7:b5:43:d4:88:a2:
63:6f:a2:10:46:35:df:30:7f:a9:a8:7e:3e:8c:3c:40:4f:22:
5c:93:bf:87:d5:46:89:b7:87:33:d9:90:ac:8b:ac:6d:81:d0:
49:eb:1c:26:ac:19:e3:32:7f:89:79:6d:d8:00:8a:01:2b:fd:
1f:cb:e4:b9:dc:83:32:0f:51:78:56:80:d7:15:28:6e:57:60:
6e:6c:0c:43:2e:22:0e:21:08:79:cd:f7:23:cc:64:0e:f0:ab:
55:63:fe:e6:29:5d:87:c8:2e:7f:fe:85:b6:87:08:cc:2f:7c:
92:19:09:18:d1:f3:49:6a:14:d9:6c:90:38:44:5d:e5:22:96:
91:e9:fe:1f:d3:ce:91:85:76:e1:05:1e:d6:05:fc:a3:af:cc:
00:88:65:22:a4:e5:29:d9:d8:76:98:1e:ca:ca:ef:07:b7:04:
5f:d5:41:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbEXgGhQ8eSji5IFkCZsVxlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZGY1NzI4ZWNhYmQ1NmVmNDYzNzM1Njk1NTg2NmNhNTQ2
ODY5MWEwHhcNMjUwNTEyMTIwMDE3WhcNMjUwNTEzMTIwMDE3WjAzMTEwLwYDVQQD
EyhiMGZjNDViMjNhMDY1ZWQ3OGYxMDdkNGNlMjQ1ZGNkZDRlMWNiOWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuocBPrDLEL6vnngmbPnaJWmDMWd
+88Sn7wUYYxGurYwGlqmres4GaYZiLp3xG9x796M/uo0X2lmMsj7eToLIcgZp+FB
YZ9keTBwQYkKoZQgaAqOWiiZlhSXmLQHD2wOi1IMWFy37qoAFq5J0SBf1TKYWjid
OZiok/kHzOH2egeFiagpqVvCb3Ghni1VA1hkwod2xew3RfIhNevAPQ+1Byd/TZBb
ZLX7H9R7CGz4vWTk80FlZsyieTOtA5aXlzZA178IU9jG1aa7c9gslzM+XxKxKhw7
0YfEYEwMjP+ifld8HW5hq2wiDevaQHw2zhuZCyh7R3dnZ1L9aq0ieKfJ/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLD8RbI6Bl7XjxB9TOJF3N1OHLmxMB8GA1UdIwQY
MBaAFL/fVyjsq9Vu9GNzVpVYZspUaGkaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9mY2YzMjItMTdjMS00ZjQwLWE2MTgt
YmQxNGQzNDRiYmYyLzEvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9mY2YzMjItMTdjMS00ZjQwLWE2MTgtYmQxNGQzNDRiYmYy
LzEvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR4uJLlTp
CenNmU+NZQ1O6nYAbQfZ68moAxijn9CVhntzM5yFSBKjjaeto+xZCEByCSGBDGre
uyMkfdJhGtLWxwsXUfdezw5Vpro1yXEdEtJsMbNk17VD1IiiY2+iEEY13zB/qah+
Pow8QE8iXJO/h9VGibeHM9mQrIusbYHQSescJqwZ4zJ/iXlt2ACKASv9H8vkudyD
Mg9ReFaA1xUobldgbmwMQy4iDiEIec33I8xkDvCrVWP+5ildh8guf/6FtocIzC98
khkJGNHzSWoU2WyQOERd5SKWken+H9POkYV24QUe1gX8o6/MAIhlIqTlKdnYdpge
ysrvB7cEX9VBVw==
-----END CERTIFICATE-----
Generated at Mon May 12 18:58:54 2025 by rpki-client