Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
File: i5HgoQS1s93x9dCOessreeDVZvk.mft (raw, json)
Hash identifier: 5vPByDaJUoD+wZei4GxuusN7XoUDn2vnEYWI6yWKRLA=
Subject key identifier: 2D:1E:C6:92:F7:16:FF:C5:DE:C3:98:AB:33:49:82:72:AC:82:90:31
Authority key identifier: 8B:91:E0:A1:04:B5:B3:DD:F1:F5:D0:8E:7A:CB:2B:79:E0:D5:66:F9
Certificate issuer: /CN=8b91e0a104b5b3ddf1f5d08e7acb2b79e0d566f9
Certificate serial: 0197B88EE8DF30B196FE29E70F157C03CA64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i5HgoQS1s93x9dCOessreeDVZvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
Manifest number: 0FC1
Signing time: Sat 28 Jun 2025 22:01:02 +0000
Manifest this update: Sat 28 Jun 2025 22:01:02 +0000
Manifest next update: Sun 29 Jun 2025 22:01:02 +0000
Files and hashes: 1: KwomHtAHnCM0D-yGdW_0Sf3mopc.roa (hash: nJuUP0j6H239g1R7GMJyKq0zviXnK+AhK7Q4U43dyg4=)
2: ZYlcf7X6lFUqPdlZgjx7h6pY7f0.roa (hash: Z91lhusvfId6xXTKVa6gm5qmkQJNcO8M7YoIqY37LFU=)
3: i5HgoQS1s93x9dCOessreeDVZvk.crl (hash: kkBi+hmItO4l/QKpkTh6hbMGmsuiuyU3UXYVckwwqZg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/i5HgoQS1s93x9dCOessreeDVZvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 22:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b8:8e:e8:df:30:b1:96:fe:29:e7:0f:15:7c:03:ca:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b91e0a104b5b3ddf1f5d08e7acb2b79e0d566f9
Validity
Not Before: Jun 28 22:01:02 2025 GMT
Not After : Jun 29 22:01:02 2025 GMT
Subject: CN=2d1ec692f716ffc5dec398ab33498272ac829031
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:38:fd:50:c1:0c:b7:f2:b5:9f:ff:c4:4d:98:
4a:78:5b:8a:82:65:e3:93:2f:86:c1:19:63:a1:5e:
16:fd:65:6e:82:7b:49:08:74:36:7a:df:c5:b7:35:
7e:ee:eb:c9:4d:d8:63:d1:60:a0:b2:29:47:b0:4d:
70:e7:81:41:fa:d3:57:1c:75:e2:e6:dc:17:d2:2f:
a8:af:d3:d9:14:aa:21:27:f5:49:67:c4:dc:7c:40:
36:e2:e3:c2:11:72:6c:2c:f1:49:3c:0f:6e:a3:97:
d0:c3:ae:8d:6e:06:88:73:70:04:20:d9:c5:13:9b:
68:f2:59:49:5b:6b:07:5d:1e:74:58:4f:71:02:e5:
48:6d:2a:02:4a:6e:54:bc:e9:8e:dc:f5:3b:1a:95:
e8:b7:4a:4a:3d:75:41:9f:6b:53:0d:b4:d6:51:4f:
30:1e:e1:c9:8b:32:29:1b:f5:e3:f1:9a:72:48:50:
94:be:60:28:e7:37:7e:32:33:58:a5:1c:89:c6:18:
90:14:a2:ae:2f:94:e2:ad:df:c6:a2:4e:3d:24:ad:
db:1a:4e:ff:63:79:f9:80:1e:5b:aa:01:3c:84:07:
94:bd:b4:0a:4c:02:0f:ea:04:db:c8:88:dd:65:9b:
ec:a0:97:80:07:1e:0a:20:2f:d4:ca:01:bd:45:98:
13:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:1E:C6:92:F7:16:FF:C5:DE:C3:98:AB:33:49:82:72:AC:82:90:31
X509v3 Authority Key Identifier:
keyid:8B:91:E0:A1:04:B5:B3:DD:F1:F5:D0:8E:7A:CB:2B:79:E0:D5:66:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i5HgoQS1s93x9dCOessreeDVZvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
df:29:08:6d:fb:74:56:6d:53:15:5f:89:25:e5:42:4d:a5:a3:
9f:bf:3b:8c:a2:b2:b8:a5:76:77:3c:4d:c2:53:fb:42:f5:9c:
e8:05:92:d7:f7:34:fe:bf:92:98:e5:11:97:55:6c:f0:4f:62:
09:94:0f:5d:61:e7:4c:07:15:df:78:62:3f:2e:0c:f0:3a:aa:
9d:f2:20:12:65:4f:67:ed:f9:b0:ad:85:05:ff:32:51:56:11:
4e:b8:d2:83:69:79:5f:ff:3e:44:a4:37:14:9b:de:76:40:ab:
14:9f:eb:52:49:b6:0e:c4:30:d6:d2:2f:e1:c6:f2:96:e8:33:
3e:3e:42:c7:48:d8:c1:b9:46:82:fa:9f:e5:97:70:23:e7:d1:
6a:ef:61:bc:1f:ed:db:15:ff:61:8a:8f:86:f9:8c:d3:7d:d0:
f8:9f:ca:24:cd:59:5d:f4:eb:17:58:54:ce:f6:4d:db:b0:94:
b9:0d:05:a2:8f:d4:57:6e:f0:59:00:82:f8:38:f4:21:7d:0e:
ac:9b:cd:89:8f:ec:58:fb:ad:d9:05:9e:2f:3e:20:2f:de:0f:
8c:92:d8:65:c7:e5:56:27:a2:de:46:dd:27:bb:1d:e5:62:53:
f8:4e:1f:1a:44:0c:e5:81:da:37:aa:35:39:a9:75:4b:3a:3c:
fd:95:76:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4jujfMLGW/innDxV8A8pkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiOTFlMGExMDRiNWIzZGRmMWY1ZDA4ZTdhY2IyYjc5ZTBk
NTY2ZjkwHhcNMjUwNjI4MjIwMTAyWhcNMjUwNjI5MjIwMTAyWjAzMTEwLwYDVQQD
EygyZDFlYzY5MmY3MTZmZmM1ZGVjMzk4YWIzMzQ5ODI3MmFjODI5MDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDj9UMEMt/K1n//ETZhKeFuKgmXj
ky+GwRljoV4W/WVugntJCHQ2et/FtzV+7uvJTdhj0WCgsilHsE1w54FB+tNXHHXi
5twX0i+or9PZFKohJ/VJZ8TcfEA24uPCEXJsLPFJPA9uo5fQw66NbgaIc3AEINnF
E5to8llJW2sHXR50WE9xAuVIbSoCSm5UvOmO3PU7GpXot0pKPXVBn2tTDbTWUU8w
HuHJizIpG/Xj8ZpySFCUvmAo5zd+MjNYpRyJxhiQFKKuL5Tird/Gok49JK3bGk7/
Y3n5gB5bqgE8hAeUvbQKTAIP6gTbyIjdZZvsoJeABx4KIC/UygG9RZgT6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC0expL3Fv/F3sOYqzNJgnKsgpAxMB8GA1UdIwQY
MBaAFIuR4KEEtbPd8fXQjnrLK3ng1Wb5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTVIZ29RUzFzOTN4OWRDT2Vzc3JlZURWWnZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9kZmJmYzQtY2MzZi00NzdjLThkNzYt
YThjNTc2MjI0YmEyLzEvaTVIZ29RUzFzOTN4OWRDT2Vzc3JlZURWWnZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9kZmJmYzQtY2MzZi00NzdjLThkNzYtYThjNTc2MjI0YmEy
LzEvaTVIZ29RUzFzOTN4OWRDT2Vzc3JlZURWWnZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA3ykIbft0
Vm1TFV+JJeVCTaWjn787jKKyuKV2dzxNwlP7QvWc6AWS1/c0/r+SmOURl1Vs8E9i
CZQPXWHnTAcV33hiPy4M8DqqnfIgEmVPZ+35sK2FBf8yUVYRTrjSg2l5X/8+RKQ3
FJvedkCrFJ/rUkm2DsQw1tIv4cbylugzPj5Cx0jYwblGgvqf5ZdwI+fRau9hvB/t
2xX/YYqPhvmM033Q+J/KJM1ZXfTrF1hUzvZN27CUuQ0Foo/UV27wWQCC+Dj0IX0O
rJvNiY/sWPut2QWeLz4gL94PjJLYZcflViei3kbdJ7sd5WJT+E4fGkQM5YHaN6o1
Oal1Szo8/ZV2hQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 06:07:34 2025 by rpki-client