Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/33d226-7c43-4c83-94ad-218289d81c53/1/immKFPthpoevCmP3xlXAAfZwEoI.mft
File: immKFPthpoevCmP3xlXAAfZwEoI.mft (raw, json)
Hash identifier: b2l2Yj7ZgTIicG8oUKTG9QnjrixZlMtBHBy3UibG6RE=
Subject key identifier: 15:9C:9D:4D:F3:DA:8D:3B:28:36:6E:45:D7:D4:81:AE:4A:DE:FA:61
Authority key identifier: 8A:69:8A:14:FB:61:A6:87:AF:0A:63:F7:C6:55:C0:01:F6:70:12:82
Certificate issuer: /CN=8a698a14fb61a687af0a63f7c655c001f6701282
Certificate serial: 0197CCF125CA954AE098C4506D7DD0B170CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/immKFPthpoevCmP3xlXAAfZwEoI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/33d226-7c43-4c83-94ad-218289d81c53/1/immKFPthpoevCmP3xlXAAfZwEoI.mft
Manifest number: 035A
Signing time: Wed 02 Jul 2025 21:00:45 +0000
Manifest this update: Wed 02 Jul 2025 21:00:45 +0000
Manifest next update: Thu 03 Jul 2025 21:00:45 +0000
Files and hashes: 1: P1m93kQnbl9hCPZ7gjvBSz2QduY.roa (hash: Vw3jwkUFPb+4FTO/pTKFTwQSjK1reP+BMicWKiuZXfs=)
2: immKFPthpoevCmP3xlXAAfZwEoI.crl (hash: W/rN/JkaN50WnCPHoR6G+l9zEEyM9NM3I1FjMjzrbFY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/33d226-7c43-4c83-94ad-218289d81c53/1/immKFPthpoevCmP3xlXAAfZwEoI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/33d226-7c43-4c83-94ad-218289d81c53/1/immKFPthpoevCmP3xlXAAfZwEoI.mft
rsync://rpki.ripe.net/repository/DEFAULT/immKFPthpoevCmP3xlXAAfZwEoI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 20:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cc:f1:25:ca:95:4a:e0:98:c4:50:6d:7d:d0:b1:70:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a698a14fb61a687af0a63f7c655c001f6701282
Validity
Not Before: Jul 2 21:00:45 2025 GMT
Not After : Jul 3 21:00:45 2025 GMT
Subject: CN=159c9d4df3da8d3b28366e45d7d481ae4adefa61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e1:f3:20:5a:c8:a6:38:1f:c6:f6:66:2e:fd:
1d:78:95:4e:c2:ae:33:37:40:4a:92:99:ee:90:66:
31:71:7f:69:d6:d3:33:49:87:9f:ff:cb:c4:74:33:
a4:ce:42:3c:1f:6e:de:be:32:43:cb:65:47:1a:5b:
f9:4a:6d:56:1e:4d:3e:2a:f2:37:af:7f:8f:0e:47:
19:26:4f:89:7d:41:5c:0c:04:72:a2:32:ba:43:1b:
d3:b4:3a:4d:26:6f:06:f4:2e:d9:61:95:d7:df:3b:
77:8f:46:50:9a:08:6d:5f:28:f7:19:2c:98:18:da:
4a:a1:39:39:30:2e:c4:59:23:9a:7c:89:f4:7a:76:
5b:94:b1:b3:b1:ab:19:35:62:42:7f:9d:86:d8:d9:
3b:82:28:a6:3f:cd:26:8c:89:2b:6c:ba:82:09:76:
9a:cf:85:57:17:30:60:5a:db:9c:3a:1f:6d:26:ea:
61:69:69:1b:84:72:3f:32:1b:1e:1a:13:19:4f:59:
66:4b:b7:40:72:85:2f:c8:01:b7:e8:1f:ec:91:74:
c0:c8:f8:3f:3e:21:1d:19:dc:48:ac:63:2d:4a:ee:
99:a4:64:7c:c6:c1:d7:ab:c7:1a:6d:e0:b3:50:d6:
b8:eb:69:aa:ed:39:3b:24:a0:d6:21:a3:c9:7b:58:
70:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:9C:9D:4D:F3:DA:8D:3B:28:36:6E:45:D7:D4:81:AE:4A:DE:FA:61
X509v3 Authority Key Identifier:
keyid:8A:69:8A:14:FB:61:A6:87:AF:0A:63:F7:C6:55:C0:01:F6:70:12:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/immKFPthpoevCmP3xlXAAfZwEoI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/33d226-7c43-4c83-94ad-218289d81c53/1/immKFPthpoevCmP3xlXAAfZwEoI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/33d226-7c43-4c83-94ad-218289d81c53/1/immKFPthpoevCmP3xlXAAfZwEoI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ca:1b:87:2c:14:75:e1:02:e9:68:f5:42:9b:47:4c:24:31:d6:
b4:c6:cb:c9:61:96:08:d3:66:77:a7:bd:68:e9:65:49:6d:79:
95:5e:a9:a5:17:78:85:94:52:aa:d2:83:0b:e8:26:83:15:1c:
2c:66:e5:85:35:18:2c:b0:39:e8:2e:95:5e:35:46:f7:2d:1a:
5c:de:85:33:ef:f5:90:87:66:6c:a9:6b:ff:5d:b3:f4:05:e0:
1b:e7:9a:33:c6:6d:e8:4e:6c:b7:c1:da:d5:2b:fa:76:90:14:
f7:85:84:c2:98:9b:2a:60:c9:5d:bc:55:0f:a8:0b:77:b0:80:
ce:9b:a9:8d:d9:a6:7b:1e:3a:d6:92:c1:e5:15:5a:2f:ba:b2:
62:d0:10:a8:3a:09:33:86:a8:a0:e6:04:b5:ae:20:db:21:39:
59:cf:5b:5b:99:37:f0:69:cb:14:b9:d1:6b:27:b1:60:3f:62:
65:a3:28:8b:c5:5f:03:50:15:cf:6a:f1:75:4a:55:9b:96:a8:
e8:37:25:c0:b8:06:23:34:a4:5c:94:f6:85:d9:7d:ae:51:f0:
09:32:71:6d:9a:a8:83:4b:56:25:ce:d3:7f:6e:89:b5:10:76:
b8:ca:b4:80:4b:73:09:63:3c:54:7a:07:d9:8b:6a:8b:f4:be:
12:b5:e8:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfM8SXKlUrgmMRQbX3QsXDKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNjk4YTE0ZmI2MWE2ODdhZjBhNjNmN2M2NTVjMDAxZjY3
MDEyODIwHhcNMjUwNzAyMjEwMDQ1WhcNMjUwNzAzMjEwMDQ1WjAzMTEwLwYDVQQD
EygxNTljOWQ0ZGYzZGE4ZDNiMjgzNjZlNDVkN2Q0ODFhZTRhZGVmYTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkeHzIFrIpjgfxvZmLv0deJVOwq4z
N0BKkpnukGYxcX9p1tMzSYef/8vEdDOkzkI8H27evjJDy2VHGlv5Sm1WHk0+KvI3
r3+PDkcZJk+JfUFcDARyojK6QxvTtDpNJm8G9C7ZYZXX3zt3j0ZQmghtXyj3GSyY
GNpKoTk5MC7EWSOafIn0enZblLGzsasZNWJCf52G2Nk7giimP80mjIkrbLqCCXaa
z4VXFzBgWtucOh9tJuphaWkbhHI/MhseGhMZT1lmS7dAcoUvyAG36B/skXTAyPg/
PiEdGdxIrGMtSu6ZpGR8xsHXq8cabeCzUNa462mq7Tk7JKDWIaPJe1hwnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBWcnU3z2o07KDZuRdfUga5K3vphMB8GA1UdIwQY
MBaAFIppihT7YaaHrwpj98ZVwAH2cBKCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW1tS0ZQdGhwb2V2Q21QM3hsWEFBZlp3RW9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8zM2QyMjYtN2M0My00YzgzLTk0YWQt
MjE4Mjg5ZDgxYzUzLzEvaW1tS0ZQdGhwb2V2Q21QM3hsWEFBZlp3RW9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8zM2QyMjYtN2M0My00YzgzLTk0YWQtMjE4Mjg5ZDgxYzUz
LzEvaW1tS0ZQdGhwb2V2Q21QM3hsWEFBZlp3RW9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyhuHLBR1
4QLpaPVCm0dMJDHWtMbLyWGWCNNmd6e9aOllSW15lV6ppRd4hZRSqtKDC+gmgxUc
LGblhTUYLLA56C6VXjVG9y0aXN6FM+/1kIdmbKlr/12z9AXgG+eaM8Zt6E5st8Ha
1Sv6dpAU94WEwpibKmDJXbxVD6gLd7CAzpupjdmmex461pLB5RVaL7qyYtAQqDoJ
M4aooOYEta4g2yE5Wc9bW5k38GnLFLnRayexYD9iZaMoi8VfA1AVz2rxdUpVm5ao
6DclwLgGIzSkXJT2hdl9rlHwCTJxbZqog0tWJc7Tf26JtRB2uMq0gEtzCWM8VHoH
2Ytqi/S+ErXosQ==
-----END CERTIFICATE-----
Generated at Wed Jul 2 23:19:02 2025 by rpki-client