Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.mft
File: DTM_ctnilFQ4Jb5jcp-ANKRRcJA.mft (raw, json)
Hash identifier: jhceNq1KaIuJjVvHIenabkaQ5uY+OpSkuyzq355Ne1s=
Subject key identifier: D1:EF:95:6E:D5:B8:F5:A1:89:D7:5B:23:BC:34:6E:3F:15:6F:65:56
Authority key identifier: 0D:33:3F:72:D9:E2:94:54:38:25:BE:63:72:9F:80:34:A4:51:70:90
Certificate issuer: /CN=0d333f72d9e294543825be63729f8034a4517090
Certificate serial: 0197B745334F57CD5119C08E5F70C1545E6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.mft
Manifest number: 09AB
Signing time: Sat 28 Jun 2025 16:00:54 +0000
Manifest this update: Sat 28 Jun 2025 16:00:54 +0000
Manifest next update: Sun 29 Jun 2025 16:00:54 +0000
Files and hashes: 1: DTM_ctnilFQ4Jb5jcp-ANKRRcJA.crl (hash: tgwrPkNGwg6HVTLCIusJfmij1mBKmCOTf/6/J8fP4jM=)
2: IoDHlDbNXO3jlcqfipIcULBON5A.roa (hash: KOgCTDaSahbElR1Ol4oBVrEjOtYhS4W0VzXtKth8BeM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.mft
rsync://rpki.ripe.net/repository/DEFAULT/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 16:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:45:33:4f:57:cd:51:19:c0:8e:5f:70:c1:54:5e:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d333f72d9e294543825be63729f8034a4517090
Validity
Not Before: Jun 28 16:00:54 2025 GMT
Not After : Jun 29 16:00:54 2025 GMT
Subject: CN=d1ef956ed5b8f5a189d75b23bc346e3f156f6556
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:15:82:eb:7a:6b:0d:1a:16:a0:6d:7e:7a:c3:
8e:ff:f3:de:a2:c2:d7:14:4f:0c:03:4f:c8:5b:54:
c1:03:01:ac:13:bd:cc:40:75:ae:f8:4e:09:6a:1d:
82:d7:c5:7b:79:2d:49:48:49:b5:c6:d9:38:81:d2:
1d:fb:da:61:11:00:f2:48:1d:7c:5b:e7:e0:83:c5:
14:15:2d:bf:d2:ac:4c:27:6d:98:cf:e7:2c:fb:09:
96:8c:13:2a:70:9b:48:6b:51:58:13:e2:64:8a:9e:
42:85:6f:6e:06:63:ec:61:02:4d:73:de:cb:a1:f4:
d4:05:24:b2:60:c9:73:e6:c1:ab:23:bb:9d:b7:c9:
06:17:7e:e7:6d:97:54:c2:8c:5c:64:41:3b:a4:6f:
84:54:7a:4b:d7:f7:52:f5:34:dc:60:5f:94:ab:a4:
5b:b4:94:0f:87:0c:c5:10:41:9f:b9:5f:ec:49:38:
42:57:66:9f:d3:ad:8d:9e:4c:07:16:b4:78:97:44:
e2:6a:69:89:ca:a3:ad:37:2c:e6:4d:31:86:b1:2e:
7a:33:9e:38:5b:1d:4c:b0:52:de:c0:32:bf:5d:7f:
c8:80:b8:d8:fa:d7:b6:9a:eb:8c:1c:f0:24:ca:6a:
6e:1f:75:67:5b:97:9f:ef:d6:e5:fa:7f:d5:42:62:
20:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:EF:95:6E:D5:B8:F5:A1:89:D7:5B:23:BC:34:6E:3F:15:6F:65:56
X509v3 Authority Key Identifier:
keyid:0D:33:3F:72:D9:E2:94:54:38:25:BE:63:72:9F:80:34:A4:51:70:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:dc:44:09:2f:72:b7:ad:43:58:e0:e8:60:80:e5:8f:f4:67:
24:7a:b9:6c:dc:28:43:9c:8a:df:cd:3c:a3:d0:b6:d2:25:d1:
97:ad:6f:a0:98:f7:0a:17:d1:71:b9:6e:e5:34:fe:23:5a:a3:
53:75:b6:ff:66:8c:2a:e5:00:76:8a:21:12:10:62:47:81:25:
ea:9f:12:85:b6:63:ae:e7:09:c3:5e:b7:33:84:58:1d:93:0d:
7e:49:84:f5:7a:27:3a:15:69:1b:80:28:22:c5:61:7d:4c:bd:
19:06:e8:ce:77:80:32:ce:b7:77:a0:28:4e:54:12:3b:cb:ab:
c9:5a:1a:4e:6f:61:30:7e:86:bb:e1:11:53:49:f1:56:6d:3a:
7c:fa:83:0f:05:cc:0c:50:a9:21:dc:79:1d:b6:0c:0c:4f:95:
8a:27:91:d3:f4:9a:3b:0c:1f:02:88:22:a9:66:ad:c5:02:2d:
0e:4c:7d:da:64:60:9a:f4:a3:71:e4:38:9f:6e:21:01:7d:23:
91:0c:f9:7e:1f:bd:03:8a:58:ab:2b:c6:a3:c6:1b:04:bf:19:
65:9a:bf:33:9d:a5:17:5d:4e:7f:2f:fd:29:7a:84:e8:41:3c:
c6:69:f7:a6:16:d5:bf:41:bd:69:55:fe:9d:f5:fb:23:a6:83:
1d:ca:9c:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RTNPV81RGcCOX3DBVF5qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMzMzZjcyZDllMjk0NTQzODI1YmU2MzcyOWY4MDM0YTQ1
MTcwOTAwHhcNMjUwNjI4MTYwMDU0WhcNMjUwNjI5MTYwMDU0WjAzMTEwLwYDVQQD
EyhkMWVmOTU2ZWQ1YjhmNWExODlkNzViMjNiYzM0NmUzZjE1NmY2NTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRWC63prDRoWoG1+esOO//PeosLX
FE8MA0/IW1TBAwGsE73MQHWu+E4Jah2C18V7eS1JSEm1xtk4gdId+9phEQDySB18
W+fgg8UUFS2/0qxMJ22Yz+cs+wmWjBMqcJtIa1FYE+Jkip5ChW9uBmPsYQJNc97L
ofTUBSSyYMlz5sGrI7udt8kGF37nbZdUwoxcZEE7pG+EVHpL1/dS9TTcYF+Uq6Rb
tJQPhwzFEEGfuV/sSThCV2af062NnkwHFrR4l0TiammJyqOtNyzmTTGGsS56M544
Wx1MsFLewDK/XX/IgLjY+te2muuMHPAkympuH3VnW5ef79bl+n/VQmIgoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNHvlW7VuPWhiddbI7w0bj8Vb2VWMB8GA1UdIwQY
MBaAFA0zP3LZ4pRUOCW+Y3KfgDSkUXCQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFRNX2N0bmlsRlE0SmI1amNwLUFOS1JSY0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC82NWZlYTItYTNkOS00OTJmLThlNDQt
ODk0ZGZhNWRmMDE3LzEvRFRNX2N0bmlsRlE0SmI1amNwLUFOS1JSY0pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC82NWZlYTItYTNkOS00OTJmLThlNDQtODk0ZGZhNWRmMDE3
LzEvRFRNX2N0bmlsRlE0SmI1amNwLUFOS1JSY0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYNxECS9y
t61DWODoYIDlj/RnJHq5bNwoQ5yK3808o9C20iXRl61voJj3ChfRcblu5TT+I1qj
U3W2/2aMKuUAdoohEhBiR4El6p8ShbZjrucJw163M4RYHZMNfkmE9XonOhVpG4Ao
IsVhfUy9GQbozneAMs63d6AoTlQSO8uryVoaTm9hMH6Gu+ERU0nxVm06fPqDDwXM
DFCpIdx5HbYMDE+ViieR0/SaOwwfAogiqWatxQItDkx92mRgmvSjceQ4n24hAX0j
kQz5fh+9A4pYqyvGo8YbBL8ZZZq/M52lF11Ofy/9KXqE6EE8xmn3phbVv0G9aVX+
nfX7I6aDHcqcFg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 01:46:17 2025 by rpki-client