Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/cimwOc-KrxQdbm1hbnwWkInLyzI.mft
File: cimwOc-KrxQdbm1hbnwWkInLyzI.mft (raw, json)
Hash identifier: U6MeTZmMOUipfoMZckDtfh83tWM9Tqv3Mec08ZLF7wk=
Subject key identifier: 9C:22:A0:15:4E:89:04:97:03:4D:42:CD:28:6E:2A:F2:52:ED:FD:23
Authority key identifier: 72:29:B0:39:CF:8A:AF:14:1D:6E:6D:61:6E:7C:16:90:89:CB:CB:32
Certificate issuer: /CN=7229b039cf8aaf141d6e6d616e7c169089cbcb32
Certificate serial: 0197B7458A0C7DF4D009DF96CA06956868D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cimwOc-KrxQdbm1hbnwWkInLyzI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/cimwOc-KrxQdbm1hbnwWkInLyzI.mft
Manifest number: 0CF2
Signing time: Sat 28 Jun 2025 16:01:17 +0000
Manifest this update: Sat 28 Jun 2025 16:01:17 +0000
Manifest next update: Sun 29 Jun 2025 16:01:17 +0000
Files and hashes: 1: _11c4KnryngFBZ3LrSwCjXVWAnI.roa (hash: 4suX3JVW+dbra41XqoLSgaNnHC7+X6k6GS1R8JLgxL8=)
2: cimwOc-KrxQdbm1hbnwWkInLyzI.crl (hash: 7YIELairLMqoCKSkeVqoDDANicysY+wwD8MFUtE+Ru0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/cimwOc-KrxQdbm1hbnwWkInLyzI.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/cimwOc-KrxQdbm1hbnwWkInLyzI.mft
rsync://rpki.ripe.net/repository/DEFAULT/cimwOc-KrxQdbm1hbnwWkInLyzI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:45:8a:0c:7d:f4:d0:09:df:96:ca:06:95:68:68:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7229b039cf8aaf141d6e6d616e7c169089cbcb32
Validity
Not Before: Jun 28 16:01:17 2025 GMT
Not After : Jun 29 16:01:17 2025 GMT
Subject: CN=9c22a0154e890497034d42cd286e2af252edfd23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:b8:eb:b9:46:a2:f2:8f:17:d1:92:35:be:9a:
50:1d:56:85:2a:50:8d:8d:2d:1f:fa:8e:98:4a:ca:
2a:8b:53:c6:23:93:f9:35:47:3a:ba:10:81:20:49:
95:9c:e3:f1:c6:a6:56:7d:9d:4b:71:7f:07:94:4c:
d9:fa:03:4f:a7:c4:c8:f5:ea:29:c6:cd:b6:88:6b:
8f:01:8f:ff:b7:63:aa:a0:cd:df:1b:2c:0a:72:f7:
8e:b9:3f:16:1b:dd:1a:15:ba:ab:cb:fb:02:71:74:
4e:c6:74:70:4f:d5:c8:39:85:bc:fb:f7:ac:d8:e5:
fe:02:2f:d8:8b:e7:f6:3f:2c:74:e8:23:a0:61:30:
4a:45:6e:54:c5:c7:a1:19:2c:ec:2a:4c:6c:b9:0c:
5a:aa:d8:3a:6d:e7:39:3b:6a:9b:8d:70:73:10:0e:
d2:5b:f8:1b:2e:a3:e9:96:f6:c4:db:17:66:11:7a:
2a:9b:18:17:5e:c9:5c:f1:bb:c3:b3:92:13:f6:2c:
ae:b4:f8:94:84:de:4a:4a:20:79:00:44:22:e4:a3:
af:3a:ba:ad:38:42:cf:b1:ed:8b:66:e1:31:b7:be:
6e:f2:1b:8a:06:bd:10:c3:ef:f4:ce:a8:b6:a2:2d:
2c:fc:22:d0:f3:56:df:0c:4b:7d:81:b8:1e:0c:3a:
8f:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:22:A0:15:4E:89:04:97:03:4D:42:CD:28:6E:2A:F2:52:ED:FD:23
X509v3 Authority Key Identifier:
keyid:72:29:B0:39:CF:8A:AF:14:1D:6E:6D:61:6E:7C:16:90:89:CB:CB:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cimwOc-KrxQdbm1hbnwWkInLyzI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/cimwOc-KrxQdbm1hbnwWkInLyzI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/cimwOc-KrxQdbm1hbnwWkInLyzI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
13:fd:dd:90:15:38:55:75:87:c5:a7:36:f2:54:a2:c6:7a:76:
b1:8c:86:96:ac:b9:47:f0:98:ee:0a:62:5e:08:94:8c:f6:c0:
91:c2:6b:65:f7:ed:dc:75:be:10:ff:3c:e5:df:bb:95:9a:a1:
e7:52:19:99:1c:53:bd:38:c8:e8:2e:83:c6:b6:64:91:56:44:
ef:f8:84:85:7a:e9:8e:bc:16:77:67:01:47:f5:0d:d3:c6:ec:
b5:17:52:98:9d:0e:ff:77:82:69:8b:37:c0:fd:a8:c3:a5:1b:
51:67:2f:c0:ab:16:4a:df:f9:92:a5:b4:a3:1b:4a:31:01:a4:
51:14:0a:53:a5:e3:cf:8d:fc:e8:86:29:a4:82:1a:47:f6:d7:
bc:bc:82:c1:e8:35:7d:25:6c:5b:ea:29:5c:35:ab:09:54:14:
85:6c:c8:62:cb:c4:e2:25:4c:83:e4:01:e1:02:a7:74:fe:c1:
7d:da:d7:94:8b:42:fa:f7:1d:4f:8a:60:98:d6:ab:c9:90:dd:
59:de:2f:ca:92:92:b3:48:9c:af:5b:5e:e5:29:b8:de:a6:3b:
6c:3d:c3:05:62:67:8b:dc:2e:ba:87:d9:2d:a8:1d:1b:6e:5a:
2a:14:13:1f:88:a8:9a:9c:b8:31:ad:4c:e4:e9:4a:40:21:b5:
bf:1f:01:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RYoMffTQCd+WygaVaGjVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMjliMDM5Y2Y4YWFmMTQxZDZlNmQ2MTZlN2MxNjkwODlj
YmNiMzIwHhcNMjUwNjI4MTYwMTE3WhcNMjUwNjI5MTYwMTE3WjAzMTEwLwYDVQQD
Eyg5YzIyYTAxNTRlODkwNDk3MDM0ZDQyY2QyODZlMmFmMjUyZWRmZDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbjruUai8o8X0ZI1vppQHVaFKlCN
jS0f+o6YSsoqi1PGI5P5NUc6uhCBIEmVnOPxxqZWfZ1LcX8HlEzZ+gNPp8TI9eop
xs22iGuPAY//t2OqoM3fGywKcveOuT8WG90aFbqry/sCcXROxnRwT9XIOYW8+/es
2OX+Ai/Yi+f2Pyx06COgYTBKRW5UxcehGSzsKkxsuQxaqtg6bec5O2qbjXBzEA7S
W/gbLqPplvbE2xdmEXoqmxgXXslc8bvDs5IT9iyutPiUhN5KSiB5AEQi5KOvOrqt
OELPse2LZuExt75u8huKBr0Qw+/0zqi2oi0s/CLQ81bfDEt9gbgeDDqPaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJwioBVOiQSXA01CzShuKvJS7f0jMB8GA1UdIwQY
MBaAFHIpsDnPiq8UHW5tYW58FpCJy8syMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2ltd09jLUtyeFFkYm0xaGJud1drSW5MeXpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9jNDA4NzUtMDYxYS00MmRmLTljNmQt
ODdhNjg0NWY2NmY5LzEvY2ltd09jLUtyeFFkYm0xaGJud1drSW5MeXpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9jNDA4NzUtMDYxYS00MmRmLTljNmQtODdhNjg0NWY2NmY5
LzEvY2ltd09jLUtyeFFkYm0xaGJud1drSW5MeXpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE/3dkBU4
VXWHxac28lSixnp2sYyGlqy5R/CY7gpiXgiUjPbAkcJrZfft3HW+EP885d+7lZqh
51IZmRxTvTjI6C6DxrZkkVZE7/iEhXrpjrwWd2cBR/UN08bstRdSmJ0O/3eCaYs3
wP2ow6UbUWcvwKsWSt/5kqW0oxtKMQGkURQKU6Xjz4386IYppIIaR/bXvLyCweg1
fSVsW+opXDWrCVQUhWzIYsvE4iVMg+QB4QKndP7BfdrXlItC+vcdT4pgmNaryZDd
Wd4vypKSs0icr1te5Sm43qY7bD3DBWJni9wuuofZLagdG25aKhQTH4iompy4Ma1M
5OlKQCG1vx8BLg==
-----END CERTIFICATE-----
Generated at Sat Jun 28 22:52:29 2025 by rpki-client