Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/dOEz6h5A_BPgdOMncQpTRKlgtcA.mft
File: dOEz6h5A_BPgdOMncQpTRKlgtcA.mft (raw, json)
Hash identifier: 8SdDgXTikM0MDFm32qP+iOieXQxk+WtqETBYBdlMdKA=
Subject key identifier: 40:68:FB:24:35:F2:2D:CC:E6:01:0A:E1:40:94:B8:6B:09:F9:DE:29
Authority key identifier: 74:E1:33:EA:1E:40:FC:13:E0:74:E3:27:71:0A:53:44:A9:60:B5:C0
Certificate issuer: /CN=74e133ea1e40fc13e074e327710a5344a960b5c0
Certificate serial: 0197CE3B1CC72896280DF04A87479A29ACF4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dOEz6h5A_BPgdOMncQpTRKlgtcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/dOEz6h5A_BPgdOMncQpTRKlgtcA.mft
Manifest number: 0C70
Signing time: Thu 03 Jul 2025 03:01:09 +0000
Manifest this update: Thu 03 Jul 2025 03:01:09 +0000
Manifest next update: Fri 04 Jul 2025 03:01:09 +0000
Files and hashes: 1: XXhZSJTw-3dSmsRY9bvXQqHBaIs.roa (hash: mmW0AxSNYmhmTbAA4XApc0Tjpzzlw3yy/NM/Jy4hxuI=)
2: dOEz6h5A_BPgdOMncQpTRKlgtcA.crl (hash: 59h2HasdL5SBdCrQmFtGi2/nTsjUmiGWuUjXqQvGU8A=)
3: lQpPjj9gpOYnRRV52S0ec3Spick.roa (hash: 2/R15nQqw+pyTSeVtt80lTdeScEa1kOW3xe+Ueb0Hdo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/dOEz6h5A_BPgdOMncQpTRKlgtcA.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/dOEz6h5A_BPgdOMncQpTRKlgtcA.mft
rsync://rpki.ripe.net/repository/DEFAULT/dOEz6h5A_BPgdOMncQpTRKlgtcA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Jul 2025 03:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ce:3b:1c:c7:28:96:28:0d:f0:4a:87:47:9a:29:ac:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74e133ea1e40fc13e074e327710a5344a960b5c0
Validity
Not Before: Jul 3 03:01:09 2025 GMT
Not After : Jul 4 03:01:09 2025 GMT
Subject: CN=4068fb2435f22dcce6010ae14094b86b09f9de29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:25:55:2a:1a:2f:aa:c7:bf:9e:64:34:34:f3:
13:0a:8a:30:82:f8:7d:65:52:b5:bf:d2:ff:c5:59:
37:f6:8d:ab:a0:46:cc:f3:b0:38:23:3f:23:9f:37:
d7:31:f1:91:7b:02:82:46:5e:31:e2:30:3a:bf:7d:
d6:89:48:03:73:38:87:85:21:a8:8b:15:8b:55:f2:
0b:63:fc:52:f7:c9:90:e0:2e:15:75:3d:f8:86:8d:
6e:7a:76:97:9f:01:52:f6:b8:e5:99:92:63:dc:ab:
91:5e:38:98:f5:c1:73:26:cc:38:18:ec:62:93:5c:
b4:2c:eb:f0:99:53:97:58:1b:6d:c6:4c:de:8b:65:
a6:ff:69:2d:37:ea:fd:ac:03:b3:a1:12:73:2a:fd:
2a:76:6c:e6:48:4d:f8:e7:5b:bf:c0:2b:9d:69:95:
23:12:87:c0:34:91:3a:a8:45:9e:db:30:d1:69:9c:
4b:23:3f:54:80:aa:a7:a6:52:b6:61:a1:d6:7d:20:
0b:56:1f:81:25:6d:6c:17:01:53:8a:4a:1c:4d:2a:
36:54:75:dc:04:89:90:50:a7:0a:79:15:b9:8e:96:
89:f5:e8:f5:7d:7f:58:06:ea:33:ce:4f:36:42:78:
22:9e:8e:dc:39:62:ed:18:4d:96:ab:4a:c5:3f:dd:
fe:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:68:FB:24:35:F2:2D:CC:E6:01:0A:E1:40:94:B8:6B:09:F9:DE:29
X509v3 Authority Key Identifier:
keyid:74:E1:33:EA:1E:40:FC:13:E0:74:E3:27:71:0A:53:44:A9:60:B5:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dOEz6h5A_BPgdOMncQpTRKlgtcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/dOEz6h5A_BPgdOMncQpTRKlgtcA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/dOEz6h5A_BPgdOMncQpTRKlgtcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:4c:23:1d:48:de:c4:9e:a3:a1:02:04:42:93:6a:06:a2:e7:
1c:94:d6:bb:0e:c0:6d:dd:5a:4f:3c:7b:ca:51:23:e4:a3:60:
4b:83:b8:f3:9e:b2:16:18:e3:b4:86:a0:b6:99:cf:2c:ca:7a:
e2:9b:28:c3:c0:69:e1:b8:31:bd:ef:df:15:ef:62:f8:56:10:
27:60:86:df:b1:af:88:28:94:af:a7:36:d0:17:5d:6c:f7:c1:
67:4e:24:84:2a:c2:61:e0:45:a9:57:8b:27:9c:6e:65:1e:78:
c5:c9:35:83:ad:96:19:2c:bf:e7:db:5c:7e:ac:1e:1e:7f:58:
dc:0c:1a:b6:c8:96:f4:2d:e9:b1:b3:db:c1:a8:7c:54:bb:e9:
25:1a:86:83:12:7c:a8:35:be:4d:af:2e:e4:ac:68:00:29:52:
a3:33:5a:14:ca:f2:53:0f:41:3e:8a:9c:68:56:7b:5c:02:01:
d7:c2:9b:c8:b9:fc:32:47:17:00:ff:02:09:36:8c:25:aa:27:
76:c9:22:9b:cd:cf:a4:1b:60:b6:71:c4:ba:8f:fc:60:75:c8:
df:a5:79:ad:3f:39:21:90:ec:d8:5f:9a:99:04:bc:49:ce:7b:
af:d0:1f:7b:24:ad:79:f0:0f:f1:17:22:81:08:3c:93:28:13:
3f:ef:2b:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfOOxzHKJYoDfBKh0eaKaz0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZTEzM2VhMWU0MGZjMTNlMDc0ZTMyNzcxMGE1MzQ0YTk2
MGI1YzAwHhcNMjUwNzAzMDMwMTA5WhcNMjUwNzA0MDMwMTA5WjAzMTEwLwYDVQQD
Eyg0MDY4ZmIyNDM1ZjIyZGNjZTYwMTBhZTE0MDk0Yjg2YjA5ZjlkZTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2iVVKhovqse/nmQ0NPMTCoowgvh9
ZVK1v9L/xVk39o2roEbM87A4Iz8jnzfXMfGRewKCRl4x4jA6v33WiUgDcziHhSGo
ixWLVfILY/xS98mQ4C4VdT34ho1uenaXnwFS9rjlmZJj3KuRXjiY9cFzJsw4GOxi
k1y0LOvwmVOXWBttxkzei2Wm/2ktN+r9rAOzoRJzKv0qdmzmSE3451u/wCudaZUj
EofANJE6qEWe2zDRaZxLIz9UgKqnplK2YaHWfSALVh+BJW1sFwFTikocTSo2VHXc
BImQUKcKeRW5jpaJ9ej1fX9YBuozzk82Qngino7cOWLtGE2Wq0rFP93+uwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEBo+yQ18i3M5gEK4UCUuGsJ+d4pMB8GA1UdIwQY
MBaAFHThM+oeQPwT4HTjJ3EKU0SpYLXAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE9FejZoNUFfQlBnZE9NbmNRcFRSS2xndGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8xZjU1ODctY2I5Mi00OTE3LThjZjMt
MmNiOWUyMTcyZjk3LzEvZE9FejZoNUFfQlBnZE9NbmNRcFRSS2xndGNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8xZjU1ODctY2I5Mi00OTE3LThjZjMtMmNiOWUyMTcyZjk3
LzEvZE9FejZoNUFfQlBnZE9NbmNRcFRSS2xndGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL0wjHUje
xJ6joQIEQpNqBqLnHJTWuw7Abd1aTzx7ylEj5KNgS4O4856yFhjjtIagtpnPLMp6
4psow8Bp4bgxve/fFe9i+FYQJ2CG37GviCiUr6c20BddbPfBZ04khCrCYeBFqVeL
J5xuZR54xck1g62WGSy/59tcfqweHn9Y3AwatsiW9C3psbPbwah8VLvpJRqGgxJ8
qDW+Ta8u5KxoAClSozNaFMryUw9BPoqcaFZ7XAIB18KbyLn8MkcXAP8CCTaMJaon
dskim83PpBtgtnHEuo/8YHXI36V5rT85IZDs2F+amQS8Sc57r9AfeyStefAP8Rci
gQg8kygTP+8rqg==
-----END CERTIFICATE-----
Generated at Thu Jul 3 07:20:01 2025 by rpki-client