Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
File: 20IFnOKR1Jpmkgcxx2faVj7yESQ.mft (raw, json)
Hash identifier: u1jtQOkoEkXzkpgrKctt5QNQd/7wmi39DmBxyOhOJ0A=
Subject key identifier: 47:68:80:1F:4E:6A:E8:40:17:7E:BD:C2:B3:5F:9D:8C:C0:41:31:14
Authority key identifier: DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24
Certificate issuer: /CN=db42059ce291d49a66920731c767da563ef21124
Certificate serial: 0197B70F32BB1243100AC5A5BAE8E0E52E5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
Manifest number: 08B1
Signing time: Sat 28 Jun 2025 15:01:55 +0000
Manifest this update: Sat 28 Jun 2025 15:01:55 +0000
Manifest next update: Sun 29 Jun 2025 15:01:55 +0000
Files and hashes: 1: 20IFnOKR1Jpmkgcxx2faVj7yESQ.crl (hash: jXSXZYo2sEZADBoQ9R7yLmnE+3AD5DQxWctp7bGhL90=)
2: 4Eso2GRh3TFlocCc5lcI1-kD4Pk.roa (hash: ZZWcQEmA2vmSeltVrHKBZfPJ+X7E/tLB/wKbTZ0f8BU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:0f:32:bb:12:43:10:0a:c5:a5:ba:e8:e0:e5:2e:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db42059ce291d49a66920731c767da563ef21124
Validity
Not Before: Jun 28 15:01:55 2025 GMT
Not After : Jun 29 15:01:55 2025 GMT
Subject: CN=4768801f4e6ae840177ebdc2b35f9d8cc0413114
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ed:18:f1:47:f4:2c:89:ea:b8:5c:b5:c4:42:
91:c1:61:57:6b:5d:d5:c1:51:ca:3a:43:2f:9b:75:
9f:78:8c:48:c6:0d:9f:41:b4:37:ec:6e:67:1b:41:
6a:f5:9d:dc:b7:29:94:51:14:2d:07:c5:82:d4:c3:
0e:c6:78:36:1b:03:93:55:80:70:be:8e:c8:aa:0c:
85:94:f3:99:e2:ab:98:ab:a1:76:05:af:81:f0:8e:
c0:df:3a:41:8f:b6:bb:a4:69:05:2b:21:93:8c:a7:
c8:a1:60:c9:dc:0f:68:ad:7c:96:6a:d8:22:5e:d2:
5f:22:19:80:06:70:52:e3:67:f0:c2:28:68:83:47:
f9:d4:4f:b9:15:6a:23:6f:dc:10:aa:fb:00:1e:bb:
b9:a4:d4:80:a6:fa:93:98:08:b0:a3:d0:60:fa:80:
e2:9e:3a:69:e0:75:c5:fd:47:3a:9a:bb:99:ed:98:
d6:34:0a:97:82:8a:78:30:5e:b2:ba:e1:79:0b:31:
5a:e9:8f:2f:b6:a9:cc:12:76:f8:ab:27:d5:9c:e5:
34:93:1c:38:08:55:1f:c6:8b:ce:b9:c3:d1:f8:56:
2b:fa:97:33:91:7a:e8:a0:9f:f2:3c:15:6c:09:66:
0c:f5:cb:ef:b6:99:cb:df:d3:52:89:c5:f9:1b:29:
3c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:68:80:1F:4E:6A:E8:40:17:7E:BD:C2:B3:5F:9D:8C:C0:41:31:14
X509v3 Authority Key Identifier:
keyid:DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9a:22:b9:38:2d:82:57:11:e2:58:87:12:81:db:96:5e:fd:e1:
e8:2e:18:60:c2:e2:ab:24:2c:aa:ad:a6:95:01:2a:1e:44:c6:
f2:95:8f:72:e6:70:f4:27:0e:db:ac:4b:1e:01:32:60:26:08:
4a:ba:96:f4:ce:67:8e:19:fa:7f:ae:57:be:ef:aa:4f:cf:70:
76:05:e1:3a:2f:61:53:29:41:44:94:e6:4d:62:83:98:77:a6:
e1:fc:0d:5e:de:dd:6d:36:cc:c5:1c:d4:f5:70:0f:e7:14:05:
05:de:33:0e:5b:7c:8f:d1:2f:49:cc:5d:08:af:dc:f7:4a:36:
42:d0:7e:f0:30:7b:7c:ad:52:99:b3:8d:37:22:69:ce:df:2b:
8d:a9:c6:f6:c8:94:d8:58:29:4e:d2:0f:31:48:a7:3b:1e:6d:
50:a6:e7:3c:38:fd:1b:b3:d2:02:7d:24:60:41:15:20:30:56:
df:b1:ac:07:93:26:27:f0:e5:04:28:6f:44:16:79:65:a8:d7:
60:97:1e:69:47:ad:f0:70:34:ac:d1:08:8a:9c:ad:5a:35:54:
d8:33:ee:2e:51:40:9d:ca:04:42:de:2f:9f:da:73:61:77:b0:
e0:1b:6f:93:71:36:c1:2e:19:0f:eb:5e:4e:be:27:eb:5b:6a:
4e:92:f8:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DzK7EkMQCsWluujg5S5bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNDIwNTljZTI5MWQ0OWE2NjkyMDczMWM3NjdkYTU2M2Vm
MjExMjQwHhcNMjUwNjI4MTUwMTU1WhcNMjUwNjI5MTUwMTU1WjAzMTEwLwYDVQQD
Eyg0NzY4ODAxZjRlNmFlODQwMTc3ZWJkYzJiMzVmOWQ4Y2MwNDEzMTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwO0Y8Uf0LInquFy1xEKRwWFXa13V
wVHKOkMvm3WfeIxIxg2fQbQ37G5nG0Fq9Z3ctymUURQtB8WC1MMOxng2GwOTVYBw
vo7IqgyFlPOZ4quYq6F2Ba+B8I7A3zpBj7a7pGkFKyGTjKfIoWDJ3A9orXyWatgi
XtJfIhmABnBS42fwwihog0f51E+5FWojb9wQqvsAHru5pNSApvqTmAiwo9Bg+oDi
njpp4HXF/Uc6mruZ7ZjWNAqXgop4MF6yuuF5CzFa6Y8vtqnMEnb4qyfVnOU0kxw4
CFUfxovOucPR+FYr+pczkXrooJ/yPBVsCWYM9cvvtpnL39NSicX5Gyk8vQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEdogB9OauhAF369wrNfnYzAQTEUMB8GA1UdIwQY
MBaAFNtCBZzikdSaZpIHMcdn2lY+8hEkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzIt
OTMxMmQwODdkZmNhLzEvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzItOTMxMmQwODdkZmNh
LzEvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmiK5OC2C
VxHiWIcSgduWXv3h6C4YYMLiqyQsqq2mlQEqHkTG8pWPcuZw9CcO26xLHgEyYCYI
SrqW9M5njhn6f65Xvu+qT89wdgXhOi9hUylBRJTmTWKDmHem4fwNXt7dbTbMxRzU
9XAP5xQFBd4zDlt8j9EvScxdCK/c90o2QtB+8DB7fK1SmbONNyJpzt8rjanG9siU
2FgpTtIPMUinOx5tUKbnPDj9G7PSAn0kYEEVIDBW37GsB5MmJ/DlBChvRBZ5ZajX
YJceaUet8HA0rNEIipytWjVU2DPuLlFAncoEQt4vn9pzYXew4Btvk3E2wS4ZD+te
Tr4n61tqTpL4Zg==
-----END CERTIFICATE-----
Generated at Sat Jun 28 21:02:09 2025 by rpki-client