Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.mft
File: i4gBVDgSBAR31HRCKUZshTfUUXE.mft (raw, json)
Hash identifier: VgD3ewPwgbCxF/BQ2ybU2DCMwS2DMuyLf150ADYkFEk=
Subject key identifier: 2D:6A:5A:2E:20:EF:F3:50:F1:35:8B:C6:11:6C:4E:CD:7E:7A:FF:29
Authority key identifier: 8B:88:01:54:38:12:04:04:77:D4:74:42:29:46:6C:85:37:D4:51:71
Certificate issuer: /CN=8b8801543812040477d4744229466c8537d45171
Certificate serial: 0197C2DC04566860B7882FB71D86509D40B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i4gBVDgSBAR31HRCKUZshTfUUXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.mft
Manifest number: 0D04
Signing time: Mon 30 Jun 2025 22:01:28 +0000
Manifest this update: Mon 30 Jun 2025 22:01:28 +0000
Manifest next update: Tue 01 Jul 2025 22:01:28 +0000
Files and hashes: 1: CDrnNbtJLaCL50xwnqrzUWhQ_9k.roa (hash: xkyChTjHPfmap3pEfIzmPahUIANDsQxEAOedvER2SvU=)
2: i4gBVDgSBAR31HRCKUZshTfUUXE.crl (hash: +oH2FmjuEkWfmIA6uhkiSPWHnd0BZXBY4K/J15w7iqI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.mft
rsync://rpki.ripe.net/repository/DEFAULT/i4gBVDgSBAR31HRCKUZshTfUUXE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 15:11:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c2:dc:04:56:68:60:b7:88:2f:b7:1d:86:50:9d:40:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b8801543812040477d4744229466c8537d45171
Validity
Not Before: Jun 30 22:01:28 2025 GMT
Not After : Jul 1 22:01:28 2025 GMT
Subject: CN=2d6a5a2e20eff350f1358bc6116c4ecd7e7aff29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:a7:48:d7:73:4d:f9:34:0e:0c:56:8e:33:4f:
07:43:43:e2:80:d3:8b:9b:1e:4a:70:84:2c:38:44:
f9:60:ef:ba:b0:32:cc:87:e0:57:77:94:f4:00:be:
24:e2:e3:67:c8:1a:58:90:f5:52:6d:b7:c1:f9:6f:
96:cc:4b:9d:48:f3:27:3e:cf:fb:18:35:ce:03:97:
a4:b1:ac:77:df:84:42:14:e2:e1:49:a8:25:de:1e:
85:0b:79:f7:ed:25:d7:53:c2:24:af:a5:d0:c5:d1:
d9:e8:d3:75:f9:52:46:e9:fc:2f:02:b8:53:90:7b:
70:40:20:83:1b:fb:01:8f:3e:a1:fa:f5:85:48:e6:
45:11:46:fd:0d:eb:8e:a7:e2:62:fd:7c:d4:43:a3:
98:b4:07:fb:54:71:3a:19:cc:06:cb:e0:45:5b:6e:
9a:0d:fa:55:4d:a5:85:f8:5e:8e:8b:c4:85:20:b7:
41:be:0f:f9:6a:61:19:9b:ba:f3:b3:54:7f:39:7e:
ef:3d:a3:05:96:ab:4b:df:65:cd:9e:31:63:66:00:
cd:b7:ba:2d:32:bc:c2:ae:ad:ef:dc:b4:5d:8b:76:
be:37:b8:ac:7b:32:6f:9a:15:25:54:f2:77:f9:ba:
18:b4:81:82:82:d2:e2:ee:ba:36:c2:37:c5:00:86:
d9:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:6A:5A:2E:20:EF:F3:50:F1:35:8B:C6:11:6C:4E:CD:7E:7A:FF:29
X509v3 Authority Key Identifier:
keyid:8B:88:01:54:38:12:04:04:77:D4:74:42:29:46:6C:85:37:D4:51:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i4gBVDgSBAR31HRCKUZshTfUUXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
14:ed:76:37:cd:64:da:db:6c:dd:a7:9d:3e:c1:0a:97:9e:57:
5a:af:1c:f9:e0:32:f8:18:da:d2:68:a6:63:82:65:73:37:d2:
5a:7d:9e:2a:64:c0:10:ef:2e:90:b3:52:32:21:b1:07:f5:94:
e4:e6:cd:81:ef:15:7c:42:45:d0:04:de:1c:d3:5e:d3:00:d8:
9e:81:59:5c:95:2c:fe:8d:24:3d:55:46:c1:a0:2a:84:60:3d:
54:c7:3b:37:1b:45:1f:0b:f7:6f:a6:ab:b9:92:e4:99:45:b7:
d2:1e:68:68:c5:78:fc:55:a3:b4:03:ff:bc:40:27:fc:48:99:
86:30:c6:19:5f:1b:e0:1a:5e:46:94:6d:d2:e0:43:95:13:40:
0c:9d:56:95:96:ab:bf:d5:3f:ab:4b:13:2f:93:1e:14:f5:de:
0f:d7:c6:3c:19:4d:a8:88:5d:57:95:00:7c:15:e2:1c:43:32:
ef:be:e8:eb:14:b2:22:8a:cc:a7:9d:22:ea:d4:b4:55:85:02:
14:cc:1d:21:0b:38:0f:d1:d8:f0:c2:78:b6:77:c5:48:c9:b6:
ed:dd:6e:9c:d9:ad:ca:a6:81:c8:ad:ce:48:b4:ec:e9:03:2c:
42:75:a5:38:e7:d4:52:57:f7:be:23:84:87:63:56:c5:5e:66:
b8:15:64:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfC3ARWaGC3iC+3HYZQnUC0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiODgwMTU0MzgxMjA0MDQ3N2Q0NzQ0MjI5NDY2Yzg1Mzdk
NDUxNzEwHhcNMjUwNjMwMjIwMTI4WhcNMjUwNzAxMjIwMTI4WjAzMTEwLwYDVQQD
EygyZDZhNWEyZTIwZWZmMzUwZjEzNThiYzYxMTZjNGVjZDdlN2FmZjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3adI13NN+TQODFaOM08HQ0PigNOL
mx5KcIQsOET5YO+6sDLMh+BXd5T0AL4k4uNnyBpYkPVSbbfB+W+WzEudSPMnPs/7
GDXOA5eksax334RCFOLhSagl3h6FC3n37SXXU8Ikr6XQxdHZ6NN1+VJG6fwvArhT
kHtwQCCDG/sBjz6h+vWFSOZFEUb9DeuOp+Ji/XzUQ6OYtAf7VHE6GcwGy+BFW26a
DfpVTaWF+F6Oi8SFILdBvg/5amEZm7rzs1R/OX7vPaMFlqtL32XNnjFjZgDNt7ot
MrzCrq3v3LRdi3a+N7isezJvmhUlVPJ3+boYtIGCgtLi7ro2wjfFAIbZ8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC1qWi4g7/NQ8TWLxhFsTs1+ev8pMB8GA1UdIwQY
MBaAFIuIAVQ4EgQEd9R0QilGbIU31FFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTRnQlZEZ1NCQVIzMUhSQ0tVWnNoVGZVVVhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS84OWJiNzEtM2ZlOS00MmQyLWE3M2It
MTNhZTk4YWE3ZDMzLzEvaTRnQlZEZ1NCQVIzMUhSQ0tVWnNoVGZVVVhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS84OWJiNzEtM2ZlOS00MmQyLWE3M2ItMTNhZTk4YWE3ZDMz
LzEvaTRnQlZEZ1NCQVIzMUhSQ0tVWnNoVGZVVVhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFO12N81k
2tts3aedPsEKl55XWq8c+eAy+Bja0mimY4JlczfSWn2eKmTAEO8ukLNSMiGxB/WU
5ObNge8VfEJF0ATeHNNe0wDYnoFZXJUs/o0kPVVGwaAqhGA9VMc7NxtFHwv3b6ar
uZLkmUW30h5oaMV4/FWjtAP/vEAn/EiZhjDGGV8b4BpeRpRt0uBDlRNADJ1WlZar
v9U/q0sTL5MeFPXeD9fGPBlNqIhdV5UAfBXiHEMy777o6xSyIorMp50i6tS0VYUC
FMwdIQs4D9HY8MJ4tnfFSMm27d1unNmtyqaByK3OSLTs6QMsQnWlOOfUUlf3viOE
h2NWxV5muBVk7Q==
-----END CERTIFICATE-----
Generated at Tue Jul 1 01:07:22 2025 by rpki-client