Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/cd504a-0189-4554-b501-639dc4d5f370/1/MzOeZKWFFMmwkemy5o4pNx5D498.mft
File: MzOeZKWFFMmwkemy5o4pNx5D498.mft (raw, json)
Hash identifier: BmiewQ8pRKNgkMH+ejTNcqXg23f3ZV8JWBTIe3k+Ifk=
Subject key identifier: 1F:B2:2C:8F:23:C9:8A:CE:80:88:0D:71:D2:E5:42:4E:42:20:0F:49
Authority key identifier: 33:33:9E:64:A5:85:14:C9:B0:91:E9:B2:E6:8E:29:37:1E:43:E3:DF
Certificate issuer: /CN=33339e64a58514c9b091e9b2e68e29371e43e3df
Certificate serial: 0197B6A1297A2FB42EB4ECB4443305F494FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MzOeZKWFFMmwkemy5o4pNx5D498.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/cd504a-0189-4554-b501-639dc4d5f370/1/MzOeZKWFFMmwkemy5o4pNx5D498.mft
Manifest number: 09FF
Signing time: Sat 28 Jun 2025 13:01:44 +0000
Manifest this update: Sat 28 Jun 2025 13:01:44 +0000
Manifest next update: Sun 29 Jun 2025 13:01:44 +0000
Files and hashes: 1: 0SGERXpsIldifCTWUfwaAPLWZj8.roa (hash: Wl6639BT2YEzAcDZ1BBEKA7sfTmRzgLCKdjibP72VaE=)
2: MzOeZKWFFMmwkemy5o4pNx5D498.crl (hash: j4e446OvbwIOrZijoRQZXBuYTMIpxUzjmSUJ8zahWEY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/cd504a-0189-4554-b501-639dc4d5f370/1/MzOeZKWFFMmwkemy5o4pNx5D498.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/cd504a-0189-4554-b501-639dc4d5f370/1/MzOeZKWFFMmwkemy5o4pNx5D498.mft
rsync://rpki.ripe.net/repository/DEFAULT/MzOeZKWFFMmwkemy5o4pNx5D498.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 13:01:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b6:a1:29:7a:2f:b4:2e:b4:ec:b4:44:33:05:f4:94:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33339e64a58514c9b091e9b2e68e29371e43e3df
Validity
Not Before: Jun 28 13:01:44 2025 GMT
Not After : Jun 29 13:01:44 2025 GMT
Subject: CN=1fb22c8f23c98ace80880d71d2e5424e42200f49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b3:07:f2:ef:ed:3f:cc:ab:d9:e5:a5:6c:6f:
c6:5a:9e:0d:fc:19:e2:d3:8e:c8:7e:0c:27:55:7e:
8f:36:83:80:86:83:ee:94:14:be:67:90:30:66:60:
ad:ea:4d:a0:90:ac:ac:81:22:93:1f:b7:c8:bd:bb:
8e:68:0c:8d:a0:70:c8:e1:cb:85:9d:1b:dc:41:74:
74:f3:33:e7:22:c1:cd:4c:39:a8:24:4d:e9:2e:d1:
15:3d:cf:8d:40:59:b2:2c:1b:2a:55:e1:51:fe:42:
26:d6:78:75:c3:f2:f0:a4:78:71:f1:44:fe:4a:1a:
e9:3f:30:76:4c:b1:80:8e:dd:ea:a3:ac:b4:f0:78:
82:e8:95:07:c6:40:e5:4a:9d:c1:65:b8:eb:7c:85:
01:73:2b:9e:96:38:cf:55:07:db:a1:e4:d1:46:ad:
35:a1:e5:0a:33:8f:70:47:f7:d6:4c:13:b6:0f:58:
76:82:3b:21:51:f8:43:e9:9b:92:f1:a0:c3:e5:d8:
43:6e:cb:39:ad:4f:c8:37:14:63:60:da:d1:e5:17:
2c:fe:af:d8:fb:62:ea:6e:d6:4f:43:11:16:d5:02:
29:5d:0e:6b:d1:c6:40:49:1d:0c:6a:08:a2:44:9a:
1d:43:bc:a0:7c:99:b3:45:b9:b4:54:4d:3c:72:82:
35:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:B2:2C:8F:23:C9:8A:CE:80:88:0D:71:D2:E5:42:4E:42:20:0F:49
X509v3 Authority Key Identifier:
keyid:33:33:9E:64:A5:85:14:C9:B0:91:E9:B2:E6:8E:29:37:1E:43:E3:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MzOeZKWFFMmwkemy5o4pNx5D498.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/cd504a-0189-4554-b501-639dc4d5f370/1/MzOeZKWFFMmwkemy5o4pNx5D498.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/cd504a-0189-4554-b501-639dc4d5f370/1/MzOeZKWFFMmwkemy5o4pNx5D498.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:e6:53:4e:62:ed:e0:8b:09:0c:0a:cb:82:6e:75:17:01:91:
6e:a3:07:b2:35:78:1f:ae:8d:21:64:e2:ee:6d:e3:ca:db:12:
05:41:c7:f4:84:6b:3a:21:b1:ef:ed:15:c6:29:63:ae:5f:fd:
aa:20:54:44:f7:11:2b:7b:ff:43:03:0a:94:01:b4:38:14:97:
14:b5:5a:7a:71:49:75:6a:c5:24:f6:74:30:49:e4:f7:ba:86:
8f:9c:e7:9a:7a:48:cc:56:b5:98:b9:f8:9f:ba:7a:a9:e5:80:
e4:92:47:c6:0c:b0:2f:fa:fe:a0:8a:c5:63:8f:26:2c:d6:b8:
e4:9f:cd:a5:e2:9e:dc:84:91:8f:21:9a:24:b0:83:32:64:16:
c7:80:c3:4a:57:31:5a:e8:0b:35:35:e4:29:77:c3:0f:50:11:
d5:c6:94:d4:34:38:e8:ec:aa:98:01:d5:61:c6:52:0a:38:f8:
eb:83:fc:0e:2a:51:37:27:91:85:da:46:d5:35:a3:7d:f8:e8:
9e:0d:f5:a8:e3:9d:41:66:cd:d0:7e:ee:c5:17:7a:e9:69:af:
7a:1a:f4:46:94:92:22:08:61:9e:47:75:d9:83:c1:30:06:76:
1f:df:48:cb:3a:72:1c:b9:e8:93:ed:2f:33:d2:7c:9b:f8:95:
3c:42:1f:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oSl6L7QutOy0RDMF9JT9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMzM5ZTY0YTU4NTE0YzliMDkxZTliMmU2OGUyOTM3MWU0
M2UzZGYwHhcNMjUwNjI4MTMwMTQ0WhcNMjUwNjI5MTMwMTQ0WjAzMTEwLwYDVQQD
EygxZmIyMmM4ZjIzYzk4YWNlODA4ODBkNzFkMmU1NDI0ZTQyMjAwZjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrMH8u/tP8yr2eWlbG/GWp4N/Bni
047IfgwnVX6PNoOAhoPulBS+Z5AwZmCt6k2gkKysgSKTH7fIvbuOaAyNoHDI4cuF
nRvcQXR08zPnIsHNTDmoJE3pLtEVPc+NQFmyLBsqVeFR/kIm1nh1w/LwpHhx8UT+
ShrpPzB2TLGAjt3qo6y08HiC6JUHxkDlSp3BZbjrfIUBcyueljjPVQfboeTRRq01
oeUKM49wR/fWTBO2D1h2gjshUfhD6ZuS8aDD5dhDbss5rU/INxRjYNrR5Rcs/q/Y
+2LqbtZPQxEW1QIpXQ5r0cZASR0MagiiRJodQ7ygfJmzRbm0VE08coI15wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB+yLI8jyYrOgIgNcdLlQk5CIA9JMB8GA1UdIwQY
MBaAFDMznmSlhRTJsJHpsuaOKTceQ+PfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXpPZVpLV0ZGTW13a2VteTVvNHBOeDVENDk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9jZDUwNGEtMDE4OS00NTU0LWI1MDEt
NjM5ZGM0ZDVmMzcwLzEvTXpPZVpLV0ZGTW13a2VteTVvNHBOeDVENDk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9jZDUwNGEtMDE4OS00NTU0LWI1MDEtNjM5ZGM0ZDVmMzcw
LzEvTXpPZVpLV0ZGTW13a2VteTVvNHBOeDVENDk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGuZTTmLt
4IsJDArLgm51FwGRbqMHsjV4H66NIWTi7m3jytsSBUHH9IRrOiGx7+0Vxiljrl/9
qiBURPcRK3v/QwMKlAG0OBSXFLVaenFJdWrFJPZ0MEnk97qGj5znmnpIzFa1mLn4
n7p6qeWA5JJHxgywL/r+oIrFY48mLNa45J/NpeKe3ISRjyGaJLCDMmQWx4DDSlcx
WugLNTXkKXfDD1AR1caU1DQ46OyqmAHVYcZSCjj464P8DipRNyeRhdpG1TWjffjo
ng31qOOdQWbN0H7uxRd66Wmvehr0RpSSIghhnkd12YPBMAZ2H99IyzpyHLnok+0v
M9J8m/iVPEIfVw==
-----END CERTIFICATE-----
Generated at Sat Jun 28 20:57:21 2025 by rpki-client