Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft
File: iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft (raw, json)
Hash identifier: XV4xbKGY2mTPUogi2bNGf/wP9L2iEVML5xszsFTcAbA=
Subject key identifier: 40:DC:88:A9:9B:3F:E2:AB:1A:59:35:6B:2B:D8:E8:64:52:E7:72:0D
Authority key identifier: 89:0F:3F:AB:23:49:C0:1B:1A:C8:FD:0B:92:1C:60:31:8C:E1:84:D6
Certificate issuer: /CN=890f3fab2349c01b1ac8fd0b921c60318ce184d6
Certificate serial: 0197B7B34CEBD673F60C7F2B1DD61080346F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQ8_qyNJwBsayP0LkhxgMYzhhNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft
Manifest number: 058D
Signing time: Sat 28 Jun 2025 18:01:10 +0000
Manifest this update: Sat 28 Jun 2025 18:01:10 +0000
Manifest next update: Sun 29 Jun 2025 18:01:10 +0000
Files and hashes: 1: iQ8_qyNJwBsayP0LkhxgMYzhhNY.crl (hash: ll6ZIQ53QnqvjmIjC9NyUMwiYXN8UcSL/+rsZ/8UIfw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft
rsync://rpki.ripe.net/repository/DEFAULT/iQ8_qyNJwBsayP0LkhxgMYzhhNY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:b3:4c:eb:d6:73:f6:0c:7f:2b:1d:d6:10:80:34:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=890f3fab2349c01b1ac8fd0b921c60318ce184d6
Validity
Not Before: Jun 28 18:01:10 2025 GMT
Not After : Jun 29 18:01:10 2025 GMT
Subject: CN=40dc88a99b3fe2ab1a59356b2bd8e86452e7720d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:2a:8d:1e:00:62:fa:c1:94:2f:f8:17:14:85:
62:ed:fe:5e:fb:88:99:2a:4e:46:44:9c:41:03:3f:
11:bb:1d:29:03:1b:d2:89:f2:6f:ff:e3:64:fd:8d:
a4:fe:17:fc:49:8c:9e:ac:ec:22:10:1b:09:70:bd:
65:9c:7e:f3:c4:c9:ad:85:cd:25:e7:24:2f:06:e5:
bc:bf:cc:c1:a1:95:9e:06:be:14:9b:46:cc:61:0c:
09:47:4b:23:54:0b:71:22:0d:0a:e5:13:80:13:f2:
3e:31:c3:0c:2d:c7:bb:d2:b8:04:12:ea:c3:cb:92:
d5:d5:f3:66:a5:fd:e3:76:a8:9f:10:20:97:61:2d:
38:1d:52:dd:d4:67:8f:d7:f4:50:a8:32:1c:da:62:
33:12:9b:61:e3:52:37:4c:ff:ed:3d:ab:36:be:aa:
ca:25:7b:69:a1:76:39:91:55:2d:b4:20:c7:80:a7:
89:9f:6d:9f:cf:3a:17:16:22:8f:b4:9d:8a:17:53:
e1:0b:1b:ea:e8:13:cf:9d:6b:bc:9e:36:2c:59:02:
d6:43:32:f8:af:39:68:3b:30:12:91:c9:ee:91:e5:
34:47:aa:69:dd:8d:8c:02:05:68:51:99:6e:f2:5b:
ac:43:83:47:f0:1f:ab:79:13:ce:b4:64:19:26:7d:
b2:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:DC:88:A9:9B:3F:E2:AB:1A:59:35:6B:2B:D8:E8:64:52:E7:72:0D
X509v3 Authority Key Identifier:
keyid:89:0F:3F:AB:23:49:C0:1B:1A:C8:FD:0B:92:1C:60:31:8C:E1:84:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQ8_qyNJwBsayP0LkhxgMYzhhNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
36:e8:d9:99:6a:a9:87:64:83:e2:f7:27:5e:0d:37:e3:b5:39:
bd:e2:61:f0:ec:18:70:b4:b1:52:10:f8:49:db:69:69:33:95:
9e:fe:18:ec:8d:64:5f:e6:32:a1:b7:e5:61:c3:d6:ec:f8:c9:
09:5c:03:32:a5:ae:56:80:d2:c5:40:03:36:19:8e:e9:22:6c:
81:36:e7:17:8f:9c:e7:84:de:40:b5:e0:24:5f:58:79:03:09:
1f:24:f2:cd:c6:86:3a:42:dc:06:2e:d7:bd:bd:fc:b2:0c:13:
5f:ca:20:23:7e:f8:87:68:96:40:a3:5a:a9:1c:c9:eb:5b:4b:
38:fa:fc:0b:99:5a:a0:4b:b6:f5:a8:02:bf:9e:99:4a:22:5a:
eb:87:63:1a:e5:da:1e:85:1d:ac:a5:66:48:4a:44:80:3d:85:
72:df:4e:30:91:bb:d3:9f:30:72:0d:c7:7b:72:16:ab:29:0f:
b9:4e:35:f2:91:f1:54:eb:85:86:d2:b5:c0:f3:b3:4c:ce:40:
e0:f9:d4:c9:02:42:48:fe:22:3f:d6:69:f7:0b:70:3d:9b:11:
7f:5b:31:29:2b:b3:e7:70:61:bc:84:e4:a0:23:2a:1f:22:73:
6c:98:71:78:8b:ae:3e:cd:32:05:06:03:ad:f0:35:f4:4a:30:
d2:77:24:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3s0zr1nP2DH8rHdYQgDRvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MGYzZmFiMjM0OWMwMWIxYWM4ZmQwYjkyMWM2MDMxOGNl
MTg0ZDYwHhcNMjUwNjI4MTgwMTEwWhcNMjUwNjI5MTgwMTEwWjAzMTEwLwYDVQQD
Eyg0MGRjODhhOTliM2ZlMmFiMWE1OTM1NmIyYmQ4ZTg2NDUyZTc3MjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CqNHgBi+sGUL/gXFIVi7f5e+4iZ
Kk5GRJxBAz8Rux0pAxvSifJv/+Nk/Y2k/hf8SYyerOwiEBsJcL1lnH7zxMmthc0l
5yQvBuW8v8zBoZWeBr4Um0bMYQwJR0sjVAtxIg0K5ROAE/I+McMMLce70rgEEurD
y5LV1fNmpf3jdqifECCXYS04HVLd1GeP1/RQqDIc2mIzEpth41I3TP/tPas2vqrK
JXtpoXY5kVUttCDHgKeJn22fzzoXFiKPtJ2KF1PhCxvq6BPPnWu8njYsWQLWQzL4
rzloOzASkcnukeU0R6pp3Y2MAgVoUZlu8lusQ4NH8B+reRPOtGQZJn2ymQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEDciKmbP+KrGlk1ayvY6GRS53INMB8GA1UdIwQY
MBaAFIkPP6sjScAbGsj9C5IcYDGM4YTWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVE4X3F5Tkp3QnNheVAwTGtoeGdNWXpoaE5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8xY2UzZTMtYzg1OS00YjcxLWI2ZDIt
OTM1OWQ4ZGUyOTc1LzEvaVE4X3F5Tkp3QnNheVAwTGtoeGdNWXpoaE5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8xY2UzZTMtYzg1OS00YjcxLWI2ZDItOTM1OWQ4ZGUyOTc1
LzEvaVE4X3F5Tkp3QnNheVAwTGtoeGdNWXpoaE5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANujZmWqp
h2SD4vcnXg0347U5veJh8OwYcLSxUhD4SdtpaTOVnv4Y7I1kX+YyobflYcPW7PjJ
CVwDMqWuVoDSxUADNhmO6SJsgTbnF4+c54TeQLXgJF9YeQMJHyTyzcaGOkLcBi7X
vb38sgwTX8ogI374h2iWQKNaqRzJ61tLOPr8C5laoEu29agCv56ZSiJa64djGuXa
HoUdrKVmSEpEgD2Fct9OMJG7058wcg3He3IWqykPuU418pHxVOuFhtK1wPOzTM5A
4PnUyQJCSP4iP9Zp9wtwPZsRf1sxKSuz53BhvITkoCMqHyJzbJhxeIuuPs0yBQYD
rfA19Eow0nck0w==
-----END CERTIFICATE-----
Generated at Sat Jun 28 22:48:06 2025 by rpki-client