Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.mft
File: NAahLsxTolGnXOe6yqyeQa7otMo.mft (raw, json)
Hash identifier: cJTLVB1SrbNAJq81rh0/zZJ2xuiIclRAHSZu+FKW8WU=
Subject key identifier: 2A:24:0D:C1:00:A0:E0:AA:BD:AA:44:4A:1B:18:57:59:E5:60:D5:65
Authority key identifier: 34:06:A1:2E:CC:53:A2:51:A7:5C:E7:BA:CA:AC:9E:41:AE:E8:B4:CA
Certificate issuer: /CN=3406a12ecc53a251a75ce7bacaac9e41aee8b4ca
Certificate serial: 0197B70E640F871886C51F6C60BC2CE849F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NAahLsxTolGnXOe6yqyeQa7otMo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.mft
Manifest number: 15B4
Signing time: Sat 28 Jun 2025 15:01:03 +0000
Manifest this update: Sat 28 Jun 2025 15:01:03 +0000
Manifest next update: Sun 29 Jun 2025 15:01:03 +0000
Files and hashes: 1: 9N71vXZ6iYuqWW-If0CgsO_Wjpg.roa (hash: plP8bbCihgTmT1C8mtLaGAuAfGPMZ93aIA1Z/LkRd90=)
2: NAahLsxTolGnXOe6yqyeQa7otMo.crl (hash: oiFikUB1G4B1Bmswo8JQIhYFJYJqZQ4SOkeDBP1A1x0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.mft
rsync://rpki.ripe.net/repository/DEFAULT/NAahLsxTolGnXOe6yqyeQa7otMo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:0e:64:0f:87:18:86:c5:1f:6c:60:bc:2c:e8:49:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3406a12ecc53a251a75ce7bacaac9e41aee8b4ca
Validity
Not Before: Jun 28 15:01:03 2025 GMT
Not After : Jun 29 15:01:03 2025 GMT
Subject: CN=2a240dc100a0e0aabdaa444a1b185759e560d565
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c2:20:17:4e:07:32:29:3c:25:8d:fa:e6:7e:
84:0b:d0:6c:8a:35:f3:14:4e:a8:10:4e:64:21:33:
4f:80:82:5b:30:fb:b4:7d:af:c2:e6:0f:66:63:58:
34:28:89:b3:d2:98:36:0e:2f:c8:c9:92:d4:59:6a:
f3:27:01:ca:8a:e0:be:f5:14:6b:8d:35:e5:2c:cf:
a3:d9:43:71:28:2e:b8:a9:01:7c:29:ea:93:08:1c:
de:22:eb:b5:f3:8b:25:be:66:ca:ab:b4:91:43:0d:
77:7a:aa:db:42:04:d0:00:72:56:82:42:72:29:26:
2c:e1:14:ab:41:98:19:d1:1b:70:17:65:d8:d7:6c:
79:42:91:26:b5:3e:99:a3:de:f4:28:07:47:90:52:
e6:88:ea:a6:0c:4b:12:69:1d:12:1b:7a:ba:65:d7:
be:3f:69:2b:2b:15:74:8a:71:ef:c6:77:91:3a:19:
4e:ec:6a:90:2c:4b:8d:9d:7b:b7:95:32:41:38:71:
27:2d:35:ce:41:d4:f8:9d:c0:5d:95:35:01:d7:b7:
35:25:9d:a2:84:37:46:6d:db:ea:ce:20:94:9c:23:
ea:91:85:b2:b0:29:fa:eb:ed:05:60:f5:3b:2e:2c:
bc:ea:c5:5c:82:d8:32:e4:ad:d6:66:54:8e:67:74:
7b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:24:0D:C1:00:A0:E0:AA:BD:AA:44:4A:1B:18:57:59:E5:60:D5:65
X509v3 Authority Key Identifier:
keyid:34:06:A1:2E:CC:53:A2:51:A7:5C:E7:BA:CA:AC:9E:41:AE:E8:B4:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAahLsxTolGnXOe6yqyeQa7otMo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
85:c0:99:02:40:8e:27:30:0f:e0:c6:1f:20:0c:d7:29:90:48:
eb:da:5e:6c:70:f3:0d:d2:03:d4:ed:16:1e:38:b0:7e:25:97:
87:71:b4:0e:43:fe:43:17:b0:13:2d:13:95:c9:3c:fc:64:be:
a4:5e:c4:4b:38:b1:a4:10:bd:57:1c:76:ab:b2:94:ed:1d:6a:
62:9c:8e:b9:69:36:64:a0:77:11:ac:2a:10:4e:f1:d6:10:39:
27:0d:e7:d5:0d:43:89:48:a4:a5:97:0c:8a:4a:67:8b:54:82:
e1:26:cb:5f:74:27:ab:14:99:68:cd:dc:79:1f:d6:49:23:56:
ff:20:a6:0b:55:73:81:86:0b:37:eb:f7:c2:b9:0f:98:cc:66:
ad:cc:8c:bf:c2:e6:ea:ee:46:8b:e6:33:f0:22:41:83:25:35:
e3:54:80:d2:f7:1e:70:17:b7:13:65:c5:8f:1f:78:bc:11:13:
d6:f0:16:95:c2:f0:8b:f9:7f:92:d5:ab:d6:43:79:4b:ed:55:
27:f5:dd:67:5e:e7:a1:61:9c:b9:9b:b8:a2:d4:f7:bc:1c:df:
ba:b4:b9:85:01:ff:53:97:01:c6:ae:90:22:22:8b:ad:9d:7d:
7a:0f:3e:44:4c:c2:94:a7:ce:6e:11:fa:9c:79:b0:84:19:e5:
07:10:d7:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DmQPhxiGxR9sYLws6EnxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDZhMTJlY2M1M2EyNTFhNzVjZTdiYWNhYWM5ZTQxYWVl
OGI0Y2EwHhcNMjUwNjI4MTUwMTAzWhcNMjUwNjI5MTUwMTAzWjAzMTEwLwYDVQQD
EygyYTI0MGRjMTAwYTBlMGFhYmRhYTQ0NGExYjE4NTc1OWU1NjBkNTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsIgF04HMik8JY365n6EC9BsijXz
FE6oEE5kITNPgIJbMPu0fa/C5g9mY1g0KImz0pg2Di/IyZLUWWrzJwHKiuC+9RRr
jTXlLM+j2UNxKC64qQF8KeqTCBzeIuu184slvmbKq7SRQw13eqrbQgTQAHJWgkJy
KSYs4RSrQZgZ0RtwF2XY12x5QpEmtT6Zo970KAdHkFLmiOqmDEsSaR0SG3q6Zde+
P2krKxV0inHvxneROhlO7GqQLEuNnXu3lTJBOHEnLTXOQdT4ncBdlTUB17c1JZ2i
hDdGbdvqziCUnCPqkYWysCn66+0FYPU7Liy86sVcgtgy5K3WZlSOZ3R7+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCokDcEAoOCqvapEShsYV1nlYNVlMB8GA1UdIwQY
MBaAFDQGoS7MU6JRp1znusqsnkGu6LTKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFhaExzeFRvbEduWE9lNnlxeWVRYTdvdE1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi84N2Y5MmUtNGU2Ny00YWM5LTk2YzUt
YTc3OWJhYWE3NTk5LzEvTkFhaExzeFRvbEduWE9lNnlxeWVRYTdvdE1vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi84N2Y5MmUtNGU2Ny00YWM5LTk2YzUtYTc3OWJhYWE3NTk5
LzEvTkFhaExzeFRvbEduWE9lNnlxeWVRYTdvdE1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhcCZAkCO
JzAP4MYfIAzXKZBI69pebHDzDdID1O0WHjiwfiWXh3G0DkP+QxewEy0Tlck8/GS+
pF7ESzixpBC9Vxx2q7KU7R1qYpyOuWk2ZKB3EawqEE7x1hA5Jw3n1Q1DiUikpZcM
ikpni1SC4SbLX3QnqxSZaM3ceR/WSSNW/yCmC1VzgYYLN+v3wrkPmMxmrcyMv8Lm
6u5Gi+Yz8CJBgyU141SA0vcecBe3E2XFjx94vBET1vAWlcLwi/l/ktWr1kN5S+1V
J/XdZ17noWGcuZu4otT3vBzfurS5hQH/U5cBxq6QIiKLrZ19eg8+REzClKfObhH6
nHmwhBnlBxDX8g==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:00:09 2025 by rpki-client