Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/638a9c-ec64-45de-bc2e-2be7edc7932d/1/I08I-kIiU1wK8moNc0fb8XJUcZY.mft
File: I08I-kIiU1wK8moNc0fb8XJUcZY.mft (raw, json)
Hash identifier: nSZMWJqYSopwk2wzi3xrlPZq2PeC3MGc1Uo7mJ2TY/Y=
Subject key identifier: 11:7A:99:BA:0D:CF:03:56:E0:12:7E:7B:55:AE:6A:27:93:BA:2B:F4
Authority key identifier: 23:4F:08:FA:42:22:53:5C:0A:F2:6A:0D:73:47:DB:F1:72:54:71:96
Certificate issuer: /CN=234f08fa4222535c0af26a0d7347dbf172547196
Certificate serial: 0197B70E54223D0C996E4F9CF6C39A07391D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I08I-kIiU1wK8moNc0fb8XJUcZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/638a9c-ec64-45de-bc2e-2be7edc7932d/1/I08I-kIiU1wK8moNc0fb8XJUcZY.mft
Manifest number: A3
Signing time: Sat 28 Jun 2025 15:00:58 +0000
Manifest this update: Sat 28 Jun 2025 15:00:58 +0000
Manifest next update: Sun 29 Jun 2025 15:00:58 +0000
Files and hashes: 1: I08I-kIiU1wK8moNc0fb8XJUcZY.crl (hash: cl2QI5Po83MDDk8XIyoXWI2By0B//IDcIQ+FC6IjLak=)
2: PMihf48EDZLf86f7BmXfYmZbV4M.roa (hash: kAi2yEZhpDZ5dFlA+0hzmB2XiAS3L8tb6zCyB/FGwDw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/638a9c-ec64-45de-bc2e-2be7edc7932d/1/I08I-kIiU1wK8moNc0fb8XJUcZY.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/638a9c-ec64-45de-bc2e-2be7edc7932d/1/I08I-kIiU1wK8moNc0fb8XJUcZY.mft
rsync://rpki.ripe.net/repository/DEFAULT/I08I-kIiU1wK8moNc0fb8XJUcZY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:0e:54:22:3d:0c:99:6e:4f:9c:f6:c3:9a:07:39:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=234f08fa4222535c0af26a0d7347dbf172547196
Validity
Not Before: Jun 28 15:00:58 2025 GMT
Not After : Jun 29 15:00:58 2025 GMT
Subject: CN=117a99ba0dcf0356e0127e7b55ae6a2793ba2bf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:9b:29:12:ca:87:76:93:d1:9e:40:d7:db:3b:
37:9a:9c:9c:58:17:c0:83:13:0b:4b:d3:ad:d1:00:
e3:fe:21:1b:af:3b:5c:7b:c0:af:52:05:23:f1:b5:
ed:18:89:0b:7d:0d:49:74:4b:2a:05:cc:10:a8:8e:
b1:06:b6:d8:72:70:4d:2e:59:3f:b6:2a:16:fb:43:
3b:46:5f:fc:6b:02:fb:34:40:48:8a:10:48:4b:d6:
12:34:da:d9:55:02:ef:8f:2d:fe:ac:42:6f:cb:80:
86:5b:40:a7:ef:5d:47:3a:40:dc:2e:81:a7:b6:db:
96:5a:d4:66:a9:70:72:c1:18:d5:6f:a5:0f:47:b2:
34:c4:1c:33:fd:5e:cf:3d:66:b5:bb:1b:f2:8b:76:
4f:80:b0:b2:95:45:46:a7:75:3c:58:bf:e6:15:fb:
69:30:9f:3c:20:36:a2:7c:0f:ec:4b:b3:d4:ba:74:
68:ca:70:ce:3b:b7:45:98:ea:27:f3:e3:41:f5:b8:
dc:dc:04:78:6e:aa:bf:22:4a:70:ff:bb:b5:83:60:
a1:24:1e:4d:e2:da:a4:e5:a1:ee:38:bb:b9:5b:bf:
79:95:c5:3d:23:37:bc:ec:c4:3c:cf:81:38:9e:ff:
f0:26:e2:93:69:f1:47:d4:ad:a0:88:ed:c0:18:d7:
ff:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:7A:99:BA:0D:CF:03:56:E0:12:7E:7B:55:AE:6A:27:93:BA:2B:F4
X509v3 Authority Key Identifier:
keyid:23:4F:08:FA:42:22:53:5C:0A:F2:6A:0D:73:47:DB:F1:72:54:71:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I08I-kIiU1wK8moNc0fb8XJUcZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/638a9c-ec64-45de-bc2e-2be7edc7932d/1/I08I-kIiU1wK8moNc0fb8XJUcZY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/638a9c-ec64-45de-bc2e-2be7edc7932d/1/I08I-kIiU1wK8moNc0fb8XJUcZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
43:8f:e6:f4:bf:c4:af:6c:12:8d:7d:17:0c:e6:b9:b7:9f:8c:
58:80:d7:f5:2a:53:48:c7:f6:55:35:dc:4a:26:98:38:de:b7:
43:2f:34:e3:09:3a:66:79:98:a3:a2:58:e8:26:35:5c:a8:3d:
5c:65:42:bd:96:0c:79:b9:b1:41:98:20:39:6d:30:65:de:f7:
16:b6:b9:86:33:24:1c:50:1c:9e:d5:42:81:01:4d:1c:10:f1:
9d:75:7d:ff:86:d1:0f:c1:91:c3:6b:38:ff:f7:67:22:10:c3:
a7:06:64:c2:0b:bd:73:ae:49:fc:18:f4:8b:4c:91:bc:f7:54:
80:70:df:57:cc:a4:0a:4b:60:92:6d:20:53:fc:cf:fe:57:b9:
9a:4a:ea:7f:2a:0d:0e:38:e4:b4:91:68:9e:36:c4:1b:91:63:
8b:f3:ac:87:ac:93:ed:5b:75:e0:f0:16:64:ed:75:62:42:92:
4b:85:45:34:cc:8d:b5:6c:18:80:55:00:41:85:6c:4f:94:91:
e0:73:ba:e7:73:ba:0e:85:c8:c3:d7:f7:f0:99:1d:0f:e2:73:
4d:d7:78:c7:cb:15:62:c3:fc:20:6a:ee:0a:68:97:a6:a7:5e:
c7:b8:e2:2d:c1:65:fc:89:2d:da:75:f3:fa:e5:b7:aa:88:96:
ed:46:e6:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DlQiPQyZbk+c9sOaBzkdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNGYwOGZhNDIyMjUzNWMwYWYyNmEwZDczNDdkYmYxNzI1
NDcxOTYwHhcNMjUwNjI4MTUwMDU4WhcNMjUwNjI5MTUwMDU4WjAzMTEwLwYDVQQD
EygxMTdhOTliYTBkY2YwMzU2ZTAxMjdlN2I1NWFlNmEyNzkzYmEyYmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5spEsqHdpPRnkDX2zs3mpycWBfA
gxMLS9Ot0QDj/iEbrztce8CvUgUj8bXtGIkLfQ1JdEsqBcwQqI6xBrbYcnBNLlk/
tioW+0M7Rl/8awL7NEBIihBIS9YSNNrZVQLvjy3+rEJvy4CGW0Cn711HOkDcLoGn
ttuWWtRmqXBywRjVb6UPR7I0xBwz/V7PPWa1uxvyi3ZPgLCylUVGp3U8WL/mFftp
MJ88IDaifA/sS7PUunRoynDOO7dFmOon8+NB9bjc3AR4bqq/Ikpw/7u1g2ChJB5N
4tqk5aHuOLu5W795lcU9Ize87MQ8z4E4nv/wJuKTafFH1K2giO3AGNf/cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBF6mboNzwNW4BJ+e1WuaieTuiv0MB8GA1UdIwQY
MBaAFCNPCPpCIlNcCvJqDXNH2/FyVHGWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTA4SS1rSWlVMXdLOG1vTmMwZmI4WEpVY1pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi82MzhhOWMtZWM2NC00NWRlLWJjMmUt
MmJlN2VkYzc5MzJkLzEvSTA4SS1rSWlVMXdLOG1vTmMwZmI4WEpVY1pZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi82MzhhOWMtZWM2NC00NWRlLWJjMmUtMmJlN2VkYzc5MzJk
LzEvSTA4SS1rSWlVMXdLOG1vTmMwZmI4WEpVY1pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ4/m9L/E
r2wSjX0XDOa5t5+MWIDX9SpTSMf2VTXcSiaYON63Qy804wk6ZnmYo6JY6CY1XKg9
XGVCvZYMebmxQZggOW0wZd73Fra5hjMkHFAcntVCgQFNHBDxnXV9/4bRD8GRw2s4
//dnIhDDpwZkwgu9c65J/Bj0i0yRvPdUgHDfV8ykCktgkm0gU/zP/le5mkrqfyoN
DjjktJFonjbEG5Fji/Osh6yT7Vt14PAWZO11YkKSS4VFNMyNtWwYgFUAQYVsT5SR
4HO653O6DoXIw9f38JkdD+JzTdd4x8sVYsP8IGruCmiXpqdex7jiLcFl/Ikt2nXz
+uW3qoiW7Ubm6A==
-----END CERTIFICATE-----
Generated at Sat Jun 28 21:56:47 2025 by rpki-client