Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/98a661-44f5-4a05-acaa-e67582f23097/1/DoMf1wxr03oqddeg6sAxyS2o4YU.mft
File: DoMf1wxr03oqddeg6sAxyS2o4YU.mft (raw, json)
Hash identifier: DatWGaxYcq+ew5JS9/7NleuJnhmCDiOhjjD5IROtOD0=
Subject key identifier: 4B:13:A6:24:2A:59:86:97:20:2F:5F:35:5B:EE:16:37:F2:AE:21:AB
Authority key identifier: 0E:83:1F:D7:0C:6B:D3:7A:2A:75:D7:A0:EA:C0:31:C9:2D:A8:E1:85
Certificate issuer: /CN=0e831fd70c6bd37a2a75d7a0eac031c92da8e185
Certificate serial: 0197B8908D1B9E5D4A5CE5465B23A3057975
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DoMf1wxr03oqddeg6sAxyS2o4YU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/98a661-44f5-4a05-acaa-e67582f23097/1/DoMf1wxr03oqddeg6sAxyS2o4YU.mft
Manifest number: 1238
Signing time: Sat 28 Jun 2025 22:02:50 +0000
Manifest this update: Sat 28 Jun 2025 22:02:50 +0000
Manifest next update: Sun 29 Jun 2025 22:02:50 +0000
Files and hashes: 1: AbAz97rI6RXbeaGg0ju1UGvv4xM.roa (hash: 6SJubAUNhK59Bg5EEa587Nx4giyrDXi2DFXXzhtFznQ=)
2: DoMf1wxr03oqddeg6sAxyS2o4YU.crl (hash: LAq8LEahQM7cBiC159f6XYPH+Z9mLDkGHnEv339Cc98=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/98a661-44f5-4a05-acaa-e67582f23097/1/DoMf1wxr03oqddeg6sAxyS2o4YU.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/98a661-44f5-4a05-acaa-e67582f23097/1/DoMf1wxr03oqddeg6sAxyS2o4YU.mft
rsync://rpki.ripe.net/repository/DEFAULT/DoMf1wxr03oqddeg6sAxyS2o4YU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b8:90:8d:1b:9e:5d:4a:5c:e5:46:5b:23:a3:05:79:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e831fd70c6bd37a2a75d7a0eac031c92da8e185
Validity
Not Before: Jun 28 22:02:50 2025 GMT
Not After : Jun 29 22:02:50 2025 GMT
Subject: CN=4b13a6242a598697202f5f355bee1637f2ae21ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:18:8d:7d:93:7c:eb:f2:c7:be:e1:15:88:9c:
ce:91:6b:9f:11:c2:1c:77:b9:a2:ec:e7:50:22:05:
af:1d:66:37:3a:6f:54:ac:2a:32:e0:20:78:fa:6e:
0c:78:40:47:72:e4:b6:91:57:3f:6d:b0:f8:ce:91:
7b:25:c8:17:2a:d8:dc:b4:f9:e0:9f:64:92:83:7e:
43:1b:d2:b6:a0:28:14:65:37:9d:8f:e4:47:79:f3:
92:a9:c9:9b:b6:cf:fd:cd:e8:9e:12:5d:c0:5d:b2:
6c:ad:d1:bd:75:af:d2:14:c7:2d:f9:7e:ee:54:50:
c2:b7:65:4b:2d:03:7b:15:30:d5:65:10:92:80:92:
80:27:84:50:c4:b0:6d:21:fe:d6:f4:9e:e6:89:9c:
1a:22:66:12:27:79:d3:73:76:24:8c:11:a0:0b:5d:
f5:57:6e:cf:09:17:4e:05:c5:0f:68:bd:e3:bf:62:
eb:e9:5b:9f:f3:0f:a1:16:bc:5c:90:41:4f:4f:de:
16:73:cc:43:92:14:a9:8d:1e:1a:50:92:41:80:1a:
9d:69:47:ec:7e:c9:ed:20:45:af:0c:f0:9d:96:9b:
ee:5b:8c:15:6d:1e:6a:c7:a2:cb:61:5f:56:10:c8:
c7:3d:4d:6c:71:7b:86:62:66:32:1a:63:19:4c:2b:
62:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:13:A6:24:2A:59:86:97:20:2F:5F:35:5B:EE:16:37:F2:AE:21:AB
X509v3 Authority Key Identifier:
keyid:0E:83:1F:D7:0C:6B:D3:7A:2A:75:D7:A0:EA:C0:31:C9:2D:A8:E1:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DoMf1wxr03oqddeg6sAxyS2o4YU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/98a661-44f5-4a05-acaa-e67582f23097/1/DoMf1wxr03oqddeg6sAxyS2o4YU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/98a661-44f5-4a05-acaa-e67582f23097/1/DoMf1wxr03oqddeg6sAxyS2o4YU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
74:3c:4d:21:f9:33:1c:32:79:86:dd:e2:98:0b:3c:7e:aa:24:
8e:25:72:27:8c:94:ad:25:ec:e3:99:24:da:43:fc:09:aa:70:
6d:ce:d7:5c:da:b2:ae:a7:9d:38:96:c9:66:65:22:a4:4a:18:
69:d3:a1:1b:36:4b:9f:66:ae:09:64:c3:c1:5d:15:c0:53:06:
17:1f:ea:09:26:7f:08:87:ab:c8:63:ba:42:9d:f1:96:52:56:
f4:80:53:d1:44:7b:62:33:64:03:f1:41:25:30:d6:d0:2f:26:
a0:1f:d0:54:1d:4a:4d:86:e9:b5:c7:55:04:de:6d:08:2c:a4:
e5:b1:1b:a8:4c:7d:db:33:45:b2:b0:81:39:e4:40:f8:70:b9:
c4:e6:ef:73:a0:26:8a:cb:61:1b:c6:81:e8:72:5c:6a:98:d3:
36:0f:9b:ec:ef:3f:60:4b:80:a2:23:2e:2f:c8:ee:6f:7a:a2:
8e:0f:e7:00:6d:e5:e8:b5:c6:fe:b7:36:a2:26:e6:70:47:df:
fe:4b:b3:ea:5e:b0:68:02:54:ac:a1:7b:10:c1:5f:17:a7:f7:
a5:79:82:27:80:8a:5a:2c:f7:6c:59:b8:fe:59:a0:54:b4:07:
85:ba:96:29:f0:8d:d8:66:bc:f1:d4:9a:d7:2d:1c:88:e7:8a:
33:44:d4:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4kI0bnl1KXOVGWyOjBXl1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlODMxZmQ3MGM2YmQzN2EyYTc1ZDdhMGVhYzAzMWM5MmRh
OGUxODUwHhcNMjUwNjI4MjIwMjUwWhcNMjUwNjI5MjIwMjUwWjAzMTEwLwYDVQQD
Eyg0YjEzYTYyNDJhNTk4Njk3MjAyZjVmMzU1YmVlMTYzN2YyYWUyMWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhiNfZN86/LHvuEViJzOkWufEcIc
d7mi7OdQIgWvHWY3Om9UrCoy4CB4+m4MeEBHcuS2kVc/bbD4zpF7JcgXKtjctPng
n2SSg35DG9K2oCgUZTedj+RHefOSqcmbts/9zeieEl3AXbJsrdG9da/SFMct+X7u
VFDCt2VLLQN7FTDVZRCSgJKAJ4RQxLBtIf7W9J7miZwaImYSJ3nTc3YkjBGgC131
V27PCRdOBcUPaL3jv2Lr6Vuf8w+hFrxckEFPT94Wc8xDkhSpjR4aUJJBgBqdaUfs
fsntIEWvDPCdlpvuW4wVbR5qx6LLYV9WEMjHPU1scXuGYmYyGmMZTCti9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEsTpiQqWYaXIC9fNVvuFjfyriGrMB8GA1UdIwQY
MBaAFA6DH9cMa9N6KnXXoOrAMcktqOGFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG9NZjF3eHIwM29xZGRlZzZzQXh5UzJvNFlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS85OGE2NjEtNDRmNS00YTA1LWFjYWEt
ZTY3NTgyZjIzMDk3LzEvRG9NZjF3eHIwM29xZGRlZzZzQXh5UzJvNFlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS85OGE2NjEtNDRmNS00YTA1LWFjYWEtZTY3NTgyZjIzMDk3
LzEvRG9NZjF3eHIwM29xZGRlZzZzQXh5UzJvNFlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdDxNIfkz
HDJ5ht3imAs8fqokjiVyJ4yUrSXs45kk2kP8Capwbc7XXNqyrqedOJbJZmUipEoY
adOhGzZLn2auCWTDwV0VwFMGFx/qCSZ/CIeryGO6Qp3xllJW9IBT0UR7YjNkA/FB
JTDW0C8moB/QVB1KTYbptcdVBN5tCCyk5bEbqEx92zNFsrCBOeRA+HC5xObvc6Am
isthG8aB6HJcapjTNg+b7O8/YEuAoiMuL8jub3qijg/nAG3l6LXG/rc2oibmcEff
/kuz6l6waAJUrKF7EMFfF6f3pXmCJ4CKWiz3bFm4/lmgVLQHhbqWKfCN2Ga88dSa
1y0ciOeKM0TUUg==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:38:04 2025 by rpki-client