Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/4f3bbd-4a61-42c5-8b07-3cbd5257b03e/1/L42NDO68zXW2BrpJaPXHlG6NR8A.mft
File: L42NDO68zXW2BrpJaPXHlG6NR8A.mft (raw, json)
Hash identifier: eo9OeKpCt/5nsKTYpkOvDKiOd+UHkD8H0a7M51Zek4g=
Subject key identifier: DE:BF:36:67:BC:47:37:BF:79:F0:B3:CD:56:24:CE:67:80:80:E1:32
Authority key identifier: 2F:8D:8D:0C:EE:BC:CD:75:B6:06:BA:49:68:F5:C7:94:6E:8D:47:C0
Certificate issuer: /CN=2f8d8d0ceebccd75b606ba4968f5c7946e8d47c0
Certificate serial: 0197B8212F549E4FD10D45D5451B14B96CF5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L42NDO68zXW2BrpJaPXHlG6NR8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/4f3bbd-4a61-42c5-8b07-3cbd5257b03e/1/L42NDO68zXW2BrpJaPXHlG6NR8A.mft
Manifest number: 0BA3
Signing time: Sat 28 Jun 2025 20:01:11 +0000
Manifest this update: Sat 28 Jun 2025 20:01:11 +0000
Manifest next update: Sun 29 Jun 2025 20:01:11 +0000
Files and hashes: 1: KvErQkIa-7bptS15YPSXyRA9CSc.roa (hash: oCFio8e2SnoXuYWAJDUSo/+OUQCG41H/KpmIERPwk3M=)
2: L42NDO68zXW2BrpJaPXHlG6NR8A.crl (hash: vMKEzN8H5X5HEbTSfO8wRK90cqMkg6PXwLbtPKgf92g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/4f3bbd-4a61-42c5-8b07-3cbd5257b03e/1/L42NDO68zXW2BrpJaPXHlG6NR8A.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/4f3bbd-4a61-42c5-8b07-3cbd5257b03e/1/L42NDO68zXW2BrpJaPXHlG6NR8A.mft
rsync://rpki.ripe.net/repository/DEFAULT/L42NDO68zXW2BrpJaPXHlG6NR8A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b8:21:2f:54:9e:4f:d1:0d:45:d5:45:1b:14:b9:6c:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f8d8d0ceebccd75b606ba4968f5c7946e8d47c0
Validity
Not Before: Jun 28 20:01:11 2025 GMT
Not After : Jun 29 20:01:11 2025 GMT
Subject: CN=debf3667bc4737bf79f0b3cd5624ce678080e132
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:79:fc:95:1d:55:6d:5d:80:0e:92:aa:4d:d4:
55:7e:0d:79:50:be:45:5b:5b:2e:38:07:57:6e:bb:
8a:11:4d:2f:9a:e2:c1:6f:1c:31:b0:ca:94:66:6d:
cc:c7:ab:b8:f6:b4:70:7d:eb:c4:ba:7b:c0:28:2e:
d0:ed:56:ce:24:70:9f:ab:b9:73:b0:20:6e:a0:cc:
47:7b:f7:e2:03:ec:07:71:63:79:b5:d6:a6:2b:f8:
25:b8:18:fb:b9:3e:37:4b:9c:9c:e7:23:eb:a2:a4:
e8:73:78:ee:f0:32:59:2d:7d:ab:08:27:c1:80:60:
eb:5c:4b:87:e4:8f:1d:97:f2:5f:0a:fe:a3:14:14:
ab:12:7a:6b:8e:5e:ed:56:29:f4:e6:17:e7:03:9f:
1a:a0:87:01:89:55:05:44:55:ae:6c:1d:9a:ec:64:
48:1e:9a:95:db:8e:38:2e:b2:09:b0:67:5c:c9:e5:
14:3b:22:37:ee:ad:f2:b6:97:ce:33:29:6f:30:9f:
5b:81:f0:3a:e9:53:d0:ac:01:c8:2c:02:01:20:e0:
df:8c:4f:fe:7f:9f:db:9d:7f:09:12:43:60:c4:ba:
8c:5b:2c:a1:87:99:12:e6:ff:81:d9:10:4e:26:12:
47:de:0f:29:61:b3:e7:5b:3e:67:16:fa:43:7f:9d:
a5:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:BF:36:67:BC:47:37:BF:79:F0:B3:CD:56:24:CE:67:80:80:E1:32
X509v3 Authority Key Identifier:
keyid:2F:8D:8D:0C:EE:BC:CD:75:B6:06:BA:49:68:F5:C7:94:6E:8D:47:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L42NDO68zXW2BrpJaPXHlG6NR8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4f3bbd-4a61-42c5-8b07-3cbd5257b03e/1/L42NDO68zXW2BrpJaPXHlG6NR8A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4f3bbd-4a61-42c5-8b07-3cbd5257b03e/1/L42NDO68zXW2BrpJaPXHlG6NR8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
62:5c:c5:83:84:fa:19:4a:de:cd:1f:2d:e3:72:23:1b:a9:63:
af:c3:7b:db:35:de:b0:b5:da:30:f1:a0:ae:93:81:a8:60:03:
25:e4:45:d9:c9:b0:22:6d:6e:93:95:3c:1b:10:a7:ae:e9:93:
92:89:45:fb:14:59:64:2c:c2:a2:a9:06:6b:83:a5:4e:eb:7d:
c4:8e:fc:c3:65:15:38:e7:49:68:56:10:57:61:bb:fe:9c:ef:
f0:12:c3:84:4e:ce:2e:7a:c3:70:eb:52:7f:fb:53:cc:6f:b3:
e7:d9:f7:17:fe:ba:83:e8:71:3a:a6:56:e0:cf:97:ec:40:5d:
2a:5a:5f:d0:b4:e5:02:d2:9c:95:f7:e2:db:32:1b:9c:00:2f:
01:b0:84:1d:61:87:68:6e:da:ee:6c:68:72:d9:3a:d0:59:08:
f3:09:cf:6d:ae:d3:58:ae:b8:fb:93:e7:0d:09:e7:29:42:ae:
51:f3:fb:fc:3a:aa:45:0e:82:c1:7f:90:b7:4b:f0:a9:13:0c:
33:3c:80:e9:58:24:29:7b:2a:fd:1a:5e:c9:ea:34:2a:f6:a6:
e6:d9:af:e5:54:d6:04:14:35:ee:8e:98:ca:65:4c:a6:67:42:
60:66:00:09:8e:17:f2:ec:ab:3f:c6:a5:fd:82:e5:43:53:67:
f4:4e:de:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4IS9Unk/RDUXVRRsUuWz1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmOGQ4ZDBjZWViY2NkNzViNjA2YmE0OTY4ZjVjNzk0NmU4
ZDQ3YzAwHhcNMjUwNjI4MjAwMTExWhcNMjUwNjI5MjAwMTExWjAzMTEwLwYDVQQD
EyhkZWJmMzY2N2JjNDczN2JmNzlmMGIzY2Q1NjI0Y2U2NzgwODBlMTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXn8lR1VbV2ADpKqTdRVfg15UL5F
W1suOAdXbruKEU0vmuLBbxwxsMqUZm3Mx6u49rRwfevEunvAKC7Q7VbOJHCfq7lz
sCBuoMxHe/fiA+wHcWN5tdamK/gluBj7uT43S5yc5yProqToc3ju8DJZLX2rCCfB
gGDrXEuH5I8dl/JfCv6jFBSrEnprjl7tVin05hfnA58aoIcBiVUFRFWubB2a7GRI
HpqV2444LrIJsGdcyeUUOyI37q3ytpfOMylvMJ9bgfA66VPQrAHILAIBIODfjE/+
f5/bnX8JEkNgxLqMWyyhh5kS5v+B2RBOJhJH3g8pYbPnWz5nFvpDf52lOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN6/Nme8Rze/efCzzVYkzmeAgOEyMB8GA1UdIwQY
MBaAFC+NjQzuvM11tga6SWj1x5RujUfAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDQyTkRPNjh6WFcyQnJwSmFQWEhsRzZOUjhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni80ZjNiYmQtNGE2MS00MmM1LThiMDct
M2NiZDUyNTdiMDNlLzEvTDQyTkRPNjh6WFcyQnJwSmFQWEhsRzZOUjhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni80ZjNiYmQtNGE2MS00MmM1LThiMDctM2NiZDUyNTdiMDNl
LzEvTDQyTkRPNjh6WFcyQnJwSmFQWEhsRzZOUjhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYlzFg4T6
GUrezR8t43IjG6ljr8N72zXesLXaMPGgrpOBqGADJeRF2cmwIm1uk5U8GxCnrumT
kolF+xRZZCzCoqkGa4OlTut9xI78w2UVOOdJaFYQV2G7/pzv8BLDhE7OLnrDcOtS
f/tTzG+z59n3F/66g+hxOqZW4M+X7EBdKlpf0LTlAtKclffi2zIbnAAvAbCEHWGH
aG7a7mxoctk60FkI8wnPba7TWK64+5PnDQnnKUKuUfP7/DqqRQ6CwX+Qt0vwqRMM
MzyA6VgkKXsq/Rpeyeo0Kvam5tmv5VTWBBQ17o6YymVMpmdCYGYACY4X8uyrP8al
/YLlQ1Nn9E7edw==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:24:34 2025 by rpki-client