Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.mft
File: zTu8GVzaflgkWmHLMLlv5XL9eBE.mft (raw, json)
Hash identifier: LBp63bWHb4KGI3tYD9vEbAGm3cHlqYwwc117OrX6yYU=
Subject key identifier: 14:13:4E:E9:CF:DE:1C:EE:52:21:D6:E6:C1:7E:12:8D:96:FC:9D:2F
Authority key identifier: CD:3B:BC:19:5C:DA:7E:58:24:5A:61:CB:30:B9:6F:E5:72:FD:78:11
Certificate issuer: /CN=cd3bbc195cda7e58245a61cb30b96fe572fd7811
Certificate serial: 0197C493C9BB79BA1C5A6FF625B79A626B2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zTu8GVzaflgkWmHLMLlv5XL9eBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.mft
Manifest number: 0F0F
Signing time: Tue 01 Jul 2025 06:01:49 +0000
Manifest this update: Tue 01 Jul 2025 06:01:49 +0000
Manifest next update: Wed 02 Jul 2025 06:01:49 +0000
Files and hashes: 1: clDd21QzHwOlwdLoUbCFlA9N4Bc.roa (hash: b4fVPg9ViPXbDXBeIAFrk3g5qdFMK0V6puBPZsjXHfs=)
2: zTu8GVzaflgkWmHLMLlv5XL9eBE.crl (hash: jA+Cn19y3H/2z/kO9CQF6sr487r0V17tUa75h1HDEzc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.mft
rsync://rpki.ripe.net/repository/DEFAULT/zTu8GVzaflgkWmHLMLlv5XL9eBE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 06:01:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c4:93:c9:bb:79:ba:1c:5a:6f:f6:25:b7:9a:62:6b:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd3bbc195cda7e58245a61cb30b96fe572fd7811
Validity
Not Before: Jul 1 06:01:49 2025 GMT
Not After : Jul 2 06:01:49 2025 GMT
Subject: CN=14134ee9cfde1cee5221d6e6c17e128d96fc9d2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:db:e4:d7:2f:02:79:7d:35:4b:54:9f:ec:ff:
2d:0a:9d:2f:69:a1:98:9d:39:2a:11:56:30:e2:8c:
08:e8:c5:7c:54:6d:32:f3:af:82:e6:3d:33:4e:9b:
be:3e:36:45:1f:a5:4e:2e:91:c4:77:52:a6:6a:d0:
79:2e:29:f8:a3:ac:57:b8:5c:03:a4:8f:86:0c:6d:
58:06:90:fa:4b:35:53:39:4c:21:e3:c5:37:f2:7e:
92:e4:0b:b6:c0:76:68:25:00:62:9b:74:da:fc:c8:
2b:71:92:2a:ed:57:3c:c2:60:88:16:18:3d:3c:24:
92:74:45:e1:ec:fc:82:cb:be:4f:68:cf:51:bc:6a:
26:60:3b:d6:a5:09:f2:fd:94:a7:2d:89:6c:55:20:
0b:a2:df:bf:ed:b3:70:b8:f1:e7:c1:bc:66:82:dd:
e7:90:7c:51:36:b5:19:83:6f:7d:cf:15:cd:b2:e2:
0c:6e:b8:ef:87:a9:2c:16:a9:27:bb:67:71:cb:6e:
e3:5e:34:de:97:40:04:0d:00:ec:79:6a:26:22:e6:
e1:de:bf:7c:7c:fa:50:ca:40:03:42:34:2e:f0:6a:
87:3a:d1:6f:48:53:fa:2b:43:7a:f7:3d:76:ed:09:
44:14:46:d7:bd:a3:2a:1d:ec:78:dd:da:30:b6:a0:
64:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:13:4E:E9:CF:DE:1C:EE:52:21:D6:E6:C1:7E:12:8D:96:FC:9D:2F
X509v3 Authority Key Identifier:
keyid:CD:3B:BC:19:5C:DA:7E:58:24:5A:61:CB:30:B9:6F:E5:72:FD:78:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zTu8GVzaflgkWmHLMLlv5XL9eBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7d:41:d3:fa:21:f0:7c:ee:00:16:03:a6:f0:b2:c4:78:2c:b0:
ba:95:95:c6:71:9b:4b:a1:27:e2:8b:7b:5f:03:48:92:ae:7c:
85:c1:8c:16:5c:6a:3c:f2:fd:4a:e5:59:34:71:a6:d5:6e:d0:
53:81:21:f3:83:2e:c0:57:49:fc:ba:2f:97:5f:82:a2:57:c3:
44:1b:c0:48:99:65:f4:ad:54:df:b4:ce:f5:b0:4c:66:4d:cd:
7c:41:40:13:db:c5:c2:36:68:ff:c7:f7:de:3b:80:d7:aa:25:
da:e1:7e:0a:09:d8:4a:99:e8:07:8d:f9:19:c3:e1:73:46:ca:
88:fb:c6:b1:de:08:05:21:3c:78:97:45:4c:bc:14:25:82:40:
69:47:e7:af:0f:04:bc:03:83:f8:46:b0:52:da:9a:a5:de:94:
ae:ee:a2:2e:48:4b:37:8a:b4:03:cb:46:92:ea:74:7d:65:2d:
a4:d0:05:37:76:01:e8:1e:f4:74:86:50:8c:2e:05:6e:e0:a9:
67:24:f8:71:5f:1d:cb:2a:79:0f:06:f9:4a:19:4f:14:70:83:
aa:32:e9:b7:d5:be:70:53:15:9b:3d:96:56:80:b7:a9:cd:a0:
34:b7:da:bf:fb:08:b8:08:c3:f4:7a:73:54:0f:1d:9a:11:ac:
49:3f:50:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfEk8m7ebocWm/2JbeaYmssMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkM2JiYzE5NWNkYTdlNTgyNDVhNjFjYjMwYjk2ZmU1NzJm
ZDc4MTEwHhcNMjUwNzAxMDYwMTQ5WhcNMjUwNzAyMDYwMTQ5WjAzMTEwLwYDVQQD
EygxNDEzNGVlOWNmZGUxY2VlNTIyMWQ2ZTZjMTdlMTI4ZDk2ZmM5ZDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNvk1y8CeX01S1Sf7P8tCp0vaaGY
nTkqEVYw4owI6MV8VG0y86+C5j0zTpu+PjZFH6VOLpHEd1KmatB5Lin4o6xXuFwD
pI+GDG1YBpD6SzVTOUwh48U38n6S5Au2wHZoJQBim3Ta/MgrcZIq7Vc8wmCIFhg9
PCSSdEXh7PyCy75PaM9RvGomYDvWpQny/ZSnLYlsVSALot+/7bNwuPHnwbxmgt3n
kHxRNrUZg299zxXNsuIMbrjvh6ksFqknu2dxy27jXjTel0AEDQDseWomIubh3r98
fPpQykADQjQu8GqHOtFvSFP6K0N69z127QlEFEbXvaMqHex43dowtqBkvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBQTTunP3hzuUiHW5sF+Eo2W/J0vMB8GA1UdIwQY
MBaAFM07vBlc2n5YJFphyzC5b+Vy/XgRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelR1OEdWemFmbGdrV21ITE1MbHY1WEw5ZUJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny81YWY3YTUtYjY3Yy00NTlhLTk4OTMt
YzZmYWRlYjI4NWJhLzEvelR1OEdWemFmbGdrV21ITE1MbHY1WEw5ZUJFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny81YWY3YTUtYjY3Yy00NTlhLTk4OTMtYzZmYWRlYjI4NWJh
LzEvelR1OEdWemFmbGdrV21ITE1MbHY1WEw5ZUJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfUHT+iHw
fO4AFgOm8LLEeCywupWVxnGbS6En4ot7XwNIkq58hcGMFlxqPPL9SuVZNHGm1W7Q
U4Eh84MuwFdJ/Lovl1+ColfDRBvASJll9K1U37TO9bBMZk3NfEFAE9vFwjZo/8f3
3juA16ol2uF+CgnYSpnoB435GcPhc0bKiPvGsd4IBSE8eJdFTLwUJYJAaUfnrw8E
vAOD+EawUtqapd6Uru6iLkhLN4q0A8tGkup0fWUtpNAFN3YB6B70dIZQjC4FbuCp
ZyT4cV8dyyp5Dwb5ShlPFHCDqjLpt9W+cFMVmz2WVoC3qc2gNLfav/sIuAjD9Hpz
VA8dmhGsST9QRg==
-----END CERTIFICATE-----
Generated at Tue Jul 1 13:05:13 2025 by rpki-client