Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.mft
File: 2afNm3hyoceqJis_rRqQdlAlKDI.mft (raw, json)
Hash identifier: uottdJN9xXBFSr35rAQXhVkkO8bt1x4Y/NNR24i/jH8=
Subject key identifier: 40:8A:D5:C0:13:B1:26:7E:FE:EE:76:9A:24:32:EA:A1:D1:A8:98:85
Authority key identifier: D9:A7:CD:9B:78:72:A1:C7:AA:26:2B:3F:AD:1A:90:76:50:25:28:32
Certificate issuer: /CN=d9a7cd9b7872a1c7aa262b3fad1a907650252832
Certificate serial: 0197B7450736C0AC98F6CD3D68956BD10F30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2afNm3hyoceqJis_rRqQdlAlKDI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.mft
Manifest number: 03DB
Signing time: Sat 28 Jun 2025 16:00:43 +0000
Manifest this update: Sat 28 Jun 2025 16:00:43 +0000
Manifest next update: Sun 29 Jun 2025 16:00:43 +0000
Files and hashes: 1: 2afNm3hyoceqJis_rRqQdlAlKDI.crl (hash: ylAigOATwsAPeYNiQ0xFD+fBnVxGHZ7b8px4izpwfd0=)
2: 8xRb-DPzCzHiHinhBGSiJKFCfq0.roa (hash: A9plqAZ6tW823XWa6YGs85LIMKZtOqJdz/q0S+8zYRE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.mft
rsync://rpki.ripe.net/repository/DEFAULT/2afNm3hyoceqJis_rRqQdlAlKDI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:45:07:36:c0:ac:98:f6:cd:3d:68:95:6b:d1:0f:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9a7cd9b7872a1c7aa262b3fad1a907650252832
Validity
Not Before: Jun 28 16:00:43 2025 GMT
Not After : Jun 29 16:00:43 2025 GMT
Subject: CN=408ad5c013b1267efeee769a2432eaa1d1a89885
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:72:82:c2:f3:e9:52:65:9b:c8:b4:9a:8f:29:
1c:5c:31:4e:f3:a2:28:1a:0d:a1:7b:08:48:f9:38:
81:29:6f:91:f8:dc:e8:1b:95:bb:29:48:4e:dc:2f:
c3:67:e0:21:cf:65:09:56:bc:41:ed:8f:e5:b7:80:
06:81:f9:24:da:6d:ad:35:43:9b:3d:9a:b1:4d:b7:
b2:7a:fa:0c:c1:3f:d1:91:48:68:f8:01:e1:15:55:
6b:dc:94:fd:a3:e6:40:ff:b0:ad:93:78:8e:ad:45:
f9:d5:9a:af:30:4d:f0:d2:ae:a9:d4:24:80:ef:47:
66:9b:97:1a:4c:0b:df:c7:15:a4:4c:39:20:76:15:
b1:c0:79:d1:bc:97:57:48:7c:c3:03:88:a0:1d:d2:
86:d5:b0:a6:7c:77:10:38:41:48:7d:f0:c8:9d:1e:
56:a2:04:ef:e7:ab:ab:0c:aa:b8:e4:85:63:2e:67:
b2:de:bb:c3:8c:a2:ec:b4:7d:66:6b:d5:5e:bf:ba:
85:1a:9e:30:d0:d8:90:bd:4d:ca:d3:df:1f:a6:ea:
93:04:6b:92:c8:ef:77:b2:49:a8:fb:04:26:95:cb:
58:48:f9:b3:05:23:63:13:1b:0a:0d:83:3a:65:34:
22:39:28:ec:cd:1a:d6:0d:8e:4b:a3:a2:2d:76:b3:
0f:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:8A:D5:C0:13:B1:26:7E:FE:EE:76:9A:24:32:EA:A1:D1:A8:98:85
X509v3 Authority Key Identifier:
keyid:D9:A7:CD:9B:78:72:A1:C7:AA:26:2B:3F:AD:1A:90:76:50:25:28:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2afNm3hyoceqJis_rRqQdlAlKDI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
61:6c:99:f0:c9:ea:eb:a9:4e:3e:bf:ff:86:14:05:0f:ab:18:
8e:21:f1:0d:b7:a8:16:54:be:e8:dd:cf:92:b0:c5:f2:01:cf:
91:07:51:22:52:75:d8:72:f6:3e:52:61:66:82:50:00:11:82:
d3:86:d2:46:7b:db:4a:ac:39:c0:16:04:b2:f9:13:a5:07:e2:
17:84:94:77:04:c3:37:65:97:63:ce:a2:91:c8:4a:a4:5e:51:
b9:fd:da:67:fa:f5:46:93:63:67:a2:ca:dc:70:4a:71:b2:54:
ce:6b:9c:9a:0d:2a:f1:8a:db:67:1f:28:84:5e:51:5f:19:4c:
fc:2a:74:f3:d3:bc:90:29:0f:6d:a5:60:26:a0:a5:d4:2a:f6:
3e:2d:bd:7a:17:a1:8e:90:ea:55:9b:3f:b1:cb:87:3a:df:10:
99:95:99:47:28:c7:8e:d8:de:a3:f9:49:72:14:fc:40:f1:3d:
3e:f5:56:bc:73:11:a6:70:e6:6b:f9:ff:34:fc:f4:cf:44:ab:
02:d7:3a:b1:90:57:0a:f6:2f:3e:14:f6:e5:09:95:a0:96:7b:
a6:dc:33:bd:e7:6b:89:1e:32:5b:e6:ce:d1:2c:ea:83:81:a1:
fd:8b:54:19:31:bf:56:05:d1:22:b1:81:8b:e9:97:5b:cd:e2:
8c:cf:36:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RQc2wKyY9s09aJVr0Q8wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YTdjZDliNzg3MmExYzdhYTI2MmIzZmFkMWE5MDc2NTAy
NTI4MzIwHhcNMjUwNjI4MTYwMDQzWhcNMjUwNjI5MTYwMDQzWjAzMTEwLwYDVQQD
Eyg0MDhhZDVjMDEzYjEyNjdlZmVlZTc2OWEyNDMyZWFhMWQxYTg5ODg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnKCwvPpUmWbyLSajykcXDFO86Io
Gg2hewhI+TiBKW+R+NzoG5W7KUhO3C/DZ+Ahz2UJVrxB7Y/lt4AGgfkk2m2tNUOb
PZqxTbeyevoMwT/RkUho+AHhFVVr3JT9o+ZA/7Ctk3iOrUX51ZqvME3w0q6p1CSA
70dmm5caTAvfxxWkTDkgdhWxwHnRvJdXSHzDA4igHdKG1bCmfHcQOEFIffDInR5W
ogTv56urDKq45IVjLmey3rvDjKLstH1ma9Vev7qFGp4w0NiQvU3K098fpuqTBGuS
yO93skmo+wQmlctYSPmzBSNjExsKDYM6ZTQiOSjszRrWDY5Lo6ItdrMP+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFECK1cATsSZ+/u52miQy6qHRqJiFMB8GA1UdIwQY
MBaAFNmnzZt4cqHHqiYrP60akHZQJSgyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmFmTm0zaHlvY2VxSmlzX3JScVFkbEFsS0RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jMDZmMDktOTA3Mi00ZDU3LTliNjQt
ZDA1YmU4YzVhNGIxLzEvMmFmTm0zaHlvY2VxSmlzX3JScVFkbEFsS0RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9jMDZmMDktOTA3Mi00ZDU3LTliNjQtZDA1YmU4YzVhNGIx
LzEvMmFmTm0zaHlvY2VxSmlzX3JScVFkbEFsS0RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYWyZ8Mnq
66lOPr//hhQFD6sYjiHxDbeoFlS+6N3PkrDF8gHPkQdRIlJ12HL2PlJhZoJQABGC
04bSRnvbSqw5wBYEsvkTpQfiF4SUdwTDN2WXY86ikchKpF5Ruf3aZ/r1RpNjZ6LK
3HBKcbJUzmucmg0q8YrbZx8ohF5RXxlM/Cp089O8kCkPbaVgJqCl1Cr2Pi29eheh
jpDqVZs/scuHOt8QmZWZRyjHjtjeo/lJchT8QPE9PvVWvHMRpnDma/n/NPz0z0Sr
Atc6sZBXCvYvPhT25QmVoJZ7ptwzvedriR4yW+bO0Szqg4Gh/YtUGTG/VgXRIrGB
i+mXW83ijM82Xw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 00:10:50 2025 by rpki-client