Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/6ecfca-feb2-4af0-aefe-799509d19ac3/1/Mj4i0VNpL6h29FppimQHCr0puzk.mft
File: Mj4i0VNpL6h29FppimQHCr0puzk.mft (raw, json)
Hash identifier: t1HmenpScPCLB/xNpXmfwGlrrI3Mj+iJMiq/G3chrSQ=
Subject key identifier: ED:72:6B:09:A8:10:5E:41:A5:77:41:8F:B0:26:0B:24:AD:2D:17:FE
Authority key identifier: 32:3E:22:D1:53:69:2F:A8:76:F4:5A:69:8A:64:07:0A:BD:29:BB:39
Certificate issuer: /CN=323e22d153692fa876f45a698a64070abd29bb39
Certificate serial: 0197B70F4AA355E8AE0C46413C0ED6B47D2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mj4i0VNpL6h29FppimQHCr0puzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/6ecfca-feb2-4af0-aefe-799509d19ac3/1/Mj4i0VNpL6h29FppimQHCr0puzk.mft
Manifest number: 70
Signing time: Sat 28 Jun 2025 15:02:01 +0000
Manifest this update: Sat 28 Jun 2025 15:02:01 +0000
Manifest next update: Sun 29 Jun 2025 15:02:01 +0000
Files and hashes: 1: Mj4i0VNpL6h29FppimQHCr0puzk.crl (hash: ZmHiKQliIxwAwL2bBuQkimhrRLGV2NbuAwRy/Vx90IM=)
2: UPOmKS-wCVFYZbdnuQ3DjxycBYs.roa (hash: wDCKtOot6cNGvhctv9YJsxtzSFcNno8Vt28nw8UusF0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/6ecfca-feb2-4af0-aefe-799509d19ac3/1/Mj4i0VNpL6h29FppimQHCr0puzk.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/6ecfca-feb2-4af0-aefe-799509d19ac3/1/Mj4i0VNpL6h29FppimQHCr0puzk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Mj4i0VNpL6h29FppimQHCr0puzk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:0f:4a:a3:55:e8:ae:0c:46:41:3c:0e:d6:b4:7d:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=323e22d153692fa876f45a698a64070abd29bb39
Validity
Not Before: Jun 28 15:02:01 2025 GMT
Not After : Jun 29 15:02:01 2025 GMT
Subject: CN=ed726b09a8105e41a577418fb0260b24ad2d17fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:9f:c3:b6:81:f8:38:11:d5:7e:db:e9:6a:52:
84:21:aa:97:92:b3:f1:e7:dd:8d:c6:b0:2d:fc:16:
0e:30:f8:36:8a:2f:cf:91:ad:25:20:e7:48:65:09:
e1:13:2e:72:2b:4a:27:62:e7:c0:16:a7:27:56:df:
dc:c7:8f:cc:6a:3c:8a:51:32:d6:0e:65:1a:3a:ad:
e8:a4:52:81:a9:9b:7d:b9:e4:4b:1c:a4:06:9b:07:
f6:84:60:52:6a:48:f8:26:2d:4a:a0:40:f2:06:7d:
3d:17:e1:24:0b:32:3c:8d:10:f1:be:45:95:72:03:
83:8c:26:3c:9b:c0:53:77:c8:c4:51:ce:b3:bb:8c:
83:43:21:d7:26:09:97:20:84:30:0c:be:b3:d7:db:
52:ca:e9:d2:8c:fe:ac:c7:c1:b0:23:3a:32:6a:59:
f8:5e:48:94:e4:3e:2c:22:7d:e2:c4:b1:a3:7d:39:
a2:08:b4:6a:e6:a1:36:1f:fc:53:01:fd:f7:90:2a:
f3:4f:f1:a0:90:98:d3:a7:57:c0:8d:19:bf:1c:ff:
a4:b2:f3:1c:3d:65:20:df:b0:99:2c:c4:98:44:12:
73:24:b0:71:a4:97:76:0b:e3:d8:41:e7:e9:66:35:
3a:c5:fa:76:bc:91:6f:5e:a7:f9:6b:8b:ec:9e:10:
71:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:72:6B:09:A8:10:5E:41:A5:77:41:8F:B0:26:0B:24:AD:2D:17:FE
X509v3 Authority Key Identifier:
keyid:32:3E:22:D1:53:69:2F:A8:76:F4:5A:69:8A:64:07:0A:BD:29:BB:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mj4i0VNpL6h29FppimQHCr0puzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/6ecfca-feb2-4af0-aefe-799509d19ac3/1/Mj4i0VNpL6h29FppimQHCr0puzk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/6ecfca-feb2-4af0-aefe-799509d19ac3/1/Mj4i0VNpL6h29FppimQHCr0puzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
38:08:bf:d8:89:e8:25:bc:fb:db:8e:72:16:76:93:db:89:fd:
bc:df:19:a1:7f:ea:d0:a5:63:ab:bc:d9:97:97:29:87:a1:6f:
56:14:63:a9:cf:b1:0a:33:ab:cb:8c:19:1c:6a:95:89:6f:ce:
eb:82:48:58:a9:e4:32:9b:6c:54:c7:82:f9:f9:01:83:7f:bc:
e1:e0:ba:c4:5d:28:47:69:7f:2f:41:a5:b4:b1:74:24:94:56:
1f:f1:92:17:02:b0:31:7a:69:10:78:d1:55:09:24:35:00:60:
1d:7e:8c:b1:fc:e5:0c:1b:5b:38:25:44:99:24:7a:de:33:a9:
37:5d:ac:3b:97:1c:ac:fa:ee:39:3c:f3:8c:ca:ae:2a:f0:a4:
7c:f7:93:da:c7:ee:ce:a8:72:ee:e2:16:db:03:5e:ea:a5:8b:
69:66:d5:a2:81:b9:84:fd:28:ec:c3:c1:3c:46:82:2b:f2:cb:
0f:fb:26:03:78:04:76:aa:f1:da:3f:37:97:2f:88:27:e1:30:
02:85:1d:64:ff:ac:c8:79:26:72:4c:dd:69:ab:0c:d2:e9:e8:
1e:c0:67:2b:94:ee:51:1c:d3:65:8c:e3:d3:40:82:41:56:15:
8d:45:82:53:12:78:06:33:62:9f:0a:df:5e:f4:e2:e8:b0:87:
b6:be:7e:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3D0qjVeiuDEZBPA7WtH0rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyM2UyMmQxNTM2OTJmYTg3NmY0NWE2OThhNjQwNzBhYmQy
OWJiMzkwHhcNMjUwNjI4MTUwMjAxWhcNMjUwNjI5MTUwMjAxWjAzMTEwLwYDVQQD
EyhlZDcyNmIwOWE4MTA1ZTQxYTU3NzQxOGZiMDI2MGIyNGFkMmQxN2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApp/DtoH4OBHVftvpalKEIaqXkrPx
592NxrAt/BYOMPg2ii/Pka0lIOdIZQnhEy5yK0onYufAFqcnVt/cx4/MajyKUTLW
DmUaOq3opFKBqZt9ueRLHKQGmwf2hGBSakj4Ji1KoEDyBn09F+EkCzI8jRDxvkWV
cgODjCY8m8BTd8jEUc6zu4yDQyHXJgmXIIQwDL6z19tSyunSjP6sx8GwIzoyaln4
XkiU5D4sIn3ixLGjfTmiCLRq5qE2H/xTAf33kCrzT/GgkJjTp1fAjRm/HP+ksvMc
PWUg37CZLMSYRBJzJLBxpJd2C+PYQefpZjU6xfp2vJFvXqf5a4vsnhBxvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO1yawmoEF5BpXdBj7AmCyStLRf+MB8GA1UdIwQY
MBaAFDI+ItFTaS+odvRaaYpkBwq9Kbs5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWo0aTBWTnBMNmgyOUZwcGltUUhDcjBwdXprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC82ZWNmY2EtZmViMi00YWYwLWFlZmUt
Nzk5NTA5ZDE5YWMzLzEvTWo0aTBWTnBMNmgyOUZwcGltUUhDcjBwdXprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC82ZWNmY2EtZmViMi00YWYwLWFlZmUtNzk5NTA5ZDE5YWMz
LzEvTWo0aTBWTnBMNmgyOUZwcGltUUhDcjBwdXprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOAi/2Ino
Jbz7245yFnaT24n9vN8ZoX/q0KVjq7zZl5cph6FvVhRjqc+xCjOry4wZHGqViW/O
64JIWKnkMptsVMeC+fkBg3+84eC6xF0oR2l/L0GltLF0JJRWH/GSFwKwMXppEHjR
VQkkNQBgHX6MsfzlDBtbOCVEmSR63jOpN12sO5ccrPruOTzzjMquKvCkfPeT2sfu
zqhy7uIW2wNe6qWLaWbVooG5hP0o7MPBPEaCK/LLD/smA3gEdqrx2j83ly+IJ+Ew
AoUdZP+syHkmckzdaasM0unoHsBnK5TuURzTZYzj00CCQVYVjUWCUxJ4BjNinwrf
XvTi6LCHtr5+4Q==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:26:47 2025 by rpki-client