Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/6e264e-d6ce-42d5-b05d-e15f4f8409e6/1/U70JkochUqhtYNljuH0BgXwA_FM.mft
File: U70JkochUqhtYNljuH0BgXwA_FM.mft (raw, json)
Hash identifier: ytDAJLP+j8pc85DuQz7/Qaocwl9wk5azm8KvFidmm88=
Subject key identifier: CA:3C:B0:08:4F:C1:13:D3:B2:36:36:51:6F:12:FB:12:5A:2C:BE:51
Authority key identifier: 53:BD:09:92:87:21:52:A8:6D:60:D9:63:B8:7D:01:81:7C:00:FC:53
Certificate issuer: /CN=53bd0992872152a86d60d963b87d01817c00fc53
Certificate serial: 0197B8212919357B8BF8DB139710436C0DA4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U70JkochUqhtYNljuH0BgXwA_FM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/6e264e-d6ce-42d5-b05d-e15f4f8409e6/1/U70JkochUqhtYNljuH0BgXwA_FM.mft
Manifest number: 15B6
Signing time: Sat 28 Jun 2025 20:01:10 +0000
Manifest this update: Sat 28 Jun 2025 20:01:10 +0000
Manifest next update: Sun 29 Jun 2025 20:01:10 +0000
Files and hashes: 1: 8hWTGCLXxSwODB2tKv40DFwDRSA.roa (hash: LnqtzTwP6Z/uj/Pahytsa4k9TTsa7E1q6xNsCMwJ/r4=)
2: KdlAk3dh27bShWAn4-0kWb61hVQ.roa (hash: ATJYV8SWOcnAG9fqVBljwxaiv5XnfJ4U40CX0lPgLrE=)
3: U70JkochUqhtYNljuH0BgXwA_FM.crl (hash: ptfeGqXdiefUXcybV0CKwWNjbCtsSQUV9hDxqaUbIuc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/6e264e-d6ce-42d5-b05d-e15f4f8409e6/1/U70JkochUqhtYNljuH0BgXwA_FM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/6e264e-d6ce-42d5-b05d-e15f4f8409e6/1/U70JkochUqhtYNljuH0BgXwA_FM.mft
rsync://rpki.ripe.net/repository/DEFAULT/U70JkochUqhtYNljuH0BgXwA_FM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b8:21:29:19:35:7b:8b:f8:db:13:97:10:43:6c:0d:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53bd0992872152a86d60d963b87d01817c00fc53
Validity
Not Before: Jun 28 20:01:10 2025 GMT
Not After : Jun 29 20:01:10 2025 GMT
Subject: CN=ca3cb0084fc113d3b23636516f12fb125a2cbe51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d4:ba:7e:43:c5:5d:7d:8d:7f:35:04:9d:b8:
6a:e6:93:a2:47:d4:0e:7c:4e:a0:97:a4:cb:27:e8:
6d:73:34:02:61:15:f8:d9:cc:a9:59:e9:88:03:25:
25:ee:19:89:0a:21:5c:05:35:36:fd:99:41:5e:eb:
2b:e6:ec:7b:2a:2a:77:ef:29:e9:30:64:3c:1a:a4:
5b:4e:26:57:a4:e5:14:c4:34:64:fe:53:a8:6d:21:
4b:ba:f1:4e:be:77:7b:91:2a:82:b8:92:cc:60:e3:
6b:b2:76:a4:b7:f1:fe:8c:14:d2:6f:d5:13:bb:8d:
68:9c:7c:b3:4f:d5:c3:34:c0:82:c7:66:17:35:e2:
f9:23:be:cf:be:41:8f:b3:5a:90:5d:9b:87:ab:9b:
42:76:cb:3a:96:c1:6b:ee:98:4d:65:8b:35:6a:ac:
96:34:2d:c3:39:27:c7:84:87:5d:16:22:43:02:38:
23:21:bb:ca:7b:4d:65:84:66:25:f7:a8:70:fb:d2:
79:22:87:9a:bc:61:f5:1f:a9:1a:44:6a:f4:7f:b1:
11:a1:5f:65:af:d3:18:69:71:86:59:d6:31:5c:1c:
da:2e:3c:9f:a2:a7:2f:36:b6:7d:10:2d:65:e7:e0:
3c:60:89:0e:38:29:42:5f:14:82:f9:ec:06:e8:67:
02:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:3C:B0:08:4F:C1:13:D3:B2:36:36:51:6F:12:FB:12:5A:2C:BE:51
X509v3 Authority Key Identifier:
keyid:53:BD:09:92:87:21:52:A8:6D:60:D9:63:B8:7D:01:81:7C:00:FC:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U70JkochUqhtYNljuH0BgXwA_FM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/6e264e-d6ce-42d5-b05d-e15f4f8409e6/1/U70JkochUqhtYNljuH0BgXwA_FM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/6e264e-d6ce-42d5-b05d-e15f4f8409e6/1/U70JkochUqhtYNljuH0BgXwA_FM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bc:52:8e:a0:85:80:1c:6f:6d:fa:d3:4a:d8:4d:09:73:be:17:
39:dc:a5:6a:4d:8e:38:9f:bb:da:ae:e3:c5:a5:6c:f4:be:a5:
13:c8:9d:e5:a6:92:06:97:ab:75:79:aa:e6:c2:9a:02:ff:e6:
a8:35:81:46:6d:e6:8b:cf:7d:00:4b:f3:3a:3b:07:7b:75:88:
ae:69:e2:16:bf:cd:7d:2c:33:13:ec:47:4a:62:74:a2:e6:2c:
d8:90:8d:71:bc:22:de:2f:5b:c2:2b:17:a5:55:62:04:79:2a:
b4:13:dd:78:b9:a1:ab:d2:a6:d1:9c:ed:61:8b:50:95:3e:e1:
f8:3c:f8:f0:5c:df:2e:a3:62:b6:97:fa:73:28:a9:b2:aa:89:
b5:cb:a9:b8:d5:ab:ed:73:96:dd:a9:c2:80:62:3b:e0:4c:9b:
cb:40:7a:a9:91:12:0f:41:25:fb:40:10:9f:1f:db:f0:fc:70:
b5:cc:1a:b1:ed:b1:9c:02:84:49:43:b5:f1:df:ea:e7:7b:c5:
b8:32:69:72:7d:d6:e3:fe:c8:f8:7c:99:e6:75:fe:04:6f:dc:
8b:16:3e:59:71:a8:bc:f6:75:49:3b:b7:9e:b3:88:d5:8d:e0:
26:cc:c7:c9:a9:a0:81:20:25:4e:75:00:c3:68:a0:51:7f:a5:
bc:b7:5e:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4ISkZNXuL+NsTlxBDbA2kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYmQwOTkyODcyMTUyYTg2ZDYwZDk2M2I4N2QwMTgxN2Mw
MGZjNTMwHhcNMjUwNjI4MjAwMTEwWhcNMjUwNjI5MjAwMTEwWjAzMTEwLwYDVQQD
EyhjYTNjYjAwODRmYzExM2QzYjIzNjM2NTE2ZjEyZmIxMjVhMmNiZTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotS6fkPFXX2NfzUEnbhq5pOiR9QO
fE6gl6TLJ+htczQCYRX42cypWemIAyUl7hmJCiFcBTU2/ZlBXusr5ux7Kip37ynp
MGQ8GqRbTiZXpOUUxDRk/lOobSFLuvFOvnd7kSqCuJLMYONrsnakt/H+jBTSb9UT
u41onHyzT9XDNMCCx2YXNeL5I77PvkGPs1qQXZuHq5tCdss6lsFr7phNZYs1aqyW
NC3DOSfHhIddFiJDAjgjIbvKe01lhGYl96hw+9J5IoeavGH1H6kaRGr0f7ERoV9l
r9MYaXGGWdYxXBzaLjyfoqcvNrZ9EC1l5+A8YIkOOClCXxSC+ewG6GcCVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMo8sAhPwRPTsjY2UW8S+xJaLL5RMB8GA1UdIwQY
MBaAFFO9CZKHIVKobWDZY7h9AYF8APxTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTcwSmtvY2hVcWh0WU5sanVIMEJnWHdBX0ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS82ZTI2NGUtZDZjZS00MmQ1LWIwNWQt
ZTE1ZjRmODQwOWU2LzEvVTcwSmtvY2hVcWh0WU5sanVIMEJnWHdBX0ZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS82ZTI2NGUtZDZjZS00MmQ1LWIwNWQtZTE1ZjRmODQwOWU2
LzEvVTcwSmtvY2hVcWh0WU5sanVIMEJnWHdBX0ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvFKOoIWA
HG9t+tNK2E0Jc74XOdylak2OOJ+72q7jxaVs9L6lE8id5aaSBperdXmq5sKaAv/m
qDWBRm3mi899AEvzOjsHe3WIrmniFr/NfSwzE+xHSmJ0ouYs2JCNcbwi3i9bwisX
pVViBHkqtBPdeLmhq9Km0ZztYYtQlT7h+Dz48FzfLqNitpf6cyipsqqJtcupuNWr
7XOW3anCgGI74Eyby0B6qZESD0El+0AQnx/b8Pxwtcwase2xnAKESUO18d/q53vF
uDJpcn3W4/7I+HyZ5nX+BG/cixY+WXGovPZ1STu3nrOI1Y3gJszHyamggSAlTnUA
w2igUX+lvLdeYg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:34:07 2025 by rpki-client