Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.mft
File: otP5vJZWutwm594auw-nLD1yjdg.mft (raw, json)
Hash identifier: IgFh+L/cOAiwgdeCvSQZUBDFxhKgKjTFcTZbU0H5KYw=
Subject key identifier: C9:4D:0A:24:D9:C3:1B:45:01:62:0E:F1:D9:AA:72:41:98:E1:D9:42
Authority key identifier: A2:D3:F9:BC:96:56:BA:DC:26:E7:DE:1A:BB:0F:A7:2C:3D:72:8D:D8
Certificate issuer: /CN=a2d3f9bc9656badc26e7de1abb0fa72c3d728dd8
Certificate serial: 0197B8FD1B4A20DADE2EECEFBC03F8D94F3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/otP5vJZWutwm594auw-nLD1yjdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.mft
Manifest number: 021B
Signing time: Sun 29 Jun 2025 00:01:24 +0000
Manifest this update: Sun 29 Jun 2025 00:01:24 +0000
Manifest next update: Mon 30 Jun 2025 00:01:24 +0000
Files and hashes: 1: otP5vJZWutwm594auw-nLD1yjdg.crl (hash: KEwRAILGWXVbKcmn0l8WTNmgJ4MoF/1nPe23EomH03M=)
2: yntKueGdh_gRYfTjbFRGz4s6BD8.roa (hash: 8wVmYZSgIm0dCsPvd2oqoO7MS+FukiT5t5Ke1EaX2FA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.mft
rsync://rpki.ripe.net/repository/DEFAULT/otP5vJZWutwm594auw-nLD1yjdg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b8:fd:1b:4a:20:da:de:2e:ec:ef:bc:03:f8:d9:4f:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2d3f9bc9656badc26e7de1abb0fa72c3d728dd8
Validity
Not Before: Jun 29 00:01:24 2025 GMT
Not After : Jun 30 00:01:24 2025 GMT
Subject: CN=c94d0a24d9c31b4501620ef1d9aa724198e1d942
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:17:8d:fc:fb:ac:5b:ca:f1:2a:5f:be:fa:8f:
5b:af:a2:bb:82:3e:b6:34:f1:cd:9a:93:2d:5a:e2:
b5:fc:f3:92:4e:e9:52:73:a5:81:3c:35:3b:9d:38:
97:72:bf:ca:29:83:74:a7:af:9d:d1:10:5e:bd:c4:
86:82:f9:d1:be:e6:ab:94:47:d9:8e:89:cb:ac:a1:
2e:40:6d:cd:3c:27:23:07:3a:d6:14:7c:d9:25:ef:
72:c9:c0:65:9c:dc:50:92:2d:2e:1f:95:6e:6f:db:
64:20:9e:ae:88:4f:b5:e7:61:5d:58:27:fd:32:ae:
a7:34:92:64:22:75:5c:11:04:4d:bc:75:76:69:de:
06:06:70:43:0c:e9:79:8a:e1:58:5b:19:69:75:36:
f2:5a:2a:02:ce:c3:b4:67:66:88:80:d2:cd:a6:12:
2d:fb:93:97:ab:4d:46:6c:17:bf:bc:21:8c:5f:19:
c7:7b:41:de:eb:ee:1a:79:41:96:89:99:61:20:a1:
3e:fb:09:f2:e9:e8:5c:58:7a:52:ab:85:f6:e7:d8:
25:2d:98:00:de:4c:19:42:24:84:87:77:2a:11:43:
40:21:2c:d5:ea:84:9f:13:b4:7e:e0:02:ab:cf:6b:
e2:41:48:16:20:be:ef:bd:dc:03:97:a9:01:9a:ee:
50:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:4D:0A:24:D9:C3:1B:45:01:62:0E:F1:D9:AA:72:41:98:E1:D9:42
X509v3 Authority Key Identifier:
keyid:A2:D3:F9:BC:96:56:BA:DC:26:E7:DE:1A:BB:0F:A7:2C:3D:72:8D:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/otP5vJZWutwm594auw-nLD1yjdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a7:dc:6b:a0:3f:45:66:20:b0:d2:61:58:a3:05:2f:ee:dd:8b:
39:8c:a2:4a:b4:33:84:5d:83:d3:e0:94:9d:54:21:59:fb:17:
dc:89:29:ca:71:b9:d0:15:69:d5:f8:e2:96:fb:c4:19:2d:1a:
51:a0:c0:9b:f8:0b:15:d0:b1:7c:97:04:c9:37:c3:45:f1:0b:
65:11:20:81:2b:cc:b3:73:93:d0:ce:1f:22:13:10:53:c5:99:
ac:80:d7:36:60:67:3c:75:ee:14:d0:fa:e5:a4:5d:d5:b7:26:
15:f3:e1:91:1e:76:ce:2c:c7:80:c3:c3:13:f4:10:9a:75:3c:
67:26:9b:fd:5c:70:a3:10:2a:97:58:78:32:98:92:15:f4:e3:
a3:74:61:0a:e1:7e:87:95:e7:1c:47:e0:fb:0c:28:02:50:71:
b8:3f:8b:34:38:8c:da:d1:ff:d7:63:1a:31:c3:2f:09:c8:f7:
05:7c:72:7c:c4:3b:5d:db:36:a5:aa:9a:dd:45:37:5d:b6:1d:
c1:b8:3f:ef:e6:32:1b:40:7a:ec:77:5d:07:f7:33:61:8e:62:
b2:a2:95:11:60:74:bc:f9:eb:c2:69:05:f0:1d:5f:93:32:a5:
01:1d:7f:dd:31:f4:f9:22:1d:71:54:13:e3:13:de:a8:72:9d:
b0:9a:24:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4/RtKINreLuzvvAP42U87MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZDNmOWJjOTY1NmJhZGMyNmU3ZGUxYWJiMGZhNzJjM2Q3
MjhkZDgwHhcNMjUwNjI5MDAwMTI0WhcNMjUwNjMwMDAwMTI0WjAzMTEwLwYDVQQD
EyhjOTRkMGEyNGQ5YzMxYjQ1MDE2MjBlZjFkOWFhNzI0MTk4ZTFkOTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0heN/PusW8rxKl+++o9br6K7gj62
NPHNmpMtWuK1/POSTulSc6WBPDU7nTiXcr/KKYN0p6+d0RBevcSGgvnRvuarlEfZ
jonLrKEuQG3NPCcjBzrWFHzZJe9yycBlnNxQki0uH5Vub9tkIJ6uiE+152FdWCf9
Mq6nNJJkInVcEQRNvHV2ad4GBnBDDOl5iuFYWxlpdTbyWioCzsO0Z2aIgNLNphIt
+5OXq01GbBe/vCGMXxnHe0He6+4aeUGWiZlhIKE++wny6ehcWHpSq4X259glLZgA
3kwZQiSEh3cqEUNAISzV6oSfE7R+4AKrz2viQUgWIL7vvdwDl6kBmu5QlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMlNCiTZwxtFAWIO8dmqckGY4dlCMB8GA1UdIwQY
MBaAFKLT+byWVrrcJufeGrsPpyw9co3YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3RQNXZKWld1dHdtNTk0YXV3LW5MRDF5amRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82OGZkMGYtMmI4Ny00NzA0LWEzMmYt
ZDcxMWU4NGMyOWExLzEvb3RQNXZKWld1dHdtNTk0YXV3LW5MRDF5amRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82OGZkMGYtMmI4Ny00NzA0LWEzMmYtZDcxMWU4NGMyOWEx
LzEvb3RQNXZKWld1dHdtNTk0YXV3LW5MRDF5amRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp9xroD9F
ZiCw0mFYowUv7t2LOYyiSrQzhF2D0+CUnVQhWfsX3IkpynG50BVp1fjilvvEGS0a
UaDAm/gLFdCxfJcEyTfDRfELZREggSvMs3OT0M4fIhMQU8WZrIDXNmBnPHXuFND6
5aRd1bcmFfPhkR52zizHgMPDE/QQmnU8Zyab/VxwoxAql1h4MpiSFfTjo3RhCuF+
h5XnHEfg+wwoAlBxuD+LNDiM2tH/12MaMcMvCcj3BXxyfMQ7Xds2paqa3UU3XbYd
wbg/7+YyG0B67HddB/czYY5isqKVEWB0vPnrwmkF8B1fkzKlAR1/3TH0+SIdcVQT
4xPeqHKdsJok4Q==
-----END CERTIFICATE-----
Generated at Sun Jun 29 08:33:47 2025 by rpki-client