Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.mft
File: CnAgLDEt0sem_8MXqobk4gaSSaY.mft (raw, json)
Hash identifier: CQyE5EeMLj7VPSiSk7bfEeg5lOhXsuJcDZWbmbQXbm8=
Subject key identifier: 9B:AE:1C:3A:C7:1F:A4:D7:6C:A3:37:9C:3B:FB:6F:6A:85:D9:3D:FA
Authority key identifier: 0A:70:20:2C:31:2D:D2:C7:A6:FF:C3:17:AA:86:E4:E2:06:92:49:A6
Certificate issuer: /CN=0a70202c312dd2c7a6ffc317aa86e4e2069249a6
Certificate serial: 0197B77CB4414321437B61C3CD43163C140D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CnAgLDEt0sem_8MXqobk4gaSSaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.mft
Manifest number: 08E2
Signing time: Sat 28 Jun 2025 17:01:32 +0000
Manifest this update: Sat 28 Jun 2025 17:01:32 +0000
Manifest next update: Sun 29 Jun 2025 17:01:32 +0000
Files and hashes: 1: CnAgLDEt0sem_8MXqobk4gaSSaY.crl (hash: NmJZBgfe59EEO+B7QL8fNLhxmu7Wb23FCGISAQmLfEY=)
2: eTuN91J09OBNoZtxEtruVhH4DbY.roa (hash: F1iOkNAfZrkXFWgz/sdsk9Ul6Wkc9BDyHiaUC1recQY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.mft
rsync://rpki.ripe.net/repository/DEFAULT/CnAgLDEt0sem_8MXqobk4gaSSaY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 10:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:7c:b4:41:43:21:43:7b:61:c3:cd:43:16:3c:14:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a70202c312dd2c7a6ffc317aa86e4e2069249a6
Validity
Not Before: Jun 28 17:01:32 2025 GMT
Not After : Jun 29 17:01:32 2025 GMT
Subject: CN=9bae1c3ac71fa4d76ca3379c3bfb6f6a85d93dfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:86:a5:7f:f6:9a:3f:eb:2a:2e:e8:a6:0c:0e:
59:4a:dc:8f:54:ad:cd:4c:08:77:ae:d4:48:d3:34:
6a:33:77:b2:92:1e:ba:69:89:b9:56:75:fd:36:d6:
fc:76:49:55:73:7e:0f:2e:39:c8:71:8a:3f:39:02:
f1:0d:68:56:cc:f9:a2:90:a4:51:03:4a:16:0b:f0:
a5:aa:52:02:ff:83:75:0d:13:ed:01:eb:5d:a1:50:
f5:53:b7:63:3c:0b:f7:cf:45:13:22:37:e0:b9:42:
bb:1b:1f:62:a2:f0:7b:10:c7:5c:ad:82:f5:86:65:
62:7e:ef:6d:bb:c2:88:ac:d2:ae:7e:fe:e6:48:a0:
f7:f5:5e:f8:5c:94:e3:19:98:35:53:98:9a:90:c2:
f5:a1:aa:93:f8:7f:0d:b6:e3:65:11:aa:38:48:c2:
fd:a2:0e:ff:9b:7e:95:1a:c9:ba:61:f5:ad:94:37:
8f:58:9c:e6:a7:ed:f2:a3:f5:84:b9:37:21:09:98:
7e:ca:df:b2:54:69:7a:1e:d5:3b:71:53:24:f2:b8:
ae:94:bb:05:36:7b:2b:69:97:13:de:86:75:36:d6:
a0:27:12:fd:90:93:f8:2a:e6:91:77:cd:df:03:4a:
d7:15:97:91:b4:93:52:c8:51:0c:5d:37:62:4b:b7:
86:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:AE:1C:3A:C7:1F:A4:D7:6C:A3:37:9C:3B:FB:6F:6A:85:D9:3D:FA
X509v3 Authority Key Identifier:
keyid:0A:70:20:2C:31:2D:D2:C7:A6:FF:C3:17:AA:86:E4:E2:06:92:49:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnAgLDEt0sem_8MXqobk4gaSSaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
41:8f:b7:b3:1e:ce:52:34:69:eb:3c:a3:9a:68:46:5d:32:46:
a1:39:99:7f:b7:86:2c:d7:81:c0:d5:30:6c:ee:b4:1c:90:81:
61:ef:48:94:8d:42:69:8f:5f:d5:80:59:5b:64:d1:32:5d:7e:
71:90:12:5e:2e:4d:81:f3:9b:1a:1e:96:34:0c:c0:fd:46:68:
d6:25:3d:37:a7:15:bb:4e:14:85:b2:09:3d:23:06:74:93:29:
6b:e5:f2:8a:a3:d7:b4:f9:c3:20:92:0b:d3:30:48:88:7d:93:
3d:39:00:81:42:5b:06:56:5a:01:a4:62:51:f0:f3:90:3c:27:
9f:ac:1d:b1:56:92:30:a4:df:a2:5c:87:c8:e5:ec:17:fe:45:
af:61:f0:92:e2:94:83:1b:26:fa:61:f3:f7:43:c4:32:cd:30:
0f:bc:18:b5:43:56:8d:28:f5:19:c5:ae:2e:5b:7c:5d:71:c0:
e5:79:d2:05:08:d0:2c:54:33:c6:8f:5c:67:5a:72:7e:78:97:
d5:34:22:33:7c:40:1a:70:61:fd:f9:77:72:20:1d:ad:d3:9e:
a1:e5:4e:4e:6b:de:6c:81:77:5f:a2:25:37:38:67:ad:6b:32:
6d:33:d7:59:8a:7d:19:c8:23:51:0f:60:93:7e:10:d4:f8:7a:
c8:4f:dc:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fLRBQyFDe2HDzUMWPBQNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNzAyMDJjMzEyZGQyYzdhNmZmYzMxN2FhODZlNGUyMDY5
MjQ5YTYwHhcNMjUwNjI4MTcwMTMyWhcNMjUwNjI5MTcwMTMyWjAzMTEwLwYDVQQD
Eyg5YmFlMWMzYWM3MWZhNGQ3NmNhMzM3OWMzYmZiNmY2YTg1ZDkzZGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIalf/aaP+sqLuimDA5ZStyPVK3N
TAh3rtRI0zRqM3eykh66aYm5VnX9Ntb8dklVc34PLjnIcYo/OQLxDWhWzPmikKRR
A0oWC/ClqlIC/4N1DRPtAetdoVD1U7djPAv3z0UTIjfguUK7Gx9iovB7EMdcrYL1
hmVifu9tu8KIrNKufv7mSKD39V74XJTjGZg1U5iakML1oaqT+H8NtuNlEao4SML9
og7/m36VGsm6YfWtlDePWJzmp+3yo/WEuTchCZh+yt+yVGl6HtU7cVMk8riulLsF
NnsraZcT3oZ1NtagJxL9kJP4KuaRd83fA0rXFZeRtJNSyFEMXTdiS7eGywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJuuHDrHH6TXbKM3nDv7b2qF2T36MB8GA1UdIwQY
MBaAFApwICwxLdLHpv/DF6qG5OIGkkmmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ25BZ0xERXQwc2VtXzhNWHFvYms0Z2FTU2FZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS84ZmY2OTctNTdmYy00MGZmLThhNTMt
NjhjODQ5Mjc3ZDczLzEvQ25BZ0xERXQwc2VtXzhNWHFvYms0Z2FTU2FZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS84ZmY2OTctNTdmYy00MGZmLThhNTMtNjhjODQ5Mjc3ZDcz
LzEvQ25BZ0xERXQwc2VtXzhNWHFvYms0Z2FTU2FZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQY+3sx7O
UjRp6zyjmmhGXTJGoTmZf7eGLNeBwNUwbO60HJCBYe9IlI1CaY9f1YBZW2TRMl1+
cZASXi5NgfObGh6WNAzA/UZo1iU9N6cVu04UhbIJPSMGdJMpa+XyiqPXtPnDIJIL
0zBIiH2TPTkAgUJbBlZaAaRiUfDzkDwnn6wdsVaSMKTfolyHyOXsF/5Fr2HwkuKU
gxsm+mHz90PEMs0wD7wYtUNWjSj1GcWuLlt8XXHA5XnSBQjQLFQzxo9cZ1pyfniX
1TQiM3xAGnBh/fl3ciAdrdOeoeVOTmvebIF3X6IlNzhnrWsybTPXWYp9GcgjUQ9g
k34Q1Ph6yE/clQ==
-----END CERTIFICATE-----
Generated at Sat Jun 28 19:11:25 2025 by rpki-client