Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/f8ab48-05d0-4f9c-8b0f-98c875ae35c9/1/IkI4OfIQchYnZBrmtszqzujZBns.mft
File: IkI4OfIQchYnZBrmtszqzujZBns.mft (raw, json)
Hash identifier: W3RhmmJ20CUC65zuql7HMvTtOEQgO/0OBHfDKoUB1VQ=
Subject key identifier: DD:4A:B3:1D:A8:08:1A:25:CE:97:91:E9:91:46:03:BF:EA:62:9C:9C
Authority key identifier: 22:42:38:39:F2:10:72:16:27:64:1A:E6:B6:CC:EA:CE:E8:D9:06:7B
Certificate issuer: /CN=22423839f210721627641ae6b6cceacee8d9067b
Certificate serial: 0197B74529D35639FAB4F4FB9C087AC524C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IkI4OfIQchYnZBrmtszqzujZBns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/f8ab48-05d0-4f9c-8b0f-98c875ae35c9/1/IkI4OfIQchYnZBrmtszqzujZBns.mft
Manifest number: 0AF8
Signing time: Sat 28 Jun 2025 16:00:52 +0000
Manifest this update: Sat 28 Jun 2025 16:00:52 +0000
Manifest next update: Sun 29 Jun 2025 16:00:52 +0000
Files and hashes: 1: IkI4OfIQchYnZBrmtszqzujZBns.crl (hash: dHbOBUzdW74baVybiUKfA7LNgDt+NfA4tGhuNsC+hxQ=)
2: Uyg4_Ozw9Ipj9uu784y9KAfEr7A.roa (hash: PWFMCOTkx94rFl6c7QVt2h1VgycYcWOsnSvIAK4MJo0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/f8ab48-05d0-4f9c-8b0f-98c875ae35c9/1/IkI4OfIQchYnZBrmtszqzujZBns.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/f8ab48-05d0-4f9c-8b0f-98c875ae35c9/1/IkI4OfIQchYnZBrmtszqzujZBns.mft
rsync://rpki.ripe.net/repository/DEFAULT/IkI4OfIQchYnZBrmtszqzujZBns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:45:29:d3:56:39:fa:b4:f4:fb:9c:08:7a:c5:24:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22423839f210721627641ae6b6cceacee8d9067b
Validity
Not Before: Jun 28 16:00:52 2025 GMT
Not After : Jun 29 16:00:52 2025 GMT
Subject: CN=dd4ab31da8081a25ce9791e9914603bfea629c9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:4c:39:bd:c1:3d:8f:2d:69:1e:6d:6f:c1:9f:
bc:bb:63:5c:87:32:9c:0b:23:c4:40:a3:23:4f:fe:
e9:b9:45:0b:60:a3:64:f2:be:68:33:3a:ca:75:63:
58:46:40:8a:83:25:6b:ae:a3:3d:83:b4:56:43:97:
4c:7e:55:88:81:73:90:7e:09:2d:c0:89:1f:db:02:
bc:d6:47:83:e4:d8:84:d6:58:34:e4:27:15:a4:15:
de:57:a1:f1:12:70:3e:0a:f4:67:62:a5:79:7a:ac:
d6:6f:9e:ec:f1:5e:07:33:17:8b:a3:36:76:5c:81:
57:fb:0f:f6:a0:9f:66:e1:e4:b6:9e:90:0e:2a:e1:
53:46:9b:e7:65:75:bc:4c:bc:be:d7:db:ad:09:4d:
58:be:e1:1f:44:5f:ca:0b:91:cb:58:e1:ca:f4:f5:
2e:f7:50:11:10:ea:1d:0b:34:1c:1b:82:67:74:0b:
4a:14:fe:b9:fe:65:82:bf:43:92:1e:a4:7a:12:02:
34:13:7c:e9:e3:ba:7e:f6:86:b7:1d:70:11:af:04:
a0:5b:23:13:07:d8:41:6c:34:03:1e:32:05:b9:c6:
c6:7e:b0:dc:a2:34:55:e1:6f:06:e0:b5:e2:1f:a2:
35:18:5a:02:8b:5b:15:43:09:2b:2e:9b:ee:61:ba:
97:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:4A:B3:1D:A8:08:1A:25:CE:97:91:E9:91:46:03:BF:EA:62:9C:9C
X509v3 Authority Key Identifier:
keyid:22:42:38:39:F2:10:72:16:27:64:1A:E6:B6:CC:EA:CE:E8:D9:06:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IkI4OfIQchYnZBrmtszqzujZBns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/f8ab48-05d0-4f9c-8b0f-98c875ae35c9/1/IkI4OfIQchYnZBrmtszqzujZBns.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/f8ab48-05d0-4f9c-8b0f-98c875ae35c9/1/IkI4OfIQchYnZBrmtszqzujZBns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
20:b2:39:55:48:04:d0:bb:74:e7:58:f5:2c:76:b5:cb:37:5f:
6c:48:ad:8c:f3:a5:42:21:7e:b9:99:66:59:e5:47:bb:18:0d:
49:59:75:79:65:5b:fb:f3:23:d6:e9:ca:e5:b1:e5:fc:e1:27:
fe:dc:69:ec:c2:0b:6e:10:f4:33:3d:af:c0:4e:61:69:71:d3:
88:54:06:d6:ed:e6:c0:58:9d:0f:8e:3d:66:6c:87:b4:bb:08:
87:51:f6:78:29:68:ba:35:d4:b9:15:c2:df:17:43:37:54:5b:
3e:22:7b:3d:e2:c2:b1:82:76:2f:90:32:9b:40:75:e9:5d:70:
30:7f:e5:af:6e:55:68:af:9f:66:89:cc:b1:e6:98:af:50:9b:
d7:91:6d:2c:b4:d6:57:1f:13:d5:81:94:0b:9e:7f:bf:a9:e8:
df:c4:bf:d2:8c:a8:a6:50:cc:60:f3:70:6c:59:49:d6:2d:2e:
b0:77:c1:d2:c7:a0:88:f2:fc:2d:0b:2a:3d:07:4c:99:8e:36:
08:40:7e:c6:f6:6e:61:eb:02:c7:95:a5:76:af:88:36:fe:3a:
76:ef:8c:28:86:38:52:5c:86:7e:99:a7:f7:2a:8a:50:a8:28:
42:3a:e7:bd:b9:94:0e:e4:1e:d4:79:57:af:69:71:96:f9:0f:
85:4a:4d:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RSnTVjn6tPT7nAh6xSTEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyNDIzODM5ZjIxMDcyMTYyNzY0MWFlNmI2Y2NlYWNlZThk
OTA2N2IwHhcNMjUwNjI4MTYwMDUyWhcNMjUwNjI5MTYwMDUyWjAzMTEwLwYDVQQD
EyhkZDRhYjMxZGE4MDgxYTI1Y2U5NzkxZTk5MTQ2MDNiZmVhNjI5YzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2kw5vcE9jy1pHm1vwZ+8u2NchzKc
CyPEQKMjT/7puUULYKNk8r5oMzrKdWNYRkCKgyVrrqM9g7RWQ5dMflWIgXOQfgkt
wIkf2wK81keD5NiE1lg05CcVpBXeV6HxEnA+CvRnYqV5eqzWb57s8V4HMxeLozZ2
XIFX+w/2oJ9m4eS2npAOKuFTRpvnZXW8TLy+19utCU1YvuEfRF/KC5HLWOHK9PUu
91AREOodCzQcG4JndAtKFP65/mWCv0OSHqR6EgI0E3zp47p+9oa3HXARrwSgWyMT
B9hBbDQDHjIFucbGfrDcojRV4W8G4LXiH6I1GFoCi1sVQwkrLpvuYbqXfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN1Ksx2oCBolzpeR6ZFGA7/qYpycMB8GA1UdIwQY
MBaAFCJCODnyEHIWJ2Qa5rbM6s7o2QZ7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWtJNE9mSVFjaFluWkJybXRzenF6dWpaQm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9mOGFiNDgtMDVkMC00ZjljLThiMGYt
OThjODc1YWUzNWM5LzEvSWtJNE9mSVFjaFluWkJybXRzenF6dWpaQm5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9mOGFiNDgtMDVkMC00ZjljLThiMGYtOThjODc1YWUzNWM5
LzEvSWtJNE9mSVFjaFluWkJybXRzenF6dWpaQm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAILI5VUgE
0Lt051j1LHa1yzdfbEitjPOlQiF+uZlmWeVHuxgNSVl1eWVb+/Mj1unK5bHl/OEn
/txp7MILbhD0Mz2vwE5haXHTiFQG1u3mwFidD449ZmyHtLsIh1H2eCloujXUuRXC
3xdDN1RbPiJ7PeLCsYJ2L5Aym0B16V1wMH/lr25VaK+fZonMseaYr1Cb15FtLLTW
Vx8T1YGUC55/v6no38S/0oyoplDMYPNwbFlJ1i0usHfB0segiPL8LQsqPQdMmY42
CEB+xvZuYesCx5Wldq+INv46du+MKIY4UlyGfpmn9yqKUKgoQjrnvbmUDuQe1HlX
r2lxlvkPhUpNFQ==
-----END CERTIFICATE-----
Generated at Sat Jun 28 22:39:42 2025 by rpki-client