Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
File: IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft (raw, json)
Hash identifier: G034vkJvbBRO+o1hYkJEZ4KOZQHvzHI/vvZDrqYYS7g=
Subject key identifier: EB:99:9D:DF:69:4C:E3:98:D7:A3:49:5E:97:DD:C2:AA:9B:FF:96:BB
Authority key identifier: 21:01:B6:38:8D:64:35:F5:49:90:90:53:82:B4:1D:C9:67:5F:D4:90
Certificate issuer: /CN=2101b6388d6435f54990905382b41dc9675fd490
Certificate serial: 0197B70E562D8E210E98761B8D0F4BF6A118
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
Manifest number: 0445
Signing time: Sat 28 Jun 2025 15:00:59 +0000
Manifest this update: Sat 28 Jun 2025 15:00:59 +0000
Manifest next update: Sun 29 Jun 2025 15:00:59 +0000
Files and hashes: 1: EAD0diuoZK02qxxsVWWiclAVX5I.roa (hash: kzXgijoQ+OFnt0McFOmyH17ijOy9UUEek/dQbYMoKFU=)
2: IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl (hash: Bg4kZUtja4jd30kA9p9O3pIWNdz7k8A1A4CtPlXJNcA=)
3: nyGLR8VZWMaY-kU1NUM_fc4iRjM.roa (hash: voylSjHlayiNYZNWUzC6whbKd8QLUjoGC1qGpaQazoM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 10:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:0e:56:2d:8e:21:0e:98:76:1b:8d:0f:4b:f6:a1:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2101b6388d6435f54990905382b41dc9675fd490
Validity
Not Before: Jun 28 15:00:59 2025 GMT
Not After : Jun 29 15:00:59 2025 GMT
Subject: CN=eb999ddf694ce398d7a3495e97ddc2aa9bff96bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:cf:4d:ff:de:a5:c8:d0:91:bc:f8:56:ef:fa:
02:7c:8a:6d:d1:24:93:6d:43:64:54:53:5a:79:71:
eb:58:33:07:83:51:21:08:f0:82:38:bf:24:e7:53:
72:1e:00:56:45:41:fe:7b:de:ed:91:66:87:0f:e5:
9d:11:fe:51:51:25:03:ee:ee:aa:f3:66:40:44:55:
51:5f:1c:53:4a:4b:5e:57:1f:64:0a:64:3d:9d:a1:
ea:3a:f1:07:f0:ff:b6:d9:9a:29:f4:67:7d:50:87:
0b:5d:9c:26:e6:c3:1e:43:4e:37:7f:fd:c4:ae:3a:
2a:c8:62:53:07:cc:71:9f:aa:50:49:3f:0b:46:c2:
c0:29:89:f7:4f:dc:70:30:89:ab:e5:d4:d4:42:eb:
a2:e5:ef:7d:97:f7:09:ef:c3:d1:ad:47:48:c3:bf:
b9:1c:2b:bc:d1:c4:ad:74:ed:68:06:79:25:f1:13:
c4:fe:e3:b2:24:b6:6e:80:8b:01:87:ed:80:1c:8d:
a4:e5:e1:54:39:84:d7:65:ed:7d:08:34:5e:75:ee:
f1:30:94:8e:b7:1e:28:64:de:cf:1a:a3:ab:05:50:
11:e2:44:ea:6b:c9:20:73:5f:be:9a:54:b5:b1:ed:
6a:c1:27:2d:32:34:a0:6d:78:68:bb:8f:c7:96:41:
4b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:99:9D:DF:69:4C:E3:98:D7:A3:49:5E:97:DD:C2:AA:9B:FF:96:BB
X509v3 Authority Key Identifier:
keyid:21:01:B6:38:8D:64:35:F5:49:90:90:53:82:B4:1D:C9:67:5F:D4:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5c:59:1e:f5:7a:15:36:a6:25:1c:b1:03:99:81:ab:bd:17:b1:
25:39:66:19:57:45:c8:7b:d0:8d:c3:de:4a:64:83:cb:fe:13:
24:69:58:e5:b5:be:ab:b4:1f:0a:61:83:0b:74:4c:d3:88:1d:
46:fe:c7:0e:db:ea:ab:97:14:5d:b6:a4:7d:a1:36:60:f9:d8:
fb:ca:08:26:9f:aa:bc:b8:2f:4e:ed:b6:2a:6d:81:11:5f:11:
44:b0:1d:d2:0c:bf:5d:24:3e:d1:73:2b:a1:59:6c:0a:10:be:
50:50:57:e4:74:ac:e5:cb:bb:70:3a:aa:30:40:a7:14:e4:23:
b0:4b:54:40:55:ff:e9:05:69:75:40:26:6b:4b:28:2a:82:62:
db:48:e6:54:bc:12:7b:23:50:87:48:77:7c:38:59:42:fb:a1:
c4:08:93:ba:e8:ab:ce:97:ad:26:cf:d9:44:48:03:27:d8:90:
32:00:63:46:0b:b8:11:09:98:99:e8:d3:84:8a:4c:e6:33:b9:
5a:04:0d:3b:70:8b:ed:01:de:c9:84:85:8f:29:72:c4:65:09:
db:aa:67:9a:a9:10:43:b0:97:e7:fe:96:fa:c4:9b:e0:62:b7:
07:43:0f:5f:3e:43:2f:7d:07:f8:6c:ae:ee:81:33:28:8e:5f:
aa:9d:98:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DlYtjiEOmHYbjQ9L9qEYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDFiNjM4OGQ2NDM1ZjU0OTkwOTA1MzgyYjQxZGM5Njc1
ZmQ0OTAwHhcNMjUwNjI4MTUwMDU5WhcNMjUwNjI5MTUwMDU5WjAzMTEwLwYDVQQD
EyhlYjk5OWRkZjY5NGNlMzk4ZDdhMzQ5NWU5N2RkYzJhYTliZmY5NmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxc9N/96lyNCRvPhW7/oCfIpt0SST
bUNkVFNaeXHrWDMHg1EhCPCCOL8k51NyHgBWRUH+e97tkWaHD+WdEf5RUSUD7u6q
82ZARFVRXxxTSkteVx9kCmQ9naHqOvEH8P+22Zop9Gd9UIcLXZwm5sMeQ043f/3E
rjoqyGJTB8xxn6pQST8LRsLAKYn3T9xwMImr5dTUQuui5e99l/cJ78PRrUdIw7+5
HCu80cStdO1oBnkl8RPE/uOyJLZugIsBh+2AHI2k5eFUOYTXZe19CDRede7xMJSO
tx4oZN7PGqOrBVAR4kTqa8kgc1++mlS1se1qwSctMjSgbXhou4/HlkFLdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOuZnd9pTOOY16NJXpfdwqqb/5a7MB8GA1UdIwQY
MBaAFCEBtjiNZDX1SZCQU4K0HclnX9SQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jMjA5NWEtM2IzZC00YWM0LTljMzIt
NGRmODkxMjE4OGY3LzEvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jMjA5NWEtM2IzZC00YWM0LTljMzItNGRmODkxMjE4OGY3
LzEvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXFke9XoV
NqYlHLEDmYGrvRexJTlmGVdFyHvQjcPeSmSDy/4TJGlY5bW+q7QfCmGDC3RM04gd
Rv7HDtvqq5cUXbakfaE2YPnY+8oIJp+qvLgvTu22Km2BEV8RRLAd0gy/XSQ+0XMr
oVlsChC+UFBX5HSs5cu7cDqqMECnFOQjsEtUQFX/6QVpdUAma0soKoJi20jmVLwS
eyNQh0h3fDhZQvuhxAiTuuirzpetJs/ZREgDJ9iQMgBjRgu4EQmYmejThIpM5jO5
WgQNO3CL7QHeyYSFjylyxGUJ26pnmqkQQ7CX5/6W+sSb4GK3B0MPXz5DL30H+Gyu
7oEzKI5fqp2Y+Q==
-----END CERTIFICATE-----
Generated at Sat Jun 28 19:07:20 2025 by rpki-client