Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.mft
File: D5x3odzbju1izTyoClFE3E4kP04.mft (raw, json)
Hash identifier: jhQatktUe3CB7mMvWWacCiWIPZRuM5sEC5shIrXPrak=
Subject key identifier: C1:F4:C2:4B:DB:C0:DC:A9:C6:88:A8:33:DD:C3:79:B6:B2:33:7D:2B
Authority key identifier: 0F:9C:77:A1:DC:DB:8E:ED:62:CD:3C:A8:0A:51:44:DC:4E:24:3F:4E
Certificate issuer: /CN=0f9c77a1dcdb8eed62cd3ca80a5144dc4e243f4e
Certificate serial: 0197B6D7BB3DD136ACD40B988E4783BE0B9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D5x3odzbju1izTyoClFE3E4kP04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.mft
Manifest number: 15C0
Signing time: Sat 28 Jun 2025 14:01:20 +0000
Manifest this update: Sat 28 Jun 2025 14:01:20 +0000
Manifest next update: Sun 29 Jun 2025 14:01:20 +0000
Files and hashes: 1: D5x3odzbju1izTyoClFE3E4kP04.crl (hash: rir1nxFvYi3LeyodQg4AoVJfqEJVYienUthpxX6gASg=)
2: EU9ZI9FwGK9Je2LIHv8oyryDbQ0.roa (hash: lg1hblUtV5bfdjAsYpP/FKql2pfxKFHlS2JkI4euny0=)
3: UttiV2rZhXbpiEroK90NOoWzeyo.roa (hash: clJAUfrgzlJXm2cn+fD7HIKwQaoQPkMOMFf6DpqSgo0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.mft
rsync://rpki.ripe.net/repository/DEFAULT/D5x3odzbju1izTyoClFE3E4kP04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 14:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b6:d7:bb:3d:d1:36:ac:d4:0b:98:8e:47:83:be:0b:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f9c77a1dcdb8eed62cd3ca80a5144dc4e243f4e
Validity
Not Before: Jun 28 14:01:20 2025 GMT
Not After : Jun 29 14:01:20 2025 GMT
Subject: CN=c1f4c24bdbc0dca9c688a833ddc379b6b2337d2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:bf:85:6f:98:fb:e2:75:75:0f:f9:44:9e:b9:
cc:10:87:ec:a4:43:65:85:15:de:16:17:43:96:f3:
49:e7:14:d7:00:e9:40:31:7e:ec:9c:e7:05:62:ed:
8b:07:6c:e3:7a:84:d9:5c:20:f7:cd:2a:0e:7d:b5:
c6:56:a0:93:38:59:68:20:a3:85:eb:98:79:6b:ab:
5b:b6:44:e8:67:d3:7a:a0:99:a1:1a:03:c9:cc:f7:
e4:8b:f5:fe:6e:3e:ad:0f:8d:27:49:c6:d3:ec:4f:
29:09:39:d4:1e:ff:96:0f:0e:b3:52:f1:a5:be:45:
a6:07:41:e3:34:b7:f5:d5:1b:de:fe:6c:0a:a3:5f:
93:16:9b:f8:4e:55:9b:20:0b:a4:87:c8:f8:a6:c1:
c0:90:46:55:6e:04:2d:95:52:fe:1f:1e:50:ae:01:
52:91:73:3b:45:24:5d:8c:da:2c:f1:05:3f:91:e8:
00:d7:0a:f4:07:bb:9c:0e:e9:72:44:a3:e8:57:72:
8e:0b:8c:b9:f3:82:2c:a9:79:b5:f5:71:30:85:2a:
b9:4b:06:a4:3a:f0:5b:48:eb:cb:ec:00:fe:aa:53:
40:88:2b:fa:b7:b1:c1:be:e2:a2:18:ae:96:16:df:
f1:f4:5d:a8:83:93:c2:15:36:3d:2c:00:1c:08:5d:
8b:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:F4:C2:4B:DB:C0:DC:A9:C6:88:A8:33:DD:C3:79:B6:B2:33:7D:2B
X509v3 Authority Key Identifier:
keyid:0F:9C:77:A1:DC:DB:8E:ED:62:CD:3C:A8:0A:51:44:DC:4E:24:3F:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D5x3odzbju1izTyoClFE3E4kP04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b2:cd:ba:93:a4:7d:9d:96:ce:35:d0:5c:c2:9c:95:91:72:13:
e3:ab:af:82:9c:1d:84:b5:fd:4c:4d:a1:fd:4b:56:0c:d3:48:
2e:b7:11:55:9e:16:26:7b:62:ff:59:a0:fd:bc:98:74:68:8b:
4a:56:2a:03:83:77:0d:4f:af:51:fb:8b:f7:4d:29:d1:5c:4b:
ca:30:2f:f2:68:61:0b:2d:a8:c2:fe:39:3d:1c:3b:55:60:f2:
b3:81:4d:80:44:f6:78:99:8c:cc:02:de:e8:51:2e:45:d7:41:
1e:f8:11:c7:d1:51:c8:7b:3b:d2:9d:c6:ae:5a:37:dc:d0:da:
9e:e0:a7:ed:de:7c:af:26:0a:be:bc:6e:dc:ec:69:0b:fd:94:
8f:03:1e:22:42:b7:3e:af:52:a8:cc:32:07:ba:ce:f9:38:48:
bf:00:c7:67:04:b9:a9:4f:b2:88:68:0e:57:ff:df:ed:88:e8:
a9:9f:fc:89:09:8d:13:d3:ed:7d:48:98:cf:84:18:17:18:80:
9d:81:29:77:3f:36:76:22:e8:14:0e:52:48:dc:25:42:d7:f3:
4d:8b:55:3e:5b:fb:40:9d:0d:80:f7:98:62:00:62:2e:58:5e:
5b:4b:98:8f:28:16:e3:c6:6a:ee:4a:53:2f:e4:8f:3e:57:92:
38:82:a5:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe217s90Tas1AuYjkeDvguaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmOWM3N2ExZGNkYjhlZWQ2MmNkM2NhODBhNTE0NGRjNGUy
NDNmNGUwHhcNMjUwNjI4MTQwMTIwWhcNMjUwNjI5MTQwMTIwWjAzMTEwLwYDVQQD
EyhjMWY0YzI0YmRiYzBkY2E5YzY4OGE4MzNkZGMzNzliNmIyMzM3ZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAor+Fb5j74nV1D/lEnrnMEIfspENl
hRXeFhdDlvNJ5xTXAOlAMX7snOcFYu2LB2zjeoTZXCD3zSoOfbXGVqCTOFloIKOF
65h5a6tbtkToZ9N6oJmhGgPJzPfki/X+bj6tD40nScbT7E8pCTnUHv+WDw6zUvGl
vkWmB0HjNLf11Rve/mwKo1+TFpv4TlWbIAukh8j4psHAkEZVbgQtlVL+Hx5QrgFS
kXM7RSRdjNos8QU/kegA1wr0B7ucDulyRKPoV3KOC4y584IsqXm19XEwhSq5Swak
OvBbSOvL7AD+qlNAiCv6t7HBvuKiGK6WFt/x9F2og5PCFTY9LAAcCF2LrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMH0wkvbwNypxoioM93DebayM30rMB8GA1UdIwQY
MBaAFA+cd6Hc247tYs08qApRRNxOJD9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDV4M29kemJqdTFpelR5b0NsRkUzRTRrUDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85ZDBlMTQtMTEzYi00Y2JhLTgzMDgt
YWNjNTY5NzdiNmY0LzEvRDV4M29kemJqdTFpelR5b0NsRkUzRTRrUDA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85ZDBlMTQtMTEzYi00Y2JhLTgzMDgtYWNjNTY5NzdiNmY0
LzEvRDV4M29kemJqdTFpelR5b0NsRkUzRTRrUDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAss26k6R9
nZbONdBcwpyVkXIT46uvgpwdhLX9TE2h/UtWDNNILrcRVZ4WJnti/1mg/byYdGiL
SlYqA4N3DU+vUfuL900p0VxLyjAv8mhhCy2owv45PRw7VWDys4FNgET2eJmMzALe
6FEuRddBHvgRx9FRyHs70p3Grlo33NDanuCn7d58ryYKvrxu3OxpC/2UjwMeIkK3
Pq9SqMwyB7rO+ThIvwDHZwS5qU+yiGgOV//f7YjoqZ/8iQmNE9PtfUiYz4QYFxiA
nYEpdz82diLoFA5SSNwlQtfzTYtVPlv7QJ0NgPeYYgBiLlheW0uYjygW48Zq7kpT
L+SPPleSOIKlNg==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:34:54 2025 by rpki-client