Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/c9a9d1-b13c-403d-bd1c-d12a372f5173/1/znQefeZX5KEPk8qSxReoGywLJR4.mft
File: znQefeZX5KEPk8qSxReoGywLJR4.mft (raw, json)
Hash identifier: FrGGLLyBTShH6iuhe+tqNBQBJqdLoipWdoT7K9GC5zg=
Subject key identifier: 20:78:90:78:49:BD:8A:0E:36:DB:CA:57:7F:04:B4:CF:0F:4A:9D:C9
Authority key identifier: CE:74:1E:7D:E6:57:E4:A1:0F:93:CA:92:C5:17:A8:1B:2C:0B:25:1E
Certificate issuer: /CN=ce741e7de657e4a10f93ca92c517a81b2c0b251e
Certificate serial: 0197B745BD5967A0938F7B48F363D7953A98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/znQefeZX5KEPk8qSxReoGywLJR4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/c9a9d1-b13c-403d-bd1c-d12a372f5173/1/znQefeZX5KEPk8qSxReoGywLJR4.mft
Manifest number: 0BA9
Signing time: Sat 28 Jun 2025 16:01:30 +0000
Manifest this update: Sat 28 Jun 2025 16:01:30 +0000
Manifest next update: Sun 29 Jun 2025 16:01:30 +0000
Files and hashes: 1: ZIl-tGPYsmILe8aUvhHfFRisBTg.roa (hash: ELX+nfW5VdhOFYsiqhpPo4rEHXv1DoXfvUrKNYNv+iU=)
2: znQefeZX5KEPk8qSxReoGywLJR4.crl (hash: WWNnNBqsAYrXXheTAEbNlYfqvJ2G5MIojoodZVFnHlc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/c9a9d1-b13c-403d-bd1c-d12a372f5173/1/znQefeZX5KEPk8qSxReoGywLJR4.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/c9a9d1-b13c-403d-bd1c-d12a372f5173/1/znQefeZX5KEPk8qSxReoGywLJR4.mft
rsync://rpki.ripe.net/repository/DEFAULT/znQefeZX5KEPk8qSxReoGywLJR4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:45:bd:59:67:a0:93:8f:7b:48:f3:63:d7:95:3a:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce741e7de657e4a10f93ca92c517a81b2c0b251e
Validity
Not Before: Jun 28 16:01:30 2025 GMT
Not After : Jun 29 16:01:30 2025 GMT
Subject: CN=2078907849bd8a0e36dbca577f04b4cf0f4a9dc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:20:36:e8:3c:2a:1b:d9:1f:74:a3:ec:cb:2f:
1b:e5:dc:e2:a6:19:4b:a3:3a:28:a5:b8:61:51:a3:
4a:15:42:e1:20:b4:19:a6:e3:39:3b:f6:c0:4a:97:
34:d9:84:89:74:95:17:16:e2:7f:49:80:3c:69:30:
2f:3e:07:dd:df:21:49:46:06:08:2b:ad:08:41:f9:
67:60:a8:fd:a2:0f:60:bc:11:94:9e:c0:a2:8c:92:
68:c5:a9:f9:6f:bc:09:e9:67:83:12:1d:b6:fd:23:
ce:5a:20:8a:f8:7d:c4:b2:80:ae:bd:54:b8:93:98:
6f:5e:13:c1:14:de:5e:7e:de:9a:51:d4:ad:fe:d9:
e3:a2:0b:d9:f4:b3:5a:04:6f:2a:94:63:d8:fc:df:
1b:b6:70:ef:88:3b:3a:1b:2f:49:87:50:63:aa:74:
38:52:1d:70:b8:15:8d:9d:e6:d0:37:2c:41:fc:66:
6d:59:22:7c:42:8f:c8:8e:61:83:7e:6b:d2:fd:20:
3a:8d:66:0c:9a:3c:e2:de:0e:48:9d:53:2d:7f:1a:
62:ca:c0:1d:b8:3a:09:56:36:d9:75:23:a4:27:92:
92:8f:93:df:38:f1:d9:64:71:ae:8f:f2:72:df:91:
fc:ea:42:bf:4a:ff:76:82:b9:7e:50:10:7a:39:3e:
e6:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:78:90:78:49:BD:8A:0E:36:DB:CA:57:7F:04:B4:CF:0F:4A:9D:C9
X509v3 Authority Key Identifier:
keyid:CE:74:1E:7D:E6:57:E4:A1:0F:93:CA:92:C5:17:A8:1B:2C:0B:25:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/znQefeZX5KEPk8qSxReoGywLJR4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/c9a9d1-b13c-403d-bd1c-d12a372f5173/1/znQefeZX5KEPk8qSxReoGywLJR4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/c9a9d1-b13c-403d-bd1c-d12a372f5173/1/znQefeZX5KEPk8qSxReoGywLJR4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2a:81:eb:81:8f:71:74:6d:e3:f7:20:70:71:51:13:76:cc:bb:
03:42:b2:10:6d:58:0e:a2:21:e3:81:13:7f:a8:3b:9a:f5:26:
69:23:0f:b7:b1:5d:e2:7c:cd:04:50:1e:3d:26:a0:06:61:29:
9b:09:2a:b8:cc:91:63:94:c2:f7:65:a3:49:30:45:ad:47:8a:
7a:92:44:f3:21:b3:ee:fe:8f:04:e7:1d:08:75:bc:20:df:3d:
b3:e7:d3:d7:a6:f1:95:51:88:51:35:9c:11:ec:5d:f2:cd:4c:
2c:28:bb:93:98:f9:29:d2:9d:5f:f6:84:3b:89:3c:1d:ac:66:
a4:51:ee:5e:d0:0f:bd:d3:3b:6d:5a:c0:35:a5:0e:13:47:84:
a8:f9:85:a4:f2:d9:88:e8:f5:13:f9:22:51:60:23:71:70:ac:
1c:c7:c9:22:2d:cb:24:7e:90:e3:f2:05:30:bd:1f:76:5a:0c:
75:f1:98:76:d0:37:c8:a6:bb:7c:e9:1a:d6:0b:74:1d:03:d7:
1a:cf:fa:ec:c6:10:e8:ca:7c:61:f6:21:37:b0:25:6b:27:1c:
01:14:cf:60:ca:71:6a:4d:2f:18:b2:63:9e:77:9e:38:5d:e5:
3b:de:1d:cd:0a:bf:a9:72:9a:f0:2b:dd:58:f3:46:7b:c7:76:
f3:2e:fb:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3Rb1ZZ6CTj3tI82PXlTqYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNzQxZTdkZTY1N2U0YTEwZjkzY2E5MmM1MTdhODFiMmMw
YjI1MWUwHhcNMjUwNjI4MTYwMTMwWhcNMjUwNjI5MTYwMTMwWjAzMTEwLwYDVQQD
EygyMDc4OTA3ODQ5YmQ4YTBlMzZkYmNhNTc3ZjA0YjRjZjBmNGE5ZGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwiA26DwqG9kfdKPsyy8b5dziphlL
ozoopbhhUaNKFULhILQZpuM5O/bASpc02YSJdJUXFuJ/SYA8aTAvPgfd3yFJRgYI
K60IQflnYKj9og9gvBGUnsCijJJoxan5b7wJ6WeDEh22/SPOWiCK+H3EsoCuvVS4
k5hvXhPBFN5eft6aUdSt/tnjogvZ9LNaBG8qlGPY/N8btnDviDs6Gy9Jh1BjqnQ4
Uh1wuBWNnebQNyxB/GZtWSJ8Qo/IjmGDfmvS/SA6jWYMmjzi3g5InVMtfxpiysAd
uDoJVjbZdSOkJ5KSj5PfOPHZZHGuj/Jy35H86kK/Sv92grl+UBB6OT7mHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCB4kHhJvYoONtvKV38EtM8PSp3JMB8GA1UdIwQY
MBaAFM50Hn3mV+ShD5PKksUXqBssCyUeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem5RZWZlWlg1S0VQazhxU3hSZW9HeXdMSlI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9jOWE5ZDEtYjEzYy00MDNkLWJkMWMt
ZDEyYTM3MmY1MTczLzEvem5RZWZlWlg1S0VQazhxU3hSZW9HeXdMSlI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9jOWE5ZDEtYjEzYy00MDNkLWJkMWMtZDEyYTM3MmY1MTcz
LzEvem5RZWZlWlg1S0VQazhxU3hSZW9HeXdMSlI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKoHrgY9x
dG3j9yBwcVETdsy7A0KyEG1YDqIh44ETf6g7mvUmaSMPt7Fd4nzNBFAePSagBmEp
mwkquMyRY5TC92WjSTBFrUeKepJE8yGz7v6PBOcdCHW8IN89s+fT16bxlVGIUTWc
Eexd8s1MLCi7k5j5KdKdX/aEO4k8HaxmpFHuXtAPvdM7bVrANaUOE0eEqPmFpPLZ
iOj1E/kiUWAjcXCsHMfJIi3LJH6Q4/IFML0fdloMdfGYdtA3yKa7fOka1gt0HQPX
Gs/67MYQ6Mp8YfYhN7AlayccARTPYMpxak0vGLJjnneeOF3lO94dzQq/qXKa8Cvd
WPNGe8d28y771Q==
-----END CERTIFICATE-----
Generated at Sat Jun 28 21:27:09 2025 by rpki-client