Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/8cef6f-fe09-4ef6-8bf1-798ac4928ed6/1/tDpxymDXTkXSuXSKsQZlKf0BM34.mft
File: tDpxymDXTkXSuXSKsQZlKf0BM34.mft (raw, json)
Hash identifier: 7xJWZxXIT62cyHtROFOL9725twKJSS03/BsDMO8dMmk=
Subject key identifier: A5:F5:80:A3:2F:0F:C4:89:AF:D1:A3:12:5D:B7:3F:EE:BF:A9:43:D6
Authority key identifier: B4:3A:71:CA:60:D7:4E:45:D2:B9:74:8A:B1:06:65:29:FD:01:33:7E
Certificate issuer: /CN=b43a71ca60d74e45d2b9748ab1066529fd01337e
Certificate serial: 0197C4251FE672A096AE83C1BE98944E3067
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDpxymDXTkXSuXSKsQZlKf0BM34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/8cef6f-fe09-4ef6-8bf1-798ac4928ed6/1/tDpxymDXTkXSuXSKsQZlKf0BM34.mft
Manifest number: 15BC
Signing time: Tue 01 Jul 2025 04:00:56 +0000
Manifest this update: Tue 01 Jul 2025 04:00:56 +0000
Manifest next update: Wed 02 Jul 2025 04:00:56 +0000
Files and hashes: 1: M5_-d1GdbRA2RUGO5npOtRSNEB8.roa (hash: DYZ2j8UdvivRy1b6Q4G0ZdvY6U48+tpNnHP/gql8rCo=)
2: tDpxymDXTkXSuXSKsQZlKf0BM34.crl (hash: 6TGSJmWg2pEhDF8MmlzkjU37ak7N3v0RINpGz4klsfk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/8cef6f-fe09-4ef6-8bf1-798ac4928ed6/1/tDpxymDXTkXSuXSKsQZlKf0BM34.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/8cef6f-fe09-4ef6-8bf1-798ac4928ed6/1/tDpxymDXTkXSuXSKsQZlKf0BM34.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDpxymDXTkXSuXSKsQZlKf0BM34.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 04:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c4:25:1f:e6:72:a0:96:ae:83:c1:be:98:94:4e:30:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b43a71ca60d74e45d2b9748ab1066529fd01337e
Validity
Not Before: Jul 1 04:00:56 2025 GMT
Not After : Jul 2 04:00:56 2025 GMT
Subject: CN=a5f580a32f0fc489afd1a3125db73feebfa943d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:fe:06:02:32:f7:b6:73:ed:b8:56:22:75:40:
ca:eb:ae:ab:5f:d8:61:22:ff:cd:7b:7b:d8:48:13:
67:6e:e6:27:19:dd:66:33:c9:86:9b:2a:12:94:c2:
8f:16:e3:cf:61:0b:a8:fd:b5:87:f0:e6:d1:28:02:
c7:1f:f3:3e:b7:d4:7d:91:bc:be:34:b1:d8:75:e7:
82:67:e8:65:62:32:fb:aa:6b:db:26:fc:dd:9e:78:
69:b1:0a:46:d9:a7:46:32:b4:75:e0:d8:55:e2:ee:
db:bb:23:a9:37:99:ad:fc:1a:67:2e:1a:0c:07:b1:
af:fb:6c:5f:ea:5f:85:80:cf:fb:7e:0c:a6:1e:e0:
e7:50:9d:72:c3:27:ad:f3:62:43:81:4b:2b:8b:96:
46:d4:2d:0d:83:9b:79:11:03:37:ba:3e:fe:b7:bb:
8c:f1:80:af:63:f8:da:d4:df:c4:dd:12:82:6c:5a:
b6:5e:87:6f:c8:f9:52:9a:7b:0f:f7:e3:98:30:19:
ec:2d:34:56:3e:e2:c3:8d:1b:e0:20:92:ad:b7:2a:
2b:d4:92:03:b5:b3:1e:78:29:7d:9d:02:d7:f9:01:
ab:97:db:98:01:a7:7b:0d:bb:01:38:60:76:97:1c:
f0:31:b2:e5:f5:57:ea:99:a5:92:a8:f8:b0:1d:60:
5c:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:F5:80:A3:2F:0F:C4:89:AF:D1:A3:12:5D:B7:3F:EE:BF:A9:43:D6
X509v3 Authority Key Identifier:
keyid:B4:3A:71:CA:60:D7:4E:45:D2:B9:74:8A:B1:06:65:29:FD:01:33:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDpxymDXTkXSuXSKsQZlKf0BM34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/8cef6f-fe09-4ef6-8bf1-798ac4928ed6/1/tDpxymDXTkXSuXSKsQZlKf0BM34.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/8cef6f-fe09-4ef6-8bf1-798ac4928ed6/1/tDpxymDXTkXSuXSKsQZlKf0BM34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
01:68:79:69:a4:5e:20:ba:6c:cb:1d:b7:a9:82:6d:ad:2c:e1:
64:03:45:26:4c:dc:4c:c3:c8:08:02:aa:90:9d:7c:3c:30:2f:
ac:7e:83:1a:cb:01:25:0b:62:f6:22:90:60:4f:d8:2c:28:d9:
38:f8:18:d2:d9:6b:e1:a7:22:38:e6:5c:af:6f:52:61:60:72:
c3:89:42:68:72:f7:54:f3:4b:d8:54:e3:54:8b:4f:64:b1:bf:
08:e3:86:8d:6e:22:c5:49:42:25:cd:ea:5b:cb:27:a5:77:a3:
86:dd:7e:3d:19:14:cf:0b:df:c2:cd:53:78:5e:4c:66:2a:03:
a9:52:0f:3b:4b:e8:6d:7d:b4:59:93:6f:f8:30:01:2d:bf:c5:
a4:ac:84:89:69:7c:45:22:60:4c:17:99:be:af:25:71:5c:87:
94:2d:f6:c5:c0:f2:97:33:f7:e9:f4:80:f9:13:6c:79:0b:41:
97:6e:78:1d:d8:49:5d:78:25:74:31:f4:f4:bf:77:7a:b4:6c:
c3:c3:c2:0b:e5:d8:1b:5f:ee:7e:9c:54:ed:b9:4e:ce:61:a9:
9a:3c:e0:95:23:1e:64:dc:82:1b:fe:d9:a0:d4:9f:a2:6a:10:
e0:0e:a1:9b:c7:c8:e2:a7:49:e1:9d:1a:f5:84:9d:6d:9f:3e:
a3:4b:b3:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfEJR/mcqCWroPBvpiUTjBnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0M2E3MWNhNjBkNzRlNDVkMmI5NzQ4YWIxMDY2NTI5ZmQw
MTMzN2UwHhcNMjUwNzAxMDQwMDU2WhcNMjUwNzAyMDQwMDU2WjAzMTEwLwYDVQQD
EyhhNWY1ODBhMzJmMGZjNDg5YWZkMWEzMTI1ZGI3M2ZlZWJmYTk0M2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqv4GAjL3tnPtuFYidUDK666rX9hh
Iv/Ne3vYSBNnbuYnGd1mM8mGmyoSlMKPFuPPYQuo/bWH8ObRKALHH/M+t9R9kby+
NLHYdeeCZ+hlYjL7qmvbJvzdnnhpsQpG2adGMrR14NhV4u7buyOpN5mt/BpnLhoM
B7Gv+2xf6l+FgM/7fgymHuDnUJ1ywyet82JDgUsri5ZG1C0Ng5t5EQM3uj7+t7uM
8YCvY/ja1N/E3RKCbFq2XodvyPlSmnsP9+OYMBnsLTRWPuLDjRvgIJKttyor1JID
tbMeeCl9nQLX+QGrl9uYAad7DbsBOGB2lxzwMbLl9VfqmaWSqPiwHWBc5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKX1gKMvD8SJr9GjEl23P+6/qUPWMB8GA1UdIwQY
MBaAFLQ6ccpg105F0rl0irEGZSn9ATN+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERweHltRFhUa1hTdVhTS3NRWmxLZjBCTTM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS84Y2VmNmYtZmUwOS00ZWY2LThiZjEt
Nzk4YWM0OTI4ZWQ2LzEvdERweHltRFhUa1hTdVhTS3NRWmxLZjBCTTM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS84Y2VmNmYtZmUwOS00ZWY2LThiZjEtNzk4YWM0OTI4ZWQ2
LzEvdERweHltRFhUa1hTdVhTS3NRWmxLZjBCTTM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAWh5aaRe
ILpsyx23qYJtrSzhZANFJkzcTMPICAKqkJ18PDAvrH6DGssBJQti9iKQYE/YLCjZ
OPgY0tlr4aciOOZcr29SYWByw4lCaHL3VPNL2FTjVItPZLG/COOGjW4ixUlCJc3q
W8snpXejht1+PRkUzwvfws1TeF5MZioDqVIPO0vobX20WZNv+DABLb/FpKyEiWl8
RSJgTBeZvq8lcVyHlC32xcDylzP36fSA+RNseQtBl254HdhJXXgldDH09L93erRs
w8PCC+XYG1/ufpxU7blOzmGpmjzglSMeZNyCG/7ZoNSfomoQ4A6hm8fI4qdJ4Z0a
9YSdbZ8+o0uzDg==
-----END CERTIFICATE-----
Generated at Tue Jul 1 11:06:00 2025 by rpki-client