Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
File: IKDFQA4CP5P1GOQwBMM7x50vayE.mft (raw, json)
Hash identifier: +FURiF95tMybhh/UrptwpxZV6jaDW9aS//aT4r6BVKg=
Subject key identifier: C2:87:05:CA:8D:E7:89:98:6D:72:2F:73:0C:07:2F:B4:04:A7:A6:CE
Authority key identifier: 20:A0:C5:40:0E:02:3F:93:F5:18:E4:30:04:C3:3B:C7:9D:2F:6B:21
Certificate issuer: /CN=20a0c5400e023f93f518e43004c33bc79d2f6b21
Certificate serial: 0197B70E6792CDA92D1B2EA7127D5396D646
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
Manifest number: 15B6
Signing time: Sat 28 Jun 2025 15:01:03 +0000
Manifest this update: Sat 28 Jun 2025 15:01:03 +0000
Manifest next update: Sun 29 Jun 2025 15:01:03 +0000
Files and hashes: 1: HbgX7OEx-8g9VTQvYvbD_e0bPJ4.roa (hash: W8tzfEVYuZk67nGO3GJK/wSiRVXk9GPJqQ4Zpo1nq8A=)
2: IKDFQA4CP5P1GOQwBMM7x50vayE.crl (hash: 649H4BvPaiOER9p8qKtV9ilxCjlzWACakh5rNxW9cRU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:0e:67:92:cd:a9:2d:1b:2e:a7:12:7d:53:96:d6:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20a0c5400e023f93f518e43004c33bc79d2f6b21
Validity
Not Before: Jun 28 15:01:03 2025 GMT
Not After : Jun 29 15:01:03 2025 GMT
Subject: CN=c28705ca8de789986d722f730c072fb404a7a6ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:27:37:54:33:60:e5:37:78:c6:9c:0d:6a:a2:
66:8a:32:78:53:ba:cd:76:68:5c:93:79:2d:7b:d2:
0c:95:38:06:6d:fb:da:37:e3:7a:28:c8:92:9e:10:
82:20:73:df:07:e8:43:55:92:49:e5:2a:fc:00:e9:
0c:a3:a6:31:34:a7:d5:89:0f:02:57:55:b6:e0:4b:
19:83:bc:78:d7:bc:4e:f1:da:92:6e:59:d1:01:88:
8e:e0:4f:42:a0:b0:90:40:24:1e:b4:cf:16:a1:0f:
44:47:55:8a:69:6d:25:43:d0:6d:a2:79:f0:fa:cd:
45:9f:f1:6d:79:1c:c4:47:66:c7:59:79:8f:50:75:
ba:5e:27:04:dc:6c:fd:4e:e1:9c:c9:0e:a1:07:15:
9b:0d:31:4c:d0:a0:54:bb:4f:93:b4:2d:2e:64:d4:
c0:57:bf:c5:36:eb:d5:3d:74:5d:c6:ae:46:54:2d:
9b:3f:08:94:90:0c:cd:68:41:21:9e:4c:60:49:97:
c8:e2:ab:8b:43:8f:8b:c9:a0:83:f1:18:5e:3b:10:
59:dc:13:43:bd:c0:61:3c:c4:9b:76:91:56:d7:89:
88:18:b7:45:ea:e1:f8:c1:fd:7c:0e:1a:8b:9f:c7:
85:f6:3a:6b:54:4a:cd:15:bb:25:25:59:96:d1:bd:
2b:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:87:05:CA:8D:E7:89:98:6D:72:2F:73:0C:07:2F:B4:04:A7:A6:CE
X509v3 Authority Key Identifier:
keyid:20:A0:C5:40:0E:02:3F:93:F5:18:E4:30:04:C3:3B:C7:9D:2F:6B:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b1:90:b0:f5:63:ed:6f:cf:8f:f3:35:aa:e0:8a:37:e1:98:57:
a5:7a:d1:05:dc:7d:3e:b6:1b:4c:be:4b:c5:69:c3:57:23:c2:
2b:31:6d:c1:5c:2c:93:f9:bf:21:11:c1:08:81:36:58:e8:c3:
c1:c2:50:ab:0b:1b:a3:a2:4d:1b:22:ed:02:1b:fa:52:86:13:
da:6a:0f:bb:f3:03:3e:cc:e6:fb:4b:d8:88:c4:54:5d:69:ad:
31:f8:4d:ac:d4:44:45:61:92:41:81:57:bd:c0:06:b2:d2:48:
07:ac:de:39:51:58:aa:32:c5:d6:9d:d6:68:fe:a4:dd:c2:2c:
14:d1:9f:d4:03:bf:ad:e6:a9:d8:b5:18:c5:fd:5e:c8:ba:30:
a8:fc:6c:5d:cd:36:49:ce:49:cd:6c:d4:ea:e2:43:c1:ed:5c:
d9:c0:e0:7d:78:6e:19:51:23:48:99:63:a0:34:6e:5d:1d:32:
40:02:d9:55:a2:e5:3a:e3:5e:bf:b6:0f:28:08:56:0d:c4:8a:
a9:03:69:52:2d:fe:ec:a6:a4:ae:1a:31:fa:64:02:e1:55:99:
0d:54:fe:61:5c:17:14:72:7c:0d:93:86:c3:9a:61:d9:8a:8b:
2d:bd:c8:71:ff:9d:25:e1:b4:58:93:ed:96:0b:96:b1:06:9b:
ed:a1:82:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DmeSzaktGy6nEn1TltZGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYTBjNTQwMGUwMjNmOTNmNTE4ZTQzMDA0YzMzYmM3OWQy
ZjZiMjEwHhcNMjUwNjI4MTUwMTAzWhcNMjUwNjI5MTUwMTAzWjAzMTEwLwYDVQQD
EyhjMjg3MDVjYThkZTc4OTk4NmQ3MjJmNzMwYzA3MmZiNDA0YTdhNmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuic3VDNg5Td4xpwNaqJmijJ4U7rN
dmhck3kte9IMlTgGbfvaN+N6KMiSnhCCIHPfB+hDVZJJ5Sr8AOkMo6YxNKfViQ8C
V1W24EsZg7x417xO8dqSblnRAYiO4E9CoLCQQCQetM8WoQ9ER1WKaW0lQ9Btonnw
+s1Fn/FteRzER2bHWXmPUHW6XicE3Gz9TuGcyQ6hBxWbDTFM0KBUu0+TtC0uZNTA
V7/FNuvVPXRdxq5GVC2bPwiUkAzNaEEhnkxgSZfI4quLQ4+LyaCD8RheOxBZ3BND
vcBhPMSbdpFW14mIGLdF6uH4wf18DhqLn8eF9jprVErNFbslJVmW0b0rOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMKHBcqN54mYbXIvcwwHL7QEp6bOMB8GA1UdIwQY
MBaAFCCgxUAOAj+T9RjkMATDO8edL2shMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9kZmViMTAtOTUyNC00MWE1LWJiZDMt
MDc2OWFhNjI3MWU2LzEvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9kZmViMTAtOTUyNC00MWE1LWJiZDMtMDc2OWFhNjI3MWU2
LzEvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsZCw9WPt
b8+P8zWq4Io34ZhXpXrRBdx9PrYbTL5LxWnDVyPCKzFtwVwsk/m/IRHBCIE2WOjD
wcJQqwsbo6JNGyLtAhv6UoYT2moPu/MDPszm+0vYiMRUXWmtMfhNrNRERWGSQYFX
vcAGstJIB6zeOVFYqjLF1p3WaP6k3cIsFNGf1AO/reap2LUYxf1eyLowqPxsXc02
Sc5JzWzU6uJDwe1c2cDgfXhuGVEjSJljoDRuXR0yQALZVaLlOuNev7YPKAhWDcSK
qQNpUi3+7Kakrhox+mQC4VWZDVT+YVwXFHJ8DZOGw5ph2YqLLb3Icf+dJeG0WJPt
lguWsQab7aGC9A==
-----END CERTIFICATE-----
Generated at Sat Jun 28 20:28:38 2025 by rpki-client