Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/1cdbb1-e265-44c5-b980-4a566add54b2/1/MxpRr9TLZoLCMN7WQGWMETxWL9I.mft
File: MxpRr9TLZoLCMN7WQGWMETxWL9I.mft (raw, json)
Hash identifier: aC6aig+6Nc3fwKArzvgFDM7Iz1jUTEVeT168OpiYnYQ=
Subject key identifier: 84:5E:6B:0B:3A:D9:73:A1:88:6A:F9:42:B6:2D:D9:AF:25:62:CC:E1
Authority key identifier: 33:1A:51:AF:D4:CB:66:82:C2:30:DE:D6:40:65:8C:11:3C:56:2F:D2
Certificate issuer: /CN=331a51afd4cb6682c230ded640658c113c562fd2
Certificate serial: 0197B6D78AA17D5930586ACE29D45438638F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MxpRr9TLZoLCMN7WQGWMETxWL9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/1cdbb1-e265-44c5-b980-4a566add54b2/1/MxpRr9TLZoLCMN7WQGWMETxWL9I.mft
Manifest number: 0803
Signing time: Sat 28 Jun 2025 14:01:08 +0000
Manifest this update: Sat 28 Jun 2025 14:01:08 +0000
Manifest next update: Sun 29 Jun 2025 14:01:08 +0000
Files and hashes: 1: MxpRr9TLZoLCMN7WQGWMETxWL9I.crl (hash: QbCi4Q90DkRWMmHz/B9wNFjQ3sGU81J24PE5rv8RmeQ=)
2: TS9TQNQnmKCUyfNW3iHSrKN4kHU.roa (hash: FKmub+udVUMJc6SCu1H3/G3fAnw8GwGXkDsFmXaZ8+8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/1cdbb1-e265-44c5-b980-4a566add54b2/1/MxpRr9TLZoLCMN7WQGWMETxWL9I.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/1cdbb1-e265-44c5-b980-4a566add54b2/1/MxpRr9TLZoLCMN7WQGWMETxWL9I.mft
rsync://rpki.ripe.net/repository/DEFAULT/MxpRr9TLZoLCMN7WQGWMETxWL9I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 14:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b6:d7:8a:a1:7d:59:30:58:6a:ce:29:d4:54:38:63:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=331a51afd4cb6682c230ded640658c113c562fd2
Validity
Not Before: Jun 28 14:01:08 2025 GMT
Not After : Jun 29 14:01:08 2025 GMT
Subject: CN=845e6b0b3ad973a1886af942b62dd9af2562cce1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e7:b8:a1:42:4e:5c:7a:1d:26:18:1f:91:57:
89:04:35:82:45:0c:ed:9f:68:13:b8:fc:21:83:47:
b0:f6:84:47:6e:e6:2b:df:61:15:83:00:a3:cd:28:
b6:d4:8c:87:33:ef:c8:fa:11:f0:5e:f2:3b:f2:14:
c1:3e:21:81:96:75:9c:86:05:c1:d1:44:73:f3:96:
24:66:8f:1a:42:82:6c:0a:9c:37:61:59:d1:3e:d8:
18:45:c0:1a:e1:3e:e5:ad:47:f8:30:84:fd:dc:07:
fa:f7:79:94:df:92:9a:b5:ae:ec:93:e4:fe:7a:fd:
f3:70:06:b4:79:11:fe:23:6b:53:d0:06:27:05:40:
63:00:32:61:82:70:ce:db:6d:10:11:4e:cd:5b:b8:
54:2f:95:22:58:6a:b6:d2:6f:05:80:ee:40:eb:68:
d2:52:d0:97:15:8e:2d:a2:14:d1:8b:ec:32:42:c8:
b6:8b:92:d8:3a:fc:08:cb:57:a8:02:5a:df:69:8f:
45:c4:52:06:dc:2f:fa:c6:ae:7e:ef:e6:da:99:e6:
2c:91:9c:37:7f:b1:3c:5e:23:92:b7:b7:b0:43:0c:
a6:72:4b:05:9c:cc:4a:20:0b:f8:31:87:14:7e:3c:
d6:74:bf:98:65:8b:b6:9d:00:85:07:62:6f:2d:00:
70:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:5E:6B:0B:3A:D9:73:A1:88:6A:F9:42:B6:2D:D9:AF:25:62:CC:E1
X509v3 Authority Key Identifier:
keyid:33:1A:51:AF:D4:CB:66:82:C2:30:DE:D6:40:65:8C:11:3C:56:2F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MxpRr9TLZoLCMN7WQGWMETxWL9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/1cdbb1-e265-44c5-b980-4a566add54b2/1/MxpRr9TLZoLCMN7WQGWMETxWL9I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/1cdbb1-e265-44c5-b980-4a566add54b2/1/MxpRr9TLZoLCMN7WQGWMETxWL9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
81:9c:2c:81:70:b8:58:10:cf:6a:cf:dd:d9:01:13:cc:37:1c:
07:c1:f6:17:59:fc:18:3f:8e:9d:7e:4e:ad:b5:26:52:84:cd:
00:9a:b7:6b:e9:c8:aa:3e:d8:f2:c5:50:77:6a:57:b5:b2:6e:
51:33:19:50:54:8f:1a:b9:21:c4:51:dd:54:d8:80:45:94:03:
69:e0:b9:95:ca:a3:be:35:8e:a2:fc:90:eb:3a:b3:62:63:d9:
30:68:98:7f:d1:87:15:ee:4e:cb:28:18:f4:25:78:1a:58:a3:
a9:3c:a2:57:f7:f2:4f:8b:3e:03:c0:0a:22:38:fe:28:27:3a:
e2:6c:d9:96:37:ef:73:b1:2d:46:6a:df:80:a5:d1:be:9c:65:
9a:a9:d8:af:73:b9:6b:ea:e7:14:e9:d4:3a:d0:f3:da:a5:4d:
e7:7c:8e:12:86:1a:b5:3e:a8:d3:59:e3:49:54:a6:67:d3:68:
d7:f3:48:bf:dc:70:b0:7c:b9:3b:b7:ad:d7:99:78:87:42:77:
5a:15:57:0d:3a:66:6d:08:eb:8f:e4:32:25:27:d5:2f:3b:77:
f7:fb:34:bf:f9:a5:9b:8e:1f:4a:f0:29:f5:b0:30:83:3c:21:
3f:e6:3d:d2:0f:22:bd:df:86:43:9a:d9:13:8e:6c:7d:be:e0:
69:9a:8a:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe214qhfVkwWGrOKdRUOGOPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMWE1MWFmZDRjYjY2ODJjMjMwZGVkNjQwNjU4YzExM2M1
NjJmZDIwHhcNMjUwNjI4MTQwMTA4WhcNMjUwNjI5MTQwMTA4WjAzMTEwLwYDVQQD
Eyg4NDVlNmIwYjNhZDk3M2ExODg2YWY5NDJiNjJkZDlhZjI1NjJjY2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+e4oUJOXHodJhgfkVeJBDWCRQzt
n2gTuPwhg0ew9oRHbuYr32EVgwCjzSi21IyHM+/I+hHwXvI78hTBPiGBlnWchgXB
0URz85YkZo8aQoJsCpw3YVnRPtgYRcAa4T7lrUf4MIT93Af693mU35Kata7sk+T+
ev3zcAa0eRH+I2tT0AYnBUBjADJhgnDO220QEU7NW7hUL5UiWGq20m8FgO5A62jS
UtCXFY4tohTRi+wyQsi2i5LYOvwIy1eoAlrfaY9FxFIG3C/6xq5+7+bameYskZw3
f7E8XiOSt7ewQwymcksFnMxKIAv4MYcUfjzWdL+YZYu2nQCFB2JvLQBwoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIReaws62XOhiGr5QrYt2a8lYszhMB8GA1UdIwQY
MBaAFDMaUa/Uy2aCwjDe1kBljBE8Vi/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXhwUnI5VExab0xDTU43V1FHV01FVHhXTDlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8xY2RiYjEtZTI2NS00NGM1LWI5ODAt
NGE1NjZhZGQ1NGIyLzEvTXhwUnI5VExab0xDTU43V1FHV01FVHhXTDlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8xY2RiYjEtZTI2NS00NGM1LWI5ODAtNGE1NjZhZGQ1NGIy
LzEvTXhwUnI5VExab0xDTU43V1FHV01FVHhXTDlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgZwsgXC4
WBDPas/d2QETzDccB8H2F1n8GD+OnX5OrbUmUoTNAJq3a+nIqj7Y8sVQd2pXtbJu
UTMZUFSPGrkhxFHdVNiARZQDaeC5lcqjvjWOovyQ6zqzYmPZMGiYf9GHFe5OyygY
9CV4GlijqTyiV/fyT4s+A8AKIjj+KCc64mzZljfvc7EtRmrfgKXRvpxlmqnYr3O5
a+rnFOnUOtDz2qVN53yOEoYatT6o01njSVSmZ9No1/NIv9xwsHy5O7et15l4h0J3
WhVXDTpmbQjrj+QyJSfVLzt39/s0v/mlm44fSvAp9bAwgzwhP+Y90g8ivd+GQ5rZ
E45sfb7gaZqKSQ==
-----END CERTIFICATE-----
Generated at Sat Jun 28 20:25:59 2025 by rpki-client