Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.mft
File: ufdKR6bRoL9MIW5fq02R-xKd89Y.mft (raw, json)
Hash identifier: mHpVU86lj5rHToc4FKp0B1hVxJXUPtu7lufokKrV22w=
Subject key identifier: 58:C3:61:D6:5B:49:E4:0A:81:F0:F5:1F:FD:58:37:AE:FB:EE:28:BE
Authority key identifier: B9:F7:4A:47:A6:D1:A0:BF:4C:21:6E:5F:AB:4D:91:FB:12:9D:F3:D6
Certificate issuer: /CN=b9f74a47a6d1a0bf4c216e5fab4d91fb129df3d6
Certificate serial: 0197C4255AC9BBB333C5B75BAD360D7825DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ufdKR6bRoL9MIW5fq02R-xKd89Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.mft
Manifest number: 0AF2
Signing time: Tue 01 Jul 2025 04:01:11 +0000
Manifest this update: Tue 01 Jul 2025 04:01:11 +0000
Manifest next update: Wed 02 Jul 2025 04:01:11 +0000
Files and hashes: 1: 5AZ3tR0kmtggSX8GQL0nk_9vkNM.roa (hash: o7jn9b/bWLBA/ntIWwkYzFbMhpkdc8Mhco9rAn9gsO0=)
2: ufdKR6bRoL9MIW5fq02R-xKd89Y.crl (hash: Cr8RIV1GdEMkCzLsH/dLCnu+u7F/U3KcWKrQuxFR/q0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/ufdKR6bRoL9MIW5fq02R-xKd89Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 04:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c4:25:5a:c9:bb:b3:33:c5:b7:5b:ad:36:0d:78:25:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9f74a47a6d1a0bf4c216e5fab4d91fb129df3d6
Validity
Not Before: Jul 1 04:01:11 2025 GMT
Not After : Jul 2 04:01:11 2025 GMT
Subject: CN=58c361d65b49e40a81f0f51ffd5837aefbee28be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:55:4a:d0:e5:dd:f6:97:df:9b:0b:98:ff:db:
f6:76:4a:15:8d:6a:5d:4e:05:55:79:73:aa:67:b2:
1e:de:7f:03:10:96:97:3b:b3:c7:ea:ed:17:97:ea:
51:1a:fc:82:31:ff:cc:4e:06:1f:a6:54:e9:da:97:
5b:5d:62:57:42:a4:cd:06:51:78:cf:5c:32:c0:5f:
fa:e0:15:ca:49:8f:ab:80:b8:b3:b4:4c:85:a9:5c:
c0:b2:1e:20:0c:96:10:ae:4c:96:f1:43:50:e3:a8:
97:7d:ee:a1:89:d6:b3:c1:a9:84:f5:92:df:62:4c:
1f:76:a3:05:78:7c:de:71:f8:d5:60:b7:86:77:57:
91:56:6f:7c:cf:e4:4c:a4:d1:19:da:43:f0:38:14:
6e:8d:9c:a9:61:9d:b0:9c:5a:b8:04:de:b4:2a:63:
d6:0a:c7:57:c0:1f:1a:e1:7a:44:fa:c1:17:10:54:
b2:b9:82:d9:a8:97:68:2d:1b:32:ed:d6:9f:16:57:
b0:39:3d:00:2d:79:e3:73:b3:4b:a0:a0:52:27:f1:
c3:39:e3:1d:74:13:e7:f3:f5:49:f6:cd:63:27:2f:
66:92:80:aa:06:cb:fb:08:9d:6f:5f:e3:8e:f2:70:
5d:e2:6b:3c:97:55:17:18:55:30:9f:97:ca:d3:e9:
3c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:C3:61:D6:5B:49:E4:0A:81:F0:F5:1F:FD:58:37:AE:FB:EE:28:BE
X509v3 Authority Key Identifier:
keyid:B9:F7:4A:47:A6:D1:A0:BF:4C:21:6E:5F:AB:4D:91:FB:12:9D:F3:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ufdKR6bRoL9MIW5fq02R-xKd89Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
43:63:ca:0b:07:67:bf:1e:48:b2:a5:4c:99:6b:0e:9e:7c:18:
0a:f6:71:a4:91:c1:f5:78:38:f4:40:05:3d:76:b3:f1:f9:2d:
ba:4e:b1:4c:9e:96:79:a2:a0:07:4a:71:9b:38:57:3d:66:ba:
e0:e3:42:d4:2b:03:27:c2:40:bb:b8:7b:87:58:32:8e:2e:ab:
77:84:7d:ee:88:9e:71:c4:bd:bd:09:1e:df:dd:d6:f4:2a:95:
a3:ed:76:22:a5:7d:79:8d:6b:c0:17:f6:af:21:f5:14:2f:f0:
e7:a3:88:03:93:0a:3d:80:f7:d1:82:3f:4b:55:2c:f7:45:7c:
39:c9:30:34:4b:f1:28:b5:6d:a8:8c:4c:6a:71:b6:a5:00:d8:
26:f3:d9:e1:cb:fc:6c:19:81:45:5c:9a:13:a5:10:a0:39:b7:
3e:56:ed:c4:0e:12:27:77:07:c2:e8:b1:f9:93:41:94:ce:9c:
3c:62:25:e0:42:53:ff:75:7e:03:dd:13:93:72:b3:fd:65:aa:
71:35:0b:8f:a6:ff:9a:fd:aa:0c:b4:5b:ac:68:3b:df:5a:4c:
85:d6:f2:a3:7c:78:c4:e0:4d:0b:a3:51:4c:03:7b:d8:62:55:
fd:e2:79:36:11:2d:80:cb:a8:68:57:31:56:30:c1:80:1b:42:
1b:88:f0:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfEJVrJu7MzxbdbrTYNeCXaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5Zjc0YTQ3YTZkMWEwYmY0YzIxNmU1ZmFiNGQ5MWZiMTI5
ZGYzZDYwHhcNMjUwNzAxMDQwMTExWhcNMjUwNzAyMDQwMTExWjAzMTEwLwYDVQQD
Eyg1OGMzNjFkNjViNDllNDBhODFmMGY1MWZmZDU4MzdhZWZiZWUyOGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4VVK0OXd9pffmwuY/9v2dkoVjWpd
TgVVeXOqZ7Ie3n8DEJaXO7PH6u0Xl+pRGvyCMf/MTgYfplTp2pdbXWJXQqTNBlF4
z1wywF/64BXKSY+rgLiztEyFqVzAsh4gDJYQrkyW8UNQ46iXfe6hidazwamE9ZLf
YkwfdqMFeHzecfjVYLeGd1eRVm98z+RMpNEZ2kPwOBRujZypYZ2wnFq4BN60KmPW
CsdXwB8a4XpE+sEXEFSyuYLZqJdoLRsy7dafFlewOT0ALXnjc7NLoKBSJ/HDOeMd
dBPn8/VJ9s1jJy9mkoCqBsv7CJ1vX+OO8nBd4ms8l1UXGFUwn5fK0+k8nwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFjDYdZbSeQKgfD1H/1YN6777ii+MB8GA1UdIwQY
MBaAFLn3Skem0aC/TCFuX6tNkfsSnfPWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWZkS1I2YlJvTDlNSVc1ZnEwMlIteEtkODlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8yNGEwYmQtMDgzOC00Yzk1LTljY2Qt
MzBmNjA4YWRlNDhkLzEvdWZkS1I2YlJvTDlNSVc1ZnEwMlIteEtkODlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8yNGEwYmQtMDgzOC00Yzk1LTljY2QtMzBmNjA4YWRlNDhk
LzEvdWZkS1I2YlJvTDlNSVc1ZnEwMlIteEtkODlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ2PKCwdn
vx5IsqVMmWsOnnwYCvZxpJHB9Xg49EAFPXaz8fktuk6xTJ6WeaKgB0pxmzhXPWa6
4ONC1CsDJ8JAu7h7h1gyji6rd4R97oieccS9vQke393W9CqVo+12IqV9eY1rwBf2
ryH1FC/w56OIA5MKPYD30YI/S1Us90V8OckwNEvxKLVtqIxManG2pQDYJvPZ4cv8
bBmBRVyaE6UQoDm3PlbtxA4SJ3cHwuix+ZNBlM6cPGIl4EJT/3V+A90Tk3Kz/WWq
cTULj6b/mv2qDLRbrGg731pMhdbyo3x4xOBNC6NRTAN72GJV/eJ5NhEtgMuoaFcx
VjDBgBtCG4jwxQ==
-----END CERTIFICATE-----
Generated at Tue Jul 1 09:54:22 2025 by rpki-client