Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft
File: 1TVDIcElQ2AUXq8l9pk4uN80ezE.mft (raw, json)
Hash identifier: q96+QCoq1wB8Q7PkKoAmqXs4SCY1EZ+AuPuYiUZLZN4=
Subject key identifier: BA:A9:A2:4F:9A:13:27:28:39:81:1B:9B:24:C8:F2:91:3A:F5:75:11
Authority key identifier: D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31
Certificate issuer: /CN=d5354321c1254360145eaf25f69938b8df347b31
Certificate serial: 0197D43D7B59AA848C82A2D788354DA8B996
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft
Manifest number: 0AC4
Signing time: Fri 04 Jul 2025 07:01:28 +0000
Manifest this update: Fri 04 Jul 2025 07:01:28 +0000
Manifest next update: Sat 05 Jul 2025 07:01:28 +0000
Files and hashes: 1: 1TVDIcElQ2AUXq8l9pk4uN80ezE.crl (hash: 7CkcbhJWStt+XeklFH14e5hCZMFydoDl3TzR/uF8QBA=)
2: YLggX1zVSuzWscKfrJDHnrsh8ls.roa (hash: 7Jlfup6Pw3zmGnZu3LgfRRcWJ28VWesMcyWjGhyh+m8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft
rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Jul 2025 07:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d4:3d:7b:59:aa:84:8c:82:a2:d7:88:35:4d:a8:b9:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5354321c1254360145eaf25f69938b8df347b31
Validity
Not Before: Jul 4 07:01:28 2025 GMT
Not After : Jul 5 07:01:28 2025 GMT
Subject: CN=baa9a24f9a13272839811b9b24c8f2913af57511
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:84:fc:e9:69:25:51:06:94:cd:bf:92:55:19:
41:74:4a:6d:ff:96:4e:d7:b7:d2:55:01:59:fb:bb:
26:b4:fd:2f:4b:a2:1b:d3:39:f1:e4:81:50:76:fb:
a7:64:a0:57:b9:64:41:cc:b8:04:4d:ff:04:6d:d7:
f0:f1:b4:52:59:08:54:62:cc:67:86:25:71:ef:c2:
c5:06:c7:38:c8:e5:eb:1f:65:9c:e8:62:2a:fa:08:
eb:a9:c4:4f:fb:7c:d3:96:ef:66:6e:77:eb:24:78:
87:80:c7:70:22:1d:a6:75:b9:03:d1:ce:c3:9c:d0:
2b:ba:33:7b:09:7e:59:b4:7b:b0:f6:c7:e9:8c:19:
52:1f:f5:2a:97:bf:99:0b:5b:2e:e9:9a:5e:00:7a:
f0:4c:5f:98:33:f2:50:f6:1d:c9:06:ef:22:b4:0e:
6c:e7:fd:e9:65:60:0e:ee:5e:ed:ce:4f:b4:c9:64:
04:85:b5:cf:d7:20:cf:4f:a1:a1:19:26:08:d0:d3:
61:e4:99:0e:ca:9b:77:79:55:96:67:f0:df:2e:8d:
a1:05:85:d2:43:d0:b6:04:f4:8d:45:42:f1:19:4d:
dd:6f:fb:8f:7e:03:de:49:aa:65:48:d9:ea:88:d8:
91:8b:3c:79:73:44:7c:95:79:f5:38:c5:0f:7f:de:
fb:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:A9:A2:4F:9A:13:27:28:39:81:1B:9B:24:C8:F2:91:3A:F5:75:11
X509v3 Authority Key Identifier:
keyid:D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:ce:47:e9:5b:a7:1a:46:bd:fe:42:af:e8:82:f9:e9:4b:01:
88:51:41:0d:84:6d:d7:52:c4:be:10:3e:d2:72:a9:60:61:66:
13:99:5e:12:fa:8a:32:5b:76:59:13:3f:59:ec:b5:39:81:15:
39:c1:7e:36:6e:f1:bb:b0:47:e1:d4:e7:e2:92:f8:fb:be:5a:
40:d0:1e:7f:3c:78:44:0a:b2:cb:29:5e:64:23:43:92:f3:d4:
77:5d:37:7a:8f:d6:8d:d1:70:7a:2b:d6:25:8c:1f:52:dc:86:
c8:7b:7c:66:50:f7:95:ef:70:cd:7b:ce:32:2a:5c:81:4e:81:
f3:69:1e:c0:52:dd:34:4d:84:ef:0f:f9:c2:de:e4:10:be:ba:
88:c3:8e:30:80:f5:05:55:bf:03:aa:4a:b8:35:90:ad:e0:21:
83:76:0a:c1:7c:fa:9b:4b:73:d9:06:75:d6:44:f6:f5:f0:91:
a0:9c:67:8e:05:49:59:61:2f:f4:72:21:c2:b7:e2:11:65:cf:
c3:a3:a4:55:e1:a7:7a:fd:ab:93:af:81:2a:c0:db:1c:3e:fd:
b3:a8:df:39:25:c4:84:64:0c:fa:88:ee:c6:d2:f5:8d:64:91:
72:eb:c6:75:b0:64:ae:0a:5e:cf:10:72:60:4c:5c:fd:c7:68:
32:da:48:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfUPXtZqoSMgqLXiDVNqLmWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MzU0MzIxYzEyNTQzNjAxNDVlYWYyNWY2OTkzOGI4ZGYz
NDdiMzEwHhcNMjUwNzA0MDcwMTI4WhcNMjUwNzA1MDcwMTI4WjAzMTEwLwYDVQQD
EyhiYWE5YTI0ZjlhMTMyNzI4Mzk4MTFiOWIyNGM4ZjI5MTNhZjU3NTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6oT86WklUQaUzb+SVRlBdEpt/5ZO
17fSVQFZ+7smtP0vS6Ib0znx5IFQdvunZKBXuWRBzLgETf8Ebdfw8bRSWQhUYsxn
hiVx78LFBsc4yOXrH2Wc6GIq+gjrqcRP+3zTlu9mbnfrJHiHgMdwIh2mdbkD0c7D
nNArujN7CX5ZtHuw9sfpjBlSH/Uql7+ZC1su6ZpeAHrwTF+YM/JQ9h3JBu8itA5s
5/3pZWAO7l7tzk+0yWQEhbXP1yDPT6GhGSYI0NNh5JkOypt3eVWWZ/DfLo2hBYXS
Q9C2BPSNRULxGU3db/uPfgPeSaplSNnqiNiRizx5c0R8lXn1OMUPf977swIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLqpok+aEycoOYEbmyTI8pE69XURMB8GA1UdIwQY
MBaAFNU1QyHBJUNgFF6vJfaZOLjfNHsxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQt
YjY0ZWI4ZDgzNjU4LzEvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQtYjY0ZWI4ZDgzNjU4
LzEvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApM5H6Vun
Gka9/kKv6IL56UsBiFFBDYRt11LEvhA+0nKpYGFmE5leEvqKMlt2WRM/Wey1OYEV
OcF+Nm7xu7BH4dTn4pL4+75aQNAefzx4RAqyyyleZCNDkvPUd103eo/WjdFweivW
JYwfUtyGyHt8ZlD3le9wzXvOMipcgU6B82kewFLdNE2E7w/5wt7kEL66iMOOMID1
BVW/A6pKuDWQreAhg3YKwXz6m0tz2QZ11kT29fCRoJxnjgVJWWEv9HIhwrfiEWXP
w6OkVeGnev2rk6+BKsDbHD79s6jfOSXEhGQM+ojuxtL1jWSRcuvGdbBkrgpezxBy
YExc/cdoMtpIDQ==
-----END CERTIFICATE-----
Generated at Fri Jul 4 10:34:40 2025 by rpki-client