Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
File: cHl9sHv21Fl6wtyL40-JKYAI8s0.mft (raw, json)
Hash identifier: 8pS7X/Bi3urUisZ5ifGbC+FpFx0ncIFmZ5LWXmf/cN4=
Subject key identifier: 4D:E3:4C:B9:E8:1F:2B:59:E9:9D:86:13:C6:ED:9D:11:47:FF:1D:AB
Authority key identifier: 70:79:7D:B0:7B:F6:D4:59:7A:C2:DC:8B:E3:4F:89:29:80:08:F2:CD
Certificate issuer: /CN=70797db07bf6d4597ac2dc8be34f89298008f2cd
Certificate serial: 0197B820CF513394300F828639F19221170F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
Manifest number: 15BA
Signing time: Sat 28 Jun 2025 20:00:47 +0000
Manifest this update: Sat 28 Jun 2025 20:00:47 +0000
Manifest next update: Sun 29 Jun 2025 20:00:47 +0000
Files and hashes: 1: aSlfyLBw9tgMgXUQzZob6GMDMuM.roa (hash: DQ6riuAx/+y5wvPOEmkDzdZnToFJiPSBUt3sxo+9O3s=)
2: cHl9sHv21Fl6wtyL40-JKYAI8s0.crl (hash: Gs5rkgb9fMJRpqg1RZbe/efiHx8rXzZRy4iUtUJ1opg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b8:20:cf:51:33:94:30:0f:82:86:39:f1:92:21:17:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70797db07bf6d4597ac2dc8be34f89298008f2cd
Validity
Not Before: Jun 28 20:00:47 2025 GMT
Not After : Jun 29 20:00:47 2025 GMT
Subject: CN=4de34cb9e81f2b59e99d8613c6ed9d1147ff1dab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:35:dc:bb:c6:a1:6e:2d:a8:5d:bc:29:6c:d8:
89:a6:ff:ac:79:d3:8b:cd:6a:5b:e0:c5:55:e9:8d:
58:1c:31:16:c4:02:44:0c:02:8d:12:98:30:26:83:
af:5a:7f:d5:a0:04:74:9f:92:68:8d:15:cf:ca:ec:
48:74:14:6e:18:10:7d:f9:26:c4:fc:c5:90:4f:df:
3a:ac:0a:af:f4:35:d7:e9:11:ff:f9:f5:d9:0f:f5:
ba:91:47:41:73:f0:ca:77:f8:6b:2b:e9:ca:6a:c6:
f8:73:8d:5f:59:f8:6c:b4:b1:e4:47:56:5b:01:eb:
09:68:6e:94:b8:e2:af:b1:d9:2b:d2:7b:62:9b:fd:
f2:d4:c7:2f:cf:dc:4f:29:18:05:64:b8:b9:11:44:
7d:2f:5a:e1:37:bb:12:35:60:cd:a8:cf:98:9e:a2:
11:ce:34:41:77:40:ef:b5:ad:1c:d3:d1:02:72:9e:
56:02:b7:bd:ff:c4:f1:45:a5:00:13:f3:b3:61:e5:
8b:0d:a6:92:31:26:2e:f1:32:f5:12:d5:fc:4d:75:
34:f3:f2:87:bb:75:d2:08:d3:4e:e1:1b:78:f5:c5:
8e:7e:2a:8d:1b:ab:a7:c1:b3:00:37:ca:f7:07:5d:
16:0a:f1:e9:1e:39:ac:17:f9:a0:3c:c6:03:f7:f9:
f6:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:E3:4C:B9:E8:1F:2B:59:E9:9D:86:13:C6:ED:9D:11:47:FF:1D:AB
X509v3 Authority Key Identifier:
keyid:70:79:7D:B0:7B:F6:D4:59:7A:C2:DC:8B:E3:4F:89:29:80:08:F2:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b0:ed:db:a5:52:3b:a2:74:9e:9b:7e:de:7e:b7:06:6d:28:15:
1b:c3:cb:88:c8:e9:57:22:7f:18:dc:ed:f2:2f:a4:83:b9:60:
5d:b2:14:af:34:ec:7f:c8:f9:42:54:0e:6d:20:fc:09:44:8c:
ae:b4:36:39:d1:e2:aa:3c:83:e0:28:fa:ec:6b:9f:16:43:06:
b0:1b:32:8b:0a:72:01:9e:35:7b:8c:1f:df:b5:23:49:ba:c3:
1a:39:00:62:7d:9b:5b:8e:95:7f:04:58:4a:c6:f5:fd:1f:17:
01:9d:2a:ae:9c:24:71:86:c6:b8:ba:46:b4:47:c0:d6:7e:27:
44:f2:10:17:74:b6:48:96:b7:4e:ab:9a:07:68:62:dc:33:89:
e5:0c:a5:c8:a2:b2:18:a0:79:95:97:9b:6f:bd:e5:d3:d1:45:
e7:dc:64:e7:a0:9f:dc:68:a6:02:80:90:d7:5b:05:90:06:f8:
1f:81:98:a5:f7:cd:6a:3d:1f:28:50:fa:28:6a:e6:87:50:a3:
ce:73:c4:6f:33:e9:ff:f8:35:cb:76:cf:73:09:21:f0:b1:45:
e8:0f:f4:0e:19:ff:42:ce:dd:c5:a4:ed:50:70:bb:af:ad:d9:
af:cb:e9:e9:47:79:60:21:5b:a9:ac:88:8b:25:c1:c4:ee:5a:
55:05:c4:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4IM9RM5QwD4KGOfGSIRcPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNzk3ZGIwN2JmNmQ0NTk3YWMyZGM4YmUzNGY4OTI5ODAw
OGYyY2QwHhcNMjUwNjI4MjAwMDQ3WhcNMjUwNjI5MjAwMDQ3WjAzMTEwLwYDVQQD
Eyg0ZGUzNGNiOWU4MWYyYjU5ZTk5ZDg2MTNjNmVkOWQxMTQ3ZmYxZGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjXcu8ahbi2oXbwpbNiJpv+sedOL
zWpb4MVV6Y1YHDEWxAJEDAKNEpgwJoOvWn/VoAR0n5JojRXPyuxIdBRuGBB9+SbE
/MWQT986rAqv9DXX6RH/+fXZD/W6kUdBc/DKd/hrK+nKasb4c41fWfhstLHkR1Zb
AesJaG6UuOKvsdkr0ntim/3y1Mcvz9xPKRgFZLi5EUR9L1rhN7sSNWDNqM+YnqIR
zjRBd0Dvta0c09ECcp5WAre9/8TxRaUAE/OzYeWLDaaSMSYu8TL1EtX8TXU08/KH
u3XSCNNO4Rt49cWOfiqNG6unwbMAN8r3B10WCvHpHjmsF/mgPMYD9/n2SQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE3jTLnoHytZ6Z2GE8btnRFH/x2rMB8GA1UdIwQY
MBaAFHB5fbB79tRZesLci+NPiSmACPLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9jMmVlN2EtY2JiNy00NzBlLWI5NjUt
OTA3ZGFhNDY0NjNiLzEvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9jMmVlN2EtY2JiNy00NzBlLWI5NjUtOTA3ZGFhNDY0NjNi
LzEvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsO3bpVI7
onSem37efrcGbSgVG8PLiMjpVyJ/GNzt8i+kg7lgXbIUrzTsf8j5QlQObSD8CUSM
rrQ2OdHiqjyD4Cj67GufFkMGsBsyiwpyAZ41e4wf37UjSbrDGjkAYn2bW46VfwRY
Ssb1/R8XAZ0qrpwkcYbGuLpGtEfA1n4nRPIQF3S2SJa3TquaB2hi3DOJ5QylyKKy
GKB5lZebb73l09FF59xk56Cf3GimAoCQ11sFkAb4H4GYpffNaj0fKFD6KGrmh1Cj
znPEbzPp//g1y3bPcwkh8LFF6A/0Dhn/Qs7dxaTtUHC7r63Zr8vp6Ud5YCFbqayI
iyXBxO5aVQXE4g==
-----END CERTIFICATE-----
Generated at Sat Jun 28 21:34:13 2025 by rpki-client