Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/36e4b8-4beb-43fb-a68e-2a8a2253fe0a/1/gK-nCOCY5WlCsWLzTkYzSX864tk.mft
File: gK-nCOCY5WlCsWLzTkYzSX864tk.mft (raw, json)
Hash identifier: 9h9FwHQmyuaaXBWZeXen41aqqFsJsTLMewP35z8s7LY=
Subject key identifier: 54:0A:68:C1:72:DE:A8:D2:57:EC:71:D8:B1:02:14:8F:A2:CD:01:E4
Authority key identifier: 80:AF:A7:08:E0:98:E5:69:42:B1:62:F3:4E:46:33:49:7F:3A:E2:D9
Certificate issuer: /CN=80afa708e098e56942b162f34e4633497f3ae2d9
Certificate serial: 019828FED73811AB5DCCBCF607974E24499F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gK-nCOCY5WlCsWLzTkYzSX864tk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/36e4b8-4beb-43fb-a68e-2a8a2253fe0a/1/gK-nCOCY5WlCsWLzTkYzSX864tk.mft
Manifest number: 11
Signing time: Sun 20 Jul 2025 18:00:46 +0000
Manifest this update: Sun 20 Jul 2025 18:00:46 +0000
Manifest next update: Mon 21 Jul 2025 18:00:46 +0000
Files and hashes: 1: YdAjbfCRxVQuhwuJCOd8n6-9uGc.roa (hash: ryQI+IE9GniEW1zRKSAQBzSoJ8r45pp9QujhZtOYmEk=)
2: gK-nCOCY5WlCsWLzTkYzSX864tk.crl (hash: U5AA9gu3QpSGektmZ0RUumsotdPjpr2ATsIL/S073e8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/36e4b8-4beb-43fb-a68e-2a8a2253fe0a/1/gK-nCOCY5WlCsWLzTkYzSX864tk.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/36e4b8-4beb-43fb-a68e-2a8a2253fe0a/1/gK-nCOCY5WlCsWLzTkYzSX864tk.mft
rsync://rpki.ripe.net/repository/DEFAULT/gK-nCOCY5WlCsWLzTkYzSX864tk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:28:fe:d7:38:11:ab:5d:cc:bc:f6:07:97:4e:24:49:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80afa708e098e56942b162f34e4633497f3ae2d9
Validity
Not Before: Jul 20 18:00:46 2025 GMT
Not After : Jul 21 18:00:46 2025 GMT
Subject: CN=540a68c172dea8d257ec71d8b102148fa2cd01e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:4d:ad:da:d9:4f:8c:30:87:1b:cb:ab:45:23:
ea:a0:77:8d:dc:62:cd:7b:fb:fd:2c:49:01:ac:e3:
c8:cb:0a:7d:95:d1:2d:0c:4b:9c:cc:78:41:7c:15:
d4:3a:ab:bd:e9:ff:03:9f:64:e4:d2:8d:03:62:a6:
69:12:b1:52:1b:a4:ba:2d:e7:04:47:f4:17:20:d2:
d7:a6:41:43:b7:fe:c5:9e:1b:a2:64:ec:82:cb:93:
46:42:f1:10:aa:5d:73:e1:cc:e1:e1:76:3d:52:8c:
45:7c:e4:47:ed:bb:9e:00:98:9a:74:a4:50:84:37:
d8:32:50:da:67:1b:4d:37:29:1b:9b:4c:8d:9a:aa:
cc:e7:cd:2a:55:e6:20:f4:61:ff:22:b4:ee:c6:f8:
80:91:d8:b2:bc:e6:07:a5:61:32:1f:52:6c:8e:f4:
a5:b5:47:6a:ac:b3:6f:16:cb:c5:ea:e9:49:0c:64:
ef:42:e5:da:35:37:fe:ea:e1:fd:8d:1c:f1:c3:10:
dd:a9:7c:15:d7:ba:ef:e0:d0:af:64:a3:db:3d:e0:
b3:c4:b3:db:13:e8:d6:05:6b:39:79:48:60:a9:a6:
0f:29:14:67:b4:2b:8f:f1:84:ef:0c:d1:79:28:3c:
52:da:16:2c:d2:02:13:7c:4e:99:a1:0f:4a:77:9c:
75:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:0A:68:C1:72:DE:A8:D2:57:EC:71:D8:B1:02:14:8F:A2:CD:01:E4
X509v3 Authority Key Identifier:
keyid:80:AF:A7:08:E0:98:E5:69:42:B1:62:F3:4E:46:33:49:7F:3A:E2:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gK-nCOCY5WlCsWLzTkYzSX864tk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/36e4b8-4beb-43fb-a68e-2a8a2253fe0a/1/gK-nCOCY5WlCsWLzTkYzSX864tk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/36e4b8-4beb-43fb-a68e-2a8a2253fe0a/1/gK-nCOCY5WlCsWLzTkYzSX864tk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
03:f3:01:d6:76:00:8a:cb:57:8e:f7:37:27:35:2b:a9:34:94:
78:0f:a1:e8:c8:ef:80:c5:53:64:47:9b:e6:50:05:15:25:32:
df:02:d6:5f:e6:38:48:41:9b:91:71:c2:de:11:03:35:98:76:
99:98:ba:7d:7a:90:51:99:7e:8f:82:95:36:d7:70:b8:ac:bf:
00:7f:a1:e1:21:af:c2:75:ee:84:0b:63:b1:69:fb:2c:44:e8:
e8:dc:78:8a:9d:e8:a8:48:6d:72:8f:0a:2a:de:c7:de:4e:82:
d7:6c:ef:ed:35:67:36:b2:5b:13:6f:f4:37:6e:8b:8c:ba:56:
3c:16:78:ca:a9:94:7f:ac:7c:3e:73:02:f3:57:13:b5:41:bf:
1f:4e:20:1c:91:50:36:ef:10:58:5c:8d:ea:0c:b5:d6:5c:22:
20:89:75:c2:57:de:f7:30:02:f0:d9:83:6a:17:24:9a:a9:0f:
49:5f:bc:4e:1b:17:a1:56:ca:c7:b5:b3:c9:b8:bc:6e:1a:28:
fb:2e:22:c3:e8:5d:37:9b:c9:1d:c3:a9:7b:7d:59:bd:97:ed:
e0:99:92:5b:01:23:dc:81:7c:dd:c9:26:4f:9c:2b:65:7b:0d:
95:64:26:2b:b1:d8:c6:c2:f7:65:ac:2f:39:63:66:51:d2:bd:
67:e6:4c:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZgo/tc4EatdzLz2B5dOJEmfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwYWZhNzA4ZTA5OGU1Njk0MmIxNjJmMzRlNDYzMzQ5N2Yz
YWUyZDkwHhcNMjUwNzIwMTgwMDQ2WhcNMjUwNzIxMTgwMDQ2WjAzMTEwLwYDVQQD
Eyg1NDBhNjhjMTcyZGVhOGQyNTdlYzcxZDhiMTAyMTQ4ZmEyY2QwMWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApU2t2tlPjDCHG8urRSPqoHeN3GLN
e/v9LEkBrOPIywp9ldEtDEuczHhBfBXUOqu96f8Dn2Tk0o0DYqZpErFSG6S6LecE
R/QXINLXpkFDt/7FnhuiZOyCy5NGQvEQql1z4czh4XY9UoxFfORH7bueAJiadKRQ
hDfYMlDaZxtNNykbm0yNmqrM580qVeYg9GH/IrTuxviAkdiyvOYHpWEyH1JsjvSl
tUdqrLNvFsvF6ulJDGTvQuXaNTf+6uH9jRzxwxDdqXwV17rv4NCvZKPbPeCzxLPb
E+jWBWs5eUhgqaYPKRRntCuP8YTvDNF5KDxS2hYs0gITfE6ZoQ9Kd5x1uQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFQKaMFy3qjSV+xx2LECFI+izQHkMB8GA1UdIwQY
MBaAFICvpwjgmOVpQrFi805GM0l/OuLZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0stbkNPQ1k1V2xDc1dMelRrWXpTWDg2NHRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8zNmU0YjgtNGJlYi00M2ZiLWE2OGUt
MmE4YTIyNTNmZTBhLzEvZ0stbkNPQ1k1V2xDc1dMelRrWXpTWDg2NHRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8zNmU0YjgtNGJlYi00M2ZiLWE2OGUtMmE4YTIyNTNmZTBh
LzEvZ0stbkNPQ1k1V2xDc1dMelRrWXpTWDg2NHRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA/MB1nYA
istXjvc3JzUrqTSUeA+h6MjvgMVTZEeb5lAFFSUy3wLWX+Y4SEGbkXHC3hEDNZh2
mZi6fXqQUZl+j4KVNtdwuKy/AH+h4SGvwnXuhAtjsWn7LETo6Nx4ip3oqEhtco8K
Kt7H3k6C12zv7TVnNrJbE2/0N26LjLpWPBZ4yqmUf6x8PnMC81cTtUG/H04gHJFQ
Nu8QWFyN6gy11lwiIIl1wlfe9zAC8NmDahckmqkPSV+8ThsXoVbKx7Wzybi8bhoo
+y4iw+hdN5vJHcOpe31ZvZft4JmSWwEj3IF83ckmT5wrZXsNlWQmK7HYxsL3Zawv
OWNmUdK9Z+ZM6A==
-----END CERTIFICATE-----
Generated at Sun Jul 20 20:11:16 2025 by rpki-client