Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.mft
File: d9LZKEIxBOXDSA4htKPtFJiyon4.mft (raw, json)
Hash identifier: dgG/R1ObbG08QKlYSUtsLPOWCPl0uESh7szbGD11H70=
Subject key identifier: 79:29:76:8B:9A:3B:71:1C:A8:8F:31:5E:36:AF:90:C0:E9:9A:1F:65
Authority key identifier: 77:D2:D9:28:42:31:04:E5:C3:48:0E:21:B4:A3:ED:14:98:B2:A2:7E
Certificate issuer: /CN=77d2d928423104e5c3480e21b4a3ed1498b2a27e
Certificate serial: 01984965211D29E4CAE3D7058DEBA11C56F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d9LZKEIxBOXDSA4htKPtFJiyon4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.mft
Manifest number: 0B79
Signing time: Sun 27 Jul 2025 01:00:21 +0000
Manifest this update: Sun 27 Jul 2025 01:00:21 +0000
Manifest next update: Mon 28 Jul 2025 01:00:21 +0000
Files and hashes: 1: HX3f5FZnDXBVPEnE5bxp-46XcDI.roa (hash: Cn4L/fOgVlSahDb0v8tdmodjivbISS4FJEJArlg0b+Y=)
2: d9LZKEIxBOXDSA4htKPtFJiyon4.crl (hash: yF42yKhKFOnGlUVCMV3r1yOA48FRifW8/s7mf5g/a9k=)
3: jKFJgU1IkNXTMlJ4fb3SLPhpIEs.roa (hash: gVNSWZlrE4CqYnhrjWkiPYyY6GBkTGDHd/hL4ezDiUs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.mft
rsync://rpki.ripe.net/repository/DEFAULT/d9LZKEIxBOXDSA4htKPtFJiyon4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 00:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:49:65:21:1d:29:e4:ca:e3:d7:05:8d:eb:a1:1c:56:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77d2d928423104e5c3480e21b4a3ed1498b2a27e
Validity
Not Before: Jul 27 01:00:21 2025 GMT
Not After : Jul 28 01:00:21 2025 GMT
Subject: CN=7929768b9a3b711ca88f315e36af90c0e99a1f65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:12:61:58:aa:74:fe:9b:b7:30:4b:12:48:d7:
c5:21:b0:11:03:1f:33:75:5e:f7:b5:1e:f3:33:82:
52:9d:d2:de:94:0d:4d:5b:41:83:39:66:52:ef:52:
76:a8:3f:94:06:a6:77:60:93:b5:d0:45:8c:48:ec:
82:f9:a6:21:70:ea:5b:95:8f:94:df:a5:d1:f2:18:
17:c5:ba:bf:2c:46:0f:e2:c6:bb:12:9f:5b:17:78:
63:3c:e0:da:8f:42:ca:15:a2:c6:13:4b:8d:14:31:
bc:56:1d:c5:8c:63:4d:6a:e5:75:d3:e1:69:4d:e0:
27:a9:2f:68:45:85:8a:fe:a8:a1:95:22:ea:13:86:
87:bb:91:7b:b1:fb:08:96:9f:a9:41:40:2d:5a:49:
59:8e:ff:7b:98:75:e9:63:36:45:ce:ec:74:a5:47:
1e:df:c5:03:c9:ef:d7:0f:b2:d0:f8:8c:2c:d6:86:
91:f0:8e:10:0e:c3:cd:34:f3:9e:e9:0f:ed:32:cf:
57:94:ec:7b:ec:ca:23:1d:19:cf:2e:ae:35:d3:bb:
56:19:33:69:d4:9c:ed:9f:b6:fd:db:cc:c4:21:00:
54:87:d0:e9:e6:18:e4:46:ec:56:12:99:49:0f:6e:
5d:f2:d3:1a:2c:fe:82:2d:00:70:29:fd:ae:06:aa:
c3:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:29:76:8B:9A:3B:71:1C:A8:8F:31:5E:36:AF:90:C0:E9:9A:1F:65
X509v3 Authority Key Identifier:
keyid:77:D2:D9:28:42:31:04:E5:C3:48:0E:21:B4:A3:ED:14:98:B2:A2:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9LZKEIxBOXDSA4htKPtFJiyon4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
73:d3:58:0f:18:8c:1a:92:ae:90:8e:07:12:df:6c:8b:53:6e:
ff:f1:1e:84:e0:21:5d:25:74:c6:55:0b:0a:0f:65:35:4a:df:
85:19:55:dc:1b:47:20:ab:8a:6f:4f:a3:70:77:c5:37:27:5e:
89:e2:d3:7e:ab:4e:fd:1b:d0:c8:fa:50:33:be:78:67:6b:ce:
45:ac:77:4e:a2:8b:8b:3c:ae:fa:13:42:9d:a9:cf:e2:fc:c0:
41:50:c4:bb:80:ca:9f:13:12:6e:07:8b:72:b3:f6:f5:17:a5:
13:89:85:cb:08:61:75:28:0c:62:d3:78:b4:b4:1e:d5:17:92:
f4:ec:35:76:20:c3:89:77:93:bb:1c:85:0a:2d:16:9e:f3:3e:
9f:f3:66:81:13:c4:66:55:2d:bc:e2:1e:0b:a8:46:3a:c7:42:
e7:16:6b:7e:92:26:d4:5a:43:45:fa:3f:6e:d0:0f:cd:67:d7:
78:5a:49:41:47:12:5b:b0:e8:41:bc:ce:85:46:79:1f:12:b4:
55:dc:4d:10:4b:bd:96:ac:8f:d9:75:ca:c8:52:16:a6:ea:c9:
5c:bf:38:4c:19:0b:b3:c0:01:fa:57:bd:e3:a5:30:6a:f0:87:
9a:83:71:79:73:53:12:22:7f:3d:b7:a8:dc:42:ec:5a:86:1c:
fe:48:39:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhJZSEdKeTK49cFjeuhHFbxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZDJkOTI4NDIzMTA0ZTVjMzQ4MGUyMWI0YTNlZDE0OThi
MmEyN2UwHhcNMjUwNzI3MDEwMDIxWhcNMjUwNzI4MDEwMDIxWjAzMTEwLwYDVQQD
Eyg3OTI5NzY4YjlhM2I3MTFjYTg4ZjMxNWUzNmFmOTBjMGU5OWExZjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBJhWKp0/pu3MEsSSNfFIbARAx8z
dV73tR7zM4JSndLelA1NW0GDOWZS71J2qD+UBqZ3YJO10EWMSOyC+aYhcOpblY+U
36XR8hgXxbq/LEYP4sa7Ep9bF3hjPODaj0LKFaLGE0uNFDG8Vh3FjGNNauV10+Fp
TeAnqS9oRYWK/qihlSLqE4aHu5F7sfsIlp+pQUAtWklZjv97mHXpYzZFzux0pUce
38UDye/XD7LQ+Iws1oaR8I4QDsPNNPOe6Q/tMs9XlOx77MojHRnPLq4107tWGTNp
1Jztn7b928zEIQBUh9Dp5hjkRuxWEplJD25d8tMaLP6CLQBwKf2uBqrDdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHkpdouaO3EcqI8xXjavkMDpmh9lMB8GA1UdIwQY
MBaAFHfS2ShCMQTlw0gOIbSj7RSYsqJ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDlMWktFSXhCT1hEU0E0aHRLUHRGSml5b240LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8yYjllMjktZDU2OC00ZDUzLWIxMjgt
NDg4NzkyMzg4ZTViLzEvZDlMWktFSXhCT1hEU0E0aHRLUHRGSml5b240Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8yYjllMjktZDU2OC00ZDUzLWIxMjgtNDg4NzkyMzg4ZTVi
LzEvZDlMWktFSXhCT1hEU0E0aHRLUHRGSml5b240LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc9NYDxiM
GpKukI4HEt9si1Nu//EehOAhXSV0xlULCg9lNUrfhRlV3BtHIKuKb0+jcHfFNyde
ieLTfqtO/RvQyPpQM754Z2vORax3TqKLizyu+hNCnanP4vzAQVDEu4DKnxMSbgeL
crP29RelE4mFywhhdSgMYtN4tLQe1ReS9Ow1diDDiXeTuxyFCi0WnvM+n/NmgRPE
ZlUtvOIeC6hGOsdC5xZrfpIm1FpDRfo/btAPzWfXeFpJQUcSW7DoQbzOhUZ5HxK0
VdxNEEu9lqyP2XXKyFIWpurJXL84TBkLs8AB+le946UwavCHmoNxeXNTEiJ/Pbeo
3ELsWoYc/kg5TA==
-----END CERTIFICATE-----
Generated at Sun Jul 27 08:46:04 2025 by rpki-client