Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/fd9ea0-8357-458b-b596-9f34f6716259/1/ceWC839BZJjBi2YkjevM8iQavHY.mft
File: ceWC839BZJjBi2YkjevM8iQavHY.mft (raw, json)
Hash identifier: yTIGsvr2kNGb8lh5X7aNgTpW0BBIK+8paV3vphzQ+ug=
Subject key identifier: 83:27:0B:CB:DB:53:3B:DF:61:F9:44:E4:FD:7A:1E:07:F1:35:CE:E8
Authority key identifier: 71:E5:82:F3:7F:41:64:98:C1:8B:66:24:8D:EB:CC:F2:24:1A:BC:76
Certificate issuer: /CN=71e582f37f416498c18b66248debccf2241abc76
Certificate serial: 01984A77C828E17E9A9904125DE5CA389D86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ceWC839BZJjBi2YkjevM8iQavHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/fd9ea0-8357-458b-b596-9f34f6716259/1/ceWC839BZJjBi2YkjevM8iQavHY.mft
Manifest number: 059D
Signing time: Sun 27 Jul 2025 06:00:20 +0000
Manifest this update: Sun 27 Jul 2025 06:00:20 +0000
Manifest next update: Mon 28 Jul 2025 06:00:20 +0000
Files and hashes: 1: 3JlcQxD2NXWLaEj6J42YSdi1quE.roa (hash: ZFdShZLQiri1BeTMte27QBSxcmd4A78sb6jnkkO6l9s=)
2: ceWC839BZJjBi2YkjevM8iQavHY.crl (hash: CE9QsNui1/zIPTGv/AEsGs/jizNZyHQUxuIJyPFxL8o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/fd9ea0-8357-458b-b596-9f34f6716259/1/ceWC839BZJjBi2YkjevM8iQavHY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/fd9ea0-8357-458b-b596-9f34f6716259/1/ceWC839BZJjBi2YkjevM8iQavHY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ceWC839BZJjBi2YkjevM8iQavHY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:4a:77:c8:28:e1:7e:9a:99:04:12:5d:e5:ca:38:9d:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71e582f37f416498c18b66248debccf2241abc76
Validity
Not Before: Jul 27 06:00:20 2025 GMT
Not After : Jul 28 06:00:20 2025 GMT
Subject: CN=83270bcbdb533bdf61f944e4fd7a1e07f135cee8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:aa:09:42:e1:c3:3b:65:a0:54:bb:b9:11:25:
4b:03:0c:70:47:63:da:0c:fb:c0:a8:6e:e4:13:fb:
46:2f:82:84:8a:4d:65:02:1d:b9:a5:d4:90:aa:dc:
e8:97:7f:93:4d:16:da:93:b9:d9:bc:c8:eb:2f:b4:
8f:bc:67:4f:10:dc:b0:fe:08:66:d0:bb:31:80:a2:
f4:01:74:ce:b6:58:4d:26:6d:46:ff:54:66:24:3c:
4c:99:86:a3:20:91:3b:83:42:13:92:a8:3a:d8:0e:
20:a5:74:d3:33:bf:ea:20:68:93:a8:26:28:e0:54:
67:8b:8a:18:40:7c:3e:3a:a8:f0:5d:a7:75:a3:b4:
aa:1c:23:30:b2:08:0b:f6:6a:e8:8d:8e:91:df:c3:
5e:c2:e4:12:b7:5c:92:7a:10:e4:88:dc:f8:83:c8:
19:be:1b:f6:7d:e4:71:a7:a4:b2:9a:c8:89:42:bf:
d3:21:f8:d7:63:c8:7d:e2:46:f8:0e:a5:2f:c7:d7:
b1:8c:ab:d7:f3:44:8b:90:f6:00:5b:24:02:4d:72:
56:72:cc:19:e9:ad:3a:6a:46:e5:bf:77:11:7d:40:
57:e8:e0:6c:9b:36:11:de:d3:4f:6f:3b:c1:e5:e4:
38:68:a8:f3:12:dd:79:b5:4b:29:87:de:34:82:0b:
5f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:27:0B:CB:DB:53:3B:DF:61:F9:44:E4:FD:7A:1E:07:F1:35:CE:E8
X509v3 Authority Key Identifier:
keyid:71:E5:82:F3:7F:41:64:98:C1:8B:66:24:8D:EB:CC:F2:24:1A:BC:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ceWC839BZJjBi2YkjevM8iQavHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/fd9ea0-8357-458b-b596-9f34f6716259/1/ceWC839BZJjBi2YkjevM8iQavHY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/fd9ea0-8357-458b-b596-9f34f6716259/1/ceWC839BZJjBi2YkjevM8iQavHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4c:58:bf:c5:a7:c2:c9:4b:2c:15:8b:8e:39:3d:45:8b:bc:8c:
fc:73:3b:b8:15:f3:f2:26:f2:42:c0:b4:16:76:ec:9f:bb:d0:
8d:29:d5:fb:bb:0a:5d:7f:98:7b:0c:0d:78:c8:3a:33:94:3f:
8f:4e:95:db:35:31:99:f9:72:19:7f:d2:96:b1:f1:8c:eb:25:
4f:60:4a:dd:53:f5:16:18:22:66:b2:82:ae:e5:c3:d8:ce:d9:
9b:54:99:a5:ce:bc:89:aa:56:b9:97:4e:63:c1:92:5c:52:9c:
bb:7a:e3:c1:2c:6d:5b:c6:29:94:e8:d6:93:63:90:34:35:f7:
a6:c3:23:88:51:88:f9:5b:6d:b4:4a:0a:22:76:c6:13:b1:8f:
85:9d:bc:36:f1:f4:dc:e0:9e:c7:c2:9c:ac:3d:ae:9d:e4:50:
03:cc:1c:74:20:87:d6:43:80:0f:7b:eb:4f:cf:ca:5a:6e:ef:
46:61:7d:9a:7f:23:fb:77:c5:24:09:9e:e4:50:82:b2:fa:4f:
6e:9e:15:fb:84:20:36:4a:49:d0:22:d3:78:42:43:68:cd:6e:
cc:1b:95:8f:7b:17:42:f1:fc:76:b2:31:34:28:cc:43:2d:86:
27:64:55:68:47:f8:a4:d8:31:c8:cb:9a:cd:b0:14:c7:52:ce:
c8:73:92:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhKd8go4X6amQQSXeXKOJ2GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxZTU4MmYzN2Y0MTY0OThjMThiNjYyNDhkZWJjY2YyMjQx
YWJjNzYwHhcNMjUwNzI3MDYwMDIwWhcNMjUwNzI4MDYwMDIwWjAzMTEwLwYDVQQD
Eyg4MzI3MGJjYmRiNTMzYmRmNjFmOTQ0ZTRmZDdhMWUwN2YxMzVjZWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqoJQuHDO2WgVLu5ESVLAwxwR2Pa
DPvAqG7kE/tGL4KEik1lAh25pdSQqtzol3+TTRbak7nZvMjrL7SPvGdPENyw/ghm
0LsxgKL0AXTOtlhNJm1G/1RmJDxMmYajIJE7g0ITkqg62A4gpXTTM7/qIGiTqCYo
4FRni4oYQHw+OqjwXad1o7SqHCMwsggL9mrojY6R38NewuQSt1ySehDkiNz4g8gZ
vhv2feRxp6SymsiJQr/TIfjXY8h94kb4DqUvx9exjKvX80SLkPYAWyQCTXJWcswZ
6a06akblv3cRfUBX6OBsmzYR3tNPbzvB5eQ4aKjzEt15tUsph940ggtfTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIMnC8vbUzvfYflE5P16HgfxNc7oMB8GA1UdIwQY
MBaAFHHlgvN/QWSYwYtmJI3rzPIkGrx2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2VXQzgzOUJaSmpCaTJZa2pldk04aVFhdkhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9mZDllYTAtODM1Ny00NThiLWI1OTYt
OWYzNGY2NzE2MjU5LzEvY2VXQzgzOUJaSmpCaTJZa2pldk04aVFhdkhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9mZDllYTAtODM1Ny00NThiLWI1OTYtOWYzNGY2NzE2MjU5
LzEvY2VXQzgzOUJaSmpCaTJZa2pldk04aVFhdkhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATFi/xafC
yUssFYuOOT1Fi7yM/HM7uBXz8ibyQsC0Fnbsn7vQjSnV+7sKXX+YewwNeMg6M5Q/
j06V2zUxmflyGX/SlrHxjOslT2BK3VP1FhgiZrKCruXD2M7Zm1SZpc68iapWuZdO
Y8GSXFKcu3rjwSxtW8YplOjWk2OQNDX3psMjiFGI+VtttEoKInbGE7GPhZ28NvH0
3OCex8KcrD2uneRQA8wcdCCH1kOAD3vrT8/KWm7vRmF9mn8j+3fFJAme5FCCsvpP
bp4V+4QgNkpJ0CLTeEJDaM1uzBuVj3sXQvH8drIxNCjMQy2GJ2RVaEf4pNgxyMua
zbAUx1LOyHOSmA==
-----END CERTIFICATE-----
Generated at Sun Jul 27 13:45:26 2025 by rpki-client