Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/90172a-969b-46da-8088-791a62d2d8ab/1/mZK1NCb7YU2aWm2D9ABWamYMndI.mft
File: mZK1NCb7YU2aWm2D9ABWamYMndI.mft (raw, json)
Hash identifier: IG6K61d6pUP0cwcLV36MNkXcIkUKLLvqRB3nB+nLAz0=
Subject key identifier: 38:CB:57:BB:9D:FE:F9:E9:1B:40:D7:3C:42:33:B7:C9:3E:AE:48:75
Authority key identifier: 99:92:B5:34:26:FB:61:4D:9A:5A:6D:83:F4:00:56:6A:66:0C:9D:D2
Certificate issuer: /CN=9992b53426fb614d9a5a6d83f400566a660c9dd2
Certificate serial: 01974B8D732B0C808BDF6D967E7A35D9BCAF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mZK1NCb7YU2aWm2D9ABWamYMndI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/90172a-969b-46da-8088-791a62d2d8ab/1/mZK1NCb7YU2aWm2D9ABWamYMndI.mft
Manifest number: 1151
Signing time: Sat 07 Jun 2025 18:00:50 +0000
Manifest this update: Sat 07 Jun 2025 18:00:50 +0000
Manifest next update: Sun 08 Jun 2025 18:00:50 +0000
Files and hashes: 1: iG2Qj8n6fZw-GirtzGhiiR4VwRI.roa (hash: C/swOHl78EzDeIac5yTERHHT18YviZO0RyNpfkEvBQE=)
2: mZK1NCb7YU2aWm2D9ABWamYMndI.crl (hash: eXxo+4fzYaiASNrW7Y+xA9bOsoY1Kh/U/yxMSy21nBc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/90172a-969b-46da-8088-791a62d2d8ab/1/mZK1NCb7YU2aWm2D9ABWamYMndI.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/90172a-969b-46da-8088-791a62d2d8ab/1/mZK1NCb7YU2aWm2D9ABWamYMndI.mft
rsync://rpki.ripe.net/repository/DEFAULT/mZK1NCb7YU2aWm2D9ABWamYMndI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4b:8d:73:2b:0c:80:8b:df:6d:96:7e:7a:35:d9:bc:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9992b53426fb614d9a5a6d83f400566a660c9dd2
Validity
Not Before: Jun 7 18:00:50 2025 GMT
Not After : Jun 8 18:00:50 2025 GMT
Subject: CN=38cb57bb9dfef9e91b40d73c4233b7c93eae4875
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1b:3f:9a:07:2c:25:46:9d:b7:3f:ab:e5:f0:
96:89:1c:66:83:ff:62:48:25:4a:87:ef:aa:a9:a5:
53:97:3c:f9:aa:9e:52:0b:29:df:a7:7b:61:e1:22:
1f:b5:20:d8:9c:56:e4:8c:52:88:79:3a:c8:37:40:
2e:49:ee:a3:0e:8e:4d:c5:ab:43:46:23:5b:29:e6:
4c:c5:c5:a1:24:7f:15:69:2b:69:9e:6d:09:4c:ef:
31:22:04:1e:34:e8:5c:c2:85:92:e4:ae:87:9e:c5:
8c:32:77:54:ae:88:4a:3d:5f:6d:f1:6a:3a:0c:b3:
3a:a0:bf:01:2d:78:86:20:19:14:19:b2:d1:2f:f7:
bb:08:3f:69:17:23:b4:52:af:d2:56:a7:0d:46:51:
52:3e:1b:ae:24:10:c8:d7:36:61:e7:80:33:80:33:
c9:45:ce:7e:e4:d0:e9:b6:e4:b9:37:2f:1c:3f:81:
2d:48:0c:14:25:74:02:74:29:a3:3b:ec:2d:c1:b0:
d9:9a:1a:ec:2c:d3:03:2a:99:44:1b:44:39:9a:6f:
34:ae:1f:94:d0:02:38:1b:a1:0c:82:26:f6:1c:bc:
64:15:05:98:11:81:c1:26:6d:eb:65:10:00:bf:21:
06:a4:cb:fe:d4:0e:d5:f4:7d:e2:a7:e7:6b:bb:88:
24:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:CB:57:BB:9D:FE:F9:E9:1B:40:D7:3C:42:33:B7:C9:3E:AE:48:75
X509v3 Authority Key Identifier:
keyid:99:92:B5:34:26:FB:61:4D:9A:5A:6D:83:F4:00:56:6A:66:0C:9D:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mZK1NCb7YU2aWm2D9ABWamYMndI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/90172a-969b-46da-8088-791a62d2d8ab/1/mZK1NCb7YU2aWm2D9ABWamYMndI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/90172a-969b-46da-8088-791a62d2d8ab/1/mZK1NCb7YU2aWm2D9ABWamYMndI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3a:72:7a:3f:7f:bf:9a:6a:29:ba:80:ca:b5:b2:b1:59:db:d4:
3a:f4:9d:43:b9:fc:f1:f8:a8:7c:21:72:d0:55:a5:be:8f:de:
a3:94:11:cc:b8:44:ca:97:d0:0a:3d:d2:52:7b:47:2f:20:aa:
48:35:dd:a8:39:4c:36:0a:d8:79:bc:a0:21:58:74:27:79:17:
fc:49:e9:cf:c6:b2:6c:8e:55:35:bd:2c:84:a5:13:4e:a8:8f:
fb:bb:f7:01:74:50:af:4e:f9:b6:67:51:67:38:3d:67:8c:12:
a9:70:54:3f:e4:b4:e8:46:d7:ab:f7:71:b2:70:b9:ed:48:73:
2d:16:1d:1e:59:87:9c:c7:1d:d5:c8:17:93:00:d6:70:72:81:
d8:63:b1:41:c9:9c:3d:16:94:35:ad:90:ad:30:3d:99:89:3d:
32:41:23:ee:db:cf:d7:17:26:84:15:63:06:d2:6a:f0:8a:73:
f4:ee:6c:a7:60:e3:5c:c7:60:69:60:b6:da:3f:19:27:a1:07:
b0:01:aa:cd:38:30:86:19:fd:fc:5e:1b:41:1e:46:03:06:42:
d4:95:d4:c1:48:d4:24:0d:7f:43:bf:65:fa:a1:2f:c1:3b:48:
36:01:23:aa:2d:af:2b:5f:eb:93:a4:0f:28:69:d0:5a:be:4f:
46:00:db:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLjXMrDICL322Wfno12byvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5OTJiNTM0MjZmYjYxNGQ5YTVhNmQ4M2Y0MDA1NjZhNjYw
YzlkZDIwHhcNMjUwNjA3MTgwMDUwWhcNMjUwNjA4MTgwMDUwWjAzMTEwLwYDVQQD
EygzOGNiNTdiYjlkZmVmOWU5MWI0MGQ3M2M0MjMzYjdjOTNlYWU0ODc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBs/mgcsJUadtz+r5fCWiRxmg/9i
SCVKh++qqaVTlzz5qp5SCynfp3th4SIftSDYnFbkjFKIeTrIN0AuSe6jDo5NxatD
RiNbKeZMxcWhJH8VaStpnm0JTO8xIgQeNOhcwoWS5K6HnsWMMndUrohKPV9t8Wo6
DLM6oL8BLXiGIBkUGbLRL/e7CD9pFyO0Uq/SVqcNRlFSPhuuJBDI1zZh54AzgDPJ
Rc5+5NDptuS5Ny8cP4EtSAwUJXQCdCmjO+wtwbDZmhrsLNMDKplEG0Q5mm80rh+U
0AI4G6EMgib2HLxkFQWYEYHBJm3rZRAAvyEGpMv+1A7V9H3ip+dru4gk6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDjLV7ud/vnpG0DXPEIzt8k+rkh1MB8GA1UdIwQY
MBaAFJmStTQm+2FNmlptg/QAVmpmDJ3SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVpLMU5DYjdZVTJhV20yRDlBQldhbVlNbmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC85MDE3MmEtOTY5Yi00NmRhLTgwODgt
NzkxYTYyZDJkOGFiLzEvbVpLMU5DYjdZVTJhV20yRDlBQldhbVlNbmRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC85MDE3MmEtOTY5Yi00NmRhLTgwODgtNzkxYTYyZDJkOGFi
LzEvbVpLMU5DYjdZVTJhV20yRDlBQldhbVlNbmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOnJ6P3+/
mmopuoDKtbKxWdvUOvSdQ7n88fiofCFy0FWlvo/eo5QRzLhEypfQCj3SUntHLyCq
SDXdqDlMNgrYebygIVh0J3kX/Enpz8aybI5VNb0shKUTTqiP+7v3AXRQr075tmdR
Zzg9Z4wSqXBUP+S06EbXq/dxsnC57UhzLRYdHlmHnMcd1cgXkwDWcHKB2GOxQcmc
PRaUNa2QrTA9mYk9MkEj7tvP1xcmhBVjBtJq8Ipz9O5sp2DjXMdgaWC22j8ZJ6EH
sAGqzTgwhhn9/F4bQR5GAwZC1JXUwUjUJA1/Q79l+qEvwTtINgEjqi2vK1/rk6QP
KGnQWr5PRgDbIQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:20:53 2025 by rpki-client