Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/01aac3-bce9-4d7e-a5fc-3f1b16c6cd63/1/CANpo1iWH3KE-9WR6SdzfNsFw10.mft
File: CANpo1iWH3KE-9WR6SdzfNsFw10.mft (raw, json)
Hash identifier: izDOtNRK/NrjsZZl9314e9IR/tIJGF3X1ysqAU+MJSo=
Subject key identifier: FC:9E:16:BD:08:3A:E4:51:4B:4D:AD:AF:9D:7B:23:5A:D9:91:1B:87
Authority key identifier: 08:03:69:A3:58:96:1F:72:84:FB:D5:91:E9:27:73:7C:DB:05:C3:5D
Certificate issuer: /CN=080369a358961f7284fbd591e927737cdb05c35d
Certificate serial: 01974A43B9087C4E25D4CE374C6CFB9D6617
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CANpo1iWH3KE-9WR6SdzfNsFw10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/01aac3-bce9-4d7e-a5fc-3f1b16c6cd63/1/CANpo1iWH3KE-9WR6SdzfNsFw10.mft
Manifest number: 157F
Signing time: Sat 07 Jun 2025 12:00:41 +0000
Manifest this update: Sat 07 Jun 2025 12:00:41 +0000
Manifest next update: Sun 08 Jun 2025 12:00:41 +0000
Files and hashes: 1: CANpo1iWH3KE-9WR6SdzfNsFw10.crl (hash: QIO77kI2mPCntfwWiv59NcAGSxOfOoun7MeuTY2SbV4=)
2: GP2HIzJfCfnGM2MVlkSHwUHaN84.roa (hash: ETW1pgFwQtTKE9AFyJGtQ+Xl0Zj/E5KZv9xhDaWW5T8=)
3: qfVV9jSGkUSpTVAmIfthWu05Cnw.roa (hash: UbRHP3L39dp/ZkCYjMy0IuUuv/BT0urLDu7xXNtiXsY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/01aac3-bce9-4d7e-a5fc-3f1b16c6cd63/1/CANpo1iWH3KE-9WR6SdzfNsFw10.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/01aac3-bce9-4d7e-a5fc-3f1b16c6cd63/1/CANpo1iWH3KE-9WR6SdzfNsFw10.mft
rsync://rpki.ripe.net/repository/DEFAULT/CANpo1iWH3KE-9WR6SdzfNsFw10.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4a:43:b9:08:7c:4e:25:d4:ce:37:4c:6c:fb:9d:66:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=080369a358961f7284fbd591e927737cdb05c35d
Validity
Not Before: Jun 7 12:00:41 2025 GMT
Not After : Jun 8 12:00:41 2025 GMT
Subject: CN=fc9e16bd083ae4514b4dadaf9d7b235ad9911b87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:49:51:a3:0b:2b:60:b3:e3:43:f4:f1:3a:bb:
3a:81:4c:11:d3:81:c0:a0:47:60:72:a6:a6:f3:69:
77:6a:60:46:76:96:5a:7b:51:77:ea:75:f3:80:8e:
6f:0b:27:cc:d3:c4:c2:e0:ca:46:b0:06:18:5c:c7:
82:7f:e6:d0:df:d7:23:de:be:86:72:77:c7:08:f7:
e0:72:7f:48:8c:1a:34:9e:f2:14:5a:e1:7f:f8:66:
56:c9:2c:a4:f1:c5:e2:1f:bd:b8:81:9f:0f:ea:c6:
19:3f:8e:5b:ab:ff:ec:1b:ff:37:5a:d9:91:19:10:
bd:3d:46:66:dc:2e:3f:95:a5:50:bf:d5:bd:cb:98:
91:a9:1e:d7:9f:c2:12:3c:4c:6c:0e:bc:eb:d1:84:
d0:31:42:cb:4b:03:7d:1c:74:be:87:43:37:a1:0a:
cc:2d:a2:3b:c4:a6:0a:59:4d:63:5f:22:ac:51:d5:
30:0d:14:db:1e:a0:a5:3f:55:cc:5d:95:65:53:16:
41:94:43:64:2a:9d:c6:08:9b:9c:8c:e9:f2:f0:8c:
a2:5b:d5:2b:5f:7a:e9:3a:32:d8:a4:15:17:fd:76:
0a:a3:08:3b:08:74:25:92:07:0a:94:96:e3:67:68:
c8:19:09:b7:eb:6d:89:7a:bf:9f:57:09:d0:19:20:
36:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:9E:16:BD:08:3A:E4:51:4B:4D:AD:AF:9D:7B:23:5A:D9:91:1B:87
X509v3 Authority Key Identifier:
keyid:08:03:69:A3:58:96:1F:72:84:FB:D5:91:E9:27:73:7C:DB:05:C3:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CANpo1iWH3KE-9WR6SdzfNsFw10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/01aac3-bce9-4d7e-a5fc-3f1b16c6cd63/1/CANpo1iWH3KE-9WR6SdzfNsFw10.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/01aac3-bce9-4d7e-a5fc-3f1b16c6cd63/1/CANpo1iWH3KE-9WR6SdzfNsFw10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6e:c2:c4:2a:70:e6:1c:ce:d5:68:fd:4a:d0:ec:7b:3b:b5:bf:
fa:77:77:a1:9a:23:88:45:64:c7:e4:44:45:b3:0f:49:69:fb:
fa:9d:7f:ce:c6:ca:35:cb:c1:e5:b1:53:f1:89:67:70:bd:3a:
bc:fd:03:2a:15:ff:8c:12:70:7a:e7:60:0b:ea:6c:0b:b6:94:
76:2c:f3:a7:ff:9d:12:04:b8:c1:82:b8:78:8f:54:91:37:e4:
f4:12:06:13:44:5f:c5:8c:4a:62:1e:a6:84:b6:0b:fa:ed:a7:
73:50:d8:98:dd:0c:7e:39:89:cf:20:59:02:f1:78:18:20:20:
08:e6:b3:02:c5:3b:dc:49:26:ba:27:9c:96:4b:9e:9b:d9:53:
01:0c:14:de:8a:e8:cb:87:e3:0e:4d:37:26:45:d8:61:e0:2a:
ef:f8:98:10:c3:00:8b:99:9f:59:26:c5:6d:fd:b4:01:34:72:
02:2c:8b:c0:a7:78:02:d3:03:dc:48:03:57:d3:f5:69:b1:c9:
e9:02:fa:90:75:53:6c:e0:2a:d9:08:5d:a0:82:d3:af:a7:3e:
1d:6f:12:34:ea:6b:51:64:4b:41:fc:06:f5:7a:d9:53:2d:f0:
e1:21:70:9e:59:21:85:71:a0:7a:71:e1:62:c8:fa:02:2d:97:
cc:42:48:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKQ7kIfE4l1M43TGz7nWYXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDM2OWEzNTg5NjFmNzI4NGZiZDU5MWU5Mjc3MzdjZGIw
NWMzNWQwHhcNMjUwNjA3MTIwMDQxWhcNMjUwNjA4MTIwMDQxWjAzMTEwLwYDVQQD
EyhmYzllMTZiZDA4M2FlNDUxNGI0ZGFkYWY5ZDdiMjM1YWQ5OTExYjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0lRowsrYLPjQ/TxOrs6gUwR04HA
oEdgcqam82l3amBGdpZae1F36nXzgI5vCyfM08TC4MpGsAYYXMeCf+bQ39cj3r6G
cnfHCPfgcn9IjBo0nvIUWuF/+GZWySyk8cXiH724gZ8P6sYZP45bq//sG/83WtmR
GRC9PUZm3C4/laVQv9W9y5iRqR7Xn8ISPExsDrzr0YTQMULLSwN9HHS+h0M3oQrM
LaI7xKYKWU1jXyKsUdUwDRTbHqClP1XMXZVlUxZBlENkKp3GCJucjOny8IyiW9Ur
X3rpOjLYpBUX/XYKowg7CHQlkgcKlJbjZ2jIGQm3622Jer+fVwnQGSA26wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPyeFr0IOuRRS02tr517I1rZkRuHMB8GA1UdIwQY
MBaAFAgDaaNYlh9yhPvVkeknc3zbBcNdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FOcG8xaVdIM0tFLTlXUjZTZHpmTnNGdzEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8wMWFhYzMtYmNlOS00ZDdlLWE1ZmMt
M2YxYjE2YzZjZDYzLzEvQ0FOcG8xaVdIM0tFLTlXUjZTZHpmTnNGdzEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8wMWFhYzMtYmNlOS00ZDdlLWE1ZmMtM2YxYjE2YzZjZDYz
LzEvQ0FOcG8xaVdIM0tFLTlXUjZTZHpmTnNGdzEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbsLEKnDm
HM7VaP1K0Ox7O7W/+nd3oZojiEVkx+RERbMPSWn7+p1/zsbKNcvB5bFT8YlncL06
vP0DKhX/jBJweudgC+psC7aUdizzp/+dEgS4wYK4eI9UkTfk9BIGE0RfxYxKYh6m
hLYL+u2nc1DYmN0MfjmJzyBZAvF4GCAgCOazAsU73Ekmuieclkuem9lTAQwU3oro
y4fjDk03JkXYYeAq7/iYEMMAi5mfWSbFbf20ATRyAiyLwKd4AtMD3EgDV9P1abHJ
6QL6kHVTbOAq2QhdoILTr6c+HW8SNOprUWRLQfwG9XrZUy3w4SFwnlkhhXGgenHh
Ysj6Ai2XzEJIPQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 18:27:04 2025 by rpki-client