Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.mft
File: mK9kDIIO61-8kigcYRRPEae9cH4.mft (raw, json)
Hash identifier: 6e0+6lP+NgryG4YMkRKAvzP+VK456ryb8JS8BhOxsAM=
Subject key identifier: 8E:2A:F3:77:EF:55:03:F4:02:30:FC:03:BA:4F:16:70:D6:93:4A:90
Authority key identifier: 98:AF:64:0C:82:0E:EB:5F:BC:92:28:1C:61:14:4F:11:A7:BD:70:7E
Certificate issuer: /CN=98af640c820eeb5fbc92281c61144f11a7bd707e
Certificate serial: 01974A43E7F9E7AD3FD2CD9FDAB0AA613EF5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mK9kDIIO61-8kigcYRRPEae9cH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.mft
Manifest number: 02D4
Signing time: Sat 07 Jun 2025 12:00:53 +0000
Manifest this update: Sat 07 Jun 2025 12:00:53 +0000
Manifest next update: Sun 08 Jun 2025 12:00:53 +0000
Files and hashes: 1: OWXYykmlPDxYaUK6ibOA62-hDng.roa (hash: x4BvE6J+LBS4eTxuz/ILECCYgRYsxbKFwFccG0CtiDI=)
2: mK9kDIIO61-8kigcYRRPEae9cH4.crl (hash: ueeI0IsKeAsIivnxYuaNKW5GGmiRYwtmN5HB1AF9GPg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/mK9kDIIO61-8kigcYRRPEae9cH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4a:43:e7:f9:e7:ad:3f:d2:cd:9f:da:b0:aa:61:3e:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98af640c820eeb5fbc92281c61144f11a7bd707e
Validity
Not Before: Jun 7 12:00:53 2025 GMT
Not After : Jun 8 12:00:53 2025 GMT
Subject: CN=8e2af377ef5503f40230fc03ba4f1670d6934a90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:a7:48:4f:0c:e4:9a:77:33:bb:d1:68:05:95:
e7:ad:5b:13:a4:78:b0:1d:8a:1a:2e:b0:f0:96:a6:
b4:09:41:1e:0e:4f:3f:7c:52:89:9a:e8:49:61:bc:
17:75:1c:b9:df:99:eb:ef:85:53:11:06:f6:0f:6f:
6d:21:3e:f2:1b:d6:c5:78:d1:c7:88:c8:b0:73:9c:
84:c8:8a:07:48:35:46:c9:2d:e5:5a:87:fd:6b:3d:
58:b3:6a:8e:78:6d:d0:9a:08:be:22:90:9f:89:1f:
b2:ed:3a:a0:84:cc:70:10:d9:15:4a:ec:ae:e2:f3:
a8:72:e4:01:81:51:06:26:53:c1:b5:47:63:76:de:
30:c2:17:85:bc:c0:82:35:4f:0c:2a:0e:4d:10:9d:
91:63:3d:13:15:1a:d2:ae:06:d3:da:a0:b9:b2:38:
5a:98:41:3a:31:18:71:79:39:1b:76:a4:70:30:39:
22:3d:2d:3e:24:19:d8:c1:84:60:09:4b:45:d9:bc:
07:9a:76:58:95:5f:f0:b0:b4:89:85:3d:e9:04:9d:
d2:62:61:99:f4:80:ca:f7:50:44:9c:4f:e8:7b:45:
11:21:3b:c9:97:df:03:fb:20:ef:46:38:e8:05:50:
84:6d:9f:1d:37:9e:ed:25:df:bb:d5:8a:fc:7f:60:
0e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:2A:F3:77:EF:55:03:F4:02:30:FC:03:BA:4F:16:70:D6:93:4A:90
X509v3 Authority Key Identifier:
keyid:98:AF:64:0C:82:0E:EB:5F:BC:92:28:1C:61:14:4F:11:A7:BD:70:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mK9kDIIO61-8kigcYRRPEae9cH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c7:03:07:75:51:46:fb:c9:d4:ac:73:cb:89:40:f0:de:68:9b:
fa:f1:ba:00:50:3e:3e:2c:1f:b7:5b:d2:c1:92:95:24:d7:c9:
c9:bf:4c:1b:8d:bf:02:36:de:9b:5d:3e:0c:ce:9d:30:38:d5:
89:58:5c:52:a6:7f:fc:b4:77:61:88:d6:ca:0e:5e:6d:b3:8e:
20:cc:3e:6e:14:25:90:01:cb:3c:26:0c:7f:62:f2:03:dd:df:
86:38:7e:22:28:3b:67:31:84:a5:30:26:10:f7:5b:4e:8e:b2:
f9:e2:b6:60:85:47:25:72:9b:ea:76:cb:1c:b0:88:ab:72:05:
84:dc:48:16:ab:02:4f:3e:60:34:20:15:8b:cb:9e:1a:59:83:
03:ec:ce:21:f5:86:06:e5:78:29:31:14:bd:14:fd:0e:67:80:
1b:05:04:8d:e4:94:4c:e2:8e:e2:c2:be:7e:2b:7a:c4:d2:b3:
49:a2:a6:9a:19:4d:01:8c:b3:61:1e:98:13:4a:40:87:38:29:
2f:96:a7:c1:b3:c7:87:99:e8:8a:4c:3a:42:f9:38:8f:4e:3f:
d6:1d:5a:c1:70:23:bb:11:55:5b:29:1f:65:a0:16:27:39:73:
c5:c6:28:57:43:7a:3f:bd:24:77:8b:28:07:84:ac:70:6a:37:
6e:a5:a5:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKQ+f5560/0s2f2rCqYT71MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4YWY2NDBjODIwZWViNWZiYzkyMjgxYzYxMTQ0ZjExYTdi
ZDcwN2UwHhcNMjUwNjA3MTIwMDUzWhcNMjUwNjA4MTIwMDUzWjAzMTEwLwYDVQQD
Eyg4ZTJhZjM3N2VmNTUwM2Y0MDIzMGZjMDNiYTRmMTY3MGQ2OTM0YTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA26dITwzkmnczu9FoBZXnrVsTpHiw
HYoaLrDwlqa0CUEeDk8/fFKJmuhJYbwXdRy535nr74VTEQb2D29tIT7yG9bFeNHH
iMiwc5yEyIoHSDVGyS3lWof9az1Ys2qOeG3Qmgi+IpCfiR+y7TqghMxwENkVSuyu
4vOocuQBgVEGJlPBtUdjdt4wwheFvMCCNU8MKg5NEJ2RYz0TFRrSrgbT2qC5sjha
mEE6MRhxeTkbdqRwMDkiPS0+JBnYwYRgCUtF2bwHmnZYlV/wsLSJhT3pBJ3SYmGZ
9IDK91BEnE/oe0URITvJl98D+yDvRjjoBVCEbZ8dN57tJd+71Yr8f2AO6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI4q83fvVQP0AjD8A7pPFnDWk0qQMB8GA1UdIwQY
MBaAFJivZAyCDutfvJIoHGEUTxGnvXB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUs5a0RJSU82MS04a2lnY1lSUlBFYWU5Y0g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8xMjJmZjQtYzRhNy00Njk4LTg3OWYt
ZWNhYjcwZWYzMmRhLzEvbUs5a0RJSU82MS04a2lnY1lSUlBFYWU5Y0g0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8xMjJmZjQtYzRhNy00Njk4LTg3OWYtZWNhYjcwZWYzMmRh
LzEvbUs5a0RJSU82MS04a2lnY1lSUlBFYWU5Y0g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxwMHdVFG
+8nUrHPLiUDw3mib+vG6AFA+Piwft1vSwZKVJNfJyb9MG42/Ajbem10+DM6dMDjV
iVhcUqZ//LR3YYjWyg5ebbOOIMw+bhQlkAHLPCYMf2LyA93fhjh+Iig7ZzGEpTAm
EPdbTo6y+eK2YIVHJXKb6nbLHLCIq3IFhNxIFqsCTz5gNCAVi8ueGlmDA+zOIfWG
BuV4KTEUvRT9DmeAGwUEjeSUTOKO4sK+fit6xNKzSaKmmhlNAYyzYR6YE0pAhzgp
L5anwbPHh5noikw6Qvk4j04/1h1awXAjuxFVWykfZaAWJzlzxcYoV0N6P70kd4so
B4SscGo3bqWlcQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 16:47:41 2025 by rpki-client