Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.mft
File: DT66aHPFtQdbPEOff-61SvHxDak.mft (raw, json)
Hash identifier: DOMUHRjvc5EaiF50zEi/exBdgHUGRpVy5RiJbZjJ0I8=
Subject key identifier: C9:57:00:F9:EF:FF:A7:AF:A8:77:59:E3:D1:E2:C6:4C:3B:51:C5:49
Authority key identifier: 0D:3E:BA:68:73:C5:B5:07:5B:3C:43:9F:7F:EE:B5:4A:F1:F1:0D:A9
Certificate issuer: /CN=0d3eba6873c5b5075b3c439f7feeb54af1f10da9
Certificate serial: 019748F9FD9581A0FB80F401DCACC2E6E2FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DT66aHPFtQdbPEOff-61SvHxDak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.mft
Manifest number: 1583
Signing time: Sat 07 Jun 2025 06:00:32 +0000
Manifest this update: Sat 07 Jun 2025 06:00:32 +0000
Manifest next update: Sun 08 Jun 2025 06:00:32 +0000
Files and hashes: 1: DT66aHPFtQdbPEOff-61SvHxDak.crl (hash: xd6t6X5iZ5XA3OLg39HbpL6TPLqs20ksvUCoW70yd90=)
2: bJFxuWRTLDK11fnMj6JzG9bfGJc.roa (hash: GJmoaYMZlK46RmoyjMRGd4Icb8shLixbmKsjvQhxyu0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.mft
rsync://rpki.ripe.net/repository/DEFAULT/DT66aHPFtQdbPEOff-61SvHxDak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 06:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:48:f9:fd:95:81:a0:fb:80:f4:01:dc:ac:c2:e6:e2:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d3eba6873c5b5075b3c439f7feeb54af1f10da9
Validity
Not Before: Jun 7 06:00:32 2025 GMT
Not After : Jun 8 06:00:32 2025 GMT
Subject: CN=c95700f9efffa7afa87759e3d1e2c64c3b51c549
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:07:40:d0:6b:90:75:ad:1a:32:41:89:86:73:
80:a4:fd:db:8a:f4:0c:0b:c2:b7:25:0d:83:b8:df:
b8:17:2d:2b:91:0b:df:7f:95:60:a9:c3:86:af:6e:
ea:6a:4c:24:46:b2:0f:be:1e:fd:6b:f1:c8:72:89:
b5:55:50:11:c2:cc:22:d5:f4:59:42:ca:e6:93:84:
21:54:27:b3:44:6e:65:78:c7:db:84:0e:6e:7b:30:
61:de:8a:c7:53:60:94:1c:59:5c:ba:9c:a9:82:0d:
9e:e0:4c:72:57:78:06:ef:2e:18:fa:31:1e:c8:67:
9f:59:cb:4f:65:df:4c:a1:ac:7c:85:2e:0d:a4:00:
87:a8:b8:7e:f4:49:2b:86:9f:4a:d9:a6:54:80:a4:
2b:9b:06:ec:55:9a:d2:b3:cb:15:02:af:ae:08:74:
d9:90:8d:83:0b:4a:b1:cb:f2:91:e7:0c:ab:7d:a9:
00:42:bd:09:6c:a5:f4:4c:29:e0:f8:f4:10:8e:ae:
30:74:9c:bd:13:46:72:7a:31:fe:ad:2a:22:87:f3:
42:6e:e1:9a:e7:38:6d:5e:3d:8f:c1:ec:e6:5c:cf:
4d:a0:32:a2:4c:36:a2:b1:b6:59:f5:9f:94:79:ba:
fb:89:a4:0a:f4:be:e6:53:1c:d8:8b:ed:88:2e:1d:
66:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:57:00:F9:EF:FF:A7:AF:A8:77:59:E3:D1:E2:C6:4C:3B:51:C5:49
X509v3 Authority Key Identifier:
keyid:0D:3E:BA:68:73:C5:B5:07:5B:3C:43:9F:7F:EE:B5:4A:F1:F1:0D:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DT66aHPFtQdbPEOff-61SvHxDak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
57:97:14:18:8d:42:08:85:16:7b:d5:c6:b1:95:19:29:5a:6b:
77:95:6a:18:4b:26:f6:24:81:ef:88:b1:c4:1d:23:89:68:f3:
25:e0:b4:aa:8d:9b:9e:32:32:d8:d4:52:1c:02:b5:9e:72:3e:
2f:ab:58:a5:9e:39:f7:b8:cb:6c:dc:41:b0:fe:9e:c5:4c:fe:
b1:e6:84:18:d9:1b:a7:24:9d:98:62:a2:ec:04:af:59:e5:13:
28:4c:0c:45:d8:6d:40:56:65:22:b0:2f:88:45:9a:a0:d4:ca:
3c:a3:6d:ea:1e:84:4d:04:41:82:9b:4f:64:f5:78:45:80:a6:
29:9f:5a:e1:16:6f:04:7e:c4:f9:48:ae:96:01:e1:f2:61:45:
72:8f:e7:f9:80:99:d6:2c:f9:35:d1:0d:ce:66:2b:1c:3a:dc:
01:24:e5:2d:c6:a0:6e:88:7b:2b:24:ea:cc:1a:48:c4:9b:4d:
f6:8f:1d:12:b4:84:16:4a:f1:e7:d1:3c:cc:0e:a2:a5:54:86:
ee:fd:6f:1d:23:82:bc:e7:5a:cf:21:19:f0:11:4d:63:2e:da:
2b:60:06:63:05:ef:f0:0e:aa:00:ba:82:87:28:ca:35:6a:2a:
57:49:92:b7:10:02:65:46:3e:dc:e5:bc:cc:c2:60:84:d9:19:
05:a5:7d:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdI+f2VgaD7gPQB3KzC5uL8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkM2ViYTY4NzNjNWI1MDc1YjNjNDM5ZjdmZWViNTRhZjFm
MTBkYTkwHhcNMjUwNjA3MDYwMDMyWhcNMjUwNjA4MDYwMDMyWjAzMTEwLwYDVQQD
EyhjOTU3MDBmOWVmZmZhN2FmYTg3NzU5ZTNkMWUyYzY0YzNiNTFjNTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7gdA0GuQda0aMkGJhnOApP3bivQM
C8K3JQ2DuN+4Fy0rkQvff5VgqcOGr27qakwkRrIPvh79a/HIcom1VVARwswi1fRZ
Qsrmk4QhVCezRG5leMfbhA5uezBh3orHU2CUHFlcupypgg2e4ExyV3gG7y4Y+jEe
yGefWctPZd9Moax8hS4NpACHqLh+9Ekrhp9K2aZUgKQrmwbsVZrSs8sVAq+uCHTZ
kI2DC0qxy/KR5wyrfakAQr0JbKX0TCng+PQQjq4wdJy9E0ZyejH+rSoih/NCbuGa
5zhtXj2PwezmXM9NoDKiTDaisbZZ9Z+Uebr7iaQK9L7mUxzYi+2ILh1mewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMlXAPnv/6evqHdZ49Hixkw7UcVJMB8GA1UdIwQY
MBaAFA0+umhzxbUHWzxDn3/utUrx8Q2pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFQ2NmFIUEZ0UWRiUEVPZmYtNjFTdkh4RGFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8zMzgzZjEtMDQyOC00NjRiLWJkMWUt
Mjc5OThiZjE3NDY1LzEvRFQ2NmFIUEZ0UWRiUEVPZmYtNjFTdkh4RGFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8zMzgzZjEtMDQyOC00NjRiLWJkMWUtMjc5OThiZjE3NDY1
LzEvRFQ2NmFIUEZ0UWRiUEVPZmYtNjFTdkh4RGFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV5cUGI1C
CIUWe9XGsZUZKVprd5VqGEsm9iSB74ixxB0jiWjzJeC0qo2bnjIy2NRSHAK1nnI+
L6tYpZ4597jLbNxBsP6exUz+seaEGNkbpySdmGKi7ASvWeUTKEwMRdhtQFZlIrAv
iEWaoNTKPKNt6h6ETQRBgptPZPV4RYCmKZ9a4RZvBH7E+UiulgHh8mFFco/n+YCZ
1iz5NdENzmYrHDrcASTlLcagboh7KyTqzBpIxJtN9o8dErSEFkrx59E8zA6ipVSG
7v1vHSOCvOdazyEZ8BFNYy7aK2AGYwXv8A6qALqChyjKNWoqV0mStxACZUY+3OW8
zMJghNkZBaV99A==
-----END CERTIFICATE-----
Generated at Sat Jun 7 12:16:15 2025 by rpki-client