Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/e2b946-1b4a-4214-9234-ad027327f9d8/1/gaAh1UDtfYLGkK3AT72d1u5Q6NU.mft
File: gaAh1UDtfYLGkK3AT72d1u5Q6NU.mft (raw, json)
Hash identifier: 1RZqPHCLATNb4yF0aFEU1QXMP0t/QpwnbIFTVeWEyIQ=
Subject key identifier: D2:24:4F:43:91:71:8E:6D:2A:01:A7:EA:A3:EF:93:BB:4D:33:38:FD
Authority key identifier: 81:A0:21:D5:40:ED:7D:82:C6:90:AD:C0:4F:BD:9D:D6:EE:50:E8:D5
Certificate issuer: /CN=81a021d540ed7d82c690adc04fbd9dd6ee50e8d5
Certificate serial: 01974779C8511DE36A1A6B538FAA39AFB8EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gaAh1UDtfYLGkK3AT72d1u5Q6NU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/e2b946-1b4a-4214-9234-ad027327f9d8/1/gaAh1UDtfYLGkK3AT72d1u5Q6NU.mft
Manifest number: 12BE
Signing time: Fri 06 Jun 2025 23:00:52 +0000
Manifest this update: Fri 06 Jun 2025 23:00:52 +0000
Manifest next update: Sat 07 Jun 2025 23:00:52 +0000
Files and hashes: 1: OWKqkK-Ww3RQmH16xNxVWiLvO8I.roa (hash: GAxHkIIERYjerOgQkJ6KzahFSgbI1tnYkcltOUuSvzI=)
2: gaAh1UDtfYLGkK3AT72d1u5Q6NU.crl (hash: sc3S/EjFX9P8VOqy8KgnMc/KIoMTkxJKzclC5Cu6eLM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/e2b946-1b4a-4214-9234-ad027327f9d8/1/gaAh1UDtfYLGkK3AT72d1u5Q6NU.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/e2b946-1b4a-4214-9234-ad027327f9d8/1/gaAh1UDtfYLGkK3AT72d1u5Q6NU.mft
rsync://rpki.ripe.net/repository/DEFAULT/gaAh1UDtfYLGkK3AT72d1u5Q6NU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 23:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:47:79:c8:51:1d:e3:6a:1a:6b:53:8f:aa:39:af:b8:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81a021d540ed7d82c690adc04fbd9dd6ee50e8d5
Validity
Not Before: Jun 6 23:00:52 2025 GMT
Not After : Jun 7 23:00:52 2025 GMT
Subject: CN=d2244f4391718e6d2a01a7eaa3ef93bb4d3338fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:12:fc:9d:5a:71:ef:0d:65:a0:1c:53:f8:ee:
eb:fa:25:95:03:59:e7:0f:f0:0d:99:6e:a2:ab:30:
55:07:21:00:8a:43:c8:d3:a8:3a:02:d3:73:d2:1f:
89:c6:20:64:7f:fe:e0:14:ce:8b:95:f3:6a:86:b2:
ff:36:4e:40:2e:e3:d2:cf:84:2f:bf:31:bb:b5:8c:
82:f1:bd:76:f5:05:78:99:af:ff:5d:0d:98:01:c1:
6c:8b:b1:b5:dc:1b:4d:c8:de:67:3d:6f:7f:91:7d:
12:84:b0:3d:d9:c1:e9:13:a2:e0:6c:25:19:3a:82:
8b:bc:42:ec:e5:02:e9:5a:96:ca:f2:5f:c6:0e:ad:
c7:1b:cc:86:ba:61:bf:6b:f3:ea:39:60:cc:f8:d8:
9f:c4:e4:f2:a3:b2:d0:9d:60:c1:db:6e:05:19:9c:
4a:23:c0:aa:54:1a:ee:d0:94:e3:e0:1b:e3:37:86:
f6:dd:54:49:6c:d3:6e:02:99:fe:0b:c8:34:7c:2d:
fb:6b:0d:91:44:6e:18:4b:6c:d0:d4:ed:af:c5:89:
d8:8b:6a:92:58:16:48:fc:63:6c:34:1c:b8:e9:48:
80:54:c3:3b:a8:75:ac:f3:07:36:b1:de:a3:91:ab:
d8:0e:44:24:f1:f3:10:c0:3a:b4:68:59:b5:ce:70:
d2:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:24:4F:43:91:71:8E:6D:2A:01:A7:EA:A3:EF:93:BB:4D:33:38:FD
X509v3 Authority Key Identifier:
keyid:81:A0:21:D5:40:ED:7D:82:C6:90:AD:C0:4F:BD:9D:D6:EE:50:E8:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gaAh1UDtfYLGkK3AT72d1u5Q6NU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/e2b946-1b4a-4214-9234-ad027327f9d8/1/gaAh1UDtfYLGkK3AT72d1u5Q6NU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/e2b946-1b4a-4214-9234-ad027327f9d8/1/gaAh1UDtfYLGkK3AT72d1u5Q6NU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a0:6c:70:aa:fc:9c:b0:42:4c:92:22:b1:c0:49:29:dd:4e:e6:
b5:1f:4f:75:9c:f3:62:f4:04:92:1c:1b:13:03:68:6c:ce:d4:
53:8e:03:4a:22:1f:d2:c9:bf:74:9c:92:06:69:dd:8f:b1:18:
98:9b:5a:dd:30:46:c5:39:81:09:8b:cb:36:0e:e7:e9:ee:54:
76:c0:e7:3d:3b:b9:80:41:c2:f1:4f:4d:de:7d:dd:55:24:be:
0c:b3:1f:86:bd:ec:29:0b:fe:06:53:ae:48:11:70:96:f6:5e:
77:ac:90:76:3e:99:a5:4d:d4:cc:d0:45:ef:f8:e1:0a:2a:58:
88:14:02:fe:0e:f1:7f:87:8b:6e:fe:62:69:33:5f:e5:37:4d:
bf:bc:c8:ad:c7:d3:de:dd:03:ef:eb:3e:5d:e1:82:74:74:ce:
61:ce:bf:06:18:71:f3:a3:7b:0c:3a:31:dc:7e:a6:8f:aa:dd:
2d:cd:15:1f:3d:91:30:3d:f1:33:da:6f:70:c0:e0:a2:8f:bb:
5e:b8:4e:94:a9:91:a0:a7:f3:0d:d0:c2:ed:61:62:6c:e4:0b:
23:41:02:c3:d9:50:da:7d:72:8b:c4:55:81:ac:b5:56:85:34:
75:eb:31:58:07:cb:11:11:ac:a7:70:d1:96:20:b5:0c:35:d1:
3a:9d:e5:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHechRHeNqGmtTj6o5r7jvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYTAyMWQ1NDBlZDdkODJjNjkwYWRjMDRmYmQ5ZGQ2ZWU1
MGU4ZDUwHhcNMjUwNjA2MjMwMDUyWhcNMjUwNjA3MjMwMDUyWjAzMTEwLwYDVQQD
EyhkMjI0NGY0MzkxNzE4ZTZkMmEwMWE3ZWFhM2VmOTNiYjRkMzMzOGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1RL8nVpx7w1loBxT+O7r+iWVA1nn
D/ANmW6iqzBVByEAikPI06g6AtNz0h+JxiBkf/7gFM6LlfNqhrL/Nk5ALuPSz4Qv
vzG7tYyC8b129QV4ma//XQ2YAcFsi7G13BtNyN5nPW9/kX0ShLA92cHpE6LgbCUZ
OoKLvELs5QLpWpbK8l/GDq3HG8yGumG/a/PqOWDM+NifxOTyo7LQnWDB224FGZxK
I8CqVBru0JTj4BvjN4b23VRJbNNuApn+C8g0fC37aw2RRG4YS2zQ1O2vxYnYi2qS
WBZI/GNsNBy46UiAVMM7qHWs8wc2sd6jkavYDkQk8fMQwDq0aFm1znDSQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNIkT0ORcY5tKgGn6qPvk7tNMzj9MB8GA1UdIwQY
MBaAFIGgIdVA7X2CxpCtwE+9ndbuUOjVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2FBaDFVRHRmWUxHa0szQVQ3MmQxdTVRNk5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9lMmI5NDYtMWI0YS00MjE0LTkyMzQt
YWQwMjczMjdmOWQ4LzEvZ2FBaDFVRHRmWUxHa0szQVQ3MmQxdTVRNk5VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9lMmI5NDYtMWI0YS00MjE0LTkyMzQtYWQwMjczMjdmOWQ4
LzEvZ2FBaDFVRHRmWUxHa0szQVQ3MmQxdTVRNk5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoGxwqvyc
sEJMkiKxwEkp3U7mtR9PdZzzYvQEkhwbEwNobM7UU44DSiIf0sm/dJySBmndj7EY
mJta3TBGxTmBCYvLNg7n6e5UdsDnPTu5gEHC8U9N3n3dVSS+DLMfhr3sKQv+BlOu
SBFwlvZed6yQdj6ZpU3UzNBF7/jhCipYiBQC/g7xf4eLbv5iaTNf5TdNv7zIrcfT
3t0D7+s+XeGCdHTOYc6/Bhhx86N7DDox3H6mj6rdLc0VHz2RMD3xM9pvcMDgoo+7
XrhOlKmRoKfzDdDC7WFibOQLI0ECw9lQ2n1yi8RVgay1VoU0desxWAfLERGsp3DR
liC1DDXROp3lGw==
-----END CERTIFICATE-----
Generated at Sat Jun 7 08:26:26 2025 by rpki-client