Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.mft
File: DNScoZAd8CCTDOlx9lzBgKP8voE.mft (raw, json)
Hash identifier: HvptoZFQRoY+fz2hf4tzBZIm7ucJ/r6h0vcawsqXxm8=
Subject key identifier: BB:34:61:A3:14:BF:7F:05:E4:F1:08:F6:CC:42:09:B6:05:DE:F1:5D
Authority key identifier: 0C:D4:9C:A1:90:1D:F0:20:93:0C:E9:71:F6:5C:C1:80:A3:FC:BE:81
Certificate issuer: /CN=0cd49ca1901df020930ce971f65cc180a3fcbe81
Certificate serial: 0197499F2D94F2AC6033F8316079D85F5106
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DNScoZAd8CCTDOlx9lzBgKP8voE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.mft
Manifest number: 157C
Signing time: Sat 07 Jun 2025 09:00:57 +0000
Manifest this update: Sat 07 Jun 2025 09:00:57 +0000
Manifest next update: Sun 08 Jun 2025 09:00:57 +0000
Files and hashes: 1: DNScoZAd8CCTDOlx9lzBgKP8voE.crl (hash: B7tT5IQB3C/cp2BCeXGBr1W+75inPXIHojGPoVOo7x8=)
2: IyvCi4bscVz-cDd1e8YDDEn65h8.roa (hash: +ReDdginBUQu4++Dvo5zNIlV1w8CIv08Gg4t44mG608=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.mft
rsync://rpki.ripe.net/repository/DEFAULT/DNScoZAd8CCTDOlx9lzBgKP8voE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:49:9f:2d:94:f2:ac:60:33:f8:31:60:79:d8:5f:51:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0cd49ca1901df020930ce971f65cc180a3fcbe81
Validity
Not Before: Jun 7 09:00:57 2025 GMT
Not After : Jun 8 09:00:57 2025 GMT
Subject: CN=bb3461a314bf7f05e4f108f6cc4209b605def15d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d7:98:ac:a5:5f:e0:9c:45:93:ff:16:a7:2d:
2e:f2:c3:a5:e6:c6:6d:f8:61:ad:d9:58:2f:e7:53:
2e:19:2d:6b:16:ad:ea:29:5d:3b:7d:1a:d9:7e:ac:
8b:87:52:12:62:2f:6f:db:45:81:66:b8:b5:87:0b:
e8:ba:44:33:af:3d:e7:b1:4e:08:ad:c8:0f:f2:ba:
64:3e:e8:31:f5:c0:e6:77:63:38:3b:2f:57:65:4e:
02:06:af:25:b1:54:96:06:97:19:ba:31:d5:dd:9c:
f2:80:1a:65:92:bd:8e:54:d8:f3:aa:78:ad:d3:a3:
3c:49:ab:25:c6:5e:54:ea:b1:f4:6b:1a:ca:58:c0:
0e:29:7d:df:bf:76:1c:fe:69:e7:8e:9b:6f:d7:55:
90:2d:2a:83:32:b6:3c:3c:2d:f9:cc:32:ee:fb:81:
08:c2:69:73:c1:5d:fd:10:e4:b2:2b:57:6c:9b:e5:
4e:f5:fa:60:93:06:57:d1:c4:0d:67:85:91:39:db:
a3:50:d6:16:7f:64:b5:0d:15:05:3b:c0:85:a5:1a:
2d:c9:de:32:a2:30:7d:da:c6:11:0d:fb:3b:03:57:
e9:5e:34:fb:11:a5:e7:0a:eb:c9:58:57:9c:1b:b6:
ae:c5:b9:8b:0d:94:3e:3d:84:0c:60:70:e4:4b:ad:
25:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:34:61:A3:14:BF:7F:05:E4:F1:08:F6:CC:42:09:B6:05:DE:F1:5D
X509v3 Authority Key Identifier:
keyid:0C:D4:9C:A1:90:1D:F0:20:93:0C:E9:71:F6:5C:C1:80:A3:FC:BE:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DNScoZAd8CCTDOlx9lzBgKP8voE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6e:96:2c:a0:db:8a:fa:f3:72:7a:02:2d:04:40:cd:d7:de:d5:
9e:7a:8f:6a:b7:a3:6f:75:15:ae:f1:da:17:67:60:26:d5:d6:
56:ee:19:fb:85:1c:3e:f0:45:98:6d:3b:40:7c:7f:d6:b8:ed:
09:53:75:27:5c:83:37:79:d3:1e:97:73:ee:a1:25:af:d5:af:
a2:47:4a:d4:82:cd:2f:48:19:23:89:69:41:99:f9:5f:88:5f:
f5:a3:8a:d6:9a:68:f8:1e:04:57:e0:e3:c1:fc:53:21:98:83:
53:e8:ac:60:37:f7:ce:84:00:96:e4:27:c8:4e:13:de:eb:8a:
36:3f:ac:2c:37:4b:6c:57:14:17:76:ef:b7:f5:8c:85:f4:d8:
43:5c:55:a0:a9:e0:20:73:41:93:70:d1:c9:09:a8:ca:1e:53:
c3:14:db:01:88:71:f9:6f:08:d4:25:2f:0d:23:ec:b7:65:79:
a5:43:f1:ba:90:80:e0:6b:77:fc:f3:07:dc:82:58:67:f6:ff:
7c:8c:4b:2b:23:d6:97:50:0d:96:9b:56:ec:f2:bb:bd:78:1c:
87:f6:b2:41:df:5d:a7:7e:a1:5d:be:2c:26:40:d8:2d:1b:7f:
12:17:5c:15:a9:b3:be:2c:74:49:74:d8:1f:70:b8:5c:d3:af:
d9:1d:e8:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJny2U8qxgM/gxYHnYX1EGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZDQ5Y2ExOTAxZGYwMjA5MzBjZTk3MWY2NWNjMTgwYTNm
Y2JlODEwHhcNMjUwNjA3MDkwMDU3WhcNMjUwNjA4MDkwMDU3WjAzMTEwLwYDVQQD
EyhiYjM0NjFhMzE0YmY3ZjA1ZTRmMTA4ZjZjYzQyMDliNjA1ZGVmMTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9eYrKVf4JxFk/8Wpy0u8sOl5sZt
+GGt2Vgv51MuGS1rFq3qKV07fRrZfqyLh1ISYi9v20WBZri1hwvoukQzrz3nsU4I
rcgP8rpkPugx9cDmd2M4Oy9XZU4CBq8lsVSWBpcZujHV3ZzygBplkr2OVNjzqnit
06M8Saslxl5U6rH0axrKWMAOKX3fv3Yc/mnnjptv11WQLSqDMrY8PC35zDLu+4EI
wmlzwV39EOSyK1dsm+VO9fpgkwZX0cQNZ4WROdujUNYWf2S1DRUFO8CFpRotyd4y
ojB92sYRDfs7A1fpXjT7EaXnCuvJWFecG7auxbmLDZQ+PYQMYHDkS60lawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLs0YaMUv38F5PEI9sxCCbYF3vFdMB8GA1UdIwQY
MBaAFAzUnKGQHfAgkwzpcfZcwYCj/L6BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE5TY29aQWQ4Q0NURE9seDlsekJnS1A4dm9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9jOWNjYzktYzQwNS00MjhmLWI3NzMt
ZGQyM2RjNDI0MWZhLzEvRE5TY29aQWQ4Q0NURE9seDlsekJnS1A4dm9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9jOWNjYzktYzQwNS00MjhmLWI3NzMtZGQyM2RjNDI0MWZh
LzEvRE5TY29aQWQ4Q0NURE9seDlsekJnS1A4dm9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbpYsoNuK
+vNyegItBEDN197VnnqParejb3UVrvHaF2dgJtXWVu4Z+4UcPvBFmG07QHx/1rjt
CVN1J1yDN3nTHpdz7qElr9WvokdK1ILNL0gZI4lpQZn5X4hf9aOK1ppo+B4EV+Dj
wfxTIZiDU+isYDf3zoQAluQnyE4T3uuKNj+sLDdLbFcUF3bvt/WMhfTYQ1xVoKng
IHNBk3DRyQmoyh5TwxTbAYhx+W8I1CUvDSPst2V5pUPxupCA4Gt3/PMH3IJYZ/b/
fIxLKyPWl1ANlptW7PK7vXgch/ayQd9dp36hXb4sJkDYLRt/EhdcFamzvix0SXTY
H3C4XNOv2R3oOg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 14:33:36 2025 by rpki-client