Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.mft
File: DNScoZAd8CCTDOlx9lzBgKP8voE.mft (raw, json)
Hash identifier: 0dxC+mfeEDkH3h2CphYF7hCrly0sp86GBHZtykqsAf8=
Subject key identifier: 6C:34:D9:EE:EB:BA:43:E3:72:F2:C2:E9:05:9E:73:AC:89:5E:17:29
Authority key identifier: 0C:D4:9C:A1:90:1D:F0:20:93:0C:E9:71:F6:5C:C1:80:A3:FC:BE:81
Certificate issuer: /CN=0cd49ca1901df020930ce971f65cc180a3fcbe81
Certificate serial: 019922C369814F1A4CCE093F22A8C009EF74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DNScoZAd8CCTDOlx9lzBgKP8voE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.mft
Manifest number: 1671
Signing time: Sun 07 Sep 2025 06:00:55 +0000
Manifest this update: Sun 07 Sep 2025 06:00:55 +0000
Manifest next update: Mon 08 Sep 2025 06:00:55 +0000
Files and hashes: 1: DNScoZAd8CCTDOlx9lzBgKP8voE.crl (hash: veKu0NL9DzMKO0CDZmUoxn/jp4QyxLbBBCCKwsZ4DHE=)
2: IyvCi4bscVz-cDd1e8YDDEn65h8.roa (hash: +ReDdginBUQu4++Dvo5zNIlV1w8CIv08Gg4t44mG608=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.mft
rsync://rpki.ripe.net/repository/DEFAULT/DNScoZAd8CCTDOlx9lzBgKP8voE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:c3:69:81:4f:1a:4c:ce:09:3f:22:a8:c0:09:ef:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0cd49ca1901df020930ce971f65cc180a3fcbe81
Validity
Not Before: Sep 7 06:00:55 2025 GMT
Not After : Sep 8 06:00:55 2025 GMT
Subject: CN=6c34d9eeebba43e372f2c2e9059e73ac895e1729
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:35:7d:e9:0d:51:5c:f8:41:12:b3:53:01:44:
8f:cf:c6:e9:7f:cd:41:06:2b:cc:7e:a1:8e:47:69:
d0:ab:7e:00:9e:6c:76:90:db:d4:b8:17:d5:eb:8f:
b5:34:43:e0:48:b1:6c:8f:e2:4f:76:b4:0f:6f:76:
7d:bb:5d:3e:7c:6e:26:8a:d5:13:ec:35:5f:a0:c9:
e5:bc:48:92:8b:f4:8c:5a:60:7b:cd:85:03:ec:f8:
c5:7a:a3:17:27:49:7e:ef:73:f2:78:4b:b3:6a:26:
99:03:54:5e:86:e7:83:d9:c0:95:7c:97:b3:e0:27:
65:af:a9:08:36:a0:50:2f:b3:3e:1d:04:cf:6b:51:
10:c6:de:7b:c1:fa:40:db:9b:53:b7:11:8d:81:28:
70:b9:b5:15:b5:76:a3:c2:6d:29:c1:cb:19:f9:1f:
ae:a4:90:cd:a5:b1:fc:92:ac:1c:7e:54:3d:3e:8b:
63:ae:19:70:63:10:26:c5:4c:a0:48:6b:f2:f3:25:
69:04:b1:3b:e2:1a:96:3a:f7:05:d3:a0:94:61:02:
6e:f0:cf:59:5e:4e:1b:7b:5b:70:49:85:db:b5:28:
f5:f8:83:25:02:9d:ac:87:1e:4d:47:1c:0b:fe:16:
4b:39:a2:89:06:95:1b:ba:93:0e:a6:2c:5b:ed:9f:
98:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:34:D9:EE:EB:BA:43:E3:72:F2:C2:E9:05:9E:73:AC:89:5E:17:29
X509v3 Authority Key Identifier:
keyid:0C:D4:9C:A1:90:1D:F0:20:93:0C:E9:71:F6:5C:C1:80:A3:FC:BE:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DNScoZAd8CCTDOlx9lzBgKP8voE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
46:63:56:eb:71:7b:b1:27:4b:6b:17:77:01:8e:8a:b3:64:fe:
a2:3e:ed:8b:22:ce:f0:5b:37:5f:8a:77:d6:86:66:25:94:42:
e8:8e:d1:83:6f:26:c0:d0:bb:7b:ca:27:72:4f:5c:d4:a6:5c:
a6:c8:c1:f8:9e:f6:49:65:cb:e5:f4:34:83:60:0d:16:57:12:
d2:a2:0d:85:56:a1:ad:f0:98:bd:8a:c7:5f:44:21:86:38:64:
26:55:fe:f4:58:03:87:49:7c:c7:b2:9f:e5:10:8d:aa:e8:1d:
1c:bf:ec:7b:34:5f:2f:ff:4b:fc:bf:5d:5b:39:a6:c2:cb:23:
fe:2d:49:d0:63:3b:7e:b0:c0:b4:35:07:a9:6e:33:62:2a:40:
94:fe:0b:3b:b9:8e:a3:e0:83:58:c4:2b:57:23:72:16:05:bd:
79:8f:55:2a:53:3f:a4:6c:6f:37:60:60:b6:be:38:4f:b0:b7:
f9:48:bd:d2:6f:d7:36:b8:64:19:ce:ee:40:b3:f7:79:9b:a6:
fd:30:d0:6f:a6:66:98:ed:d6:a5:9d:4d:53:d6:47:78:88:86:
f0:cf:4f:5a:4a:bc:8b:4d:24:f9:af:ab:d0:5d:32:c3:9b:f4:
41:49:ff:27:93:45:d8:7c:91:a2:cb:5e:dd:11:0e:f2:4e:d3:
03:59:87:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiw2mBTxpMzgk/IqjACe90MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZDQ5Y2ExOTAxZGYwMjA5MzBjZTk3MWY2NWNjMTgwYTNm
Y2JlODEwHhcNMjUwOTA3MDYwMDU1WhcNMjUwOTA4MDYwMDU1WjAzMTEwLwYDVQQD
Eyg2YzM0ZDllZWViYmE0M2UzNzJmMmMyZTkwNTllNzNhYzg5NWUxNzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTV96Q1RXPhBErNTAUSPz8bpf81B
BivMfqGOR2nQq34Anmx2kNvUuBfV64+1NEPgSLFsj+JPdrQPb3Z9u10+fG4mitUT
7DVfoMnlvEiSi/SMWmB7zYUD7PjFeqMXJ0l+73PyeEuzaiaZA1RehueD2cCVfJez
4Cdlr6kINqBQL7M+HQTPa1EQxt57wfpA25tTtxGNgShwubUVtXajwm0pwcsZ+R+u
pJDNpbH8kqwcflQ9PotjrhlwYxAmxUygSGvy8yVpBLE74hqWOvcF06CUYQJu8M9Z
Xk4be1twSYXbtSj1+IMlAp2shx5NRxwL/hZLOaKJBpUbupMOpixb7Z+YcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGw02e7rukPjcvLC6QWec6yJXhcpMB8GA1UdIwQY
MBaAFAzUnKGQHfAgkwzpcfZcwYCj/L6BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE5TY29aQWQ4Q0NURE9seDlsekJnS1A4dm9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9jOWNjYzktYzQwNS00MjhmLWI3NzMt
ZGQyM2RjNDI0MWZhLzEvRE5TY29aQWQ4Q0NURE9seDlsekJnS1A4dm9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9jOWNjYzktYzQwNS00MjhmLWI3NzMtZGQyM2RjNDI0MWZh
LzEvRE5TY29aQWQ4Q0NURE9seDlsekJnS1A4dm9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARmNW63F7
sSdLaxd3AY6Ks2T+oj7tiyLO8Fs3X4p31oZmJZRC6I7Rg28mwNC7e8onck9c1KZc
psjB+J72SWXL5fQ0g2ANFlcS0qINhVahrfCYvYrHX0QhhjhkJlX+9FgDh0l8x7Kf
5RCNqugdHL/sezRfL/9L/L9dWzmmwssj/i1J0GM7frDAtDUHqW4zYipAlP4LO7mO
o+CDWMQrVyNyFgW9eY9VKlM/pGxvN2Bgtr44T7C3+Ui90m/XNrhkGc7uQLP3eZum
/TDQb6ZmmO3WpZ1NU9ZHeIiG8M9PWkq8i00k+a+r0F0yw5v0QUn/J5NF2HyRoste
3REO8k7TA1mHMg==
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:21:39 2025 by rpki-client