Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
File: gh8Shdd1qfWJJD6shErcWridl8k.mft (raw, json)
Hash identifier: z1NFMmkENfwAioxYgg/3RuvQbpcPxi0s4ANI/35SYVg=
Subject key identifier: 98:01:9F:F2:3B:55:39:C1:22:DD:75:87:1B:95:52:CF:33:5B:F2:EA
Authority key identifier: 82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
Certificate issuer: /CN=821f1285d775a9f589243eac844adc5ab89d97c9
Certificate serial: 01974D45298D5B1605CA164B0301D00C3814
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
Manifest number: 0A23
Signing time: Sun 08 Jun 2025 02:01:07 +0000
Manifest this update: Sun 08 Jun 2025 02:01:07 +0000
Manifest next update: Mon 09 Jun 2025 02:01:07 +0000
Files and hashes: 1: 9ZpW1MFLfzhcDdO5wTaJpRND5LI.roa (hash: eD8scxSV/Ipj3PNHolMKD1Dy5Nq6O0rfumsVRuff780=)
2: gh8Shdd1qfWJJD6shErcWridl8k.crl (hash: V9+fmOX/vzAVi/7+94DpsfSr67HK4QLiWPw8Jlt9Sf8=)
3: yGExv6aT2zwwq4E64R4PQ7ZXbjU.roa (hash: UK4ZT9heAIw8jcnXNcqfBznXiBKMuH0NwH/ajGH3z/U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 20:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4d:45:29:8d:5b:16:05:ca:16:4b:03:01:d0:0c:38:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821f1285d775a9f589243eac844adc5ab89d97c9
Validity
Not Before: Jun 8 02:01:07 2025 GMT
Not After : Jun 9 02:01:07 2025 GMT
Subject: CN=98019ff23b5539c122dd75871b9552cf335bf2ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a9:c1:68:a6:e6:a1:8e:4d:c0:f3:75:26:fe:
ab:3c:3d:cd:bb:e0:f6:93:b2:2c:ef:3d:c7:8b:1c:
1c:79:88:da:56:5c:8c:df:e0:d2:6c:fe:ac:af:c2:
3b:86:af:9c:76:b3:86:46:00:8f:3e:85:72:bc:96:
6c:96:22:ff:6c:c9:52:68:20:de:43:fb:f3:4a:3a:
a2:fc:a9:0e:2c:66:fe:b0:c6:f6:cf:bf:3d:47:94:
fe:2c:a6:8e:fc:d9:9d:b9:ed:93:59:53:62:1a:95:
fb:81:37:b7:94:a8:7d:19:21:09:85:9e:42:00:8e:
9d:e6:ed:38:9f:d8:80:29:3d:12:39:03:2d:62:d7:
81:d0:ad:1c:bc:e1:0c:44:92:2f:a3:88:36:61:e2:
82:59:1e:01:c8:43:15:20:1b:0d:47:78:c7:55:22:
12:5e:ec:30:4c:b2:ea:73:d2:76:c0:da:1a:bd:7e:
0b:17:7f:a7:3b:24:6a:bc:21:d7:ba:e8:72:81:41:
fc:b0:98:e9:73:cf:cc:96:cf:0f:4f:f7:a0:08:0e:
df:b8:97:7b:ba:0a:89:a3:4a:4d:59:3e:2a:38:48:
55:aa:60:f3:b3:b5:4d:e3:1b:b9:c5:5c:6d:14:6e:
8e:5a:65:b1:c3:7a:d6:e6:39:00:29:69:64:86:23:
37:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:01:9F:F2:3B:55:39:C1:22:DD:75:87:1B:95:52:CF:33:5B:F2:EA
X509v3 Authority Key Identifier:
keyid:82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:08:32:15:f6:e4:ab:46:5a:9e:6f:c1:59:7a:3f:59:5e:92:
e2:4e:4c:e8:5a:c4:54:8a:bd:88:73:4a:80:19:88:05:c9:53:
0e:b2:e6:c2:00:eb:11:44:fc:81:b7:3c:18:de:2e:45:5c:75:
c8:68:05:03:16:18:1a:45:39:d6:14:ae:9e:a0:07:31:aa:90:
9e:22:d5:be:95:53:b5:23:60:97:88:12:12:8d:2e:b1:ac:97:
8c:ad:b0:d6:8b:d6:9a:40:f3:57:b8:bc:a6:0b:36:c6:90:19:
6e:e5:5d:5a:d7:6c:14:65:24:d5:83:d9:ae:2e:ad:55:54:a4:
bc:c0:24:9d:9a:b6:02:ef:11:01:95:f9:cb:16:c1:2b:be:52:
35:1a:1c:3f:7d:2e:a7:0e:97:a8:79:0b:73:8d:f9:f1:46:8a:
c1:e2:cf:1b:75:ae:e3:d9:aa:ce:b8:84:8f:44:5f:65:93:ea:
1b:84:53:cf:84:92:87:11:f0:60:88:9e:8e:4e:1b:5c:97:ae:
c7:c4:da:2c:6d:65:df:36:df:65:a8:17:d0:11:af:22:1b:7b:
73:4c:36:b5:bc:0d:b9:04:27:f8:7d:37:c0:be:e3:17:36:bc:
4b:9d:40:dd:d3:ce:ad:39:80:08:d4:7e:34:d5:9a:26:3c:31:
89:6c:c0:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdNRSmNWxYFyhZLAwHQDDgUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWYxMjg1ZDc3NWE5ZjU4OTI0M2VhYzg0NGFkYzVhYjg5
ZDk3YzkwHhcNMjUwNjA4MDIwMTA3WhcNMjUwNjA5MDIwMTA3WjAzMTEwLwYDVQQD
Eyg5ODAxOWZmMjNiNTUzOWMxMjJkZDc1ODcxYjk1NTJjZjMzNWJmMmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvanBaKbmoY5NwPN1Jv6rPD3Nu+D2
k7Is7z3HixwceYjaVlyM3+DSbP6sr8I7hq+cdrOGRgCPPoVyvJZsliL/bMlSaCDe
Q/vzSjqi/KkOLGb+sMb2z789R5T+LKaO/Nmdue2TWVNiGpX7gTe3lKh9GSEJhZ5C
AI6d5u04n9iAKT0SOQMtYteB0K0cvOEMRJIvo4g2YeKCWR4ByEMVIBsNR3jHVSIS
XuwwTLLqc9J2wNoavX4LF3+nOyRqvCHXuuhygUH8sJjpc8/Mls8PT/egCA7fuJd7
ugqJo0pNWT4qOEhVqmDzs7VN4xu5xVxtFG6OWmWxw3rW5jkAKWlkhiM3qQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJgBn/I7VTnBIt11hxuVUs8zW/LqMB8GA1UdIwQY
MBaAFIIfEoXXdan1iSQ+rIRK3Fq4nZfJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQt
NDhlZWE4ZDVmZWYxLzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQtNDhlZWE4ZDVmZWYx
LzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIQgyFfbk
q0Zanm/BWXo/WV6S4k5M6FrEVIq9iHNKgBmIBclTDrLmwgDrEUT8gbc8GN4uRVx1
yGgFAxYYGkU51hSunqAHMaqQniLVvpVTtSNgl4gSEo0usayXjK2w1ovWmkDzV7i8
pgs2xpAZbuVdWtdsFGUk1YPZri6tVVSkvMAknZq2Au8RAZX5yxbBK75SNRocP30u
pw6XqHkLc4358UaKweLPG3Wu49mqzriEj0RfZZPqG4RTz4SShxHwYIiejk4bXJeu
x8TaLG1l3zbfZagX0BGvIht7c0w2tbwNuQQn+H03wL7jFza8S51A3dPOrTmACNR+
NNWaJjwxiWzAjA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:19:24 2025 by rpki-client