Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/8a59db-5ad8-4f3f-97c2-f38bcbd93390/1/SrfcA3ifWGIbJejdDZJdyRtKWqI.mft
File: SrfcA3ifWGIbJejdDZJdyRtKWqI.mft (raw, json)
Hash identifier: wEH9j/UPC8N2DAxZS8KHETcR8jX4iiFQjbxMSOW6Qy8=
Subject key identifier: AE:50:F6:62:23:5A:EC:F5:0B:1A:CB:10:E0:13:20:D2:95:C0:0B:63
Authority key identifier: 4A:B7:DC:03:78:9F:58:62:1B:25:E8:DD:0D:92:5D:C9:1B:4A:5A:A2
Certificate issuer: /CN=4ab7dc03789f58621b25e8dd0d925dc91b4a5aa2
Certificate serial: 019748FACF44F3DE5E19A510C39606C9A4E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SrfcA3ifWGIbJejdDZJdyRtKWqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/8a59db-5ad8-4f3f-97c2-f38bcbd93390/1/SrfcA3ifWGIbJejdDZJdyRtKWqI.mft
Manifest number: 0A21
Signing time: Sat 07 Jun 2025 06:01:25 +0000
Manifest this update: Sat 07 Jun 2025 06:01:25 +0000
Manifest next update: Sun 08 Jun 2025 06:01:25 +0000
Files and hashes: 1: EmdE4lFlfaABPtiZtlnbFIKNWhE.roa (hash: xZDQuK6O09neLie5Q456W4oztNFuHLsLoArEyWHRJSU=)
2: SrfcA3ifWGIbJejdDZJdyRtKWqI.crl (hash: TI0BUGAqhMULxF5f5a+Uyv2RyTpzo15OelYtIZ6Gyzg=)
3: lCpE9-_9vA0HzQAwKrWQ7gX2Gi8.roa (hash: YkwTTveNH0IQGCLC0ZIMEDB0zjPdx3yFhcYm5gkoPpw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/8a59db-5ad8-4f3f-97c2-f38bcbd93390/1/SrfcA3ifWGIbJejdDZJdyRtKWqI.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/8a59db-5ad8-4f3f-97c2-f38bcbd93390/1/SrfcA3ifWGIbJejdDZJdyRtKWqI.mft
rsync://rpki.ripe.net/repository/DEFAULT/SrfcA3ifWGIbJejdDZJdyRtKWqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 00:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:48:fa:cf:44:f3:de:5e:19:a5:10:c3:96:06:c9:a4:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ab7dc03789f58621b25e8dd0d925dc91b4a5aa2
Validity
Not Before: Jun 7 06:01:25 2025 GMT
Not After : Jun 8 06:01:25 2025 GMT
Subject: CN=ae50f662235aecf50b1acb10e01320d295c00b63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ee:0b:ed:02:29:19:d6:7c:9e:44:78:f2:82:
9c:d7:32:e7:ac:97:73:9d:c7:d0:60:47:50:9f:d1:
a3:54:69:ae:11:13:ca:af:f9:80:6c:4e:3f:cb:ea:
2d:0f:cf:c3:21:4f:9f:98:f2:01:8c:b3:af:23:57:
c1:8a:cf:69:3b:08:79:a3:4d:44:ee:fc:21:12:8a:
ac:9f:82:53:19:92:26:32:4d:ec:d1:07:fd:f3:87:
98:54:d9:9f:36:3b:42:c6:08:ba:0e:b9:0f:5b:4b:
a9:1f:88:21:07:61:44:2e:8d:08:42:30:eb:9e:8e:
7f:e9:74:8e:70:08:35:af:03:ed:ba:77:20:e0:64:
a0:96:d9:da:4c:7b:63:28:a6:81:d5:a6:5f:a0:8c:
2c:6e:5d:e1:75:ee:57:f2:14:80:9c:83:6a:d7:a4:
71:46:d8:bb:d9:50:e4:36:d2:28:aa:98:73:59:27:
6c:47:49:65:cb:db:d4:8b:9c:ca:fe:97:ba:8e:59:
78:4e:3e:78:d6:c7:c1:7b:a6:e7:ba:38:42:bf:58:
26:2d:db:26:d1:9b:2e:3d:37:e3:bf:74:9d:82:07:
b8:1c:e3:f5:54:43:e1:36:18:6b:c5:9a:9e:30:1a:
b8:2e:5d:ea:3b:b4:9d:c4:7a:13:4a:fe:03:00:9c:
e1:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:50:F6:62:23:5A:EC:F5:0B:1A:CB:10:E0:13:20:D2:95:C0:0B:63
X509v3 Authority Key Identifier:
keyid:4A:B7:DC:03:78:9F:58:62:1B:25:E8:DD:0D:92:5D:C9:1B:4A:5A:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SrfcA3ifWGIbJejdDZJdyRtKWqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/8a59db-5ad8-4f3f-97c2-f38bcbd93390/1/SrfcA3ifWGIbJejdDZJdyRtKWqI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/8a59db-5ad8-4f3f-97c2-f38bcbd93390/1/SrfcA3ifWGIbJejdDZJdyRtKWqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9f:d5:b9:87:35:3c:2d:48:1c:4a:c7:fc:9b:53:15:69:bc:3f:
23:27:30:86:b0:08:68:d0:86:fa:a8:cb:f1:50:20:a4:5e:f2:
7a:51:58:c1:b2:6b:ae:fd:0f:b8:f2:2e:89:ce:f9:70:c0:ec:
26:0d:19:6e:8a:49:06:2c:76:96:d2:35:ff:20:dd:cd:99:02:
98:46:a0:ae:42:65:7c:3b:73:10:98:5b:e2:4c:c6:6b:8d:65:
91:a2:a6:8b:73:1c:e0:56:89:c8:e8:65:89:dc:b9:54:e0:41:
fc:b2:f4:e1:ce:85:43:7b:3e:a7:a0:db:48:f9:59:7a:50:4b:
b0:44:6f:bf:05:ee:f4:47:6c:9c:88:f5:32:5d:54:17:d6:f4:
f2:64:bc:cf:54:76:48:cd:2b:b4:2b:c4:e9:95:74:8b:32:63:
0f:cb:cc:87:a4:e5:69:3c:29:30:5e:21:1a:4d:7d:e5:73:e0:
a8:bb:8b:5a:09:54:4b:50:d9:8a:89:5f:4c:3c:14:99:01:b1:
9c:8e:9d:72:b4:8f:4b:90:4e:2c:40:66:fe:53:a0:fb:be:53:
b2:5f:dc:29:c8:bd:91:e2:60:52:68:9b:e2:00:23:73:f6:8f:
da:fa:da:d7:07:5a:91:2f:b4:ef:da:47:ff:05:dc:d6:ac:1c:
54:a9:f7:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdI+s9E895eGaUQw5YGyaTjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhYjdkYzAzNzg5ZjU4NjIxYjI1ZThkZDBkOTI1ZGM5MWI0
YTVhYTIwHhcNMjUwNjA3MDYwMTI1WhcNMjUwNjA4MDYwMTI1WjAzMTEwLwYDVQQD
EyhhZTUwZjY2MjIzNWFlY2Y1MGIxYWNiMTBlMDEzMjBkMjk1YzAwYjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqu4L7QIpGdZ8nkR48oKc1zLnrJdz
ncfQYEdQn9GjVGmuERPKr/mAbE4/y+otD8/DIU+fmPIBjLOvI1fBis9pOwh5o01E
7vwhEoqsn4JTGZImMk3s0Qf984eYVNmfNjtCxgi6DrkPW0upH4ghB2FELo0IQjDr
no5/6XSOcAg1rwPtuncg4GSgltnaTHtjKKaB1aZfoIwsbl3hde5X8hSAnINq16Rx
Rti72VDkNtIoqphzWSdsR0lly9vUi5zK/pe6jll4Tj541sfBe6bnujhCv1gmLdsm
0ZsuPTfjv3Sdgge4HOP1VEPhNhhrxZqeMBq4Ll3qO7SdxHoTSv4DAJzhRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK5Q9mIjWuz1CxrLEOATINKVwAtjMB8GA1UdIwQY
MBaAFEq33AN4n1hiGyXo3Q2SXckbSlqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3JmY0EzaWZXR0liSmVqZERaSmR5UnRLV3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC84YTU5ZGItNWFkOC00ZjNmLTk3YzIt
ZjM4YmNiZDkzMzkwLzEvU3JmY0EzaWZXR0liSmVqZERaSmR5UnRLV3FJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC84YTU5ZGItNWFkOC00ZjNmLTk3YzItZjM4YmNiZDkzMzkw
LzEvU3JmY0EzaWZXR0liSmVqZERaSmR5UnRLV3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn9W5hzU8
LUgcSsf8m1MVabw/IycwhrAIaNCG+qjL8VAgpF7yelFYwbJrrv0PuPIuic75cMDs
Jg0ZbopJBix2ltI1/yDdzZkCmEagrkJlfDtzEJhb4kzGa41lkaKmi3Mc4FaJyOhl
idy5VOBB/LL04c6FQ3s+p6DbSPlZelBLsERvvwXu9EdsnIj1Ml1UF9b08mS8z1R2
SM0rtCvE6ZV0izJjD8vMh6TlaTwpMF4hGk195XPgqLuLWglUS1DZiolfTDwUmQGx
nI6dcrSPS5BOLEBm/lOg+75Tsl/cKci9keJgUmib4gAjc/aP2vra1wdakS+079pH
/wXc1qwcVKn3ng==
-----END CERTIFICATE-----
Generated at Sat Jun 7 09:02:54 2025 by rpki-client