Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/rS044g8k0OMLhszYJhrAAX8XpaQ.mft
File: rS044g8k0OMLhszYJhrAAX8XpaQ.mft (raw, json)
Hash identifier: 0O2UX5d4eZTfR5vGOkYjMAPZ4baaCrmx65LqDBFKBnY=
Subject key identifier: D4:90:6F:1A:6B:B2:FE:3D:BA:2D:D0:A7:AE:44:DD:54:A8:33:8B:D4
Authority key identifier: AD:2D:38:E2:0F:24:D0:E3:0B:86:CC:D8:26:1A:C0:01:7F:17:A5:A4
Certificate issuer: /CN=ad2d38e20f24d0e30b86ccd8261ac0017f17a5a4
Certificate serial: 01975B37151E9AE4AEAC5A5DFF122AEDF2F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rS044g8k0OMLhszYJhrAAX8XpaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/rS044g8k0OMLhszYJhrAAX8XpaQ.mft
Manifest number: 0853
Signing time: Tue 10 Jun 2025 19:00:25 +0000
Manifest this update: Tue 10 Jun 2025 19:00:25 +0000
Manifest next update: Wed 11 Jun 2025 19:00:25 +0000
Files and hashes: 1: IhFmVxbE3gn_IPAxvOuH1Dxlo9o.roa (hash: oKXrmB0pSBgjznKzRYUFbiw4D9My9SBHtgqoNaUCBKA=)
2: rS044g8k0OMLhszYJhrAAX8XpaQ.crl (hash: DZboA/eGJdole9VkrynWSV7lkjdfGvVYZT2QCZSpCtg=)
3: wbXeB63VhLi_7WMIhOdMpk0lCW4.roa (hash: d7dOr+7PutspTBpcReyCrf+E8CzcxyNVV7Zc8qzo3dU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/rS044g8k0OMLhszYJhrAAX8XpaQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/rS044g8k0OMLhszYJhrAAX8XpaQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/rS044g8k0OMLhszYJhrAAX8XpaQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Jun 2025 14:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5b:37:15:1e:9a:e4:ae:ac:5a:5d:ff:12:2a:ed:f2:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad2d38e20f24d0e30b86ccd8261ac0017f17a5a4
Validity
Not Before: Jun 10 19:00:25 2025 GMT
Not After : Jun 11 19:00:25 2025 GMT
Subject: CN=d4906f1a6bb2fe3dba2dd0a7ae44dd54a8338bd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e3:27:95:76:d7:3d:ff:6a:17:aa:fc:cf:b0:
00:7b:6e:7f:14:5e:64:24:67:e3:95:7e:d7:f2:a6:
53:90:c7:af:3d:3f:f2:ed:2c:ff:2a:a8:a8:0c:f6:
9f:99:8b:a9:38:88:4d:82:5f:5a:01:43:07:68:87:
53:d9:07:35:57:00:58:bf:7f:7c:62:37:d6:47:fa:
d3:10:6b:60:b8:da:c0:15:93:f3:4b:cc:c5:93:b1:
7a:7d:0e:5b:bc:6a:a7:71:46:f2:bf:c2:93:33:48:
a4:cf:e7:0f:00:a7:75:1b:91:16:14:fe:db:f4:d5:
34:21:66:e2:d2:da:59:c3:b8:43:64:d5:5e:83:07:
2b:d2:c5:0d:69:60:f6:cd:fc:1a:05:fa:70:86:22:
75:01:3c:1b:91:24:ae:7d:e5:b5:8f:a3:65:67:88:
d2:a3:58:86:e7:4d:80:3a:fe:5d:85:c0:ac:5d:5f:
03:9d:95:62:f3:5c:7d:89:88:05:dc:8c:f8:92:f5:
1f:f5:a2:41:ad:e8:74:f7:ad:ea:6b:72:09:0d:7f:
f3:5e:a1:b4:92:9c:bf:c8:b8:b3:7e:fb:c9:f0:9b:
20:2c:82:2d:e7:d7:f9:1c:06:fa:a1:4f:a0:db:1d:
b6:98:72:1d:af:aa:c6:fe:5d:12:58:8a:fb:2a:c8:
61:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:90:6F:1A:6B:B2:FE:3D:BA:2D:D0:A7:AE:44:DD:54:A8:33:8B:D4
X509v3 Authority Key Identifier:
keyid:AD:2D:38:E2:0F:24:D0:E3:0B:86:CC:D8:26:1A:C0:01:7F:17:A5:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rS044g8k0OMLhszYJhrAAX8XpaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/rS044g8k0OMLhszYJhrAAX8XpaQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/rS044g8k0OMLhszYJhrAAX8XpaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1d:91:20:ea:06:ce:18:03:25:f9:a6:d2:77:3f:f5:31:4d:a2:
1f:e1:87:ac:d7:38:95:69:03:d6:0c:b9:6d:4f:8e:b9:51:d9:
96:93:41:3d:e8:99:6c:e8:72:52:ed:d9:a7:4b:d0:ab:e9:fd:
94:86:5b:4e:94:c0:54:51:44:82:70:f5:5c:c6:da:7b:e2:71:
39:fd:c6:4b:ee:37:40:aa:71:8c:e5:15:c4:38:63:ba:68:07:
35:a3:45:3b:83:a8:8c:d5:be:b1:26:ea:fa:58:ba:31:72:d7:
d7:55:4a:a0:94:4c:2a:4b:42:b3:f6:2b:f1:4e:36:95:8a:28:
a4:a4:33:95:a0:0c:df:df:5b:b8:c8:7a:42:0b:43:49:9a:78:
24:9f:03:b5:58:71:7f:c1:30:10:76:2a:fc:98:f0:ba:53:db:
79:c4:df:fa:d5:31:7d:96:c7:ca:5d:ec:b8:d1:94:cf:c7:7d:
41:8d:78:57:69:93:5a:45:d3:ff:6a:81:0c:3b:f6:bf:b5:2e:
2e:31:01:81:1f:2b:09:7a:73:58:20:fb:a1:f1:aa:81:42:e9:
48:df:77:45:bc:c8:c3:cd:ff:aa:05:93:36:3d:3d:01:8a:2c:
5b:f5:67:30:8d:03:75:66:3a:06:7f:16:ca:a8:f6:e3:02:67:
d0:92:65:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdbNxUemuSurFpd/xIq7fL1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMmQzOGUyMGYyNGQwZTMwYjg2Y2NkODI2MWFjMDAxN2Yx
N2E1YTQwHhcNMjUwNjEwMTkwMDI1WhcNMjUwNjExMTkwMDI1WjAzMTEwLwYDVQQD
EyhkNDkwNmYxYTZiYjJmZTNkYmEyZGQwYTdhZTQ0ZGQ1NGE4MzM4YmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuMnlXbXPf9qF6r8z7AAe25/FF5k
JGfjlX7X8qZTkMevPT/y7Sz/KqioDPafmYupOIhNgl9aAUMHaIdT2Qc1VwBYv398
YjfWR/rTEGtguNrAFZPzS8zFk7F6fQ5bvGqncUbyv8KTM0ikz+cPAKd1G5EWFP7b
9NU0IWbi0tpZw7hDZNVegwcr0sUNaWD2zfwaBfpwhiJ1ATwbkSSufeW1j6NlZ4jS
o1iG502AOv5dhcCsXV8DnZVi81x9iYgF3Iz4kvUf9aJBreh0963qa3IJDX/zXqG0
kpy/yLizfvvJ8JsgLIIt59f5HAb6oU+g2x22mHIdr6rG/l0SWIr7Kshh8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNSQbxprsv49ui3Qp65E3VSoM4vUMB8GA1UdIwQY
MBaAFK0tOOIPJNDjC4bM2CYawAF/F6WkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclMwNDRnOGswT01MaHN6WUpockFBWDhYcGFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yZDg3NjEtMjI5Zi00YTM3LTg3YjEt
NDI5OTUzMjNjMDNkLzEvclMwNDRnOGswT01MaHN6WUpockFBWDhYcGFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yZDg3NjEtMjI5Zi00YTM3LTg3YjEtNDI5OTUzMjNjMDNk
LzEvclMwNDRnOGswT01MaHN6WUpockFBWDhYcGFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHZEg6gbO
GAMl+abSdz/1MU2iH+GHrNc4lWkD1gy5bU+OuVHZlpNBPeiZbOhyUu3Zp0vQq+n9
lIZbTpTAVFFEgnD1XMbae+JxOf3GS+43QKpxjOUVxDhjumgHNaNFO4OojNW+sSbq
+li6MXLX11VKoJRMKktCs/Yr8U42lYoopKQzlaAM399buMh6QgtDSZp4JJ8DtVhx
f8EwEHYq/JjwulPbecTf+tUxfZbHyl3suNGUz8d9QY14V2mTWkXT/2qBDDv2v7Uu
LjEBgR8rCXpzWCD7ofGqgULpSN93RbzIw83/qgWTNj09AYosW/VnMI0DdWY6Bn8W
yqj24wJn0JJlWg==
-----END CERTIFICATE-----
Generated at Tue Jun 10 21:27:56 2025 by rpki-client