Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.mft
File: NAahLsxTolGnXOe6yqyeQa7otMo.mft (raw, json)
Hash identifier: wO9svq79m9WaMaoZ8DQXZH3C7EffjB/i/OF/ClUyVyI=
Subject key identifier: 39:62:E4:29:DE:35:95:59:91:3F:4A:F6:8B:D7:17:FC:48:1E:E7:19
Authority key identifier: 34:06:A1:2E:CC:53:A2:51:A7:5C:E7:BA:CA:AC:9E:41:AE:E8:B4:CA
Certificate issuer: /CN=3406a12ecc53a251a75ce7bacaac9e41aee8b4ca
Certificate serial: 01974EC56B2A376E2E140CE22B7F9436C937
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NAahLsxTolGnXOe6yqyeQa7otMo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.mft
Manifest number: 157E
Signing time: Sun 08 Jun 2025 09:00:50 +0000
Manifest this update: Sun 08 Jun 2025 09:00:50 +0000
Manifest next update: Mon 09 Jun 2025 09:00:50 +0000
Files and hashes: 1: 9N71vXZ6iYuqWW-If0CgsO_Wjpg.roa (hash: plP8bbCihgTmT1C8mtLaGAuAfGPMZ93aIA1Z/LkRd90=)
2: NAahLsxTolGnXOe6yqyeQa7otMo.crl (hash: tG03s46fZ97jv1HmXm/X6NKASmebdERDoWyHIbxEric=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.mft
rsync://rpki.ripe.net/repository/DEFAULT/NAahLsxTolGnXOe6yqyeQa7otMo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 09:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4e:c5:6b:2a:37:6e:2e:14:0c:e2:2b:7f:94:36:c9:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3406a12ecc53a251a75ce7bacaac9e41aee8b4ca
Validity
Not Before: Jun 8 09:00:50 2025 GMT
Not After : Jun 9 09:00:50 2025 GMT
Subject: CN=3962e429de359559913f4af68bd717fc481ee719
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:7e:2f:b5:40:53:a6:e7:77:21:de:ff:12:a9:
86:5a:2d:98:bc:37:e5:9e:69:71:a5:04:17:e4:a6:
8e:fc:60:cb:fb:3e:17:f2:80:ce:79:69:1d:ab:e3:
53:01:cf:c9:9a:75:06:54:1e:f5:f2:c4:ce:6f:20:
d1:7d:f7:f8:11:f0:2f:cf:bb:6c:ec:e7:ea:e8:00:
4f:fd:cf:4c:e8:34:f9:61:6b:80:0d:25:4e:fc:7b:
36:e1:58:0b:a7:81:94:0d:6a:6c:06:75:88:7c:48:
7b:84:59:75:6f:11:6f:1d:40:98:3c:92:41:ce:76:
99:2b:c4:c6:be:d2:62:22:ba:b1:da:10:0f:13:16:
96:b4:a6:ae:3a:a7:b8:de:94:c5:80:27:30:2f:f3:
9f:20:1f:a7:01:2b:db:c7:6c:23:a1:c4:1b:79:23:
d5:bc:9f:26:52:07:32:06:ad:6d:78:d1:00:72:3d:
0a:d2:c8:06:d6:83:b2:48:e8:cd:57:2c:18:e6:0b:
f8:0d:29:ef:a1:83:67:1b:af:50:10:ed:94:45:64:
13:c6:2b:49:a1:90:98:8b:33:12:d3:d4:f0:02:0f:
71:70:48:06:dc:f1:64:62:32:47:43:7f:86:3a:be:
01:07:c2:6c:59:2d:f1:eb:18:9f:d8:10:cc:25:9b:
0e:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:62:E4:29:DE:35:95:59:91:3F:4A:F6:8B:D7:17:FC:48:1E:E7:19
X509v3 Authority Key Identifier:
keyid:34:06:A1:2E:CC:53:A2:51:A7:5C:E7:BA:CA:AC:9E:41:AE:E8:B4:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAahLsxTolGnXOe6yqyeQa7otMo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
34:5c:46:63:02:24:d8:f8:64:93:61:2d:da:0d:a8:3c:69:d3:
58:17:93:25:10:57:38:2a:7c:79:e2:7f:f3:08:39:d4:eb:3b:
9e:55:0d:fd:cc:60:97:4a:42:b7:24:45:96:b1:65:d1:88:a3:
f9:48:9e:2f:1b:f4:90:3d:d4:36:54:37:39:3e:6a:51:b1:4b:
d8:10:8c:e9:8f:e2:b6:65:09:d8:c1:17:03:66:09:5a:35:b5:
76:68:05:75:e0:b8:0a:e4:b3:87:3a:98:96:b6:dd:6e:35:23:
ac:ad:28:fd:1b:27:dc:d0:af:f6:f4:fc:0b:be:e6:fd:e4:cf:
ca:44:c0:99:db:9e:ae:df:d1:3f:9f:84:bc:a1:0e:39:52:52:
fd:ea:9f:77:05:93:c5:68:6b:7f:7b:dd:e3:81:42:30:63:70:
01:cf:52:d7:a1:a2:9c:1e:51:0a:34:3f:d5:39:e5:29:c0:b9:
f3:f9:5b:97:c4:77:23:4c:9e:6e:3b:7e:a5:c9:65:ff:49:67:
d5:8a:30:47:05:a8:7b:b2:16:73:a5:6c:5c:c0:bf:a7:07:07:
3c:11:1a:10:a5:92:98:e1:17:69:18:98:6a:26:49:28:4a:fa:
a0:3d:2b:e0:74:40:c0:74:1e:09:9a:09:91:af:01:6a:ad:55:
92:4a:ed:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOxWsqN24uFAziK3+UNsk3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDZhMTJlY2M1M2EyNTFhNzVjZTdiYWNhYWM5ZTQxYWVl
OGI0Y2EwHhcNMjUwNjA4MDkwMDUwWhcNMjUwNjA5MDkwMDUwWjAzMTEwLwYDVQQD
EygzOTYyZTQyOWRlMzU5NTU5OTEzZjRhZjY4YmQ3MTdmYzQ4MWVlNzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo34vtUBTpud3Id7/EqmGWi2YvDfl
nmlxpQQX5KaO/GDL+z4X8oDOeWkdq+NTAc/JmnUGVB718sTObyDRfff4EfAvz7ts
7Ofq6ABP/c9M6DT5YWuADSVO/Hs24VgLp4GUDWpsBnWIfEh7hFl1bxFvHUCYPJJB
znaZK8TGvtJiIrqx2hAPExaWtKauOqe43pTFgCcwL/OfIB+nASvbx2wjocQbeSPV
vJ8mUgcyBq1teNEAcj0K0sgG1oOySOjNVywY5gv4DSnvoYNnG69QEO2URWQTxitJ
oZCYizMS09TwAg9xcEgG3PFkYjJHQ3+GOr4BB8JsWS3x6xif2BDMJZsOPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDli5CneNZVZkT9K9ovXF/xIHucZMB8GA1UdIwQY
MBaAFDQGoS7MU6JRp1znusqsnkGu6LTKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFhaExzeFRvbEduWE9lNnlxeWVRYTdvdE1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi84N2Y5MmUtNGU2Ny00YWM5LTk2YzUt
YTc3OWJhYWE3NTk5LzEvTkFhaExzeFRvbEduWE9lNnlxeWVRYTdvdE1vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi84N2Y5MmUtNGU2Ny00YWM5LTk2YzUtYTc3OWJhYWE3NTk5
LzEvTkFhaExzeFRvbEduWE9lNnlxeWVRYTdvdE1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANFxGYwIk
2Phkk2Et2g2oPGnTWBeTJRBXOCp8eeJ/8wg51Os7nlUN/cxgl0pCtyRFlrFl0Yij
+UieLxv0kD3UNlQ3OT5qUbFL2BCM6Y/itmUJ2MEXA2YJWjW1dmgFdeC4CuSzhzqY
lrbdbjUjrK0o/Rsn3NCv9vT8C77m/eTPykTAmduert/RP5+EvKEOOVJS/eqfdwWT
xWhrf3vd44FCMGNwAc9S16GinB5RCjQ/1TnlKcC58/lbl8R3I0yebjt+pcll/0ln
1YowRwWoe7IWc6VsXMC/pwcHPBEaEKWSmOEXaRiYaiZJKEr6oD0r4HRAwHQeCZoJ
ka8Baq1VkkrtGw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:36:51 2025 by rpki-client