Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.mft
File: zTu8GVzaflgkWmHLMLlv5XL9eBE.mft (raw, json)
Hash identifier: 7b7RVlu3EQHw3i312Wd8fu38BCyiXXAfZlzlqVcb1WY=
Subject key identifier: 37:39:20:CC:58:17:EA:6A:00:3D:53:DD:CB:24:E0:72:42:1A:F3:E7
Authority key identifier: CD:3B:BC:19:5C:DA:7E:58:24:5A:61:CB:30:B9:6F:E5:72:FD:78:11
Certificate issuer: /CN=cd3bbc195cda7e58245a61cb30b96fe572fd7811
Certificate serial: 01974CD76F3E4121DE54A46BD9F0DCD4FAD0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zTu8GVzaflgkWmHLMLlv5XL9eBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.mft
Manifest number: 0ED1
Signing time: Sun 08 Jun 2025 00:01:16 +0000
Manifest this update: Sun 08 Jun 2025 00:01:16 +0000
Manifest next update: Mon 09 Jun 2025 00:01:16 +0000
Files and hashes: 1: clDd21QzHwOlwdLoUbCFlA9N4Bc.roa (hash: b4fVPg9ViPXbDXBeIAFrk3g5qdFMK0V6puBPZsjXHfs=)
2: zTu8GVzaflgkWmHLMLlv5XL9eBE.crl (hash: qwm7CL1/GSiTyaa6co5WR9+NWuDPRHg1nO8eJMo24Xc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.mft
rsync://rpki.ripe.net/repository/DEFAULT/zTu8GVzaflgkWmHLMLlv5XL9eBE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 00:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4c:d7:6f:3e:41:21:de:54:a4:6b:d9:f0:dc:d4:fa:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd3bbc195cda7e58245a61cb30b96fe572fd7811
Validity
Not Before: Jun 8 00:01:16 2025 GMT
Not After : Jun 9 00:01:16 2025 GMT
Subject: CN=373920cc5817ea6a003d53ddcb24e072421af3e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:68:3c:0f:15:ad:88:13:b7:e3:a9:3c:c7:89:
ae:5f:7d:f2:84:e7:a2:f7:ab:49:98:98:75:6b:b0:
23:63:47:7a:01:c8:58:7f:c2:16:25:8e:4f:37:a4:
96:55:67:ee:87:5c:c1:22:97:dc:51:a4:7f:f4:00:
4f:59:a9:2c:6e:42:37:75:d2:27:bb:ae:48:ad:ac:
eb:44:f7:8f:ca:9b:e8:69:7e:cb:1a:07:86:c2:72:
b6:ac:37:d8:26:a7:dc:4e:f7:1a:d8:e3:b2:1d:b1:
ec:ad:02:5f:75:cb:00:89:b8:07:da:46:f0:d4:ba:
cd:12:6c:cb:6d:f9:61:a1:85:4a:cb:85:90:be:dc:
b6:34:2b:76:6e:62:4b:a5:9c:e9:f2:91:d6:06:11:
a9:16:52:75:e5:73:6d:26:97:69:ee:77:de:0f:5c:
9d:c8:3f:bb:20:da:8c:f5:ac:ec:20:32:c9:d5:6f:
49:3b:72:2f:d2:be:69:d4:8d:a0:d3:7a:d2:bb:73:
79:e7:30:64:70:ed:31:6c:8d:fb:cf:73:52:f1:15:
38:3d:a2:d1:4f:a0:41:e7:d7:31:5e:53:38:c1:10:
91:89:56:bf:ba:89:8a:39:31:14:4a:8e:ac:e9:c7:
78:ee:87:a2:c3:48:7c:e3:76:51:b8:be:9f:de:88:
98:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:39:20:CC:58:17:EA:6A:00:3D:53:DD:CB:24:E0:72:42:1A:F3:E7
X509v3 Authority Key Identifier:
keyid:CD:3B:BC:19:5C:DA:7E:58:24:5A:61:CB:30:B9:6F:E5:72:FD:78:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zTu8GVzaflgkWmHLMLlv5XL9eBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
20:48:2d:f9:21:91:a9:f4:83:bc:42:08:d4:44:b1:b9:f3:8e:
01:b9:ae:b0:c1:2e:47:5e:b0:9e:d2:3e:9e:aa:a3:27:1b:f0:
39:86:94:75:50:94:20:d5:de:09:69:bb:b6:7c:6b:0f:fd:27:
f3:f9:b1:8e:07:ce:2e:2a:8f:7f:98:69:50:3a:2a:55:44:9d:
e4:fc:b9:21:e3:6a:8d:97:d6:ac:01:76:b8:b7:54:ad:25:de:
cc:ff:53:e6:90:bd:3d:bd:1f:cd:ea:0f:15:84:f6:31:ca:95:
f2:26:0b:1c:c7:c1:28:19:82:d4:20:c2:27:09:2c:b1:8b:7e:
d7:dd:d9:74:39:b1:75:f7:0e:6d:96:2f:0d:f1:4b:70:d4:be:
77:0e:a1:e9:af:65:d0:40:be:a5:83:c4:89:32:06:a7:08:86:
58:4e:70:ee:d3:32:0b:6d:28:98:3d:f8:9c:da:7b:79:d8:cf:
f7:b4:c6:f3:30:e9:8a:5d:80:a5:cc:6c:b2:07:9c:6f:0b:8f:
bc:3e:fa:58:b3:1c:da:00:f9:cc:22:ba:4c:a8:1d:30:38:b2:
6b:33:b8:76:d2:ee:87:74:ac:4a:3d:aa:79:a8:78:9a:be:0e:
78:13:9d:b2:b3:a3:51:22:fa:32:1c:89:35:6d:1d:ab:80:13:
4b:d0:fb:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdM128+QSHeVKRr2fDc1PrQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkM2JiYzE5NWNkYTdlNTgyNDVhNjFjYjMwYjk2ZmU1NzJm
ZDc4MTEwHhcNMjUwNjA4MDAwMTE2WhcNMjUwNjA5MDAwMTE2WjAzMTEwLwYDVQQD
EygzNzM5MjBjYzU4MTdlYTZhMDAzZDUzZGRjYjI0ZTA3MjQyMWFmM2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2g8DxWtiBO346k8x4muX33yhOei
96tJmJh1a7AjY0d6AchYf8IWJY5PN6SWVWfuh1zBIpfcUaR/9ABPWaksbkI3ddIn
u65IrazrRPePypvoaX7LGgeGwnK2rDfYJqfcTvca2OOyHbHsrQJfdcsAibgH2kbw
1LrNEmzLbflhoYVKy4WQvty2NCt2bmJLpZzp8pHWBhGpFlJ15XNtJpdp7nfeD1yd
yD+7INqM9azsIDLJ1W9JO3Iv0r5p1I2g03rSu3N55zBkcO0xbI37z3NS8RU4PaLR
T6BB59cxXlM4wRCRiVa/uomKOTEUSo6s6cd47oeiw0h843ZRuL6f3oiYqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDc5IMxYF+pqAD1T3csk4HJCGvPnMB8GA1UdIwQY
MBaAFM07vBlc2n5YJFphyzC5b+Vy/XgRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelR1OEdWemFmbGdrV21ITE1MbHY1WEw5ZUJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny81YWY3YTUtYjY3Yy00NTlhLTk4OTMt
YzZmYWRlYjI4NWJhLzEvelR1OEdWemFmbGdrV21ITE1MbHY1WEw5ZUJFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny81YWY3YTUtYjY3Yy00NTlhLTk4OTMtYzZmYWRlYjI4NWJh
LzEvelR1OEdWemFmbGdrV21ITE1MbHY1WEw5ZUJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIEgt+SGR
qfSDvEII1ESxufOOAbmusMEuR16wntI+nqqjJxvwOYaUdVCUINXeCWm7tnxrD/0n
8/mxjgfOLiqPf5hpUDoqVUSd5Py5IeNqjZfWrAF2uLdUrSXezP9T5pC9Pb0fzeoP
FYT2McqV8iYLHMfBKBmC1CDCJwkssYt+193ZdDmxdfcObZYvDfFLcNS+dw6h6a9l
0EC+pYPEiTIGpwiGWE5w7tMyC20omD34nNp7edjP97TG8zDpil2ApcxssgecbwuP
vD76WLMc2gD5zCK6TKgdMDiyazO4dtLuh3SsSj2qeah4mr4OeBOdsrOjUSL6MhyJ
NW0dq4ATS9D7kg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:55:48 2025 by rpki-client