Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/c3988e-8654-4311-8292-426039788919/1/IKf8vlkxTDcraPIyIjgoseM6A-w.mft
File: IKf8vlkxTDcraPIyIjgoseM6A-w.mft (raw, json)
Hash identifier: 3uDww/yc9AAapSRHaJPpFfie55OLhPBec9bsR4HmAMA=
Subject key identifier: 46:15:B1:AE:B0:09:E3:82:5F:23:CF:B3:63:79:5B:88:DD:D8:8C:96
Authority key identifier: 20:A7:FC:BE:59:31:4C:37:2B:68:F2:32:22:38:28:B1:E3:3A:03:EC
Certificate issuer: /CN=20a7fcbe59314c372b68f232223828b1e33a03ec
Certificate serial: 01974A7A70E92EEBDCC967B5A8F0FEB80571
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKf8vlkxTDcraPIyIjgoseM6A-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/c3988e-8654-4311-8292-426039788919/1/IKf8vlkxTDcraPIyIjgoseM6A-w.mft
Manifest number: 11DC
Signing time: Sat 07 Jun 2025 13:00:27 +0000
Manifest this update: Sat 07 Jun 2025 13:00:27 +0000
Manifest next update: Sun 08 Jun 2025 13:00:27 +0000
Files and hashes: 1: IKf8vlkxTDcraPIyIjgoseM6A-w.crl (hash: Wlcgh7eS/rl0ZHZ12YLLIZUUtjgfqUb6d/tx4PoOQAs=)
2: d-01XFis9cLH8BZUIJJWfcsmDG4.roa (hash: NudOKOFu9rScWQsymrxK2r70c3aFtGLF+JDUyVcCcnw=)
3: rwFlopf5Xa6Dqk29FmnWdxdlBsc.roa (hash: sHbPcAOKBddNPUyuRRzIjyvQe1AGIhhOwA82JfuKSsE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/c3988e-8654-4311-8292-426039788919/1/IKf8vlkxTDcraPIyIjgoseM6A-w.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/c3988e-8654-4311-8292-426039788919/1/IKf8vlkxTDcraPIyIjgoseM6A-w.mft
rsync://rpki.ripe.net/repository/DEFAULT/IKf8vlkxTDcraPIyIjgoseM6A-w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4a:7a:70:e9:2e:eb:dc:c9:67:b5:a8:f0:fe:b8:05:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20a7fcbe59314c372b68f232223828b1e33a03ec
Validity
Not Before: Jun 7 13:00:27 2025 GMT
Not After : Jun 8 13:00:27 2025 GMT
Subject: CN=4615b1aeb009e3825f23cfb363795b88ddd88c96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c1:42:6c:b6:3d:b1:b7:ff:37:64:cc:bb:75:
a4:68:f9:d8:cc:00:50:27:f8:a8:27:a8:1d:6f:fe:
57:02:b4:df:08:15:23:98:c3:39:1a:3d:25:9d:6d:
aa:9c:f1:72:19:4e:dd:77:1d:11:07:62:90:91:a2:
aa:7d:02:f3:31:53:36:b0:90:8d:39:70:87:1d:7d:
30:ed:23:89:44:82:aa:e8:22:76:75:b0:61:d3:c6:
9b:57:50:83:5c:59:7c:0e:cf:20:03:8f:36:76:31:
69:55:f3:e3:d0:e3:a6:e6:cf:df:5f:5e:41:cd:2b:
28:ac:70:52:4f:c2:1e:99:75:fe:d2:f6:b1:a2:9c:
55:74:ae:ec:4a:e2:50:5a:d7:46:8d:df:06:ff:36:
b3:c1:c7:4d:bd:bc:f0:00:40:32:81:41:bf:37:ae:
16:98:40:69:38:10:8a:0b:c8:fc:05:4d:21:74:75:
97:90:44:50:b3:98:c6:46:c6:e1:d5:ce:30:ec:9a:
5b:26:b8:dd:f0:8e:e4:5b:d7:b2:ec:75:ab:ce:a1:
d5:0f:46:5d:85:49:c6:4c:df:a6:cd:26:0f:c7:c2:
91:92:c9:ea:3d:26:5e:d3:24:27:63:a9:6a:fc:1c:
b4:dd:6a:0e:8e:be:f6:8d:35:f9:23:d4:93:a4:53:
3d:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:15:B1:AE:B0:09:E3:82:5F:23:CF:B3:63:79:5B:88:DD:D8:8C:96
X509v3 Authority Key Identifier:
keyid:20:A7:FC:BE:59:31:4C:37:2B:68:F2:32:22:38:28:B1:E3:3A:03:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKf8vlkxTDcraPIyIjgoseM6A-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/c3988e-8654-4311-8292-426039788919/1/IKf8vlkxTDcraPIyIjgoseM6A-w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/c3988e-8654-4311-8292-426039788919/1/IKf8vlkxTDcraPIyIjgoseM6A-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ca:2c:4a:b6:aa:78:cd:37:11:bb:4c:66:4c:56:3d:d3:54:08:
e9:c5:36:6b:ef:ef:8e:58:e1:5b:8f:f1:cb:79:d8:5a:ef:85:
99:a0:b5:ad:3d:4f:8d:1d:5d:77:57:17:0a:7a:68:b4:8c:45:
9e:7e:1a:a9:8b:b4:22:bb:c6:2b:9b:9a:19:e7:d6:46:75:84:
78:a1:73:05:92:88:3d:63:b1:02:9b:31:ac:fc:dc:29:e7:06:
8f:47:f4:d4:a9:c9:41:ad:13:92:5d:f3:34:42:6b:54:5a:d1:
72:72:e4:17:1e:49:34:68:d1:ff:4f:6a:42:cc:22:5c:76:81:
ca:51:47:ad:94:d0:5d:89:07:37:2e:0d:68:bf:f8:d2:8e:14:
38:85:55:51:7b:90:18:d3:2a:5a:5d:fb:85:38:0f:2c:ec:2d:
4c:55:f7:7e:70:f8:a3:3f:3c:e9:27:33:8f:96:33:e2:8e:4c:
35:76:58:81:f3:74:4f:19:a0:d9:e5:56:5d:c9:65:02:4f:49:
d9:8d:00:45:15:38:cd:8c:04:51:32:72:d1:70:96:78:b7:59:
45:bf:07:5f:d1:b1:1e:cd:85:e7:9a:d9:ac:57:7f:ae:19:a7:
68:01:f3:6b:2e:83:54:21:95:6a:b1:9f:e4:ab:39:7b:c4:08:
48:b8:09:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKenDpLuvcyWe1qPD+uAVxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYTdmY2JlNTkzMTRjMzcyYjY4ZjIzMjIyMzgyOGIxZTMz
YTAzZWMwHhcNMjUwNjA3MTMwMDI3WhcNMjUwNjA4MTMwMDI3WjAzMTEwLwYDVQQD
Eyg0NjE1YjFhZWIwMDllMzgyNWYyM2NmYjM2Mzc5NWI4OGRkZDg4Yzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMFCbLY9sbf/N2TMu3WkaPnYzABQ
J/ioJ6gdb/5XArTfCBUjmMM5Gj0lnW2qnPFyGU7ddx0RB2KQkaKqfQLzMVM2sJCN
OXCHHX0w7SOJRIKq6CJ2dbBh08abV1CDXFl8Ds8gA482djFpVfPj0OOm5s/fX15B
zSsorHBST8IemXX+0vaxopxVdK7sSuJQWtdGjd8G/zazwcdNvbzwAEAygUG/N64W
mEBpOBCKC8j8BU0hdHWXkERQs5jGRsbh1c4w7JpbJrjd8I7kW9ey7HWrzqHVD0Zd
hUnGTN+mzSYPx8KRksnqPSZe0yQnY6lq/By03WoOjr72jTX5I9STpFM9BwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEYVsa6wCeOCXyPPs2N5W4jd2IyWMB8GA1UdIwQY
MBaAFCCn/L5ZMUw3K2jyMiI4KLHjOgPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtmOHZsa3hURGNyYVBJeUlqZ29zZU02QS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9jMzk4OGUtODY1NC00MzExLTgyOTIt
NDI2MDM5Nzg4OTE5LzEvSUtmOHZsa3hURGNyYVBJeUlqZ29zZU02QS13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9jMzk4OGUtODY1NC00MzExLTgyOTItNDI2MDM5Nzg4OTE5
LzEvSUtmOHZsa3hURGNyYVBJeUlqZ29zZU02QS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyixKtqp4
zTcRu0xmTFY901QI6cU2a+/vjljhW4/xy3nYWu+FmaC1rT1PjR1dd1cXCnpotIxF
nn4aqYu0IrvGK5uaGefWRnWEeKFzBZKIPWOxApsxrPzcKecGj0f01KnJQa0Tkl3z
NEJrVFrRcnLkFx5JNGjR/09qQswiXHaBylFHrZTQXYkHNy4NaL/40o4UOIVVUXuQ
GNMqWl37hTgPLOwtTFX3fnD4oz886Sczj5Yz4o5MNXZYgfN0Txmg2eVWXcllAk9J
2Y0ARRU4zYwEUTJy0XCWeLdZRb8HX9GxHs2F55rZrFd/rhmnaAHzay6DVCGVarGf
5Ks5e8QISLgJuQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 18:07:35 2025 by rpki-client