Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/ec8801-0a7c-487e-a103-525d7e22c788/1/smbm5NXff4olZUFEdV172ZLnNTk.mft
File: smbm5NXff4olZUFEdV172ZLnNTk.mft (raw, json)
Hash identifier: SbbARoLBG2UnKLeH28f9N18CpaQJy0O4Kbz5d2HKyVA=
Subject key identifier: 68:B1:C1:41:94:9E:4A:2B:E5:58:57:A7:FD:BA:CE:77:06:05:ED:AA
Authority key identifier: B2:66:E6:E4:D5:DF:7F:8A:25:65:41:44:75:5D:7B:D9:92:E7:35:39
Certificate issuer: /CN=b266e6e4d5df7f8a25654144755d7bd992e73539
Certificate serial: 01974A438AC17E83AA382908597580765F67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/smbm5NXff4olZUFEdV172ZLnNTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/ec8801-0a7c-487e-a103-525d7e22c788/1/smbm5NXff4olZUFEdV172ZLnNTk.mft
Manifest number: 0886
Signing time: Sat 07 Jun 2025 12:00:29 +0000
Manifest this update: Sat 07 Jun 2025 12:00:29 +0000
Manifest next update: Sun 08 Jun 2025 12:00:29 +0000
Files and hashes: 1: 4UxBywVcvcMsb-HDJGoMszIr0uA.roa (hash: CPNjg2b32CAKEDe5pmcVPP+MsVRB7Gy+EYi43k44UBQ=)
2: smbm5NXff4olZUFEdV172ZLnNTk.crl (hash: l2mUWrxySuYCNzZ2ptpsUv23Y0LTLGmf8rmlPa5DTcw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/ec8801-0a7c-487e-a103-525d7e22c788/1/smbm5NXff4olZUFEdV172ZLnNTk.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/ec8801-0a7c-487e-a103-525d7e22c788/1/smbm5NXff4olZUFEdV172ZLnNTk.mft
rsync://rpki.ripe.net/repository/DEFAULT/smbm5NXff4olZUFEdV172ZLnNTk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4a:43:8a:c1:7e:83:aa:38:29:08:59:75:80:76:5f:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b266e6e4d5df7f8a25654144755d7bd992e73539
Validity
Not Before: Jun 7 12:00:29 2025 GMT
Not After : Jun 8 12:00:29 2025 GMT
Subject: CN=68b1c141949e4a2be55857a7fdbace770605edaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:98:be:8f:be:17:b1:c7:a4:b1:99:44:f8:49:
89:d5:44:b1:af:cc:56:41:7d:90:ee:b9:5b:8a:5a:
92:37:12:bd:de:0f:8a:2e:23:62:b0:4f:82:87:88:
8e:68:7e:a0:c2:da:9b:5e:73:94:29:ba:15:1f:f3:
c6:e3:25:3c:e2:c1:89:8b:76:74:5e:f7:16:ee:14:
d6:dd:3c:42:04:f4:62:e3:f1:63:de:27:d1:38:4a:
f0:9d:a9:4f:28:79:94:9c:71:6d:41:fc:c6:fc:b9:
23:58:b5:6c:14:05:8e:44:6b:94:38:07:cf:0f:24:
42:79:66:34:e1:0a:68:6a:c8:75:90:82:d5:a0:8c:
e5:fa:63:70:fa:ba:81:bf:65:2b:d5:8d:18:ca:34:
97:ff:1d:c9:ac:fb:ff:09:6a:84:68:98:22:86:60:
b7:5e:25:78:0d:57:88:59:ba:ff:79:25:d3:a3:ef:
2f:ab:95:71:af:3a:e2:a2:f7:f8:1b:f5:ed:7e:a9:
3c:6f:7e:3b:93:e3:6f:d0:f3:81:93:5c:89:8e:09:
6c:b7:18:c7:c7:54:38:e1:51:1f:46:6c:7b:fc:b6:
a6:13:19:45:4e:72:2f:a8:3d:34:db:79:80:8d:30:
66:0b:e3:1b:02:c7:f5:74:21:99:4e:c7:31:08:0d:
78:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:B1:C1:41:94:9E:4A:2B:E5:58:57:A7:FD:BA:CE:77:06:05:ED:AA
X509v3 Authority Key Identifier:
keyid:B2:66:E6:E4:D5:DF:7F:8A:25:65:41:44:75:5D:7B:D9:92:E7:35:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/smbm5NXff4olZUFEdV172ZLnNTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/ec8801-0a7c-487e-a103-525d7e22c788/1/smbm5NXff4olZUFEdV172ZLnNTk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/ec8801-0a7c-487e-a103-525d7e22c788/1/smbm5NXff4olZUFEdV172ZLnNTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0a:4a:ff:84:ce:8d:2a:c1:63:fb:95:c7:37:10:ae:e8:53:bc:
72:f8:24:55:3f:14:42:1b:4a:52:46:ac:f3:2b:5e:6a:63:2e:
a6:4c:3f:76:ed:38:52:0d:c6:50:d4:6a:27:2b:3e:d5:bb:05:
b2:5c:3e:47:7f:fa:2e:83:bf:d5:66:6a:e4:88:1c:ba:cd:11:
4d:02:1f:6f:03:65:77:b6:7e:13:3c:7f:c3:1e:0b:36:df:7b:
21:fd:34:15:cd:1b:79:eb:9e:ee:9b:36:5f:ff:da:9e:5d:88:
c3:93:31:35:26:3d:c0:29:cf:34:c7:fb:34:38:6a:15:f8:74:
cf:d2:77:36:69:5c:82:96:de:e2:99:ae:3c:d1:04:49:2a:67:
09:80:6f:6f:76:e8:8e:6b:2e:93:0d:95:ea:01:8e:ae:69:8c:
3a:30:09:8a:5d:af:2e:a3:a9:58:b0:8d:5e:d5:c8:af:0d:cc:
ef:55:12:4f:01:66:08:f0:5f:fe:c3:56:32:92:4b:69:db:ab:
7d:4c:6e:82:57:14:1f:80:c1:50:ac:ba:f0:e3:06:3c:6e:50:
6a:d2:73:76:50:8b:df:7d:a3:fd:22:db:ff:da:5f:08:ea:4e:
51:37:03:82:64:d3:c1:c0:4e:9d:14:36:57:b1:dd:6a:8d:61:
9a:17:1f:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKQ4rBfoOqOCkIWXWAdl9nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyNjZlNmU0ZDVkZjdmOGEyNTY1NDE0NDc1NWQ3YmQ5OTJl
NzM1MzkwHhcNMjUwNjA3MTIwMDI5WhcNMjUwNjA4MTIwMDI5WjAzMTEwLwYDVQQD
Eyg2OGIxYzE0MTk0OWU0YTJiZTU1ODU3YTdmZGJhY2U3NzA2MDVlZGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZi+j74XsceksZlE+EmJ1USxr8xW
QX2Q7rlbilqSNxK93g+KLiNisE+Ch4iOaH6gwtqbXnOUKboVH/PG4yU84sGJi3Z0
XvcW7hTW3TxCBPRi4/Fj3ifROErwnalPKHmUnHFtQfzG/LkjWLVsFAWORGuUOAfP
DyRCeWY04Qpoash1kILVoIzl+mNw+rqBv2Ur1Y0YyjSX/x3JrPv/CWqEaJgihmC3
XiV4DVeIWbr/eSXTo+8vq5Vxrzriovf4G/Xtfqk8b347k+Nv0POBk1yJjglstxjH
x1Q44VEfRmx7/LamExlFTnIvqD0023mAjTBmC+MbAsf1dCGZTscxCA14rwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGixwUGUnkor5VhXp/26zncGBe2qMB8GA1UdIwQY
MBaAFLJm5uTV33+KJWVBRHVde9mS5zU5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc21ibTVOWGZmNG9sWlVGRWRWMTcyWkxuTlRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9lYzg4MDEtMGE3Yy00ODdlLWExMDMt
NTI1ZDdlMjJjNzg4LzEvc21ibTVOWGZmNG9sWlVGRWRWMTcyWkxuTlRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9lYzg4MDEtMGE3Yy00ODdlLWExMDMtNTI1ZDdlMjJjNzg4
LzEvc21ibTVOWGZmNG9sWlVGRWRWMTcyWkxuTlRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACkr/hM6N
KsFj+5XHNxCu6FO8cvgkVT8UQhtKUkas8yteamMupkw/du04Ug3GUNRqJys+1bsF
slw+R3/6LoO/1WZq5Igcus0RTQIfbwNld7Z+Ezx/wx4LNt97If00Fc0beeue7ps2
X//anl2Iw5MxNSY9wCnPNMf7NDhqFfh0z9J3Nmlcgpbe4pmuPNEESSpnCYBvb3bo
jmsukw2V6gGOrmmMOjAJil2vLqOpWLCNXtXIrw3M71USTwFmCPBf/sNWMpJLadur
fUxuglcUH4DBUKy68OMGPG5QatJzdlCL332j/SLb/9pfCOpOUTcDgmTTwcBOnRQ2
V7Hdao1hmhcf1g==
-----END CERTIFICATE-----
Generated at Sat Jun 7 18:32:49 2025 by rpki-client