Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/0b4dba-0747-4e0f-8036-f2223606c538/1/czQP17PChWN63ADx5h4rjkAmWPM.mft
File: czQP17PChWN63ADx5h4rjkAmWPM.mft (raw, json)
Hash identifier: LQgVBCgOxhoYSLAx+wBhT8FXl0ylHOlf3cQGBhcw1U4=
Subject key identifier: 24:2E:CE:A7:1F:8F:35:E6:6D:9B:27:61:C0:B1:3E:E7:3B:05:A3:93
Authority key identifier: 73:34:0F:D7:B3:C2:85:63:7A:DC:00:F1:E6:1E:2B:8E:40:26:58:F3
Certificate issuer: /CN=73340fd7b3c285637adc00f1e61e2b8e402658f3
Certificate serial: 0197488C7F03406EB6A03BF8948C8FA4C8E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/czQP17PChWN63ADx5h4rjkAmWPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/0b4dba-0747-4e0f-8036-f2223606c538/1/czQP17PChWN63ADx5h4rjkAmWPM.mft
Manifest number: 10FA
Signing time: Sat 07 Jun 2025 04:00:56 +0000
Manifest this update: Sat 07 Jun 2025 04:00:56 +0000
Manifest next update: Sun 08 Jun 2025 04:00:56 +0000
Files and hashes: 1: HjTMoAYNnig_SLdG7cjgafMO6sM.roa (hash: vtEs32Udg21ECRrqFxXkvtH2fOMUI8ZhlpPEmcfn7YU=)
2: czQP17PChWN63ADx5h4rjkAmWPM.crl (hash: X3x7SX0gVzvNl+CXEzUSlENa/syIer7b7XX6sjtfCvc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/0b4dba-0747-4e0f-8036-f2223606c538/1/czQP17PChWN63ADx5h4rjkAmWPM.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/0b4dba-0747-4e0f-8036-f2223606c538/1/czQP17PChWN63ADx5h4rjkAmWPM.mft
rsync://rpki.ripe.net/repository/DEFAULT/czQP17PChWN63ADx5h4rjkAmWPM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 04:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:48:8c:7f:03:40:6e:b6:a0:3b:f8:94:8c:8f:a4:c8:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73340fd7b3c285637adc00f1e61e2b8e402658f3
Validity
Not Before: Jun 7 04:00:56 2025 GMT
Not After : Jun 8 04:00:56 2025 GMT
Subject: CN=242ecea71f8f35e66d9b2761c0b13ee73b05a393
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:df:d3:7b:ca:4c:07:c6:48:f9:9f:3b:33:ad:
c4:87:1f:bf:81:f5:13:b0:f8:12:63:cc:da:8e:10:
18:5c:f2:29:11:6b:02:61:f9:f8:2b:9e:62:01:0e:
ab:a5:fb:54:21:5a:f3:6a:15:9b:2a:d2:9d:53:ab:
d7:25:fb:97:04:78:f7:f9:ff:95:51:94:76:28:27:
10:9b:f8:ff:2b:cf:8c:89:d6:d6:8f:10:59:28:b7:
59:09:74:dc:91:95:40:24:da:f9:89:40:a3:fc:dc:
be:e4:2a:03:56:a7:68:83:b8:31:49:83:3c:93:68:
5c:89:67:aa:57:c4:f4:3d:4c:3c:90:d4:a6:e6:41:
70:69:fd:c7:fa:e3:fb:53:ce:99:d0:78:0f:59:37:
da:07:24:e3:03:97:60:9a:d1:0b:cf:6a:fd:2b:50:
9d:85:63:69:5b:7f:c1:0c:15:56:79:5d:e3:63:67:
16:c5:ff:4c:9d:f6:08:7e:13:b8:a6:8a:80:60:89:
53:2e:82:82:d3:06:23:6e:8c:4d:f1:ee:dc:59:5a:
e9:8f:17:14:16:18:69:ed:c0:c1:c3:19:71:70:cc:
23:0a:35:88:a3:dd:b9:fc:26:7e:7d:e1:b9:21:8d:
5a:57:b4:7d:f6:13:d7:10:22:8b:24:cf:ce:3e:79:
a2:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:2E:CE:A7:1F:8F:35:E6:6D:9B:27:61:C0:B1:3E:E7:3B:05:A3:93
X509v3 Authority Key Identifier:
keyid:73:34:0F:D7:B3:C2:85:63:7A:DC:00:F1:E6:1E:2B:8E:40:26:58:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/czQP17PChWN63ADx5h4rjkAmWPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/0b4dba-0747-4e0f-8036-f2223606c538/1/czQP17PChWN63ADx5h4rjkAmWPM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/0b4dba-0747-4e0f-8036-f2223606c538/1/czQP17PChWN63ADx5h4rjkAmWPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:bc:39:62:7c:28:14:a1:ca:8d:20:db:46:3f:86:c7:36:f1:
1f:a8:31:85:f3:18:de:28:0d:cf:a9:b9:16:ca:0c:cf:3a:b9:
bb:d4:f2:95:0e:6c:16:28:a6:93:dc:84:72:11:fc:a0:4e:0e:
1d:1f:d5:f0:fb:8a:82:e8:fb:e7:6c:37:11:80:89:ef:ca:38:
16:9c:cb:a9:30:a4:ad:c3:88:ee:bb:a1:1f:56:cb:47:42:e0:
30:36:9d:d0:41:2e:f7:6b:06:54:a1:cc:7f:40:30:26:57:e9:
34:7e:5c:6d:eb:d4:64:31:a4:34:2d:4f:a2:d4:85:fa:b5:ad:
1a:d9:29:fc:04:49:d3:5c:ac:b8:5f:c4:e3:49:28:ea:65:e7:
72:1a:50:0e:f8:b9:a4:ca:ff:cf:dd:a8:67:22:5d:8d:40:35:
10:89:9d:31:89:47:d0:89:61:40:ae:83:f6:30:2b:7b:fb:8c:
0e:da:cf:fb:f6:cd:78:fd:15:78:1a:12:7b:b0:0c:99:8b:19:
bc:69:21:cf:72:ff:1f:a8:7c:87:74:2d:68:1c:92:59:be:4e:
21:b0:e0:c3:63:b3:6e:3a:f0:37:25:d7:91:64:52:f0:60:0e:
28:67:64:93:bd:18:1c:f3:61:db:a3:03:72:ef:ac:eb:39:98:
b0:40:b1:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjH8DQG62oDv4lIyPpMjpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczMzQwZmQ3YjNjMjg1NjM3YWRjMDBmMWU2MWUyYjhlNDAy
NjU4ZjMwHhcNMjUwNjA3MDQwMDU2WhcNMjUwNjA4MDQwMDU2WjAzMTEwLwYDVQQD
EygyNDJlY2VhNzFmOGYzNWU2NmQ5YjI3NjFjMGIxM2VlNzNiMDVhMzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA89/Te8pMB8ZI+Z87M63Ehx+/gfUT
sPgSY8zajhAYXPIpEWsCYfn4K55iAQ6rpftUIVrzahWbKtKdU6vXJfuXBHj3+f+V
UZR2KCcQm/j/K8+MidbWjxBZKLdZCXTckZVAJNr5iUCj/Ny+5CoDVqdog7gxSYM8
k2hciWeqV8T0PUw8kNSm5kFwaf3H+uP7U86Z0HgPWTfaByTjA5dgmtELz2r9K1Cd
hWNpW3/BDBVWeV3jY2cWxf9MnfYIfhO4poqAYIlTLoKC0wYjboxN8e7cWVrpjxcU
Fhhp7cDBwxlxcMwjCjWIo925/CZ+feG5IY1aV7R99hPXECKLJM/OPnmiAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCQuzqcfjzXmbZsnYcCxPuc7BaOTMB8GA1UdIwQY
MBaAFHM0D9ezwoVjetwA8eYeK45AJljzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3pRUDE3UENoV042M0FEeDVoNHJqa0FtV1BNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8wYjRkYmEtMDc0Ny00ZTBmLTgwMzYt
ZjIyMjM2MDZjNTM4LzEvY3pRUDE3UENoV042M0FEeDVoNHJqa0FtV1BNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8wYjRkYmEtMDc0Ny00ZTBmLTgwMzYtZjIyMjM2MDZjNTM4
LzEvY3pRUDE3UENoV042M0FEeDVoNHJqa0FtV1BNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh7w5Ynwo
FKHKjSDbRj+GxzbxH6gxhfMY3igNz6m5FsoMzzq5u9TylQ5sFiimk9yEchH8oE4O
HR/V8PuKguj752w3EYCJ78o4FpzLqTCkrcOI7ruhH1bLR0LgMDad0EEu92sGVKHM
f0AwJlfpNH5cbevUZDGkNC1PotSF+rWtGtkp/ARJ01ysuF/E40ko6mXnchpQDvi5
pMr/z92oZyJdjUA1EImdMYlH0IlhQK6D9jAre/uMDtrP+/bNeP0VeBoSe7AMmYsZ
vGkhz3L/H6h8h3QtaBySWb5OIbDgw2OzbjrwNyXXkWRS8GAOKGdkk70YHPNh26MD
cu+s6zmYsECxWA==
-----END CERTIFICATE-----
Generated at Sat Jun 7 13:55:04 2025 by rpki-client