Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.mft
File: nB7k05z6obOseZwX94grjOTigSA.mft (raw, json)
Hash identifier: jpxUkWntc5mARwbLtDJOw54VZlqHkMxOGLZOzTK9gD0=
Subject key identifier: B0:EA:8D:98:18:92:CB:1C:45:5E:4A:A5:DA:73:38:32:DC:A1:A2:29
Authority key identifier: 9C:1E:E4:D3:9C:FA:A1:B3:AC:79:9C:17:F7:88:2B:8C:E4:E2:81:20
Certificate issuer: /CN=9c1ee4d39cfaa1b3ac799c17f7882b8ce4e28120
Certificate serial: 01975A5B87837876787D62D5D7FA78F4296A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nB7k05z6obOseZwX94grjOTigSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.mft
Manifest number: 0838
Signing time: Tue 10 Jun 2025 15:00:37 +0000
Manifest this update: Tue 10 Jun 2025 15:00:37 +0000
Manifest next update: Wed 11 Jun 2025 15:00:37 +0000
Files and hashes: 1: egM_lo5hkg5KA7_uP-5h7pmD4BM.roa (hash: LWEk9cOjEXdGtew0n3bgwHhe3Zn8McfotK81AHI+3M0=)
2: nB7k05z6obOseZwX94grjOTigSA.crl (hash: m6IZFOLEA4mr4JJ6QBcI5md8ifVwafWROyJNP0qUL8c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nB7k05z6obOseZwX94grjOTigSA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Jun 2025 15:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5a:5b:87:83:78:76:78:7d:62:d5:d7:fa:78:f4:29:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c1ee4d39cfaa1b3ac799c17f7882b8ce4e28120
Validity
Not Before: Jun 10 15:00:37 2025 GMT
Not After : Jun 11 15:00:37 2025 GMT
Subject: CN=b0ea8d981892cb1c455e4aa5da733832dca1a229
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ef:20:8d:f4:bf:0c:45:b0:9c:0a:15:0a:72:
41:08:0d:e8:f4:4e:8d:9e:90:bc:5e:bc:2c:b8:a9:
33:a8:46:5d:fc:ec:bb:45:73:03:52:7b:9f:0c:c1:
24:e4:b5:78:3d:d5:67:0e:23:95:1b:3c:c1:e4:ac:
1e:40:bb:3c:31:8f:a5:10:2b:3b:43:6a:0c:ba:a5:
c0:df:48:f8:db:db:88:c5:06:ed:d1:fe:01:50:31:
48:26:43:09:2f:22:3c:57:e6:d3:17:85:32:59:c4:
58:77:c4:a2:1b:b9:6b:f2:4a:53:8d:f7:66:d5:38:
50:8a:d9:bb:9a:18:33:f5:9f:6d:38:4e:bc:de:e1:
e9:c6:0e:65:a0:cf:56:f0:04:0a:e8:da:8a:2a:b0:
c5:45:c8:56:4a:5e:fd:1f:e0:76:b0:ef:f3:42:23:
ce:c8:eb:fe:3a:ea:22:d6:c9:f9:23:bf:7a:fa:d3:
08:3c:20:32:08:66:af:77:b7:7b:d1:ed:c0:02:8a:
91:e0:c9:d0:b5:13:f1:12:72:cc:df:c6:df:10:ff:
bd:a1:68:ac:95:2b:c9:77:bb:c4:8e:7c:ab:ec:a2:
cb:9d:f9:10:c1:d6:d5:87:57:16:fb:08:1d:3f:3e:
69:4a:a6:1a:04:48:1c:32:24:dd:59:c8:e6:10:c2:
58:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:EA:8D:98:18:92:CB:1C:45:5E:4A:A5:DA:73:38:32:DC:A1:A2:29
X509v3 Authority Key Identifier:
keyid:9C:1E:E4:D3:9C:FA:A1:B3:AC:79:9C:17:F7:88:2B:8C:E4:E2:81:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nB7k05z6obOseZwX94grjOTigSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b4:b1:1f:21:cf:32:fc:74:19:13:75:84:ce:db:57:eb:06:88:
ef:95:92:cd:d3:68:7b:62:72:0d:41:b4:99:82:b1:a3:92:36:
03:d2:94:26:eb:7e:73:a9:85:f3:76:04:1a:c5:41:2f:af:8b:
c4:b3:09:bf:9a:bb:c1:0d:11:9c:b4:fa:f8:80:f4:71:8b:76:
d2:25:85:ca:24:db:e2:a7:6c:44:59:9e:fb:4a:7f:c8:a0:86:
a6:c7:dc:7b:a0:19:5c:c3:a0:3c:8b:a8:fe:34:c0:84:c7:7d:
8c:76:53:41:ff:06:42:84:a2:ac:19:65:b2:e5:fc:9a:23:3c:
20:62:15:fc:8f:47:13:a7:bf:e4:68:9b:f7:35:9f:ab:55:9d:
b4:87:7b:97:be:38:12:c1:ca:63:dd:6c:46:60:44:aa:fb:01:
80:6d:da:8e:f5:e0:17:f0:60:49:1d:2c:e1:ff:1b:34:0f:a4:
bf:d9:31:65:9a:f8:40:a8:92:ba:67:ec:7b:0b:93:38:74:b3:
06:45:df:ee:ef:fd:43:6a:e1:ae:46:7b:ee:e4:33:69:a4:27:
64:42:33:b3:7b:6e:15:b3:68:20:45:6c:9a:72:ad:28:40:ca:
ce:42:3a:56:cf:14:3a:ca:d4:aa:03:ef:0e:d1:bf:2c:13:0d:
75:3a:92:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdaW4eDeHZ4fWLV1/p49ClqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMWVlNGQzOWNmYWExYjNhYzc5OWMxN2Y3ODgyYjhjZTRl
MjgxMjAwHhcNMjUwNjEwMTUwMDM3WhcNMjUwNjExMTUwMDM3WjAzMTEwLwYDVQQD
EyhiMGVhOGQ5ODE4OTJjYjFjNDU1ZTRhYTVkYTczMzgzMmRjYTFhMjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtu8gjfS/DEWwnAoVCnJBCA3o9E6N
npC8XrwsuKkzqEZd/Oy7RXMDUnufDMEk5LV4PdVnDiOVGzzB5KweQLs8MY+lECs7
Q2oMuqXA30j429uIxQbt0f4BUDFIJkMJLyI8V+bTF4UyWcRYd8SiG7lr8kpTjfdm
1ThQitm7mhgz9Z9tOE683uHpxg5loM9W8AQK6NqKKrDFRchWSl79H+B2sO/zQiPO
yOv+Ouoi1sn5I796+tMIPCAyCGavd7d70e3AAoqR4MnQtRPxEnLM38bfEP+9oWis
lSvJd7vEjnyr7KLLnfkQwdbVh1cW+wgdPz5pSqYaBEgcMiTdWcjmEMJYSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLDqjZgYksscRV5KpdpzODLcoaIpMB8GA1UdIwQY
MBaAFJwe5NOc+qGzrHmcF/eIK4zk4oEgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkI3azA1ejZvYk9zZVp3WDk0Z3JqT1RpZ1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9iYjk3ZDktN2I4MS00NDlmLTkwNjAt
YmQ0NjVjZTcxMWJiLzEvbkI3azA1ejZvYk9zZVp3WDk0Z3JqT1RpZ1NBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9iYjk3ZDktN2I4MS00NDlmLTkwNjAtYmQ0NjVjZTcxMWJi
LzEvbkI3azA1ejZvYk9zZVp3WDk0Z3JqT1RpZ1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtLEfIc8y
/HQZE3WEzttX6waI75WSzdNoe2JyDUG0mYKxo5I2A9KUJut+c6mF83YEGsVBL6+L
xLMJv5q7wQ0RnLT6+ID0cYt20iWFyiTb4qdsRFme+0p/yKCGpsfce6AZXMOgPIuo
/jTAhMd9jHZTQf8GQoSirBllsuX8miM8IGIV/I9HE6e/5Gib9zWfq1WdtId7l744
EsHKY91sRmBEqvsBgG3ajvXgF/BgSR0s4f8bNA+kv9kxZZr4QKiSumfsewuTOHSz
BkXf7u/9Q2rhrkZ77uQzaaQnZEIzs3tuFbNoIEVsmnKtKEDKzkI6Vs8UOsrUqgPv
DtG/LBMNdTqSHg==
-----END CERTIFICATE-----
Generated at Wed Jun 11 02:55:28 2025 by rpki-client