Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
File: nSh1M866BkWhSM8QyMJ-qachoJ0.mft (raw, json)
Hash identifier: Ef29Y0c47Vjlx7Df88JGUhv1/USIG6sqkDrHW/JtTT0=
Subject key identifier: 85:6B:40:DD:82:21:D5:A5:EE:48:57:C3:52:C5:8B:56:EE:2A:64:9C
Authority key identifier: 9D:28:75:33:CE:BA:06:45:A1:48:CF:10:C8:C2:7E:A9:A7:21:A0:9D
Certificate issuer: /CN=9d287533ceba0645a148cf10c8c27ea9a721a09d
Certificate serial: 0197470BAE5374423E575F57115914B98AAA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSh1M866BkWhSM8QyMJ-qachoJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
Manifest number: 157A
Signing time: Fri 06 Jun 2025 21:00:37 +0000
Manifest this update: Fri 06 Jun 2025 21:00:37 +0000
Manifest next update: Sat 07 Jun 2025 21:00:37 +0000
Files and hashes: 1: MEQtA-51-LVqFHEVZDRMjfjnudY.roa (hash: mP68hXGlyjMnNhpMDZaBlI/pFMVdjYCWoJ7Gpxv9o84=)
2: Re1CMq4a8GRTlVAhciRLdjmNzME.roa (hash: e1LlxuTfucQ1ynw/jUhK7unO/vlcuYPu64TBZ3UmBVk=)
3: nSh1M866BkWhSM8QyMJ-qachoJ0.crl (hash: zTm4VV7nC9lwYn+Q2MlTwZS+HcJqbRXStgWR87DGymI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSh1M866BkWhSM8QyMJ-qachoJ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 21:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:47:0b:ae:53:74:42:3e:57:5f:57:11:59:14:b9:8a:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d287533ceba0645a148cf10c8c27ea9a721a09d
Validity
Not Before: Jun 6 21:00:37 2025 GMT
Not After : Jun 7 21:00:37 2025 GMT
Subject: CN=856b40dd8221d5a5ee4857c352c58b56ee2a649c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:21:25:4e:94:ba:37:24:6d:d8:32:b3:fa:8c:
93:d0:3d:95:2d:21:06:dc:3b:5f:78:2e:e7:08:19:
76:9e:ad:0f:49:35:02:01:08:3d:9f:87:da:f1:d4:
84:24:d0:40:55:47:dc:f3:cb:03:09:ba:9b:3b:fe:
da:0e:3c:b1:0a:df:46:5b:ae:38:b3:8f:ea:31:e5:
44:7b:dd:f7:fc:a2:d9:9b:de:57:e4:91:a4:01:62:
7d:33:75:6e:57:ce:75:8e:e8:0b:c9:87:b7:b1:41:
6f:e1:39:ad:c4:89:bd:fe:87:11:f1:f2:cb:70:f6:
8e:f4:ac:77:b7:42:9a:f3:32:01:7c:e5:8d:dd:5c:
4b:2f:14:38:a0:a3:f0:3b:2e:f9:9b:54:dd:a8:7e:
07:7d:dd:89:86:dc:b6:36:ff:8e:df:3a:07:98:05:
20:13:68:ff:1d:fb:28:d4:3f:19:ca:18:7a:32:2c:
c9:97:f6:9d:d1:fe:54:a7:89:4f:bb:f1:bf:6e:c7:
06:a2:e3:88:ee:0b:00:55:11:15:56:f7:d5:f8:2f:
fe:7f:3b:cb:24:b5:ab:e6:f4:97:98:1c:bc:10:8b:
c2:a5:2d:e6:99:47:b1:22:bf:5a:55:19:6b:b6:7d:
a9:35:ab:cd:d0:a4:2c:f4:45:a7:87:7c:f6:ea:6b:
b2:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:6B:40:DD:82:21:D5:A5:EE:48:57:C3:52:C5:8B:56:EE:2A:64:9C
X509v3 Authority Key Identifier:
keyid:9D:28:75:33:CE:BA:06:45:A1:48:CF:10:C8:C2:7E:A9:A7:21:A0:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSh1M866BkWhSM8QyMJ-qachoJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:a0:73:de:0b:fa:b2:e9:68:f3:ed:31:42:82:98:fc:20:0b:
bf:bf:ff:b3:f4:66:1c:b1:a8:f9:66:55:aa:28:78:39:83:08:
54:ee:90:5a:1f:10:35:46:04:b5:ea:be:e0:9d:da:8c:71:66:
a4:3f:5d:b3:91:6c:f9:cd:32:77:7b:8c:07:9d:48:89:6e:c9:
4d:e1:22:8d:8f:e5:50:c5:ed:75:a0:70:a6:72:5f:53:f9:86:
b2:5b:aa:c3:9f:c9:90:68:24:a1:d6:35:54:9d:a1:3e:eb:ab:
ea:6a:bc:fb:30:1a:6a:a4:aa:89:28:3e:b7:87:a9:42:a7:2d:
aa:72:7d:cd:8d:e9:a4:72:af:cb:be:de:ee:5c:6d:77:d7:d8:
10:2b:3a:18:bf:c5:0e:e7:c9:7d:4d:3e:7d:64:a6:d8:52:03:
d2:ba:95:43:85:9b:82:0c:e9:67:ce:91:60:1b:57:2f:87:cb:
a0:4b:f0:d2:e2:78:db:36:d0:a6:0d:07:0b:5e:f3:07:0c:a4:
77:62:7c:dd:e3:8b:51:d8:a9:c0:b6:36:1e:a8:21:76:6b:9a:
55:26:e4:07:b8:31:3f:4d:cf:02:65:e4:bf:11:e8:b1:bd:ef:
81:3f:39:50:36:6a:be:1c:5f:f5:1b:70:fd:7e:82:03:11:eb:
16:02:99:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHC65TdEI+V19XEVkUuYqqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjg3NTMzY2ViYTA2NDVhMTQ4Y2YxMGM4YzI3ZWE5YTcy
MWEwOWQwHhcNMjUwNjA2MjEwMDM3WhcNMjUwNjA3MjEwMDM3WjAzMTEwLwYDVQQD
Eyg4NTZiNDBkZDgyMjFkNWE1ZWU0ODU3YzM1MmM1OGI1NmVlMmE2NDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyElTpS6NyRt2DKz+oyT0D2VLSEG
3DtfeC7nCBl2nq0PSTUCAQg9n4fa8dSEJNBAVUfc88sDCbqbO/7aDjyxCt9GW644
s4/qMeVEe933/KLZm95X5JGkAWJ9M3VuV851jugLyYe3sUFv4TmtxIm9/ocR8fLL
cPaO9Kx3t0Ka8zIBfOWN3VxLLxQ4oKPwOy75m1TdqH4Hfd2Jhty2Nv+O3zoHmAUg
E2j/Hfso1D8Zyhh6MizJl/ad0f5Up4lPu/G/bscGouOI7gsAVREVVvfV+C/+fzvL
JLWr5vSXmBy8EIvCpS3mmUexIr9aVRlrtn2pNavN0KQs9EWnh3z26muygQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIVrQN2CIdWl7khXw1LFi1buKmScMB8GA1UdIwQY
MBaAFJ0odTPOugZFoUjPEMjCfqmnIaCdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNoMU04NjZCa1doU004UXlNSi1xYWNob0owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC84YTY2OTItZjY0Ni00OWYwLTg4MjEt
MDIxMmIzZWFlOTdjLzEvblNoMU04NjZCa1doU004UXlNSi1xYWNob0owLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC84YTY2OTItZjY0Ni00OWYwLTg4MjEtMDIxMmIzZWFlOTdj
LzEvblNoMU04NjZCa1doU004UXlNSi1xYWNob0owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW6Bz3gv6
sulo8+0xQoKY/CALv7//s/RmHLGo+WZVqih4OYMIVO6QWh8QNUYEteq+4J3ajHFm
pD9ds5Fs+c0yd3uMB51IiW7JTeEijY/lUMXtdaBwpnJfU/mGsluqw5/JkGgkodY1
VJ2hPuur6mq8+zAaaqSqiSg+t4epQqctqnJ9zY3ppHKvy77e7lxtd9fYECs6GL/F
DufJfU0+fWSm2FID0rqVQ4WbggzpZ86RYBtXL4fLoEvw0uJ42zbQpg0HC17zBwyk
d2J83eOLUdipwLY2HqghdmuaVSbkB7gxP03PAmXkvxHosb3vgT85UDZqvhxf9Rtw
/X6CAxHrFgKZjA==
-----END CERTIFICATE-----
Generated at Sat Jun 7 03:11:46 2025 by rpki-client