Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
File: IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft (raw, json)
Hash identifier: pAUsdIpxzw4PyuiPg9cO3A0C/4xclInQTT72T5RMN8M=
Subject key identifier: A7:21:F3:93:B2:99:4D:CA:45:A7:E6:4B:73:D7:D8:64:32:A3:25:B0
Authority key identifier: 21:01:B6:38:8D:64:35:F5:49:90:90:53:82:B4:1D:C9:67:5F:D4:90
Certificate issuer: /CN=2101b6388d6435f54990905382b41dc9675fd490
Certificate serial: 019748FA2734F076BD179AC58904399524D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
Manifest number: 040C
Signing time: Sat 07 Jun 2025 06:00:42 +0000
Manifest this update: Sat 07 Jun 2025 06:00:42 +0000
Manifest next update: Sun 08 Jun 2025 06:00:42 +0000
Files and hashes: 1: EAD0diuoZK02qxxsVWWiclAVX5I.roa (hash: kzXgijoQ+OFnt0McFOmyH17ijOy9UUEek/dQbYMoKFU=)
2: IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl (hash: mstlEbIG/FFPsC8eF8Irdzuv1AyFc7Db4s6G66PxaG4=)
3: nyGLR8VZWMaY-kU1NUM_fc4iRjM.roa (hash: voylSjHlayiNYZNWUzC6whbKd8QLUjoGC1qGpaQazoM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 00:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:48:fa:27:34:f0:76:bd:17:9a:c5:89:04:39:95:24:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2101b6388d6435f54990905382b41dc9675fd490
Validity
Not Before: Jun 7 06:00:42 2025 GMT
Not After : Jun 8 06:00:42 2025 GMT
Subject: CN=a721f393b2994dca45a7e64b73d7d86432a325b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:02:42:6b:d6:61:f6:93:41:cf:79:a1:13:62:
8c:a4:2f:cc:6c:37:79:ce:40:7b:2b:2f:c0:82:3b:
09:8c:63:0e:9e:64:8e:5a:c1:d8:f0:cc:13:08:5a:
95:b5:52:d1:b7:9c:30:30:f9:03:e1:9d:c1:12:ff:
3d:02:98:4b:ce:54:9b:21:f1:d5:16:3d:6c:bd:84:
cc:f2:92:bd:b2:a6:40:53:94:ec:d1:a3:03:ce:5c:
ea:1e:e1:32:17:1e:0d:30:b0:f6:87:20:46:6a:a0:
ca:fe:45:6a:49:4e:ed:62:2d:ea:bf:eb:b5:14:0a:
ae:8c:13:5c:5f:18:89:87:ac:3a:84:8f:5d:97:20:
5a:fa:50:fa:7c:00:29:1e:a7:d3:4d:7a:d7:7a:f3:
8d:c8:35:da:38:a5:52:0a:bb:7f:4f:97:13:12:78:
15:22:6b:cb:63:6d:6c:a5:52:c8:3b:0f:7a:1e:07:
82:30:e0:20:fb:65:a6:50:37:d5:6b:1e:f6:2b:68:
15:25:13:8d:10:27:82:e1:88:6c:57:d2:c2:2c:b3:
bd:8e:5c:3d:d1:af:da:3e:de:e6:5d:7b:a3:44:b0:
28:39:ee:00:81:4e:54:93:d3:e3:3b:b3:42:22:92:
b3:8a:7f:f9:13:81:5f:92:c8:84:f9:4f:f0:87:8e:
a3:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:21:F3:93:B2:99:4D:CA:45:A7:E6:4B:73:D7:D8:64:32:A3:25:B0
X509v3 Authority Key Identifier:
keyid:21:01:B6:38:8D:64:35:F5:49:90:90:53:82:B4:1D:C9:67:5F:D4:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a6:90:29:90:5a:9a:39:15:d7:e4:4e:c2:9f:dd:b2:2c:39:c6:
c7:23:44:7c:52:c1:42:1e:a2:d6:43:aa:a3:66:9a:f7:0d:0b:
2e:da:3c:a9:59:22:a0:c4:f9:5d:35:21:ab:ea:c7:17:61:0c:
53:22:44:67:77:8d:5b:66:6c:37:c8:b2:38:34:a1:17:84:9e:
62:2c:ce:92:22:7c:9d:63:d3:64:55:60:d8:f4:a5:66:41:25:
f3:28:7d:37:ae:5b:39:a9:c2:f9:e0:5e:4b:1a:fb:50:6e:22:
46:61:23:fb:7c:87:0e:c2:06:a4:71:9f:68:8a:15:b3:50:62:
9d:65:a2:f2:23:2b:c3:5c:eb:8d:81:fe:10:01:64:42:eb:34:
91:2b:66:4a:19:82:aa:62:d5:b6:00:0e:ff:eb:67:9d:50:75:
d7:90:3d:17:e0:43:42:4f:fd:d0:51:e7:9f:48:4b:cc:a5:03:
03:31:4a:c7:36:e8:49:9d:80:3b:28:83:51:d7:5d:27:48:39:
de:a6:e1:ee:cb:f6:c0:6a:2b:af:32:4e:03:ce:8d:57:15:27:
82:32:5c:48:8f:68:fe:50:c6:52:34:2f:46:95:31:85:e3:a1:
f5:cf:28:17:9b:1f:b4:a7:8d:4d:e0:c4:35:4e:b5:33:13:c3:
14:b7:e5:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdI+ic08Ha9F5rFiQQ5lSTUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDFiNjM4OGQ2NDM1ZjU0OTkwOTA1MzgyYjQxZGM5Njc1
ZmQ0OTAwHhcNMjUwNjA3MDYwMDQyWhcNMjUwNjA4MDYwMDQyWjAzMTEwLwYDVQQD
EyhhNzIxZjM5M2IyOTk0ZGNhNDVhN2U2NGI3M2Q3ZDg2NDMyYTMyNWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgJCa9Zh9pNBz3mhE2KMpC/MbDd5
zkB7Ky/AgjsJjGMOnmSOWsHY8MwTCFqVtVLRt5wwMPkD4Z3BEv89AphLzlSbIfHV
Fj1svYTM8pK9sqZAU5Ts0aMDzlzqHuEyFx4NMLD2hyBGaqDK/kVqSU7tYi3qv+u1
FAqujBNcXxiJh6w6hI9dlyBa+lD6fAApHqfTTXrXevONyDXaOKVSCrt/T5cTEngV
ImvLY21spVLIOw96HgeCMOAg+2WmUDfVax72K2gVJRONECeC4YhsV9LCLLO9jlw9
0a/aPt7mXXujRLAoOe4AgU5Uk9PjO7NCIpKzin/5E4FfksiE+U/wh46jDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKch85OymU3KRafmS3PX2GQyoyWwMB8GA1UdIwQY
MBaAFCEBtjiNZDX1SZCQU4K0HclnX9SQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jMjA5NWEtM2IzZC00YWM0LTljMzIt
NGRmODkxMjE4OGY3LzEvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jMjA5NWEtM2IzZC00YWM0LTljMzItNGRmODkxMjE4OGY3
LzEvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAppApkFqa
ORXX5E7Cn92yLDnGxyNEfFLBQh6i1kOqo2aa9w0LLto8qVkioMT5XTUhq+rHF2EM
UyJEZ3eNW2ZsN8iyODShF4SeYizOkiJ8nWPTZFVg2PSlZkEl8yh9N65bOanC+eBe
Sxr7UG4iRmEj+3yHDsIGpHGfaIoVs1BinWWi8iMrw1zrjYH+EAFkQus0kStmShmC
qmLVtgAO/+tnnVB115A9F+BDQk/90FHnn0hLzKUDAzFKxzboSZ2AOyiDUdddJ0g5
3qbh7sv2wGorrzJOA86NVxUngjJcSI9o/lDGUjQvRpUxheOh9c8oF5sftKeNTeDE
NU61MxPDFLfl1Q==
-----END CERTIFICATE-----
Generated at Sat Jun 7 09:00:15 2025 by rpki-client