Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/cbf425-b958-4e49-9c96-8356d2d42771/1/6OcnETayGhWK70CdMOLGAB1bDak.mft
File: 6OcnETayGhWK70CdMOLGAB1bDak.mft (raw, json)
Hash identifier: gM1bzm1+3GXNB5BT+Rd3tolAZdDXXpPqVQAb/bN0SVs=
Subject key identifier: 88:9B:CC:9A:E9:78:6A:58:12:79:91:DC:82:03:F3:77:B8:1A:1B:39
Authority key identifier: E8:E7:27:11:36:B2:1A:15:8A:EF:40:9D:30:E2:C6:00:1D:5B:0D:A9
Certificate issuer: /CN=e8e7271136b21a158aef409d30e2c6001d5b0da9
Certificate serial: 0197499F17C5423BA3B3A3E6EFEBB4FDA2FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6OcnETayGhWK70CdMOLGAB1bDak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/cbf425-b958-4e49-9c96-8356d2d42771/1/6OcnETayGhWK70CdMOLGAB1bDak.mft
Manifest number: 0ED3
Signing time: Sat 07 Jun 2025 09:00:52 +0000
Manifest this update: Sat 07 Jun 2025 09:00:52 +0000
Manifest next update: Sun 08 Jun 2025 09:00:52 +0000
Files and hashes: 1: 6OcnETayGhWK70CdMOLGAB1bDak.crl (hash: fjx+RbwNRkFmhtqIYR4WOPAmcc93iFYnNaR49Qq/qbs=)
2: dxgxd6-xP9JkwgZUnUwpf-WY-Kw.roa (hash: hqOsy5iRYOF259KVMk0QtmelCMMCDmkaOIHQ2ucYLWE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/cbf425-b958-4e49-9c96-8356d2d42771/1/6OcnETayGhWK70CdMOLGAB1bDak.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/cbf425-b958-4e49-9c96-8356d2d42771/1/6OcnETayGhWK70CdMOLGAB1bDak.mft
rsync://rpki.ripe.net/repository/DEFAULT/6OcnETayGhWK70CdMOLGAB1bDak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:49:9f:17:c5:42:3b:a3:b3:a3:e6:ef:eb:b4:fd:a2:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8e7271136b21a158aef409d30e2c6001d5b0da9
Validity
Not Before: Jun 7 09:00:52 2025 GMT
Not After : Jun 8 09:00:52 2025 GMT
Subject: CN=889bcc9ae9786a58127991dc8203f377b81a1b39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:65:83:8f:af:a9:5c:6c:be:12:15:78:fd:e1:
cd:d5:e3:67:98:eb:63:75:5b:ce:de:77:d6:c5:4a:
29:5d:38:03:e2:21:66:5b:67:58:9b:58:32:7b:2d:
00:b2:fe:0e:9d:0b:53:2b:1c:ce:0b:ff:ea:6a:c4:
9f:87:33:42:1d:39:7c:6c:29:06:ce:37:03:5d:79:
3f:c4:8a:6d:3f:b1:7f:53:05:9f:1d:e2:44:4a:3d:
c0:1a:8b:4f:44:1b:58:a9:c4:79:30:9b:87:cb:ab:
aa:4e:f1:05:b1:39:9e:94:b6:3e:b4:6d:72:e7:e3:
0c:51:ae:0a:6f:0c:59:1a:9a:b7:90:8d:60:5c:86:
04:86:f1:ce:60:86:e6:77:9a:b4:0e:f8:39:ba:3e:
47:f2:fe:df:b1:b6:53:05:87:a5:71:df:e6:01:fe:
43:3b:eb:1c:33:82:77:d5:48:12:1f:e2:a1:63:37:
7a:85:09:0b:72:d7:9e:f1:09:75:70:76:b4:82:c6:
0b:c5:56:16:33:71:d0:f1:fb:6a:da:3e:91:0e:f9:
16:17:5a:1a:96:8d:0a:41:d7:a3:f8:8c:3b:e5:e9:
ae:90:63:77:35:20:0a:88:77:7a:37:4e:4d:bb:81:
83:11:96:96:0d:cf:20:d9:1f:f1:a7:b6:e0:e7:d1:
b2:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:9B:CC:9A:E9:78:6A:58:12:79:91:DC:82:03:F3:77:B8:1A:1B:39
X509v3 Authority Key Identifier:
keyid:E8:E7:27:11:36:B2:1A:15:8A:EF:40:9D:30:E2:C6:00:1D:5B:0D:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6OcnETayGhWK70CdMOLGAB1bDak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/cbf425-b958-4e49-9c96-8356d2d42771/1/6OcnETayGhWK70CdMOLGAB1bDak.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/cbf425-b958-4e49-9c96-8356d2d42771/1/6OcnETayGhWK70CdMOLGAB1bDak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8d:3b:b3:4a:5d:63:f1:6a:f1:5d:9d:93:92:12:92:69:92:07:
3c:fc:e8:f7:f7:b6:eb:7e:d0:d2:86:11:4d:d2:ff:70:a2:9b:
b2:58:2d:c8:ba:0e:58:91:63:81:a6:36:e4:e0:bb:3f:08:ac:
28:b5:e5:80:87:2c:09:7b:1a:3e:d6:80:24:4b:5e:90:d0:e0:
9a:bb:58:3c:e6:64:6d:4c:37:56:f7:44:9b:ec:aa:6d:fa:99:
42:0c:49:e4:d0:16:67:0d:b2:1f:e1:55:0e:0d:04:27:70:1e:
09:10:56:3c:2c:81:0e:83:74:9d:7c:00:ae:c3:2f:11:5b:f2:
09:17:e8:9a:99:35:11:e6:42:94:47:95:e6:b8:94:ac:13:b1:
5c:ef:17:5a:86:73:95:a3:ef:e6:9c:58:39:bf:4a:6b:03:ae:
2d:50:4c:d9:eb:90:2f:73:92:d9:b9:72:00:ef:11:32:f5:3c:
09:d4:49:7e:54:d9:ca:d1:c5:90:f6:97:08:e5:5b:86:fe:56:
86:2b:f9:19:02:a4:75:55:59:b1:0a:53:20:39:c4:06:3a:33:
56:b0:07:fa:c8:e8:85:0e:58:7f:3d:34:bb:d9:75:e0:52:6f:
2b:49:7d:73:34:68:f5:17:ac:9a:a2:6d:75:dc:e3:a8:e8:42:
12:cf:3c:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJnxfFQjujs6Pm7+u0/aL6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4ZTcyNzExMzZiMjFhMTU4YWVmNDA5ZDMwZTJjNjAwMWQ1
YjBkYTkwHhcNMjUwNjA3MDkwMDUyWhcNMjUwNjA4MDkwMDUyWjAzMTEwLwYDVQQD
Eyg4ODliY2M5YWU5Nzg2YTU4MTI3OTkxZGM4MjAzZjM3N2I4MWExYjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2WDj6+pXGy+EhV4/eHN1eNnmOtj
dVvO3nfWxUopXTgD4iFmW2dYm1gyey0Asv4OnQtTKxzOC//qasSfhzNCHTl8bCkG
zjcDXXk/xIptP7F/UwWfHeJESj3AGotPRBtYqcR5MJuHy6uqTvEFsTmelLY+tG1y
5+MMUa4KbwxZGpq3kI1gXIYEhvHOYIbmd5q0Dvg5uj5H8v7fsbZTBYelcd/mAf5D
O+scM4J31UgSH+KhYzd6hQkLctee8Ql1cHa0gsYLxVYWM3HQ8ftq2j6RDvkWF1oa
lo0KQdej+Iw75emukGN3NSAKiHd6N05Nu4GDEZaWDc8g2R/xp7bg59GyowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIibzJrpeGpYEnmR3IID83e4Ghs5MB8GA1UdIwQY
MBaAFOjnJxE2shoViu9AnTDixgAdWw2pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNk9jbkVUYXlHaFdLNzBDZE1PTEdBQjFiRGFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9jYmY0MjUtYjk1OC00ZTQ5LTljOTYt
ODM1NmQyZDQyNzcxLzEvNk9jbkVUYXlHaFdLNzBDZE1PTEdBQjFiRGFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9jYmY0MjUtYjk1OC00ZTQ5LTljOTYtODM1NmQyZDQyNzcx
LzEvNk9jbkVUYXlHaFdLNzBDZE1PTEdBQjFiRGFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjTuzSl1j
8WrxXZ2TkhKSaZIHPPzo9/e2637Q0oYRTdL/cKKbslgtyLoOWJFjgaY25OC7Pwis
KLXlgIcsCXsaPtaAJEtekNDgmrtYPOZkbUw3VvdEm+yqbfqZQgxJ5NAWZw2yH+FV
Dg0EJ3AeCRBWPCyBDoN0nXwArsMvEVvyCRfompk1EeZClEeV5riUrBOxXO8XWoZz
laPv5pxYOb9KawOuLVBM2euQL3OS2blyAO8RMvU8CdRJflTZytHFkPaXCOVbhv5W
hiv5GQKkdVVZsQpTIDnEBjozVrAH+sjohQ5Yfz00u9l14FJvK0l9czRo9ResmqJt
ddzjqOhCEs88aA==
-----END CERTIFICATE-----
Generated at Sat Jun 7 16:18:43 2025 by rpki-client