Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/2c3619-2c59-46d2-aaae-ef7453ad099f/1/lRZkUh1QOVkhL1WypZrsbSB7Cig.mft
File: lRZkUh1QOVkhL1WypZrsbSB7Cig.mft (raw, json)
Hash identifier: YHIEaIuZQCY9wpGBASpkNtMfT5SYzGfrT2g5COkLzQA=
Subject key identifier: F7:12:95:5B:E1:D9:55:0D:DC:FE:57:C9:DA:5A:7F:FE:1A:3D:6F:37
Authority key identifier: 95:16:64:52:1D:50:39:59:21:2F:55:B2:A5:9A:EC:6D:20:7B:0A:28
Certificate issuer: /CN=951664521d503959212f55b2a59aec6d207b0a28
Certificate serial: 019748F9FB901574839763DC03EF3BB67F61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lRZkUh1QOVkhL1WypZrsbSB7Cig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/2c3619-2c59-46d2-aaae-ef7453ad099f/1/lRZkUh1QOVkhL1WypZrsbSB7Cig.mft
Manifest number: 157A
Signing time: Sat 07 Jun 2025 06:00:31 +0000
Manifest this update: Sat 07 Jun 2025 06:00:31 +0000
Manifest next update: Sun 08 Jun 2025 06:00:31 +0000
Files and hashes: 1: IPg6gK3cvCBZgriElu-X9QULHhI.roa (hash: KfBBSFaoabvdCiHx1hEd3tUcsuSp0LUQmRosJtF9Y6s=)
2: lRZkUh1QOVkhL1WypZrsbSB7Cig.crl (hash: gQyqeNIJDhDTaDYqRfMCSTt2fOr62FwwsGtpon3oLbI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/2c3619-2c59-46d2-aaae-ef7453ad099f/1/lRZkUh1QOVkhL1WypZrsbSB7Cig.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/2c3619-2c59-46d2-aaae-ef7453ad099f/1/lRZkUh1QOVkhL1WypZrsbSB7Cig.mft
rsync://rpki.ripe.net/repository/DEFAULT/lRZkUh1QOVkhL1WypZrsbSB7Cig.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 22:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:48:f9:fb:90:15:74:83:97:63:dc:03:ef:3b:b6:7f:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=951664521d503959212f55b2a59aec6d207b0a28
Validity
Not Before: Jun 7 06:00:31 2025 GMT
Not After : Jun 8 06:00:31 2025 GMT
Subject: CN=f712955be1d9550ddcfe57c9da5a7ffe1a3d6f37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:34:48:f3:fe:ca:48:ca:69:9b:41:b6:01:af:
86:8a:2b:b0:24:2a:da:a6:ac:ae:a0:d2:eb:08:be:
6a:fd:a2:09:c5:60:cd:8b:62:f6:4d:68:79:7d:b3:
48:9f:ce:74:8a:89:ec:12:e5:78:d5:b8:3f:91:eb:
1f:e8:32:58:16:fd:3c:44:c2:29:f3:33:8e:91:ae:
83:84:b5:e5:8b:ee:a1:f6:43:8d:78:0b:27:c8:19:
a4:8d:68:0a:8f:4f:d9:a7:1b:e3:24:cd:94:ee:9f:
83:86:9c:75:5e:9a:4f:02:6b:21:38:c0:df:26:bc:
74:23:0c:0a:a0:90:07:75:53:61:ad:b7:7c:e7:0f:
86:b2:a5:83:87:12:65:e0:11:1b:26:eb:35:44:12:
26:2c:e3:a2:4f:79:57:31:cb:e0:01:e4:d2:61:3e:
3c:2b:55:3c:05:bd:1b:81:45:eb:79:a3:24:5e:80:
e7:6b:ca:0e:9b:79:f5:be:ef:14:45:bf:b1:fe:a1:
1d:1e:87:b6:41:08:68:e2:79:d2:89:a1:93:a5:c1:
88:02:49:4d:1e:de:61:a7:e1:18:36:46:d5:c6:49:
0b:9b:df:19:e0:3d:05:62:cf:79:79:3d:13:d9:8c:
0b:ba:3d:dd:6a:e3:34:7e:8b:39:46:43:5e:e3:8a:
09:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:12:95:5B:E1:D9:55:0D:DC:FE:57:C9:DA:5A:7F:FE:1A:3D:6F:37
X509v3 Authority Key Identifier:
keyid:95:16:64:52:1D:50:39:59:21:2F:55:B2:A5:9A:EC:6D:20:7B:0A:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lRZkUh1QOVkhL1WypZrsbSB7Cig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/2c3619-2c59-46d2-aaae-ef7453ad099f/1/lRZkUh1QOVkhL1WypZrsbSB7Cig.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/2c3619-2c59-46d2-aaae-ef7453ad099f/1/lRZkUh1QOVkhL1WypZrsbSB7Cig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a5:57:db:2b:d0:ce:35:f3:1f:a7:9b:95:4c:87:08:d5:5f:4b:
36:28:ae:7e:30:04:2f:5e:6c:ec:d8:c0:db:1f:51:91:a4:ee:
5b:f0:5e:9e:00:69:1f:f4:9d:5f:c0:18:cf:bb:80:78:5c:19:
3b:ce:e0:e6:25:0a:73:63:91:20:ed:28:e7:ff:03:c9:62:88:
0c:18:26:1d:88:d9:78:75:ba:a4:38:54:d7:8d:1a:40:df:81:
89:f5:4d:ae:7c:3e:5f:74:a1:01:7d:26:74:5b:76:a4:8c:9e:
08:68:86:3a:4d:7e:40:a4:6f:14:90:55:16:79:3a:04:f1:0c:
ec:f6:88:50:46:6c:9e:c1:5b:84:17:44:49:de:07:f9:cc:6f:
10:e6:b5:3d:be:38:07:df:99:7e:d7:7e:fc:16:c6:f9:a7:05:
65:2d:a3:ef:48:c0:7c:03:f3:c0:70:0c:46:cd:e8:10:74:5d:
41:a0:9a:d4:41:fa:7c:5b:fa:c6:37:bc:b4:14:e9:d8:7e:44:
f2:60:d2:f0:83:01:af:a9:5a:c0:13:ef:d8:65:72:47:8a:f0:
16:13:de:fa:6c:d0:0e:0f:54:ec:2f:10:ac:ad:93:f3:18:a9:
49:e4:30:17:4a:c8:a0:55:e3:cf:31:8f:87:47:b4:f4:09:e4:
2d:72:bb:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdI+fuQFXSDl2PcA+87tn9hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MTY2NDUyMWQ1MDM5NTkyMTJmNTViMmE1OWFlYzZkMjA3
YjBhMjgwHhcNMjUwNjA3MDYwMDMxWhcNMjUwNjA4MDYwMDMxWjAzMTEwLwYDVQQD
EyhmNzEyOTU1YmUxZDk1NTBkZGNmZTU3YzlkYTVhN2ZmZTFhM2Q2ZjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszRI8/7KSMppm0G2Aa+GiiuwJCra
pqyuoNLrCL5q/aIJxWDNi2L2TWh5fbNIn850ionsEuV41bg/kesf6DJYFv08RMIp
8zOOka6DhLXli+6h9kONeAsnyBmkjWgKj0/ZpxvjJM2U7p+Dhpx1XppPAmshOMDf
Jrx0IwwKoJAHdVNhrbd85w+GsqWDhxJl4BEbJus1RBImLOOiT3lXMcvgAeTSYT48
K1U8Bb0bgUXreaMkXoDna8oOm3n1vu8URb+x/qEdHoe2QQho4nnSiaGTpcGIAklN
Ht5hp+EYNkbVxkkLm98Z4D0FYs95eT0T2YwLuj3dauM0fos5RkNe44oJ3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPcSlVvh2VUN3P5Xydpaf/4aPW83MB8GA1UdIwQY
MBaAFJUWZFIdUDlZIS9VsqWa7G0gewooMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFJaa1VoMVFPVmtoTDFXeXBacnNiU0I3Q2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8yYzM2MTktMmM1OS00NmQyLWFhYWUt
ZWY3NDUzYWQwOTlmLzEvbFJaa1VoMVFPVmtoTDFXeXBacnNiU0I3Q2lnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8yYzM2MTktMmM1OS00NmQyLWFhYWUtZWY3NDUzYWQwOTlm
LzEvbFJaa1VoMVFPVmtoTDFXeXBacnNiU0I3Q2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApVfbK9DO
NfMfp5uVTIcI1V9LNiiufjAEL15s7NjA2x9RkaTuW/BengBpH/SdX8AYz7uAeFwZ
O87g5iUKc2ORIO0o5/8DyWKIDBgmHYjZeHW6pDhU140aQN+BifVNrnw+X3ShAX0m
dFt2pIyeCGiGOk1+QKRvFJBVFnk6BPEM7PaIUEZsnsFbhBdESd4H+cxvEOa1Pb44
B9+Zftd+/BbG+acFZS2j70jAfAPzwHAMRs3oEHRdQaCa1EH6fFv6xje8tBTp2H5E
8mDS8IMBr6lawBPv2GVyR4rwFhPe+mzQDg9U7C8QrK2T8xipSeQwF0rIoFXjzzGP
h0e09AnkLXK73g==
-----END CERTIFICATE-----
Generated at Sat Jun 7 08:00:24 2025 by rpki-client