Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.mft
File: ihZhi3H_yA4cP0HtDfyJq16WP9I.mft (raw, json)
Hash identifier: kyc2yvT0tx8+smrywB+ZQbDOehDXQ06JzRTj/JOSK8g=
Subject key identifier: FD:92:25:5E:CF:17:AB:F2:28:A7:ED:B8:F8:2C:48:93:5B:AE:44:CA
Authority key identifier: 8A:16:61:8B:71:FF:C8:0E:1C:3F:41:ED:0D:FC:89:AB:5E:96:3F:D2
Certificate issuer: /CN=8a16618b71ffc80e1c3f41ed0dfc89ab5e963fd2
Certificate serial: 019760CB5B26CB2ABD5038E61B1A8ABD725F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ihZhi3H_yA4cP0HtDfyJq16WP9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.mft
Manifest number: 158F
Signing time: Wed 11 Jun 2025 21:00:29 +0000
Manifest this update: Wed 11 Jun 2025 21:00:29 +0000
Manifest next update: Thu 12 Jun 2025 21:00:29 +0000
Files and hashes: 1: ExfUqNEW3Lyq9Nl7Jq22WcfJ1rw.roa (hash: 6SjZfPEMGV4QZNr6XzSlmm+VNkfjjPfYSSMSKKIpL5E=)
2: ihZhi3H_yA4cP0HtDfyJq16WP9I.crl (hash: z3NZBHUgdRIwydJFdAyzJJm6DFiU7R0YVOlNuRIR7VE=)
3: vuckuXbmedLIJWITtJ1gJzQY8X0.roa (hash: BujWwxtiu31OcVkERDwp6qXjCF/qZpedTzNgbY+R4ug=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.mft
rsync://rpki.ripe.net/repository/DEFAULT/ihZhi3H_yA4cP0HtDfyJq16WP9I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 12 Jun 2025 21:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:60:cb:5b:26:cb:2a:bd:50:38:e6:1b:1a:8a:bd:72:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a16618b71ffc80e1c3f41ed0dfc89ab5e963fd2
Validity
Not Before: Jun 11 21:00:29 2025 GMT
Not After : Jun 12 21:00:29 2025 GMT
Subject: CN=fd92255ecf17abf228a7edb8f82c48935bae44ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a2:c8:95:2e:26:ee:d7:98:13:13:95:2d:02:
2b:e6:e5:e5:3a:0b:50:64:d5:34:58:78:70:00:a3:
85:88:38:1f:a4:35:00:96:2d:46:23:10:37:5f:c5:
8b:af:c0:39:f5:09:d8:4d:d1:9c:2a:b1:0a:fe:3c:
39:3b:a0:2b:e2:a1:5c:c4:3e:58:ea:a3:8f:6e:82:
ff:3a:f5:32:79:98:ee:72:19:6a:a9:d7:13:0e:02:
8f:33:6d:9e:21:8a:1d:73:da:e5:ba:e5:88:b1:06:
b8:0d:1f:f6:f8:0a:8a:8b:d3:ad:03:d3:de:a8:ae:
4a:c0:ee:b6:b1:ba:60:97:7d:60:ec:12:ba:02:b8:
78:3c:71:83:48:a9:76:ab:2e:66:19:44:91:a0:ff:
32:be:99:8c:de:81:6e:f0:77:83:00:b7:b1:a2:a0:
5d:1c:e5:5b:69:96:b3:f5:b8:bb:0e:06:95:7e:31:
3f:72:cd:16:2c:3f:e1:81:e8:6b:e0:b8:b9:ba:45:
f1:73:24:59:08:da:7a:94:f3:6f:55:9b:36:5a:93:
f0:11:29:ae:19:3b:47:14:20:fa:a8:12:34:bf:43:
d4:a7:51:bd:6e:36:62:6a:88:fd:37:42:91:0b:49:
31:1a:6e:02:99:11:a4:42:96:fa:49:b1:3b:a2:20:
b1:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:92:25:5E:CF:17:AB:F2:28:A7:ED:B8:F8:2C:48:93:5B:AE:44:CA
X509v3 Authority Key Identifier:
keyid:8A:16:61:8B:71:FF:C8:0E:1C:3F:41:ED:0D:FC:89:AB:5E:96:3F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ihZhi3H_yA4cP0HtDfyJq16WP9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8a:49:c3:eb:9e:9c:f0:a1:6b:c9:3d:ed:e7:39:b9:62:04:ab:
58:11:37:fa:dd:ac:01:d9:9c:b0:7d:84:ee:b5:ec:57:cc:73:
07:c4:e0:31:a7:4c:37:b0:ee:8e:97:57:ba:90:4e:37:df:4c:
b3:c2:00:3b:22:a7:eb:7b:a3:21:b3:72:56:9d:81:30:40:13:
1d:a5:3e:a8:1c:c3:9c:07:3f:a1:6a:e8:95:a0:a7:85:bd:33:
01:00:4a:03:25:09:56:f7:28:a7:d5:64:19:b8:2d:5f:15:7b:
76:2d:4c:44:4d:68:c7:b0:53:d2:ff:63:be:99:d2:d1:54:25:
00:f0:ce:83:23:22:33:8b:76:b9:8d:fd:d9:b1:48:04:5e:ac:
09:18:2e:5f:70:d5:a3:27:bb:f9:42:db:1e:38:d0:b1:6b:1d:
5c:f2:15:fb:79:35:7d:7e:d0:85:ab:8c:08:0d:62:78:3e:2a:
57:36:b5:ff:3b:fa:1d:d9:b4:67:aa:81:c8:94:18:31:cf:dd:
80:45:35:e6:e3:fb:14:0f:73:ec:73:90:d4:81:81:64:8c:15:
fa:c4:05:68:ea:6f:22:e5:26:89:db:20:66:b8:aa:ab:68:2a:
96:cf:64:cc:b2:ea:65:62:44:79:f4:c7:6a:80:ea:5e:52:9f:
87:ba:b3:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdgy1smyyq9UDjmGxqKvXJfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMTY2MThiNzFmZmM4MGUxYzNmNDFlZDBkZmM4OWFiNWU5
NjNmZDIwHhcNMjUwNjExMjEwMDI5WhcNMjUwNjEyMjEwMDI5WjAzMTEwLwYDVQQD
EyhmZDkyMjU1ZWNmMTdhYmYyMjhhN2VkYjhmODJjNDg5MzViYWU0NGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaLIlS4m7teYExOVLQIr5uXlOgtQ
ZNU0WHhwAKOFiDgfpDUAli1GIxA3X8WLr8A59QnYTdGcKrEK/jw5O6Ar4qFcxD5Y
6qOPboL/OvUyeZjuchlqqdcTDgKPM22eIYodc9rluuWIsQa4DR/2+AqKi9OtA9Pe
qK5KwO62sbpgl31g7BK6Arh4PHGDSKl2qy5mGUSRoP8yvpmM3oFu8HeDALexoqBd
HOVbaZaz9bi7DgaVfjE/cs0WLD/hgehr4Li5ukXxcyRZCNp6lPNvVZs2WpPwESmu
GTtHFCD6qBI0v0PUp1G9bjZiaoj9N0KRC0kxGm4CmRGkQpb6SbE7oiCxMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP2SJV7PF6vyKKftuPgsSJNbrkTKMB8GA1UdIwQY
MBaAFIoWYYtx/8gOHD9B7Q38iatelj/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWhaaGkzSF95QTRjUDBIdERmeUpxMTZXUDlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC81NWNmNzctNjM5NC00ODEyLTlmYjUt
MjkxYWFlZGQ1OGNjLzEvaWhaaGkzSF95QTRjUDBIdERmeUpxMTZXUDlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC81NWNmNzctNjM5NC00ODEyLTlmYjUtMjkxYWFlZGQ1OGNj
LzEvaWhaaGkzSF95QTRjUDBIdERmeUpxMTZXUDlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiknD656c
8KFryT3t5zm5YgSrWBE3+t2sAdmcsH2E7rXsV8xzB8TgMadMN7DujpdXupBON99M
s8IAOyKn63ujIbNyVp2BMEATHaU+qBzDnAc/oWrolaCnhb0zAQBKAyUJVvcop9Vk
GbgtXxV7di1MRE1ox7BT0v9jvpnS0VQlAPDOgyMiM4t2uY392bFIBF6sCRguX3DV
oye7+ULbHjjQsWsdXPIV+3k1fX7QhauMCA1ieD4qVza1/zv6Hdm0Z6qByJQYMc/d
gEU15uP7FA9z7HOQ1IGBZIwV+sQFaOpvIuUmidsgZriqq2gqls9kzLLqZWJEefTH
aoDqXlKfh7qzlQ==
-----END CERTIFICATE-----
Generated at Thu Jun 12 05:25:22 2025 by rpki-client