Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.mft
File: ihZhi3H_yA4cP0HtDfyJq16WP9I.mft (raw, json)
Hash identifier: SdNDOwl2xhb8+DPtJ96TqDqgm9I5cV8Hg/3HoZCskrI=
Subject key identifier: AA:43:58:66:F4:92:F1:D9:33:58:25:AB:20:15:5B:39:15:0A:D5:62
Authority key identifier: 8A:16:61:8B:71:FF:C8:0E:1C:3F:41:ED:0D:FC:89:AB:5E:96:3F:D2
Certificate issuer: /CN=8a16618b71ffc80e1c3f41ed0dfc89ab5e963fd2
Certificate serial: 019762B9F6F3E26609C5D91C9677A09DB34C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ihZhi3H_yA4cP0HtDfyJq16WP9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.mft
Manifest number: 1590
Signing time: Thu 12 Jun 2025 06:00:43 +0000
Manifest this update: Thu 12 Jun 2025 06:00:43 +0000
Manifest next update: Fri 13 Jun 2025 06:00:43 +0000
Files and hashes: 1: ExfUqNEW3Lyq9Nl7Jq22WcfJ1rw.roa (hash: 6SjZfPEMGV4QZNr6XzSlmm+VNkfjjPfYSSMSKKIpL5E=)
2: ihZhi3H_yA4cP0HtDfyJq16WP9I.crl (hash: Nm/XtzkA3dsda2IJOUdYkXk1iczAZwe1NbAJv4vV6Cg=)
3: vuckuXbmedLIJWITtJ1gJzQY8X0.roa (hash: BujWwxtiu31OcVkERDwp6qXjCF/qZpedTzNgbY+R4ug=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.mft
rsync://rpki.ripe.net/repository/DEFAULT/ihZhi3H_yA4cP0HtDfyJq16WP9I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Jun 2025 06:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:62:b9:f6:f3:e2:66:09:c5:d9:1c:96:77:a0:9d:b3:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a16618b71ffc80e1c3f41ed0dfc89ab5e963fd2
Validity
Not Before: Jun 12 06:00:43 2025 GMT
Not After : Jun 13 06:00:43 2025 GMT
Subject: CN=aa435866f492f1d9335825ab20155b39150ad562
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:bf:f0:a7:bb:7f:a2:27:b1:4b:1e:b3:f5:32:
a8:89:14:6a:10:58:69:bc:14:28:ac:13:9e:ca:ef:
63:8c:e6:1e:dd:c1:21:11:08:ee:e3:44:c6:85:cc:
7a:e9:7c:1e:a3:61:8f:7d:c7:fb:d9:d3:09:0e:bb:
66:e1:b7:6f:27:a0:79:ed:51:8b:88:6a:51:fc:5c:
75:ae:08:f1:2a:9d:dc:8b:6b:bc:64:ec:63:cc:93:
f0:7e:a0:8d:95:67:2f:3d:b8:47:dd:6d:b0:2e:08:
df:e2:78:68:03:b7:99:6b:f2:b9:3d:6b:60:87:12:
b4:cc:95:bc:f4:bd:7d:52:63:b9:84:c7:ab:e2:44:
c6:34:4b:4b:06:08:2e:6a:2d:55:0b:bc:c5:b9:ba:
d1:80:50:10:8b:9b:b3:41:e3:ac:6a:bc:85:55:f7:
62:68:0e:1e:7d:32:d4:18:f3:af:95:d5:60:d8:eb:
0d:f7:f0:64:90:a4:4f:dd:33:81:41:b8:51:e9:d7:
b0:e0:ed:da:2b:2f:ca:48:b1:77:3d:26:85:04:14:
99:60:32:49:6a:f6:f0:b3:8b:26:b0:aa:4f:05:cb:
46:c6:92:89:45:6a:60:28:9d:1e:3f:17:fd:a1:b7:
75:2b:61:e1:24:c0:97:40:e2:df:33:32:a7:49:97:
20:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:43:58:66:F4:92:F1:D9:33:58:25:AB:20:15:5B:39:15:0A:D5:62
X509v3 Authority Key Identifier:
keyid:8A:16:61:8B:71:FF:C8:0E:1C:3F:41:ED:0D:FC:89:AB:5E:96:3F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ihZhi3H_yA4cP0HtDfyJq16WP9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1d:ce:0f:d9:66:d3:07:bb:2f:08:9d:ad:96:81:7f:da:22:ee:
88:81:77:0c:b2:ee:37:85:de:c8:3c:93:2c:db:5d:17:f3:30:
e9:f0:61:cf:08:e0:4d:59:46:8d:24:53:9d:03:19:38:df:64:
6a:f0:4b:32:dd:c9:35:24:50:3a:97:f3:a3:11:0f:46:fe:52:
5a:38:9c:27:3b:d5:fa:fc:43:5f:69:da:7e:d0:0a:fe:3c:aa:
13:b3:8c:21:d6:4d:dc:cc:8f:87:43:65:5a:06:6b:8a:81:2a:
d1:dc:c3:f3:78:fb:58:00:e1:c4:85:52:04:f6:24:28:1c:d7:
5a:eb:ef:96:94:84:96:ac:30:65:ea:95:df:20:41:27:c7:55:
b1:1b:ec:08:1c:3d:b9:a4:5d:94:ad:4a:f0:b0:dc:50:fa:b3:
21:25:c4:d6:d4:15:10:21:40:6f:4b:bc:a7:cf:ad:3b:ed:ca:
8f:b0:34:df:41:70:90:59:c5:cf:98:e3:82:fb:d2:e3:23:fc:
1f:e4:92:f1:fa:c6:43:1f:cc:4c:f5:d1:5d:55:c4:4a:3e:30:
a4:d5:8f:d5:b1:8d:7f:2c:22:a7:b1:89:5c:37:89:e2:48:3a:
00:91:c7:9a:1c:45:d9:5c:7f:ca:c9:27:28:46:49:14:66:42:
c6:a5:88:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdiufbz4mYJxdkclnegnbNMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMTY2MThiNzFmZmM4MGUxYzNmNDFlZDBkZmM4OWFiNWU5
NjNmZDIwHhcNMjUwNjEyMDYwMDQzWhcNMjUwNjEzMDYwMDQzWjAzMTEwLwYDVQQD
EyhhYTQzNTg2NmY0OTJmMWQ5MzM1ODI1YWIyMDE1NWIzOTE1MGFkNTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlL/wp7t/oiexSx6z9TKoiRRqEFhp
vBQorBOeyu9jjOYe3cEhEQju40TGhcx66Xweo2GPfcf72dMJDrtm4bdvJ6B57VGL
iGpR/Fx1rgjxKp3ci2u8ZOxjzJPwfqCNlWcvPbhH3W2wLgjf4nhoA7eZa/K5PWtg
hxK0zJW89L19UmO5hMer4kTGNEtLBgguai1VC7zFubrRgFAQi5uzQeOsaryFVfdi
aA4efTLUGPOvldVg2OsN9/BkkKRP3TOBQbhR6dew4O3aKy/KSLF3PSaFBBSZYDJJ
avbws4smsKpPBctGxpKJRWpgKJ0ePxf9obd1K2HhJMCXQOLfMzKnSZcg8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKpDWGb0kvHZM1glqyAVWzkVCtViMB8GA1UdIwQY
MBaAFIoWYYtx/8gOHD9B7Q38iatelj/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWhaaGkzSF95QTRjUDBIdERmeUpxMTZXUDlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC81NWNmNzctNjM5NC00ODEyLTlmYjUt
MjkxYWFlZGQ1OGNjLzEvaWhaaGkzSF95QTRjUDBIdERmeUpxMTZXUDlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC81NWNmNzctNjM5NC00ODEyLTlmYjUtMjkxYWFlZGQ1OGNj
LzEvaWhaaGkzSF95QTRjUDBIdERmeUpxMTZXUDlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHc4P2WbT
B7svCJ2tloF/2iLuiIF3DLLuN4XeyDyTLNtdF/Mw6fBhzwjgTVlGjSRTnQMZON9k
avBLMt3JNSRQOpfzoxEPRv5SWjicJzvV+vxDX2naftAK/jyqE7OMIdZN3MyPh0Nl
WgZrioEq0dzD83j7WADhxIVSBPYkKBzXWuvvlpSElqwwZeqV3yBBJ8dVsRvsCBw9
uaRdlK1K8LDcUPqzISXE1tQVECFAb0u8p8+tO+3Kj7A030FwkFnFz5jjgvvS4yP8
H+SS8frGQx/MTPXRXVXESj4wpNWP1bGNfywip7GJXDeJ4kg6AJHHmhxF2Vx/yskn
KEZJFGZCxqWINA==
-----END CERTIFICATE-----
Generated at Thu Jun 12 15:23:39 2025 by rpki-client