Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft
File: MH3iES3L0Gv7x-h_O_8jcinS0XM.mft (raw, json)
Hash identifier: 92/MpOvRYv83UytjQi7lgrcS7Pg3Ho6En2YeJlk6bO4=
Subject key identifier: B7:DE:5E:7E:CC:90:04:88:8F:65:55:88:16:FB:AB:7B:95:2B:DF:9C
Authority key identifier: 30:7D:E2:11:2D:CB:D0:6B:FB:C7:E8:7F:3B:FF:23:72:29:D2:D1:73
Certificate issuer: /CN=307de2112dcbd06bfbc7e87f3bff237229d2d173
Certificate serial: 019747B0BD8EDD6115ACB199FF365499F0C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH3iES3L0Gv7x-h_O_8jcinS0XM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft
Manifest number: AF
Signing time: Sat 07 Jun 2025 00:00:54 +0000
Manifest this update: Sat 07 Jun 2025 00:00:54 +0000
Manifest next update: Sun 08 Jun 2025 00:00:54 +0000
Files and hashes: 1: MH3iES3L0Gv7x-h_O_8jcinS0XM.crl (hash: SqyOrk/YetwYhqJO8BNw0pjxThhuKs6wNxPGF35TYN4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft
rsync://rpki.ripe.net/repository/DEFAULT/MH3iES3L0Gv7x-h_O_8jcinS0XM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 22:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:47:b0:bd:8e:dd:61:15:ac:b1:99:ff:36:54:99:f0:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307de2112dcbd06bfbc7e87f3bff237229d2d173
Validity
Not Before: Jun 7 00:00:54 2025 GMT
Not After : Jun 8 00:00:54 2025 GMT
Subject: CN=b7de5e7ecc9004888f65558816fbab7b952bdf9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:6f:d5:07:06:23:1d:c2:1c:63:76:5d:b5:02:
78:5f:97:e5:ed:3e:75:ce:45:71:e4:2d:8d:cd:b2:
b0:17:49:e5:15:f0:c4:be:43:94:01:0d:98:76:3f:
bd:d6:19:df:fb:61:cb:65:90:92:cb:18:ff:c8:e7:
66:0d:ce:63:e1:f3:39:63:06:84:98:42:6e:b3:0e:
a5:27:60:6f:83:16:67:99:73:5a:ae:c6:6c:7e:04:
39:7f:c4:bc:f7:bb:ed:75:96:d3:11:8c:30:c2:d0:
b7:e3:22:2e:a0:41:59:c6:03:70:08:11:79:00:aa:
07:80:f0:95:4b:74:7f:05:64:1e:50:90:3c:e3:ed:
61:3a:a4:bf:cb:1f:db:cf:b0:e9:21:4a:da:aa:ec:
5e:6b:9f:b5:93:d2:0f:e1:2e:5c:8f:75:b2:3a:88:
6d:74:6d:61:16:27:8a:64:6b:63:18:3e:26:35:38:
6a:5f:1d:01:54:ba:f7:c1:2d:70:95:f5:16:f4:c1:
b3:6d:e5:8e:f6:65:2d:c6:2e:0f:63:56:b9:66:30:
90:6f:ac:40:3e:d5:32:8c:32:78:da:de:66:3f:95:
1e:f5:b6:b0:f6:e2:ce:30:a2:99:9e:74:87:10:b0:
eb:97:e4:d5:0c:c4:88:2a:a4:7d:14:77:fc:17:9d:
55:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:DE:5E:7E:CC:90:04:88:8F:65:55:88:16:FB:AB:7B:95:2B:DF:9C
X509v3 Authority Key Identifier:
keyid:30:7D:E2:11:2D:CB:D0:6B:FB:C7:E8:7F:3B:FF:23:72:29:D2:D1:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH3iES3L0Gv7x-h_O_8jcinS0XM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:c5:9a:c1:ab:62:76:7e:e1:a1:7a:55:5b:72:ef:81:75:ff:
cc:d7:4f:76:eb:c8:45:2a:b6:a7:8d:4d:ac:73:91:c9:b2:c3:
56:a7:90:d8:63:60:f8:03:9a:2c:23:44:4f:61:c7:fd:7e:1e:
af:75:0a:47:5d:4f:57:81:f6:a1:a7:a4:f0:f1:8d:c7:28:db:
7a:e2:2d:e4:3d:88:2f:26:e7:a3:a2:8b:41:ca:e6:09:4a:43:
74:36:4f:74:2f:66:11:6e:ea:7c:6c:4d:30:92:d6:23:60:f7:
1a:2b:54:54:ef:d8:b7:67:3f:0e:03:2c:62:4f:26:ab:cf:86:
14:b0:3f:88:50:38:7f:32:9d:97:7d:1e:cb:ef:86:4b:85:d8:
8f:f8:97:35:7b:be:82:f6:6a:74:7f:02:19:04:04:25:1f:be:
c4:fd:48:64:95:1e:86:39:a2:a8:aa:5e:c4:20:84:ee:91:1f:
f1:84:b3:26:b3:d3:d7:43:e8:6d:3f:66:91:ef:1f:98:87:a4:
77:5f:86:7d:9c:f2:df:52:1f:9c:1c:69:d8:56:41:af:47:bc:
f4:ca:ed:85:18:e3:27:1c:ff:a0:6d:0c:d9:e9:dd:90:4c:d4:
f0:12:4b:bd:5a:ac:8f:5b:c8:e1:45:c5:ac:36:54:47:a7:72:
5f:85:3e:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHsL2O3WEVrLGZ/zZUmfDAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2RlMjExMmRjYmQwNmJmYmM3ZTg3ZjNiZmYyMzcyMjlk
MmQxNzMwHhcNMjUwNjA3MDAwMDU0WhcNMjUwNjA4MDAwMDU0WjAzMTEwLwYDVQQD
EyhiN2RlNWU3ZWNjOTAwNDg4OGY2NTU1ODgxNmZiYWI3Yjk1MmJkZjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxG/VBwYjHcIcY3ZdtQJ4X5fl7T51
zkVx5C2NzbKwF0nlFfDEvkOUAQ2Ydj+91hnf+2HLZZCSyxj/yOdmDc5j4fM5YwaE
mEJusw6lJ2BvgxZnmXNarsZsfgQ5f8S897vtdZbTEYwwwtC34yIuoEFZxgNwCBF5
AKoHgPCVS3R/BWQeUJA84+1hOqS/yx/bz7DpIUraquxea5+1k9IP4S5cj3WyOoht
dG1hFieKZGtjGD4mNThqXx0BVLr3wS1wlfUW9MGzbeWO9mUtxi4PY1a5ZjCQb6xA
PtUyjDJ42t5mP5Ue9baw9uLOMKKZnnSHELDrl+TVDMSIKqR9FHf8F51VuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLfeXn7MkASIj2VViBb7q3uVK9+cMB8GA1UdIwQY
MBaAFDB94hEty9Br+8fofzv/I3Ip0tFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUgzaUVTM0wwR3Y3eC1oX09fOGpjaW5TMFhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9hZWM4NzctNTlkNS00MmY5LTk2N2Ut
MjczMjE1MWI4ZTg2LzEvTUgzaUVTM0wwR3Y3eC1oX09fOGpjaW5TMFhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9hZWM4NzctNTlkNS00MmY5LTk2N2UtMjczMjE1MWI4ZTg2
LzEvTUgzaUVTM0wwR3Y3eC1oX09fOGpjaW5TMFhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApMWawati
dn7hoXpVW3LvgXX/zNdPduvIRSq2p41NrHORybLDVqeQ2GNg+AOaLCNET2HH/X4e
r3UKR11PV4H2oaek8PGNxyjbeuIt5D2ILybno6KLQcrmCUpDdDZPdC9mEW7qfGxN
MJLWI2D3GitUVO/Yt2c/DgMsYk8mq8+GFLA/iFA4fzKdl30ey++GS4XYj/iXNXu+
gvZqdH8CGQQEJR++xP1IZJUehjmiqKpexCCE7pEf8YSzJrPT10PobT9mke8fmIek
d1+GfZzy31IfnBxp2FZBr0e89MrthRjjJxz/oG0M2endkEzU8BJLvVqsj1vI4UXF
rDZUR6dyX4U+Bg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 09:11:21 2025 by rpki-client