Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft
File: NgHDzOanHKshpLut8KuE3ePyurI.mft (raw, json)
Hash identifier: TwAV2lBh3DV4xfxCh3QoegU5CCatled1k/MRrwKgkoA=
Subject key identifier: 02:60:FF:51:D9:BF:AC:A9:72:79:CB:8D:4D:CF:E9:A8:51:A7:E1:17
Authority key identifier: 36:01:C3:CC:E6:A7:1C:AB:21:A4:BB:AD:F0:AB:84:DD:E3:F2:BA:B2
Certificate issuer: /CN=3601c3cce6a71cab21a4bbadf0ab84dde3f2bab2
Certificate serial: 0197488D3BFF5BA910B87D41ECA2B25650DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NgHDzOanHKshpLut8KuE3ePyurI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft
Manifest number: 157F
Signing time: Sat 07 Jun 2025 04:01:44 +0000
Manifest this update: Sat 07 Jun 2025 04:01:44 +0000
Manifest next update: Sun 08 Jun 2025 04:01:44 +0000
Files and hashes: 1: Mk7YYF4o9LB74wKwKgBbcKzvyH8.roa (hash: OCqXIpcMD6jOp7DHnSx2liWfa4cjdFDkG92oQWOUUNo=)
2: NgHDzOanHKshpLut8KuE3ePyurI.crl (hash: cO7RUasIM4opYw7b7Lzk3RIievk6eyFsxMmm7BlAAAw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NgHDzOanHKshpLut8KuE3ePyurI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 00:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:48:8d:3b:ff:5b:a9:10:b8:7d:41:ec:a2:b2:56:50:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3601c3cce6a71cab21a4bbadf0ab84dde3f2bab2
Validity
Not Before: Jun 7 04:01:44 2025 GMT
Not After : Jun 8 04:01:44 2025 GMT
Subject: CN=0260ff51d9bfaca97279cb8d4dcfe9a851a7e117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1f:7a:3e:97:07:23:0c:64:66:85:e8:0e:77:
59:40:dc:96:31:17:e6:a7:25:44:f4:09:df:bc:ec:
9c:0f:00:c9:2d:d9:33:27:51:00:79:a3:12:b8:bd:
2c:df:66:e2:ef:fb:17:44:2f:6a:f0:8e:07:a7:c4:
32:21:c0:79:4f:35:2c:38:8d:68:19:d6:3f:dc:74:
03:06:8c:e0:ce:4f:b2:7c:10:89:4c:50:43:b5:71:
e0:32:7b:d7:41:52:08:5c:80:0f:f3:e2:f3:12:dd:
75:62:4b:c7:98:19:f4:f3:e5:f7:f1:b5:e1:8b:31:
eb:c6:36:6a:90:86:fc:86:73:10:99:22:e3:cd:4a:
28:82:80:93:f6:01:01:fc:94:02:c2:83:27:11:99:
b6:10:0c:62:65:35:51:dd:9d:58:78:3b:13:80:2c:
bf:e7:9b:08:04:5d:f9:de:51:3b:a5:d4:f7:04:6f:
77:5f:ee:83:33:75:dc:41:72:a6:71:64:05:62:5a:
18:6d:f7:e6:a2:e9:37:78:c5:6e:34:be:b4:98:e6:
7b:32:23:c2:71:ef:21:74:c4:e8:47:e9:35:3e:9f:
5f:3f:ef:f9:46:c2:28:28:12:90:28:92:27:08:c7:
d8:26:a5:1e:a3:56:d2:45:49:41:04:99:65:6a:c8:
b4:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:60:FF:51:D9:BF:AC:A9:72:79:CB:8D:4D:CF:E9:A8:51:A7:E1:17
X509v3 Authority Key Identifier:
keyid:36:01:C3:CC:E6:A7:1C:AB:21:A4:BB:AD:F0:AB:84:DD:E3:F2:BA:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NgHDzOanHKshpLut8KuE3ePyurI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:dd:05:05:da:31:d2:a1:11:8f:4c:c7:94:37:b3:07:40:7c:
b3:a3:41:78:3a:02:fc:42:40:fe:9a:8a:d0:47:53:9a:45:38:
a9:f1:68:0e:8a:8d:f9:48:97:d1:e7:c8:8a:2f:49:7e:b9:4c:
14:c1:5f:22:23:37:75:91:45:40:28:21:de:1a:9b:2d:4f:30:
24:89:e7:05:13:89:45:e4:bf:97:22:77:cc:01:af:42:72:03:
d9:61:5c:bb:c7:38:d9:ec:36:b5:11:9f:3f:69:5f:ab:22:92:
6d:70:1f:a9:37:ce:ab:f1:61:ba:a7:ab:b4:9e:3c:14:de:7d:
d5:1d:fe:4d:1a:e2:99:7c:b4:65:9a:46:8a:6d:3f:78:a9:f2:
65:ba:10:63:a2:db:ed:b1:e8:56:9c:63:18:08:79:5f:88:57:
ac:df:b1:36:9c:71:88:7f:b2:70:ba:1d:20:f7:63:03:b3:2a:
ef:1d:ec:2f:6c:ac:de:de:fc:79:79:29:3d:cb:71:5e:c0:33:
58:18:09:5d:62:5a:66:f6:32:85:05:86:36:7a:12:24:68:bc:
30:1a:f9:a0:48:47:f3:98:64:c4:ee:53:57:ac:aa:46:e0:38:
5b:63:fb:35:aa:65:70:30:92:c3:44:3b:17:50:fd:07:4b:a6:
6c:6a:ba:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjTv/W6kQuH1B7KKyVlDdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MDFjM2NjZTZhNzFjYWIyMWE0YmJhZGYwYWI4NGRkZTNm
MmJhYjIwHhcNMjUwNjA3MDQwMTQ0WhcNMjUwNjA4MDQwMTQ0WjAzMTEwLwYDVQQD
EygwMjYwZmY1MWQ5YmZhY2E5NzI3OWNiOGQ0ZGNmZTlhODUxYTdlMTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApR96PpcHIwxkZoXoDndZQNyWMRfm
pyVE9AnfvOycDwDJLdkzJ1EAeaMSuL0s32bi7/sXRC9q8I4Hp8QyIcB5TzUsOI1o
GdY/3HQDBozgzk+yfBCJTFBDtXHgMnvXQVIIXIAP8+LzEt11YkvHmBn08+X38bXh
izHrxjZqkIb8hnMQmSLjzUoogoCT9gEB/JQCwoMnEZm2EAxiZTVR3Z1YeDsTgCy/
55sIBF353lE7pdT3BG93X+6DM3XcQXKmcWQFYloYbffmouk3eMVuNL60mOZ7MiPC
ce8hdMToR+k1Pp9fP+/5RsIoKBKQKJInCMfYJqUeo1bSRUlBBJllasi0hwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAJg/1HZv6ypcnnLjU3P6ahRp+EXMB8GA1UdIwQY
MBaAFDYBw8zmpxyrIaS7rfCrhN3j8rqyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmdIRHpPYW5IS3NocEx1dDhLdUUzZVB5dXJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8wZjBhMDEtMGNjNC00ZWZjLTlkZDUt
ODAxZWYzOGRlYTljLzEvTmdIRHpPYW5IS3NocEx1dDhLdUUzZVB5dXJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8wZjBhMDEtMGNjNC00ZWZjLTlkZDUtODAxZWYzOGRlYTlj
LzEvTmdIRHpPYW5IS3NocEx1dDhLdUUzZVB5dXJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG90FBdox
0qERj0zHlDezB0B8s6NBeDoC/EJA/pqK0EdTmkU4qfFoDoqN+UiX0efIii9JfrlM
FMFfIiM3dZFFQCgh3hqbLU8wJInnBROJReS/lyJ3zAGvQnID2WFcu8c42ew2tRGf
P2lfqyKSbXAfqTfOq/FhuqertJ48FN591R3+TRrimXy0ZZpGim0/eKnyZboQY6Lb
7bHoVpxjGAh5X4hXrN+xNpxxiH+ycLodIPdjA7Mq7x3sL2ys3t78eXkpPctxXsAz
WBgJXWJaZvYyhQWGNnoSJGi8MBr5oEhH85hkxO5TV6yqRuA4W2P7NaplcDCSw0Q7
F1D9B0umbGq6Dw==
-----END CERTIFICATE-----
Generated at Sat Jun 7 08:58:07 2025 by rpki-client