Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.mft
File: 0krezYS7F0i9NbmezqRncuAeyTU.mft (raw, json)
Hash identifier: KbZA4FSChnCD7my26Qw2FyJpRpHTbp4xroql4kjIgX8=
Subject key identifier: 7F:DE:93:D2:B4:E5:2E:C9:68:2E:79:BB:28:A6:E4:A0:5B:94:A8:C4
Authority key identifier: D2:4A:DE:CD:84:BB:17:48:BD:35:B9:9E:CE:A4:67:72:E0:1E:C9:35
Certificate issuer: /CN=d24adecd84bb1748bd35b99ecea46772e01ec935
Certificate serial: 0197493187C74ACA1CC5EB922D947F2CB628
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0krezYS7F0i9NbmezqRncuAeyTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.mft
Manifest number: 157F
Signing time: Sat 07 Jun 2025 07:01:12 +0000
Manifest this update: Sat 07 Jun 2025 07:01:12 +0000
Manifest next update: Sun 08 Jun 2025 07:01:12 +0000
Files and hashes: 1: 0krezYS7F0i9NbmezqRncuAeyTU.crl (hash: 4wcJ2/I1aViDDxQWp92o0TDn+4Ko2zDYb2xz/8D003s=)
2: UON5AT9SXUWq39L68I_y2_ZUikk.roa (hash: JwjZjFuzIaj/y6AQtmJH9bJqGEr4cg/qlCiSjx+pXxc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.mft
rsync://rpki.ripe.net/repository/DEFAULT/0krezYS7F0i9NbmezqRncuAeyTU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 07:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:49:31:87:c7:4a:ca:1c:c5:eb:92:2d:94:7f:2c:b6:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d24adecd84bb1748bd35b99ecea46772e01ec935
Validity
Not Before: Jun 7 07:01:12 2025 GMT
Not After : Jun 8 07:01:12 2025 GMT
Subject: CN=7fde93d2b4e52ec9682e79bb28a6e4a05b94a8c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:1f:80:d1:02:ee:97:8c:f7:1c:7c:86:9d:d1:
39:3a:8d:dd:7c:9c:3c:98:ea:a5:15:84:ea:52:47:
c0:3c:fa:dc:ca:0a:8d:a0:0f:8e:8a:3f:b1:33:97:
7a:43:4c:36:0d:c4:fb:77:20:8d:fc:87:94:32:de:
c9:96:3e:80:50:b1:6f:fc:bc:9e:48:02:41:bd:c3:
2a:8c:2b:32:59:99:43:b2:23:f1:cb:93:f1:e4:14:
c1:1e:0f:5b:e3:bd:05:a3:ce:c2:5c:af:0e:01:97:
7c:fb:be:09:5e:4e:cb:1c:a6:b6:4d:4d:2e:af:b7:
53:54:b4:ca:2e:d6:50:1f:59:d0:6b:e1:45:03:17:
4f:f3:2a:bd:14:40:2e:ff:42:8d:6f:60:49:e0:a0:
f3:0b:28:33:b4:5e:48:2a:e7:e6:cf:3f:87:f9:cd:
a0:b2:b3:5f:18:85:ab:d5:98:26:71:99:11:56:fe:
b7:09:7e:cc:c3:c6:5b:a6:5b:a2:78:1b:f6:1f:aa:
0c:0c:e4:8f:28:e3:87:be:0f:b0:d5:5e:24:08:06:
e4:c3:77:10:a3:a1:b6:67:ed:0d:25:a8:bc:97:e5:
f3:9b:f1:ef:ad:7c:54:01:8c:ed:82:e7:74:72:bb:
c0:17:8e:b9:97:ee:27:ff:6f:c7:39:dc:6f:11:99:
0f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:DE:93:D2:B4:E5:2E:C9:68:2E:79:BB:28:A6:E4:A0:5B:94:A8:C4
X509v3 Authority Key Identifier:
keyid:D2:4A:DE:CD:84:BB:17:48:BD:35:B9:9E:CE:A4:67:72:E0:1E:C9:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0krezYS7F0i9NbmezqRncuAeyTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
15:1e:2a:b8:92:1f:ed:53:56:ff:26:4b:bd:f2:a4:bf:19:e7:
fb:45:99:db:8f:59:19:8c:89:cc:da:c1:82:c6:12:bc:b0:3f:
da:98:f2:bc:ff:ed:f3:30:75:30:ee:14:11:82:ed:de:ae:98:
b0:e3:47:84:1d:2a:0b:48:e7:41:fc:a0:0e:17:38:19:e8:f8:
4b:fe:ff:a7:a9:0b:9d:7c:63:90:4a:bc:c8:2f:50:4e:f0:c6:
4c:70:a5:9b:09:80:99:3b:91:4a:e5:2b:98:c8:27:6d:d3:7c:
26:e8:07:00:f1:a6:74:72:04:57:c2:76:c6:54:0c:2a:17:b3:
a4:5a:77:d3:4d:66:39:ed:04:be:31:a2:b1:c1:f5:e8:55:1b:
1a:5b:6f:19:e9:e9:c8:7f:59:d3:0e:0d:16:75:e5:70:95:87:
8b:fb:af:f9:35:b0:d3:40:1b:30:a5:78:40:16:ba:6f:c2:25:
7f:c0:6d:fb:60:c4:6a:05:a9:5c:d9:00:d6:9c:6a:39:d7:49:
80:6c:75:88:ff:16:fb:2c:01:86:66:dc:2b:fb:5c:ae:db:bd:
56:13:f4:1e:16:77:5a:a5:6d:f0:3c:ed:e0:de:ed:87:5e:ba:
2c:66:be:11:3f:c0:2a:52:da:3b:73:bf:a0:48:9d:75:f5:19:
d3:63:36:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJMYfHSsocxeuSLZR/LLYoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNGFkZWNkODRiYjE3NDhiZDM1Yjk5ZWNlYTQ2NzcyZTAx
ZWM5MzUwHhcNMjUwNjA3MDcwMTEyWhcNMjUwNjA4MDcwMTEyWjAzMTEwLwYDVQQD
Eyg3ZmRlOTNkMmI0ZTUyZWM5NjgyZTc5YmIyOGE2ZTRhMDViOTRhOGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzB+A0QLul4z3HHyGndE5Oo3dfJw8
mOqlFYTqUkfAPPrcygqNoA+Oij+xM5d6Q0w2DcT7dyCN/IeUMt7Jlj6AULFv/Lye
SAJBvcMqjCsyWZlDsiPxy5Px5BTBHg9b470Fo87CXK8OAZd8+74JXk7LHKa2TU0u
r7dTVLTKLtZQH1nQa+FFAxdP8yq9FEAu/0KNb2BJ4KDzCygztF5IKufmzz+H+c2g
srNfGIWr1ZgmcZkRVv63CX7Mw8ZbpluieBv2H6oMDOSPKOOHvg+w1V4kCAbkw3cQ
o6G2Z+0NJai8l+Xzm/HvrXxUAYztgud0crvAF465l+4n/2/HOdxvEZkPjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH/ek9K05S7JaC55uyim5KBblKjEMB8GA1UdIwQY
MBaAFNJK3s2EuxdIvTW5ns6kZ3LgHsk1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGtyZXpZUzdGMGk5TmJtZXpxUm5jdUFleVRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS82M2E4NDUtOGMwOS00ZDY5LWE3NzEt
NDhhNjA3YmJlMjVlLzEvMGtyZXpZUzdGMGk5TmJtZXpxUm5jdUFleVRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS82M2E4NDUtOGMwOS00ZDY5LWE3NzEtNDhhNjA3YmJlMjVl
LzEvMGtyZXpZUzdGMGk5TmJtZXpxUm5jdUFleVRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFR4quJIf
7VNW/yZLvfKkvxnn+0WZ249ZGYyJzNrBgsYSvLA/2pjyvP/t8zB1MO4UEYLt3q6Y
sONHhB0qC0jnQfygDhc4Gej4S/7/p6kLnXxjkEq8yC9QTvDGTHClmwmAmTuRSuUr
mMgnbdN8JugHAPGmdHIEV8J2xlQMKhezpFp3001mOe0EvjGiscH16FUbGltvGenp
yH9Z0w4NFnXlcJWHi/uv+TWw00AbMKV4QBa6b8Ilf8Bt+2DEagWpXNkA1pxqOddJ
gGx1iP8W+ywBhmbcK/tcrtu9VhP0HhZ3WqVt8Dzt4N7th166LGa+ET/AKlLaO3O/
oEiddfUZ02M2gw==
-----END CERTIFICATE-----
Generated at Sat Jun 7 15:31:03 2025 by rpki-client