Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft
File: s1IytLD6jIPU_4wSROhk67yt1os.mft (raw, json)
Hash identifier: Vvj2GHmxq3SqIOLzlX5HYnuJBCJSIsmTpuQvQHcvH9Y=
Subject key identifier: C7:02:C6:C2:7F:3C:35:C0:3D:91:BF:47:A5:74:71:29:A2:07:B6:D2
Authority key identifier: B3:52:32:B4:B0:FA:8C:83:D4:FF:8C:12:44:E8:64:EB:BC:AD:D6:8B
Certificate issuer: /CN=b35232b4b0fa8c83d4ff8c1244e864ebbcadd68b
Certificate serial: 0197488C3472EACDCAD2FE18B1C99195C62C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s1IytLD6jIPU_4wSROhk67yt1os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft
Manifest number: 0FF3
Signing time: Sat 07 Jun 2025 04:00:37 +0000
Manifest this update: Sat 07 Jun 2025 04:00:37 +0000
Manifest next update: Sun 08 Jun 2025 04:00:37 +0000
Files and hashes: 1: s1IytLD6jIPU_4wSROhk67yt1os.crl (hash: UqHstursPbDNi9iHgeiLu+4xoDqa2sIkGQ/50UcDOEc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft
rsync://rpki.ripe.net/repository/DEFAULT/s1IytLD6jIPU_4wSROhk67yt1os.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 04:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:48:8c:34:72:ea:cd:ca:d2:fe:18:b1:c9:91:95:c6:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b35232b4b0fa8c83d4ff8c1244e864ebbcadd68b
Validity
Not Before: Jun 7 04:00:37 2025 GMT
Not After : Jun 8 04:00:37 2025 GMT
Subject: CN=c702c6c27f3c35c03d91bf47a5747129a207b6d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:12:42:47:53:3d:61:e5:d1:7a:89:60:7c:68:
29:66:a8:31:41:15:7e:61:d0:48:c6:e3:d0:bf:19:
bc:80:25:9e:3c:e7:36:58:d2:bc:5a:6e:46:af:14:
1d:1e:8a:bd:ca:0e:83:36:d7:67:d1:2b:7d:36:ec:
94:3c:60:ad:e0:ed:89:45:f0:94:81:03:0f:2e:09:
cf:86:d7:f9:d7:90:fe:6d:5f:cd:8e:0c:20:c0:dd:
16:ae:56:1e:a0:45:fc:00:9b:46:f8:0b:bc:0e:47:
b7:92:30:b6:a8:2b:96:b2:35:2b:17:4f:43:17:94:
8f:c4:8e:37:87:6a:cc:e2:36:b4:70:9d:30:84:46:
01:e9:0f:9b:4b:4d:af:85:fe:a9:7d:85:f5:92:64:
79:ae:40:49:f7:5d:8f:fc:cb:97:e8:c7:23:76:26:
35:a0:24:a0:b1:7a:f3:eb:0b:bd:33:cf:d0:b9:5b:
5c:84:3c:94:07:80:51:84:fe:08:4b:77:61:d0:7b:
b3:12:32:49:9c:08:33:fd:13:e7:ed:ee:7e:4c:9e:
7c:f8:b8:7f:4b:40:ae:32:d6:c4:0c:fb:cb:00:c7:
d8:68:15:2d:06:e9:d5:62:69:03:e8:c5:0b:70:c6:
7f:96:01:5b:cf:d9:77:f8:75:0a:4d:63:85:a8:6d:
49:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:02:C6:C2:7F:3C:35:C0:3D:91:BF:47:A5:74:71:29:A2:07:B6:D2
X509v3 Authority Key Identifier:
keyid:B3:52:32:B4:B0:FA:8C:83:D4:FF:8C:12:44:E8:64:EB:BC:AD:D6:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s1IytLD6jIPU_4wSROhk67yt1os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
66:9c:8d:ed:f9:13:8d:0a:6b:08:b3:be:c4:fd:5a:f2:80:22:
c2:b6:73:55:57:01:fa:06:6a:a8:7a:58:6a:e3:5c:cd:0e:0d:
f4:a7:59:5c:e6:91:76:aa:92:5b:1f:8a:b8:20:d4:54:13:6b:
e8:f6:c5:ce:60:f9:6f:95:af:64:71:26:7e:ef:47:c7:d2:af:
be:95:f7:10:6e:06:d3:36:f4:cc:6b:73:f2:39:06:d1:89:e1:
71:38:f1:e5:d9:9f:67:a3:d0:da:da:50:84:99:ea:be:95:cc:
46:c6:01:0a:51:3a:af:4e:00:88:b5:36:80:de:34:1b:54:a2:
13:70:bf:76:13:d7:50:8c:3c:01:eb:b4:a6:b2:1c:ce:b1:b2:
25:fb:ed:83:8c:0e:a1:e0:c4:77:45:62:a1:d9:91:32:7b:71:
ef:56:ca:b9:79:06:bd:30:bc:bb:b3:8c:f9:9e:67:f2:3b:9b:
b1:8f:ef:41:3e:03:da:aa:fc:56:e8:25:f7:bd:b2:2a:9e:1e:
4e:5a:f1:64:99:8f:80:54:f5:dd:b2:35:cb:b0:61:8f:e3:61:
82:3c:87:32:97:6f:cf:68:d6:ff:52:0e:ca:e0:04:d6:b8:d6:
b7:9d:1f:cd:c2:e9:17:49:e6:76:c0:b6:9b:07:ef:f6:24:92:
aa:37:11:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjDRy6s3K0v4YscmRlcYsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNTIzMmI0YjBmYThjODNkNGZmOGMxMjQ0ZTg2NGViYmNh
ZGQ2OGIwHhcNMjUwNjA3MDQwMDM3WhcNMjUwNjA4MDQwMDM3WjAzMTEwLwYDVQQD
EyhjNzAyYzZjMjdmM2MzNWMwM2Q5MWJmNDdhNTc0NzEyOWEyMDdiNmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRJCR1M9YeXReolgfGgpZqgxQRV+
YdBIxuPQvxm8gCWePOc2WNK8Wm5GrxQdHoq9yg6DNtdn0St9NuyUPGCt4O2JRfCU
gQMPLgnPhtf515D+bV/NjgwgwN0WrlYeoEX8AJtG+Au8Dke3kjC2qCuWsjUrF09D
F5SPxI43h2rM4ja0cJ0whEYB6Q+bS02vhf6pfYX1kmR5rkBJ912P/MuX6McjdiY1
oCSgsXrz6wu9M8/QuVtchDyUB4BRhP4IS3dh0HuzEjJJnAgz/RPn7e5+TJ58+Lh/
S0CuMtbEDPvLAMfYaBUtBunVYmkD6MULcMZ/lgFbz9l3+HUKTWOFqG1JTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMcCxsJ/PDXAPZG/R6V0cSmiB7bSMB8GA1UdIwQY
MBaAFLNSMrSw+oyD1P+MEkToZOu8rdaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczFJeXRMRDZqSVBVXzR3U1JPaGs2N3l0MW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iZDlmZDgtYTM0Ni00NTllLTgzOGEt
YjkxMjJlNTIxMDU4LzEvczFJeXRMRDZqSVBVXzR3U1JPaGs2N3l0MW9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iZDlmZDgtYTM0Ni00NTllLTgzOGEtYjkxMjJlNTIxMDU4
LzEvczFJeXRMRDZqSVBVXzR3U1JPaGs2N3l0MW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZpyN7fkT
jQprCLO+xP1a8oAiwrZzVVcB+gZqqHpYauNczQ4N9KdZXOaRdqqSWx+KuCDUVBNr
6PbFzmD5b5WvZHEmfu9Hx9KvvpX3EG4G0zb0zGtz8jkG0YnhcTjx5dmfZ6PQ2tpQ
hJnqvpXMRsYBClE6r04AiLU2gN40G1SiE3C/dhPXUIw8Aeu0prIczrGyJfvtg4wO
oeDEd0ViodmRMntx71bKuXkGvTC8u7OM+Z5n8jubsY/vQT4D2qr8Vugl972yKp4e
TlrxZJmPgFT13bI1y7Bhj+NhgjyHMpdvz2jW/1IOyuAE1rjWt50fzcLpF0nmdsC2
mwfv9iSSqjcRrQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 14:41:47 2025 by rpki-client