Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/c97b17-671b-4102-9241-1c1eb158b02d/1/spuNaKggdWqqP4l5UdWv1n_bPbs.mft
File: spuNaKggdWqqP4l5UdWv1n_bPbs.mft (raw, json)
Hash identifier: sA+t22+WuxX063lov56VqCgyyYGgJ9JcmJkwvrOFrgs=
Subject key identifier: 22:1C:7C:1F:61:55:10:D3:E6:BD:DD:93:94:B6:9B:C8:F8:30:BF:4A
Authority key identifier: B2:9B:8D:68:A8:20:75:6A:AA:3F:89:79:51:D5:AF:D6:7F:DB:3D:BB
Certificate issuer: /CN=b29b8d68a820756aaa3f897951d5afd67fdb3dbb
Certificate serial: 01974A7B0DE31201E7DFBDF66379BC1FF4D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/spuNaKggdWqqP4l5UdWv1n_bPbs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/c97b17-671b-4102-9241-1c1eb158b02d/1/spuNaKggdWqqP4l5UdWv1n_bPbs.mft
Manifest number: 157B
Signing time: Sat 07 Jun 2025 13:01:07 +0000
Manifest this update: Sat 07 Jun 2025 13:01:07 +0000
Manifest next update: Sun 08 Jun 2025 13:01:07 +0000
Files and hashes: 1: spuNaKggdWqqP4l5UdWv1n_bPbs.crl (hash: WgIki1gJYd8bzlhPWPu3HOqsaj0qrQOHUoJth1pxsNI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/c97b17-671b-4102-9241-1c1eb158b02d/1/spuNaKggdWqqP4l5UdWv1n_bPbs.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/c97b17-671b-4102-9241-1c1eb158b02d/1/spuNaKggdWqqP4l5UdWv1n_bPbs.mft
rsync://rpki.ripe.net/repository/DEFAULT/spuNaKggdWqqP4l5UdWv1n_bPbs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4a:7b:0d:e3:12:01:e7:df:bd:f6:63:79:bc:1f:f4:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b29b8d68a820756aaa3f897951d5afd67fdb3dbb
Validity
Not Before: Jun 7 13:01:07 2025 GMT
Not After : Jun 8 13:01:07 2025 GMT
Subject: CN=221c7c1f615510d3e6bddd9394b69bc8f830bf4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c1:8c:68:72:a8:ee:56:25:64:4e:0e:6b:dc:
0d:1c:8f:ba:06:72:42:c6:23:1c:a5:ac:0a:33:94:
98:ad:dd:46:29:39:68:0b:50:9a:8c:c6:44:7d:d2:
2e:e9:d4:73:56:27:3b:43:78:ee:6f:81:ce:a7:3c:
4f:c6:54:79:da:c6:15:ae:05:63:d7:0b:3f:d0:57:
33:da:e8:59:78:aa:62:8a:bc:bb:04:2d:44:f2:e5:
88:3e:6b:15:03:ca:75:bd:30:a4:82:3a:af:38:24:
1f:0b:19:88:dd:e1:44:fa:ac:79:f4:ab:fb:0a:bd:
20:ec:4f:e2:f9:c8:8f:23:f5:05:c3:fe:17:2c:65:
bc:5a:11:1e:c8:0d:43:7d:9a:02:be:ac:4e:57:de:
7f:19:a2:66:fb:05:a8:b5:37:05:88:9e:28:6a:eb:
44:ed:0c:9e:57:4c:8d:a3:c5:8d:81:79:8c:62:1f:
f9:ca:1a:b0:c3:0f:da:a9:49:73:21:7f:c3:34:a2:
af:c3:66:7a:e9:71:d4:3c:e8:b8:01:6e:39:f6:4e:
c8:14:d1:ef:c3:2e:86:f0:a7:a4:65:ad:3d:e2:c9:
a8:67:1e:13:3f:a2:76:2a:9c:70:36:fc:e1:d5:ed:
04:a3:9d:02:fa:bd:3c:d0:9b:cb:10:4a:e0:c1:19:
b2:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:1C:7C:1F:61:55:10:D3:E6:BD:DD:93:94:B6:9B:C8:F8:30:BF:4A
X509v3 Authority Key Identifier:
keyid:B2:9B:8D:68:A8:20:75:6A:AA:3F:89:79:51:D5:AF:D6:7F:DB:3D:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/spuNaKggdWqqP4l5UdWv1n_bPbs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/c97b17-671b-4102-9241-1c1eb158b02d/1/spuNaKggdWqqP4l5UdWv1n_bPbs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/c97b17-671b-4102-9241-1c1eb158b02d/1/spuNaKggdWqqP4l5UdWv1n_bPbs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
82:85:a4:ce:80:93:47:43:06:c6:35:2e:e1:48:68:fb:2c:28:
95:ce:fd:bd:7f:69:20:de:95:8c:68:c6:7c:72:9d:d9:b1:ce:
74:5c:2a:64:6d:e0:6b:f2:bf:c0:ab:b1:1d:6e:28:76:5d:b2:
24:4a:3b:77:98:cf:27:84:4a:9a:af:25:4b:87:b0:1a:3a:16:
e5:7c:e7:de:d4:e8:e1:0c:53:af:16:70:5b:de:00:fd:5b:2c:
1a:64:13:d1:bd:90:63:63:d2:c9:36:cc:cf:b3:aa:53:67:96:
56:a0:1e:0f:92:11:69:dd:2e:8f:75:d7:fe:03:50:71:91:4e:
27:c9:18:a7:00:99:db:d5:02:b4:af:1b:1e:ca:08:bc:b0:a9:
f8:ef:a9:6d:cd:a5:bc:be:33:92:04:6a:5b:e9:15:63:5a:63:
b0:c2:b0:af:7c:35:ef:d8:9c:1f:ab:97:49:cf:2e:48:c1:77:
b6:a3:6c:ba:bf:ea:1f:67:75:6f:f6:45:03:23:69:b5:f4:f3:
b9:90:51:47:36:19:97:82:a0:36:25:99:9b:fa:9a:b2:91:93:
07:44:65:9e:c2:b2:a3:ed:1e:bd:65:c4:24:e4:cc:38:34:93:
ff:ff:d8:28:e6:2c:1e:33:36:64:f3:a9:d9:90:ff:9b:58:df:
1c:67:bf:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKew3jEgHn3732Y3m8H/TUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyOWI4ZDY4YTgyMDc1NmFhYTNmODk3OTUxZDVhZmQ2N2Zk
YjNkYmIwHhcNMjUwNjA3MTMwMTA3WhcNMjUwNjA4MTMwMTA3WjAzMTEwLwYDVQQD
EygyMjFjN2MxZjYxNTUxMGQzZTZiZGRkOTM5NGI2OWJjOGY4MzBiZjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMGMaHKo7lYlZE4Oa9wNHI+6BnJC
xiMcpawKM5SYrd1GKTloC1CajMZEfdIu6dRzVic7Q3jub4HOpzxPxlR52sYVrgVj
1ws/0Fcz2uhZeKpiiry7BC1E8uWIPmsVA8p1vTCkgjqvOCQfCxmI3eFE+qx59Kv7
Cr0g7E/i+ciPI/UFw/4XLGW8WhEeyA1DfZoCvqxOV95/GaJm+wWotTcFiJ4oautE
7QyeV0yNo8WNgXmMYh/5yhqwww/aqUlzIX/DNKKvw2Z66XHUPOi4AW459k7IFNHv
wy6G8KekZa094smoZx4TP6J2KpxwNvzh1e0Eo50C+r080JvLEErgwRmyHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCIcfB9hVRDT5r3dk5S2m8j4ML9KMB8GA1UdIwQY
MBaAFLKbjWioIHVqqj+JeVHVr9Z/2z27MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3B1TmFLZ2dkV3FxUDRsNVVkV3Yxbl9iUGJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9jOTdiMTctNjcxYi00MTAyLTkyNDEt
MWMxZWIxNThiMDJkLzEvc3B1TmFLZ2dkV3FxUDRsNVVkV3Yxbl9iUGJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9jOTdiMTctNjcxYi00MTAyLTkyNDEtMWMxZWIxNThiMDJk
LzEvc3B1TmFLZ2dkV3FxUDRsNVVkV3Yxbl9iUGJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgoWkzoCT
R0MGxjUu4Uho+ywolc79vX9pIN6VjGjGfHKd2bHOdFwqZG3ga/K/wKuxHW4odl2y
JEo7d5jPJ4RKmq8lS4ewGjoW5Xzn3tTo4QxTrxZwW94A/VssGmQT0b2QY2PSyTbM
z7OqU2eWVqAeD5IRad0uj3XX/gNQcZFOJ8kYpwCZ29UCtK8bHsoIvLCp+O+pbc2l
vL4zkgRqW+kVY1pjsMKwr3w179icH6uXSc8uSMF3tqNsur/qH2d1b/ZFAyNptfTz
uZBRRzYZl4KgNiWZm/qaspGTB0RlnsKyo+0evWXEJOTMODST///YKOYsHjM2ZPOp
2ZD/m1jfHGe/Cw==
-----END CERTIFICATE-----
Generated at Sat Jun 7 18:37:27 2025 by rpki-client