Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/f850ec-9954-485c-aa0b-fd120c31da72/1/Icc6XY7GO-1lijj1wm8ZH91035I.mft
File: Icc6XY7GO-1lijj1wm8ZH91035I.mft (raw, json)
Hash identifier: Asb+ovDgBGUiy3iczuK+YB9+0Vbu6eS0UfQZM90098g=
Subject key identifier: 4E:3D:F5:CF:25:DF:DC:44:FB:3D:64:2C:9B:6A:E3:99:6A:F2:73:2A
Authority key identifier: 21:C7:3A:5D:8E:C6:3B:ED:65:8A:38:F5:C2:6F:19:1F:DD:74:DF:92
Certificate issuer: /CN=21c73a5d8ec63bed658a38f5c26f191fdd74df92
Certificate serial: 019779424D6C5DD6AF133270CB420E9A2821
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Icc6XY7GO-1lijj1wm8ZH91035I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/f850ec-9954-485c-aa0b-fd120c31da72/1/Icc6XY7GO-1lijj1wm8ZH91035I.mft
Manifest number: 1597
Signing time: Mon 16 Jun 2025 15:01:17 +0000
Manifest this update: Mon 16 Jun 2025 15:01:17 +0000
Manifest next update: Tue 17 Jun 2025 15:01:17 +0000
Files and hashes: 1: 745x39IaKKbeM9M_OPciAoFxiI4.roa (hash: rIEFd72FIecG2+TT+EkabaQ2rf6+UODC9a0hMUMdVO0=)
2: Icc6XY7GO-1lijj1wm8ZH91035I.crl (hash: xjsiNbU/B+TlnUTkcZdh82qwfqW7SyxusqiPrlyQ29I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/f850ec-9954-485c-aa0b-fd120c31da72/1/Icc6XY7GO-1lijj1wm8ZH91035I.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/f850ec-9954-485c-aa0b-fd120c31da72/1/Icc6XY7GO-1lijj1wm8ZH91035I.mft
rsync://rpki.ripe.net/repository/DEFAULT/Icc6XY7GO-1lijj1wm8ZH91035I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Jun 2025 14:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:79:42:4d:6c:5d:d6:af:13:32:70:cb:42:0e:9a:28:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21c73a5d8ec63bed658a38f5c26f191fdd74df92
Validity
Not Before: Jun 16 15:01:17 2025 GMT
Not After : Jun 17 15:01:17 2025 GMT
Subject: CN=4e3df5cf25dfdc44fb3d642c9b6ae3996af2732a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:31:0c:43:81:44:54:68:d9:79:64:d8:25:d3:
e7:f0:d7:b7:c8:fd:04:2e:28:7e:a4:2f:6a:40:82:
5b:38:20:a6:ce:9e:6a:2d:92:2f:cb:95:32:dc:c4:
97:48:de:fb:0c:3e:ea:59:28:4e:ea:85:7a:55:7f:
77:a7:4b:f9:9e:67:0a:e5:f6:39:43:ef:25:f4:6d:
a1:5b:d3:c1:b0:8f:fd:51:d7:68:65:e7:44:ce:8f:
ea:9c:e4:e5:4e:0a:93:e3:cb:c4:c1:bc:d6:2f:bb:
68:cf:e2:a6:e7:86:44:4f:b3:37:39:9c:12:10:ed:
97:ef:d4:a7:1f:2a:01:0c:7b:ab:7f:2e:9f:da:f7:
99:a9:b4:af:a4:a9:54:09:4f:1d:52:19:f1:e3:7c:
18:c4:d9:80:8b:45:cc:17:98:4d:5b:1d:27:9b:57:
81:1c:6a:11:d9:40:34:93:55:0c:57:cf:d4:c0:6e:
4e:77:77:79:ca:df:d8:c9:46:5f:68:22:66:20:9c:
0c:58:1e:4e:f7:4d:92:10:fc:26:70:61:0c:5c:d4:
b9:93:57:2d:0c:03:bf:69:05:77:53:75:76:07:d3:
f4:db:21:c2:aa:a9:e5:1f:3e:e8:87:8e:89:a8:c5:
73:b2:4a:3f:7e:b3:ae:64:a7:98:3c:2d:b8:67:17:
e2:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:3D:F5:CF:25:DF:DC:44:FB:3D:64:2C:9B:6A:E3:99:6A:F2:73:2A
X509v3 Authority Key Identifier:
keyid:21:C7:3A:5D:8E:C6:3B:ED:65:8A:38:F5:C2:6F:19:1F:DD:74:DF:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Icc6XY7GO-1lijj1wm8ZH91035I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/f850ec-9954-485c-aa0b-fd120c31da72/1/Icc6XY7GO-1lijj1wm8ZH91035I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/f850ec-9954-485c-aa0b-fd120c31da72/1/Icc6XY7GO-1lijj1wm8ZH91035I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
29:ae:cd:bd:2e:68:7e:ea:27:e3:09:8a:c8:68:b2:00:b1:f9:
6f:41:a1:82:35:e2:9c:35:0a:a4:96:e1:18:b6:1e:7d:72:82:
0c:48:7e:24:0b:1b:30:ff:a5:75:12:62:8f:5f:0f:7f:17:88:
f9:11:e7:c8:7e:3b:3a:ef:08:05:6e:78:ea:74:78:24:1a:11:
84:dd:e2:e0:e0:27:2c:41:d5:38:44:a3:51:f0:39:dc:b4:0d:
79:db:0d:9e:53:e7:31:6a:e4:cb:d7:73:d0:03:6c:29:14:a7:
a7:33:1e:b6:ae:1e:64:2e:ca:3e:33:12:46:64:9b:97:46:22:
f6:02:b1:13:0f:88:0d:07:cb:66:4e:c9:29:68:db:1a:3f:31:
5b:80:98:e7:b4:3e:8e:f5:b1:ab:a3:88:3a:76:1a:96:1f:fa:
ed:2e:57:20:97:18:06:0d:90:56:8f:cd:a5:19:b7:ea:ed:05:
26:77:be:d6:97:06:47:57:21:ee:ae:df:eb:bb:fc:98:ec:ab:
34:47:06:9f:67:3b:b3:8f:00:de:12:59:6e:cd:19:8c:91:9e:
ca:21:bd:4f:c5:d0:0c:83:c1:72:b6:35:18:b9:6e:b2:23:be:
06:15:bb:3f:17:4b:69:4e:3f:52:c3:ed:1f:11:9d:91:3e:59:
6e:53:ad:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd5Qk1sXdavEzJwy0IOmighMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYzczYTVkOGVjNjNiZWQ2NThhMzhmNWMyNmYxOTFmZGQ3
NGRmOTIwHhcNMjUwNjE2MTUwMTE3WhcNMjUwNjE3MTUwMTE3WjAzMTEwLwYDVQQD
Eyg0ZTNkZjVjZjI1ZGZkYzQ0ZmIzZDY0MmM5YjZhZTM5OTZhZjI3MzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTEMQ4FEVGjZeWTYJdPn8Ne3yP0E
Lih+pC9qQIJbOCCmzp5qLZIvy5Uy3MSXSN77DD7qWShO6oV6VX93p0v5nmcK5fY5
Q+8l9G2hW9PBsI/9UddoZedEzo/qnOTlTgqT48vEwbzWL7toz+Km54ZET7M3OZwS
EO2X79SnHyoBDHurfy6f2veZqbSvpKlUCU8dUhnx43wYxNmAi0XMF5hNWx0nm1eB
HGoR2UA0k1UMV8/UwG5Od3d5yt/YyUZfaCJmIJwMWB5O902SEPwmcGEMXNS5k1ct
DAO/aQV3U3V2B9P02yHCqqnlHz7oh46JqMVzsko/frOuZKeYPC24Zxfi7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE499c8l39xE+z1kLJtq45lq8nMqMB8GA1UdIwQY
MBaAFCHHOl2OxjvtZYo49cJvGR/ddN+SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWNjNlhZN0dPLTFsaWpqMXdtOFpIOTEwMzVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9mODUwZWMtOTk1NC00ODVjLWFhMGIt
ZmQxMjBjMzFkYTcyLzEvSWNjNlhZN0dPLTFsaWpqMXdtOFpIOTEwMzVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9mODUwZWMtOTk1NC00ODVjLWFhMGItZmQxMjBjMzFkYTcy
LzEvSWNjNlhZN0dPLTFsaWpqMXdtOFpIOTEwMzVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKa7NvS5o
fuon4wmKyGiyALH5b0GhgjXinDUKpJbhGLYefXKCDEh+JAsbMP+ldRJij18PfxeI
+RHnyH47Ou8IBW546nR4JBoRhN3i4OAnLEHVOESjUfA53LQNedsNnlPnMWrky9dz
0ANsKRSnpzMetq4eZC7KPjMSRmSbl0Yi9gKxEw+IDQfLZk7JKWjbGj8xW4CY57Q+
jvWxq6OIOnYalh/67S5XIJcYBg2QVo/NpRm36u0FJne+1pcGR1ch7q7f67v8mOyr
NEcGn2c7s48A3hJZbs0ZjJGeyiG9T8XQDIPBcrY1GLlusiO+BhW7PxdLaU4/UsPt
HxGdkT5ZblOtzg==
-----END CERTIFICATE-----
Generated at Mon Jun 16 18:48:41 2025 by rpki-client