Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.mft
File: D6j7U5miekMK5yfFMs0iSZnohk8.mft (raw, json)
Hash identifier: NNQuhvdjYZ9gdSsUtrJK9NmxhzDKZ8BH6eXXAUwYwkk=
Subject key identifier: 89:F4:EE:E9:53:E5:5E:00:EE:53:D3:37:9B:0B:57:07:0D:07:BA:18
Authority key identifier: 0F:A8:FB:53:99:A2:7A:43:0A:E7:27:C5:32:CD:22:49:99:E8:86:4F
Certificate issuer: /CN=0fa8fb5399a27a430ae727c532cd224999e8864f
Certificate serial: 01968691E71D898B49A057C566EF369A4E14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D6j7U5miekMK5yfFMs0iSZnohk8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.mft
Manifest number: 01A1
Signing time: Wed 30 Apr 2025 12:00:30 +0000
Manifest this update: Wed 30 Apr 2025 12:00:30 +0000
Manifest next update: Thu 01 May 2025 12:00:30 +0000
Files and hashes: 1: 5jBhyCclhjBWCSh1O-0WT6aKzvs.roa (hash: MRjgNDdW46vQb+SgK5+muMmigtF72q9wmhV3HqxuIuc=)
2: D6j7U5miekMK5yfFMs0iSZnohk8.crl (hash: raXIkxLL4Kqh19qDAwUM3iPr7O0L5uCoof5iqFMZhLw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.mft
rsync://rpki.ripe.net/repository/DEFAULT/D6j7U5miekMK5yfFMs0iSZnohk8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 01 May 2025 12:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:86:91:e7:1d:89:8b:49:a0:57:c5:66:ef:36:9a:4e:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0fa8fb5399a27a430ae727c532cd224999e8864f
Validity
Not Before: Apr 30 12:00:30 2025 GMT
Not After : May 1 12:00:30 2025 GMT
Subject: CN=89f4eee953e55e00ee53d3379b0b57070d07ba18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:28:41:18:b1:fb:8e:0d:2b:aa:55:f6:c9:bc:
20:e0:5a:a4:cd:79:ef:a6:be:fe:a4:0a:7e:c7:8c:
6f:57:96:88:36:59:5a:c8:1e:0c:19:87:5c:94:1c:
0d:2a:04:cf:28:42:93:15:37:77:1d:34:d9:ff:ff:
75:f4:d4:71:35:71:8d:23:a8:8a:e0:4f:d5:93:d3:
9f:6e:ac:28:e4:f4:bc:44:8b:21:08:7e:94:94:c1:
1a:0f:a5:63:98:13:f6:8d:d8:8e:39:eb:cd:6d:10:
b8:fc:38:8c:05:c3:bd:9c:41:71:9e:98:6b:94:b0:
28:d5:5b:c9:cf:88:ac:e2:10:48:11:a3:9a:c3:d9:
0d:0f:9a:3c:72:00:53:95:29:de:4a:d2:aa:77:ff:
84:00:d0:b0:74:7d:b4:32:30:4a:34:db:e7:6e:dd:
61:68:22:9d:25:a1:92:29:41:e9:d2:59:52:57:2f:
91:fa:8b:31:48:53:60:4a:2e:c8:9c:a5:e7:bc:76:
7e:a3:28:e4:50:e9:d3:4e:62:f2:a2:ae:4f:8e:f5:
10:9a:65:d1:a8:fa:53:11:12:2f:f8:3b:12:48:8f:
67:17:8c:ff:cc:b8:40:5c:90:db:af:f3:e6:c6:9e:
66:c9:e2:d0:a8:2d:51:74:37:08:43:91:b3:74:ac:
9f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:F4:EE:E9:53:E5:5E:00:EE:53:D3:37:9B:0B:57:07:0D:07:BA:18
X509v3 Authority Key Identifier:
keyid:0F:A8:FB:53:99:A2:7A:43:0A:E7:27:C5:32:CD:22:49:99:E8:86:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D6j7U5miekMK5yfFMs0iSZnohk8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
53:56:6c:14:e3:9b:5d:e6:a5:3b:b1:0e:16:26:62:6e:ab:0f:
9d:8a:b8:95:ca:86:24:88:53:07:cb:2d:1a:68:6c:05:05:64:
82:f6:a3:1d:4b:da:f8:18:8a:f2:af:7b:7a:86:2f:c2:03:74:
3a:16:e5:2d:7a:3b:35:8a:4b:09:81:6a:22:fd:e1:c8:16:92:
5f:8c:38:04:2e:56:6d:5a:22:74:38:dd:56:df:25:54:30:af:
4b:a5:cc:ab:73:29:1f:1f:e7:55:1b:72:a8:20:05:46:93:8d:
a7:95:8a:48:15:d7:2f:11:4d:b1:45:fd:50:89:70:2a:81:0c:
44:99:be:f7:42:e1:ca:87:9a:e9:78:2d:b1:c8:f3:63:37:2d:
bd:b4:6e:60:27:58:31:ce:53:52:4f:d5:cf:2e:ae:a5:6d:2d:
50:1a:1d:9a:f2:3f:17:d9:bb:73:31:b5:96:fb:8a:4f:5c:8e:
42:9e:f5:42:03:22:d8:44:ca:5c:7a:5a:94:75:89:0b:11:96:
68:3a:9e:a3:a4:7d:27:3c:b3:4f:3a:33:29:58:1a:b6:85:46:
54:9b:54:24:9f:4b:9f:8e:2d:c7:e4:5c:43:9e:3b:42:14:8b:
6b:be:56:09:c8:ea:99:fb:8e:21:b3:cb:a6:dd:5f:f1:9c:b5:
18:36:07:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaGkecdiYtJoFfFZu82mk4UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmYThmYjUzOTlhMjdhNDMwYWU3MjdjNTMyY2QyMjQ5OTll
ODg2NGYwHhcNMjUwNDMwMTIwMDMwWhcNMjUwNTAxMTIwMDMwWjAzMTEwLwYDVQQD
Eyg4OWY0ZWVlOTUzZTU1ZTAwZWU1M2QzMzc5YjBiNTcwNzBkMDdiYTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiChBGLH7jg0rqlX2ybwg4FqkzXnv
pr7+pAp+x4xvV5aINllayB4MGYdclBwNKgTPKEKTFTd3HTTZ//919NRxNXGNI6iK
4E/Vk9Ofbqwo5PS8RIshCH6UlMEaD6VjmBP2jdiOOevNbRC4/DiMBcO9nEFxnphr
lLAo1VvJz4is4hBIEaOaw9kND5o8cgBTlSneStKqd/+EANCwdH20MjBKNNvnbt1h
aCKdJaGSKUHp0llSVy+R+osxSFNgSi7InKXnvHZ+oyjkUOnTTmLyoq5PjvUQmmXR
qPpTERIv+DsSSI9nF4z/zLhAXJDbr/Pmxp5myeLQqC1RdDcIQ5GzdKyfTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIn07ulT5V4A7lPTN5sLVwcNB7oYMB8GA1UdIwQY
MBaAFA+o+1OZonpDCucnxTLNIkmZ6IZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDZqN1U1bWlla01LNXlmRk1zMGlTWm5vaGs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8zODZmODEtYjEzOS00OGFmLWJjZWEt
YTcxZmI0NjM1MDY1LzEvRDZqN1U1bWlla01LNXlmRk1zMGlTWm5vaGs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8zODZmODEtYjEzOS00OGFmLWJjZWEtYTcxZmI0NjM1MDY1
LzEvRDZqN1U1bWlla01LNXlmRk1zMGlTWm5vaGs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU1ZsFOOb
XealO7EOFiZibqsPnYq4lcqGJIhTB8stGmhsBQVkgvajHUva+BiK8q97eoYvwgN0
OhblLXo7NYpLCYFqIv3hyBaSX4w4BC5WbVoidDjdVt8lVDCvS6XMq3MpHx/nVRty
qCAFRpONp5WKSBXXLxFNsUX9UIlwKoEMRJm+90Lhyoea6XgtscjzYzctvbRuYCdY
Mc5TUk/Vzy6upW0tUBodmvI/F9m7czG1lvuKT1yOQp71QgMi2ETKXHpalHWJCxGW
aDqeo6R9JzyzTzozKVgatoVGVJtUJJ9Ln44tx+RcQ547QhSLa75WCcjqmfuOIbPL
pt1f8Zy1GDYHOg==
-----END CERTIFICATE-----
Generated at Wed Apr 30 15:57:06 2025 by rpki-client