Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
File: gh8Shdd1qfWJJD6shErcWridl8k.mft (raw, json)
Hash identifier: NV0xYnScWpYm/fvDAzOAanfNUtc9814jbJyPHLo7TzI=
Subject key identifier: B0:54:EF:3D:07:74:6D:4C:26:87:44:46:D6:1C:35:AC:0B:E0:10:6D
Authority key identifier: 82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
Certificate issuer: /CN=821f1285d775a9f589243eac844adc5ab89d97c9
Certificate serial: 01978169A36641C49135F70A5B1C0FE534F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
Manifest number: 0A3E
Signing time: Wed 18 Jun 2025 05:01:13 +0000
Manifest this update: Wed 18 Jun 2025 05:01:13 +0000
Manifest next update: Thu 19 Jun 2025 05:01:13 +0000
Files and hashes: 1: 9ZpW1MFLfzhcDdO5wTaJpRND5LI.roa (hash: eD8scxSV/Ipj3PNHolMKD1Dy5Nq6O0rfumsVRuff780=)
2: gh8Shdd1qfWJJD6shErcWridl8k.crl (hash: HTVYV4/K4mpKHRBWPEBfZ/oyu5D1t0UrwkL0K+Od2NE=)
3: yGExv6aT2zwwq4E64R4PQ7ZXbjU.roa (hash: UK4ZT9heAIw8jcnXNcqfBznXiBKMuH0NwH/ajGH3z/U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Jun 2025 05:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:81:69:a3:66:41:c4:91:35:f7:0a:5b:1c:0f:e5:34:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821f1285d775a9f589243eac844adc5ab89d97c9
Validity
Not Before: Jun 18 05:01:13 2025 GMT
Not After : Jun 19 05:01:13 2025 GMT
Subject: CN=b054ef3d07746d4c26874446d61c35ac0be0106d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:a7:d7:0c:13:d1:11:f1:cb:de:4b:58:3b:15:
aa:31:3b:c9:e5:a3:d6:13:85:d7:14:22:fb:11:d6:
46:84:bd:5f:0f:99:63:06:f0:b1:99:e9:68:49:dc:
3d:cc:ef:69:c7:56:48:d8:4a:9f:25:ac:01:a8:cf:
02:58:fc:f8:3b:91:75:a9:6b:5b:11:82:ad:c1:83:
d0:6a:90:c9:00:65:e4:d5:1d:31:d4:c1:78:df:16:
e0:c4:e2:55:c5:9a:56:6a:7d:48:3b:52:53:f2:a6:
9c:e6:da:86:76:a5:f3:1e:89:17:d5:8f:7e:18:64:
78:aa:2a:ec:79:d9:1c:25:91:11:f7:53:07:e4:18:
63:ee:de:ba:07:a9:3b:00:bf:e9:e5:24:77:20:cf:
80:e5:6f:1f:bd:64:ba:17:35:8b:cd:8f:1e:e9:a8:
8b:75:79:ad:b0:67:2f:90:fb:d0:11:86:37:fc:7c:
df:b5:98:d1:eb:71:c1:96:13:64:35:8b:22:a5:e4:
13:79:1d:c4:44:93:70:16:26:a7:23:4b:80:2a:9a:
9d:f6:f0:d5:84:8f:4a:7d:1f:80:44:5c:28:40:73:
2c:1c:95:70:c8:0c:1f:c8:02:f7:3b:21:cc:23:29:
9d:c4:45:c1:40:0c:bb:da:6f:20:3f:36:c6:cc:e0:
29:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:54:EF:3D:07:74:6D:4C:26:87:44:46:D6:1C:35:AC:0B:E0:10:6D
X509v3 Authority Key Identifier:
keyid:82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
59:53:af:5f:2c:1d:a1:59:5e:dc:39:27:2a:3f:3a:b5:47:f5:
c0:ba:3a:0f:e4:2e:ea:21:21:d7:3e:8e:38:15:cb:ba:2b:12:
4b:55:b7:25:b2:4f:61:4f:f6:b0:9d:95:f3:27:27:f5:02:6a:
80:0e:0f:fe:2c:43:9c:2c:fd:17:bd:95:71:74:85:3a:5d:53:
d5:67:a5:48:df:2d:76:06:4f:21:3f:37:3a:66:97:a8:45:83:
47:ce:68:0a:a0:15:23:a9:c0:e9:27:61:e5:a1:5b:93:71:28:
e6:2c:24:23:35:fb:e2:32:ee:98:3b:ad:22:ba:10:b0:b1:49:
05:c2:97:f4:d0:32:ce:4a:c4:b7:23:b5:1e:7e:9d:e0:5d:3e:
5c:47:b8:6b:ad:50:f6:90:48:ea:21:f2:54:be:6b:f9:92:79:
3c:51:9d:90:4f:d1:c2:36:df:36:47:4c:84:a1:b7:38:3a:d2:
bd:56:66:6c:78:c3:95:c6:dc:80:43:63:d7:d6:c2:69:c2:1f:
bf:16:d5:fc:5c:30:1b:c9:07:56:a3:08:b7:8c:3b:0d:03:2f:
55:ca:dd:e5:51:8b:3c:bd:0f:25:6d:17:cb:24:88:72:bc:94:
37:4f:7f:1e:83:d1:32:21:35:bf:a6:8c:3d:05:23:37:0f:fb:
3e:4e:18:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZeBaaNmQcSRNfcKWxwP5TTzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWYxMjg1ZDc3NWE5ZjU4OTI0M2VhYzg0NGFkYzVhYjg5
ZDk3YzkwHhcNMjUwNjE4MDUwMTEzWhcNMjUwNjE5MDUwMTEzWjAzMTEwLwYDVQQD
EyhiMDU0ZWYzZDA3NzQ2ZDRjMjY4NzQ0NDZkNjFjMzVhYzBiZTAxMDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4qfXDBPREfHL3ktYOxWqMTvJ5aPW
E4XXFCL7EdZGhL1fD5ljBvCxmeloSdw9zO9px1ZI2EqfJawBqM8CWPz4O5F1qWtb
EYKtwYPQapDJAGXk1R0x1MF43xbgxOJVxZpWan1IO1JT8qac5tqGdqXzHokX1Y9+
GGR4qirsedkcJZER91MH5Bhj7t66B6k7AL/p5SR3IM+A5W8fvWS6FzWLzY8e6aiL
dXmtsGcvkPvQEYY3/HzftZjR63HBlhNkNYsipeQTeR3ERJNwFianI0uAKpqd9vDV
hI9KfR+ARFwoQHMsHJVwyAwfyAL3OyHMIymdxEXBQAy72m8gPzbGzOApZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLBU7z0HdG1MJodERtYcNawL4BBtMB8GA1UdIwQY
MBaAFIIfEoXXdan1iSQ+rIRK3Fq4nZfJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQt
NDhlZWE4ZDVmZWYxLzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQtNDhlZWE4ZDVmZWYx
LzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWVOvXywd
oVle3DknKj86tUf1wLo6D+Qu6iEh1z6OOBXLuisSS1W3JbJPYU/2sJ2V8ycn9QJq
gA4P/ixDnCz9F72VcXSFOl1T1WelSN8tdgZPIT83OmaXqEWDR85oCqAVI6nA6Sdh
5aFbk3Eo5iwkIzX74jLumDutIroQsLFJBcKX9NAyzkrEtyO1Hn6d4F0+XEe4a61Q
9pBI6iHyVL5r+ZJ5PFGdkE/RwjbfNkdMhKG3ODrSvVZmbHjDlcbcgENj19bCacIf
vxbV/FwwG8kHVqMIt4w7DQMvVcrd5VGLPL0PJW0XyySIcryUN09/HoPRMiE1v6aM
PQUjNw/7Pk4YiA==
-----END CERTIFICATE-----
Generated at Wed Jun 18 14:14:33 2025 by rpki-client