Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/40a9b5-e899-4a8a-ac4f-966fa96beff2/1/Mm9RyiOYIQP_40-YkNC3To-nga8.mft
File: Mm9RyiOYIQP_40-YkNC3To-nga8.mft (raw, json)
Hash identifier: 44smCaSH2UEcCUR9iO58Rl40K/vEsmhdRTAkmHikrX0=
Subject key identifier: 8A:76:A3:4A:A0:78:E5:CF:40:39:10:A8:31:4F:7A:89:FE:EE:08:D0
Authority key identifier: 32:6F:51:CA:23:98:21:03:FF:E3:4F:98:90:D0:B7:4E:8F:A7:81:AF
Certificate issuer: /CN=326f51ca23982103ffe34f9890d0b74e8fa781af
Certificate serial: 01976CCF67DEEA20F5ADCE2C59896F5D73C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mm9RyiOYIQP_40-YkNC3To-nga8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/40a9b5-e899-4a8a-ac4f-966fa96beff2/1/Mm9RyiOYIQP_40-YkNC3To-nga8.mft
Manifest number: 05F3
Signing time: Sat 14 Jun 2025 05:00:21 +0000
Manifest this update: Sat 14 Jun 2025 05:00:21 +0000
Manifest next update: Sun 15 Jun 2025 05:00:21 +0000
Files and hashes: 1: Mm9RyiOYIQP_40-YkNC3To-nga8.crl (hash: zH0S/aqXQlY7LvSuXcMhppR78UYH4aKf835QaKME980=)
2: XS-Ybz0hvV9BojCYEUiidWOyx20.roa (hash: rQhYc9pPbBgv4YgNdF82ibLtydUp9AsYJJ57Y6MS2So=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/40a9b5-e899-4a8a-ac4f-966fa96beff2/1/Mm9RyiOYIQP_40-YkNC3To-nga8.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/40a9b5-e899-4a8a-ac4f-966fa96beff2/1/Mm9RyiOYIQP_40-YkNC3To-nga8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Mm9RyiOYIQP_40-YkNC3To-nga8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6c:cf:67:de:ea:20:f5:ad:ce:2c:59:89:6f:5d:73:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=326f51ca23982103ffe34f9890d0b74e8fa781af
Validity
Not Before: Jun 14 05:00:21 2025 GMT
Not After : Jun 15 05:00:21 2025 GMT
Subject: CN=8a76a34aa078e5cf403910a8314f7a89feee08d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:66:a0:94:76:3f:f5:cd:a8:b6:5b:92:0b:94:
80:9d:0a:5c:97:77:d9:31:4c:31:ef:cc:11:37:8c:
20:36:20:da:e9:96:3e:66:34:e4:b8:0f:10:fc:92:
65:b6:ff:52:8b:4c:98:1a:8b:06:6f:b5:cd:ed:1d:
a2:d4:dd:a0:8f:57:06:be:e5:52:92:31:c7:77:f4:
be:b7:cd:4d:fc:75:d8:ed:b2:d7:3c:70:c1:5a:0f:
33:b1:e7:7b:3b:cd:b2:4d:ef:32:d0:a7:49:82:79:
8e:1d:ee:ea:a6:bc:87:ac:05:79:3a:97:55:d8:e4:
b7:74:ae:fa:fb:01:ed:c7:1d:75:86:69:4a:d8:68:
03:05:9f:81:dc:df:0b:e8:55:92:2d:45:c9:7c:ca:
7a:af:aa:3c:79:13:5e:41:20:e1:08:56:7f:6b:7c:
da:04:3b:a0:be:5b:8f:e0:40:10:26:a3:15:2c:99:
31:7c:3b:5d:69:1e:37:01:ea:28:e6:03:2b:44:a2:
f8:23:1b:71:3f:5e:32:52:d2:c8:88:ea:b0:76:cf:
57:64:67:57:87:a9:cf:dc:fa:30:02:9c:78:95:9c:
7f:b5:d7:40:d1:d1:6f:ff:2e:af:1f:40:c8:5e:de:
a0:5e:bf:ed:cd:d9:8e:a0:4f:59:e0:16:64:98:55:
a9:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:76:A3:4A:A0:78:E5:CF:40:39:10:A8:31:4F:7A:89:FE:EE:08:D0
X509v3 Authority Key Identifier:
keyid:32:6F:51:CA:23:98:21:03:FF:E3:4F:98:90:D0:B7:4E:8F:A7:81:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mm9RyiOYIQP_40-YkNC3To-nga8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/40a9b5-e899-4a8a-ac4f-966fa96beff2/1/Mm9RyiOYIQP_40-YkNC3To-nga8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/40a9b5-e899-4a8a-ac4f-966fa96beff2/1/Mm9RyiOYIQP_40-YkNC3To-nga8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5d:bf:d9:8a:bd:82:8c:f5:9d:49:73:3b:4c:9d:b0:1f:c9:0b:
5f:68:89:53:03:3a:10:c2:43:bf:fe:02:87:17:f7:e4:06:02:
e2:aa:a0:52:fc:b4:1b:44:80:7b:10:12:55:0b:c9:8a:dc:72:
9e:49:ef:df:4b:cd:e8:84:d6:c8:a3:30:36:21:c5:4a:64:a5:
64:97:a7:9d:19:a3:78:b8:6c:5d:28:6d:3b:de:0c:94:1b:a2:
a1:c2:68:a0:05:36:09:e7:fb:d1:41:40:6c:ef:c5:9b:93:f8:
dc:02:03:ed:7f:27:c4:f4:00:38:fd:5b:6b:dc:dc:84:86:9a:
75:6e:7e:db:5e:65:83:ef:24:be:21:21:33:d6:d4:9e:1c:d9:
34:46:61:33:bd:6f:a3:a2:44:17:61:66:8e:b8:97:67:dd:1c:
b5:0d:d2:bb:fa:c4:0a:ca:62:67:5c:a3:e2:71:55:cf:15:2d:
08:4a:31:83:7f:99:e8:85:dd:1c:e9:b6:04:a6:fe:b2:48:9d:
b7:03:25:26:2a:21:92:33:02:87:40:a3:b4:1b:64:01:cf:2a:
4a:b0:68:87:5b:17:0a:c5:1a:b9:5b:69:39:e6:4a:49:47:1c:
3a:1b:3e:76:e4:d5:60:7a:08:e6:2a:5c:c5:ae:15:47:e6:15:
58:fe:a0:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsz2fe6iD1rc4sWYlvXXPFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNmY1MWNhMjM5ODIxMDNmZmUzNGY5ODkwZDBiNzRlOGZh
NzgxYWYwHhcNMjUwNjE0MDUwMDIxWhcNMjUwNjE1MDUwMDIxWjAzMTEwLwYDVQQD
Eyg4YTc2YTM0YWEwNzhlNWNmNDAzOTEwYTgzMTRmN2E4OWZlZWUwOGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2aglHY/9c2otluSC5SAnQpcl3fZ
MUwx78wRN4wgNiDa6ZY+ZjTkuA8Q/JJltv9Si0yYGosGb7XN7R2i1N2gj1cGvuVS
kjHHd/S+t81N/HXY7bLXPHDBWg8zsed7O82yTe8y0KdJgnmOHe7qpryHrAV5OpdV
2OS3dK76+wHtxx11hmlK2GgDBZ+B3N8L6FWSLUXJfMp6r6o8eRNeQSDhCFZ/a3za
BDugvluP4EAQJqMVLJkxfDtdaR43Aeoo5gMrRKL4IxtxP14yUtLIiOqwds9XZGdX
h6nP3PowApx4lZx/tddA0dFv/y6vH0DIXt6gXr/tzdmOoE9Z4BZkmFWpPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIp2o0qgeOXPQDkQqDFPeon+7gjQMB8GA1UdIwQY
MBaAFDJvUcojmCED/+NPmJDQt06Pp4GvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW05UnlpT1lJUVBfNDAtWWtOQzNUby1uZ2E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS80MGE5YjUtZTg5OS00YThhLWFjNGYt
OTY2ZmE5NmJlZmYyLzEvTW05UnlpT1lJUVBfNDAtWWtOQzNUby1uZ2E4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS80MGE5YjUtZTg5OS00YThhLWFjNGYtOTY2ZmE5NmJlZmYy
LzEvTW05UnlpT1lJUVBfNDAtWWtOQzNUby1uZ2E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXb/Zir2C
jPWdSXM7TJ2wH8kLX2iJUwM6EMJDv/4Chxf35AYC4qqgUvy0G0SAexASVQvJitxy
nknv30vN6ITWyKMwNiHFSmSlZJennRmjeLhsXShtO94MlBuiocJooAU2Cef70UFA
bO/Fm5P43AID7X8nxPQAOP1ba9zchIaadW5+215lg+8kviEhM9bUnhzZNEZhM71v
o6JEF2FmjriXZ90ctQ3Su/rECspiZ1yj4nFVzxUtCEoxg3+Z6IXdHOm2BKb+skid
twMlJiohkjMCh0CjtBtkAc8qSrBoh1sXCsUauVtpOeZKSUccOhs+duTVYHoI5ipc
xa4VR+YVWP6gHw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 12:20:23 2025 by rpki-client