Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
File: v99XKOyr1W70Y3NWlVhmylRoaRo.mft (raw, json)
Hash identifier: JCMqkdMI5XkqLNcBGi0jXbW900za3qYPZxJaHIx0dko=
Subject key identifier: 38:AA:34:64:63:F4:B8:E4:2E:72:28:D0:B3:84:F7:82:C1:73:16:4F
Authority key identifier: BF:DF:57:28:EC:AB:D5:6E:F4:63:73:56:95:58:66:CA:54:68:69:1A
Certificate issuer: /CN=bfdf5728ecabd56ef4637356955866ca5468691a
Certificate serial: 01977FB1F65AF5A39D2356CFC797E0EA20C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
Manifest number: 01BB
Signing time: Tue 17 Jun 2025 21:00:58 +0000
Manifest this update: Tue 17 Jun 2025 21:00:58 +0000
Manifest next update: Wed 18 Jun 2025 21:00:58 +0000
Files and hashes: 1: 5ZRHOA8DDg_XhJ8JjCvhTOGiC1w.roa (hash: eWpgjaoVJC0L+xFRvzTJa/HrtM2zzM7SykfE1sq9g2I=)
2: v99XKOyr1W70Y3NWlVhmylRoaRo.crl (hash: inrAVh8Ytg01BNqifJu6MMPd43NFe63kGQETmsHN3+M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 18 Jun 2025 21:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7f:b1:f6:5a:f5:a3:9d:23:56:cf:c7:97:e0:ea:20:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfdf5728ecabd56ef4637356955866ca5468691a
Validity
Not Before: Jun 17 21:00:58 2025 GMT
Not After : Jun 18 21:00:58 2025 GMT
Subject: CN=38aa346463f4b8e42e7228d0b384f782c173164f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0f:92:17:17:2e:f7:10:1f:5a:d6:03:b6:21:
10:2e:48:f7:44:70:b5:77:e5:2c:09:ef:5d:32:72:
9f:a6:9d:22:d4:f0:57:74:57:b1:60:93:83:c1:1e:
f8:f7:7f:3c:de:e2:10:00:75:6f:fd:6e:a6:9e:ef:
83:2f:3a:93:db:d9:b1:57:98:28:04:3d:e2:2c:83:
5d:c1:2e:04:a2:4b:15:82:32:a0:85:74:34:e1:9d:
7b:66:3d:ab:d8:d6:9e:98:aa:f3:47:5f:ff:42:01:
15:13:1d:54:3e:c1:48:43:41:9c:7e:49:d5:b8:a0:
c9:96:b1:8c:76:35:7d:0b:1e:d6:fe:f6:ea:2e:49:
19:c1:8e:65:d8:39:ae:fc:0a:46:00:dc:e9:d3:aa:
b8:5b:92:9f:bf:8f:24:05:a0:5e:86:da:5c:ea:0e:
c6:09:d2:e9:e2:30:11:56:c8:90:37:61:98:aa:5b:
c1:06:59:67:77:a2:ef:8c:10:eb:ad:77:58:74:53:
f8:6a:91:d6:51:c7:bc:98:c5:46:ed:d0:85:09:ba:
7e:c7:59:9f:e8:2d:eb:c4:df:37:b1:a4:03:9f:9b:
b1:ac:ab:3d:25:28:b8:74:5b:53:00:41:1f:55:4f:
b7:35:76:f3:79:a9:7a:4f:73:ed:77:46:c7:5e:3f:
34:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:AA:34:64:63:F4:B8:E4:2E:72:28:D0:B3:84:F7:82:C1:73:16:4F
X509v3 Authority Key Identifier:
keyid:BF:DF:57:28:EC:AB:D5:6E:F4:63:73:56:95:58:66:CA:54:68:69:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
92:fa:ff:0b:31:c3:3f:07:d3:bb:65:d8:77:d9:df:32:6e:63:
36:19:65:c3:f3:19:f5:f8:5a:fb:d3:0b:48:ca:4c:ac:44:ea:
c3:4c:e9:80:bd:c2:61:7d:7d:40:d9:d0:fa:50:da:90:c6:df:
83:79:8c:6a:59:61:bf:77:49:3b:bd:9f:36:d7:eb:8f:69:62:
af:97:97:91:b8:14:e7:31:eb:62:90:6d:8e:77:0e:15:63:9a:
20:f5:bc:c7:9b:d8:ce:38:80:c1:0b:4e:b3:cb:57:f6:e3:94:
db:52:34:07:b9:43:9f:dc:af:9f:75:00:19:57:4a:ed:cb:b7:
f4:11:8e:cf:e5:1a:17:a9:99:95:38:df:12:ac:db:6c:2b:c6:
2d:9a:bf:c8:77:6a:3c:44:f7:dd:3c:d0:eb:f8:41:b4:eb:73:
83:95:53:3a:d7:e2:18:28:17:63:97:d6:6d:80:47:d0:65:e8:
8d:0a:90:1b:32:f8:b2:ea:c3:ec:b4:3f:ca:dc:87:e5:5b:d0:
56:b8:4d:3d:d6:48:17:40:82:4b:1f:02:9c:56:9f:d6:93:f9:
ac:7b:52:89:ef:01:7f:c8:54:13:88:fe:1f:21:76:91:5c:c0:
a7:b3:24:ad:eb:44:d1:94:8d:39:32:91:8c:13:57:e0:da:36:
4f:95:98:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd/sfZa9aOdI1bPx5fg6iDDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZGY1NzI4ZWNhYmQ1NmVmNDYzNzM1Njk1NTg2NmNhNTQ2
ODY5MWEwHhcNMjUwNjE3MjEwMDU4WhcNMjUwNjE4MjEwMDU4WjAzMTEwLwYDVQQD
EygzOGFhMzQ2NDYzZjRiOGU0MmU3MjI4ZDBiMzg0Zjc4MmMxNzMxNjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAug+SFxcu9xAfWtYDtiEQLkj3RHC1
d+UsCe9dMnKfpp0i1PBXdFexYJODwR7493883uIQAHVv/W6mnu+DLzqT29mxV5go
BD3iLINdwS4EoksVgjKghXQ04Z17Zj2r2NaemKrzR1//QgEVEx1UPsFIQ0GcfknV
uKDJlrGMdjV9Cx7W/vbqLkkZwY5l2Dmu/ApGANzp06q4W5Kfv48kBaBehtpc6g7G
CdLp4jARVsiQN2GYqlvBBllnd6LvjBDrrXdYdFP4apHWUce8mMVG7dCFCbp+x1mf
6C3rxN83saQDn5uxrKs9JSi4dFtTAEEfVU+3NXbzeal6T3Ptd0bHXj80VwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDiqNGRj9LjkLnIo0LOE94LBcxZPMB8GA1UdIwQY
MBaAFL/fVyjsq9Vu9GNzVpVYZspUaGkaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9mY2YzMjItMTdjMS00ZjQwLWE2MTgt
YmQxNGQzNDRiYmYyLzEvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9mY2YzMjItMTdjMS00ZjQwLWE2MTgtYmQxNGQzNDRiYmYy
LzEvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkvr/CzHD
PwfTu2XYd9nfMm5jNhllw/MZ9fha+9MLSMpMrETqw0zpgL3CYX19QNnQ+lDakMbf
g3mMallhv3dJO72fNtfrj2lir5eXkbgU5zHrYpBtjncOFWOaIPW8x5vYzjiAwQtO
s8tX9uOU21I0B7lDn9yvn3UAGVdK7cu39BGOz+UaF6mZlTjfEqzbbCvGLZq/yHdq
PET33TzQ6/hBtOtzg5VTOtfiGCgXY5fWbYBH0GXojQqQGzL4surD7LQ/ytyH5VvQ
VrhNPdZIF0CCSx8CnFaf1pP5rHtSie8Bf8hUE4j+HyF2kVzAp7MkretE0ZSNOTKR
jBNX4No2T5WYNw==
-----END CERTIFICATE-----
Generated at Wed Jun 18 06:42:19 2025 by rpki-client