Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.mft
File: DkOg3wWaUlGkALWh8TIboA0xINI.mft (raw, json)
Hash identifier: CT1VPfzPwE/uMQ0jtq6mRwIZ8W5QjpQ5U+7Ezu8tnK8=
Subject key identifier: 44:12:E1:BA:82:AE:CB:89:45:D3:42:C1:DC:5D:4E:7B:E6:23:FD:73
Authority key identifier: 0E:43:A0:DF:05:9A:52:51:A4:00:B5:A1:F1:32:1B:A0:0D:31:20:D2
Certificate issuer: /CN=0e43a0df059a5251a400b5a1f1321ba00d3120d2
Certificate serial: 01976C2B58B2C3CBA24E71D60B1CB11DCB29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DkOg3wWaUlGkALWh8TIboA0xINI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.mft
Manifest number: 1590
Signing time: Sat 14 Jun 2025 02:01:09 +0000
Manifest this update: Sat 14 Jun 2025 02:01:09 +0000
Manifest next update: Sun 15 Jun 2025 02:01:09 +0000
Files and hashes: 1: DkOg3wWaUlGkALWh8TIboA0xINI.crl (hash: jRQ2psHspX1P9eNHX/DHCnvDRuxllmfjkpeFI1RBgJ8=)
2: meyQlZ2V2fFm7jP19tS1SnwZU8o.roa (hash: Rjzn7WIqlB0uqbC7++KFiY3Pm+Td1rmouk6fxkElj30=)
3: u8p2k1kowabt5V010HcHbUdny4A.roa (hash: +zIIZMzEVP0HgE88S7aeA3JokmowyYpTKNzs1+R3c2M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.mft
rsync://rpki.ripe.net/repository/DEFAULT/DkOg3wWaUlGkALWh8TIboA0xINI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6c:2b:58:b2:c3:cb:a2:4e:71:d6:0b:1c:b1:1d:cb:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e43a0df059a5251a400b5a1f1321ba00d3120d2
Validity
Not Before: Jun 14 02:01:09 2025 GMT
Not After : Jun 15 02:01:09 2025 GMT
Subject: CN=4412e1ba82aecb8945d342c1dc5d4e7be623fd73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:bb:45:1b:e8:6f:c6:39:63:2e:48:d6:1d:42:
7f:21:25:0f:d6:d1:9c:36:9e:f1:35:fe:80:5c:7e:
02:83:cb:eb:a9:b6:95:06:ae:28:3c:52:0c:64:00:
54:21:b9:d3:57:ad:6f:85:82:17:f3:84:79:c6:12:
e3:98:41:c9:2f:f3:b9:0a:e7:d4:a6:69:6a:17:7e:
63:e9:75:e0:db:9b:6a:19:fe:b1:1d:40:2e:b9:03:
e8:38:02:62:50:6a:d2:26:ee:be:e7:1f:2e:be:5c:
d7:c0:10:61:3e:14:b9:cc:65:b7:32:61:1c:93:a9:
90:79:b7:6d:25:e6:dc:58:92:38:d7:13:d9:0a:32:
2a:02:0f:c6:d7:50:a8:09:e0:b3:47:d0:05:d3:1c:
c4:3a:02:ba:82:6a:3a:43:ec:26:e7:3a:fb:49:ff:
c0:12:4d:36:e2:7d:1c:21:6d:bd:8c:6a:53:95:25:
d2:6f:3c:be:3e:d5:87:25:38:d2:91:d9:7c:4f:6e:
4e:76:45:52:d2:90:ba:84:52:dd:c8:fb:a0:54:31:
91:bb:3f:d4:80:6c:1b:78:86:98:d6:a0:f4:9c:ed:
25:fa:2c:cb:ec:b1:fc:d3:ea:71:33:93:61:3c:5b:
58:b5:4e:95:fe:1e:b0:a6:2c:a2:ba:46:30:61:5d:
96:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:12:E1:BA:82:AE:CB:89:45:D3:42:C1:DC:5D:4E:7B:E6:23:FD:73
X509v3 Authority Key Identifier:
keyid:0E:43:A0:DF:05:9A:52:51:A4:00:B5:A1:F1:32:1B:A0:0D:31:20:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DkOg3wWaUlGkALWh8TIboA0xINI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7b:20:7d:75:96:a5:92:9f:4a:ed:b6:0e:d6:7b:7b:cf:65:5c:
fe:78:41:9d:88:0b:df:4d:ab:83:66:91:e8:28:84:5a:91:67:
ef:c1:29:e0:7b:4a:f1:1b:21:98:11:65:30:f8:55:db:6e:72:
12:4c:f0:44:b8:e6:99:36:a9:f2:7d:96:1c:dc:62:98:43:f2:
60:24:b1:49:a2:28:ce:f0:06:59:a5:30:6a:77:ad:18:d2:79:
44:f6:cd:4b:13:5e:20:68:a3:a8:57:f0:54:32:9a:e3:ec:b6:
40:f6:84:f0:ca:0c:ce:11:02:77:0b:0f:26:06:e6:4b:c8:0e:
57:ac:9e:4b:a5:e7:85:3b:b6:05:69:5d:77:6f:ab:52:1d:a7:
f1:90:c9:42:37:14:3c:f5:b6:35:9d:40:e1:1e:21:2a:4a:9d:
e9:1b:b2:5a:b5:e8:8a:5e:e7:64:27:24:4b:3b:f1:ce:83:66:
0f:96:e1:2c:b8:a5:f5:1c:70:c4:e1:40:e5:e0:c6:81:cb:3b:
7f:af:9c:13:44:9b:a3:25:3e:cb:87:b0:ee:db:16:f6:6a:62:
a8:e5:e3:f2:64:77:13:9e:60:62:df:27:15:0f:10:70:6c:83:
45:02:6e:d9:62:30:b7:9f:09:42:51:1a:09:17:81:52:29:88:
fe:df:05:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsK1iyw8uiTnHWCxyxHcspMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNDNhMGRmMDU5YTUyNTFhNDAwYjVhMWYxMzIxYmEwMGQz
MTIwZDIwHhcNMjUwNjE0MDIwMTA5WhcNMjUwNjE1MDIwMTA5WjAzMTEwLwYDVQQD
Eyg0NDEyZTFiYTgyYWVjYjg5NDVkMzQyYzFkYzVkNGU3YmU2MjNmZDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrtFG+hvxjljLkjWHUJ/ISUP1tGc
Np7xNf6AXH4Cg8vrqbaVBq4oPFIMZABUIbnTV61vhYIX84R5xhLjmEHJL/O5CufU
pmlqF35j6XXg25tqGf6xHUAuuQPoOAJiUGrSJu6+5x8uvlzXwBBhPhS5zGW3MmEc
k6mQebdtJebcWJI41xPZCjIqAg/G11CoCeCzR9AF0xzEOgK6gmo6Q+wm5zr7Sf/A
Ek024n0cIW29jGpTlSXSbzy+PtWHJTjSkdl8T25OdkVS0pC6hFLdyPugVDGRuz/U
gGwbeIaY1qD0nO0l+izL7LH80+pxM5NhPFtYtU6V/h6wpiyiukYwYV2WcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEQS4bqCrsuJRdNCwdxdTnvmI/1zMB8GA1UdIwQY
MBaAFA5DoN8FmlJRpAC1ofEyG6ANMSDSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGtPZzN3V2FVbEdrQUxXaDhUSWJvQTB4SU5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wYmIzM2ItNjhmNy00NzQ4LTg0YWMt
MDA0ZmU0MzNjN2M4LzEvRGtPZzN3V2FVbEdrQUxXaDhUSWJvQTB4SU5JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wYmIzM2ItNjhmNy00NzQ4LTg0YWMtMDA0ZmU0MzNjN2M4
LzEvRGtPZzN3V2FVbEdrQUxXaDhUSWJvQTB4SU5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeyB9dZal
kp9K7bYO1nt7z2Vc/nhBnYgL302rg2aR6CiEWpFn78Ep4HtK8RshmBFlMPhV225y
EkzwRLjmmTap8n2WHNximEPyYCSxSaIozvAGWaUwanetGNJ5RPbNSxNeIGijqFfw
VDKa4+y2QPaE8MoMzhECdwsPJgbmS8gOV6yeS6XnhTu2BWldd2+rUh2n8ZDJQjcU
PPW2NZ1A4R4hKkqd6RuyWrXoil7nZCckSzvxzoNmD5bhLLil9RxwxOFA5eDGgcs7
f6+cE0SboyU+y4ew7tsW9mpiqOXj8mR3E55gYt8nFQ8QcGyDRQJu2WIwt58JQlEa
CReBUimI/t8F7g==
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:55:15 2025 by rpki-client