Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/83f956-e18d-4738-bd6a-729c0f43414d/1/1ehYR8xEuGECJwu9do5MPOuhyYg.mft
File: 1ehYR8xEuGECJwu9do5MPOuhyYg.mft (raw, json)
Hash identifier: lqMXA8Dk/O2UqXz8VAWpjN0jWFzBRwl8QwlNU6X69qA=
Subject key identifier: FC:10:E0:BA:2D:32:A7:3B:D8:2D:09:CF:D5:C3:20:5A:89:0A:99:3F
Authority key identifier: D5:E8:58:47:CC:44:B8:61:02:27:0B:BD:76:8E:4C:3C:EB:A1:C9:88
Certificate issuer: /CN=d5e85847cc44b86102270bbd768e4c3ceba1c988
Certificate serial: 019776AE6D081584691C3B779869640B9ED9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1ehYR8xEuGECJwu9do5MPOuhyYg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/83f956-e18d-4738-bd6a-729c0f43414d/1/1ehYR8xEuGECJwu9do5MPOuhyYg.mft
Manifest number: 0425
Signing time: Mon 16 Jun 2025 03:00:32 +0000
Manifest this update: Mon 16 Jun 2025 03:00:32 +0000
Manifest next update: Tue 17 Jun 2025 03:00:32 +0000
Files and hashes: 1: 1ehYR8xEuGECJwu9do5MPOuhyYg.crl (hash: 2ysGC/6SSBOPInnMpX13+LSYbWJL45dRQ8zDKsr1rTQ=)
2: HP2XU4ErP340JMFJBkwhXt7RSkM.roa (hash: jqU/k+IA4J2nUGc2ePon/4S6+Kq7gFeDjcwyWdzFAK4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/83f956-e18d-4738-bd6a-729c0f43414d/1/1ehYR8xEuGECJwu9do5MPOuhyYg.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/83f956-e18d-4738-bd6a-729c0f43414d/1/1ehYR8xEuGECJwu9do5MPOuhyYg.mft
rsync://rpki.ripe.net/repository/DEFAULT/1ehYR8xEuGECJwu9do5MPOuhyYg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Jun 2025 03:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:76:ae:6d:08:15:84:69:1c:3b:77:98:69:64:0b:9e:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5e85847cc44b86102270bbd768e4c3ceba1c988
Validity
Not Before: Jun 16 03:00:32 2025 GMT
Not After : Jun 17 03:00:32 2025 GMT
Subject: CN=fc10e0ba2d32a73bd82d09cfd5c3205a890a993f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d4:8e:23:fd:13:44:80:47:54:74:70:23:48:
09:0f:be:03:01:c7:93:f6:62:51:8b:48:25:2c:58:
8b:40:63:e1:0e:5a:bb:95:f7:df:c3:78:24:1e:38:
57:bf:e4:80:9a:cb:7e:02:c0:cc:0d:a0:57:07:60:
7e:a5:a3:39:0a:92:b5:88:a3:02:01:fc:74:bf:a4:
6d:74:ed:ef:e2:92:69:e9:9f:d7:f0:14:f5:45:34:
95:e4:af:52:83:2c:76:32:22:6f:46:24:75:ca:57:
95:fa:5a:01:da:e2:f5:0d:7f:64:e5:66:3a:3f:88:
63:a6:14:8f:5a:f6:b4:38:c7:62:96:0c:76:48:74:
95:19:e5:59:ab:2a:8d:4c:08:89:f2:ce:75:36:9f:
31:db:54:48:df:b4:bc:15:34:b8:25:98:5f:b7:70:
6a:6f:43:89:5e:c3:32:6d:27:ed:ff:fd:80:d8:24:
af:76:2d:ab:f4:a9:84:90:d0:6c:78:84:c9:31:c8:
35:91:f2:9a:20:aa:4d:c6:a3:b4:97:6d:a9:6b:fb:
30:ba:6e:48:01:4e:ca:d1:e9:b7:d3:71:35:de:46:
2f:f1:43:c6:00:b3:76:79:0e:0d:53:24:c1:37:68:
40:36:51:ef:20:9c:75:6a:5a:7f:22:13:9a:16:03:
ee:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:10:E0:BA:2D:32:A7:3B:D8:2D:09:CF:D5:C3:20:5A:89:0A:99:3F
X509v3 Authority Key Identifier:
keyid:D5:E8:58:47:CC:44:B8:61:02:27:0B:BD:76:8E:4C:3C:EB:A1:C9:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ehYR8xEuGECJwu9do5MPOuhyYg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/83f956-e18d-4738-bd6a-729c0f43414d/1/1ehYR8xEuGECJwu9do5MPOuhyYg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/83f956-e18d-4738-bd6a-729c0f43414d/1/1ehYR8xEuGECJwu9do5MPOuhyYg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
01:e1:ba:c4:4c:a5:f2:1d:34:e7:e8:e2:46:ca:2c:bc:5b:81:
18:27:04:82:b9:08:04:bd:d6:c3:44:1e:27:96:08:73:cc:a9:
19:a8:7b:96:49:c9:46:48:ae:91:e1:14:5b:d7:36:7f:47:23:
4e:3a:e4:88:03:7e:b7:4e:60:32:ee:ce:f0:c8:18:c2:1c:a7:
b4:9d:84:1d:10:6c:35:5c:20:84:e6:ce:5c:a1:38:bd:81:24:
84:11:71:b4:50:72:15:ac:6e:bb:20:f0:12:07:8d:7c:03:56:
18:8c:e0:a0:69:40:a6:2c:9c:d2:4b:d6:2d:9a:53:ac:27:b6:
6b:63:dc:90:f2:aa:46:ed:70:2e:f1:b9:17:b1:cf:ef:45:8a:
71:c7:fe:ce:f8:54:07:95:6d:1b:e6:66:f7:fe:6e:0e:09:6d:
cc:76:0f:0a:69:88:46:76:f2:a9:4b:64:6d:79:9b:20:6a:de:
96:41:79:23:5a:3d:f1:2e:eb:0f:06:b0:e2:df:cf:b6:9f:c0:
7a:ea:40:05:2e:5b:b1:0a:19:95:83:64:f5:96:e8:1f:2c:ab:
c8:11:71:be:3d:3c:37:e3:61:af:9c:50:09:31:e0:b0:c0:76:
a9:f3:25:aa:e1:9c:82:82:8f:07:68:97:46:ac:91:64:2c:d0:
b5:f8:91:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd2rm0IFYRpHDt3mGlkC57ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZTg1ODQ3Y2M0NGI4NjEwMjI3MGJiZDc2OGU0YzNjZWJh
MWM5ODgwHhcNMjUwNjE2MDMwMDMyWhcNMjUwNjE3MDMwMDMyWjAzMTEwLwYDVQQD
EyhmYzEwZTBiYTJkMzJhNzNiZDgyZDA5Y2ZkNWMzMjA1YTg5MGE5OTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9SOI/0TRIBHVHRwI0gJD74DAceT
9mJRi0glLFiLQGPhDlq7lfffw3gkHjhXv+SAmst+AsDMDaBXB2B+paM5CpK1iKMC
Afx0v6RtdO3v4pJp6Z/X8BT1RTSV5K9Sgyx2MiJvRiR1yleV+loB2uL1DX9k5WY6
P4hjphSPWva0OMdilgx2SHSVGeVZqyqNTAiJ8s51Np8x21RI37S8FTS4JZhft3Bq
b0OJXsMybSft//2A2CSvdi2r9KmEkNBseITJMcg1kfKaIKpNxqO0l22pa/swum5I
AU7K0em303E13kYv8UPGALN2eQ4NUyTBN2hANlHvIJx1alp/IhOaFgPu+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPwQ4LotMqc72C0Jz9XDIFqJCpk/MB8GA1UdIwQY
MBaAFNXoWEfMRLhhAicLvXaOTDzrocmIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWVoWVI4eEV1R0VDSnd1OWRvNU1QT3VoeVlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My84M2Y5NTYtZTE4ZC00NzM4LWJkNmEt
NzI5YzBmNDM0MTRkLzEvMWVoWVI4eEV1R0VDSnd1OWRvNU1QT3VoeVlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My84M2Y5NTYtZTE4ZC00NzM4LWJkNmEtNzI5YzBmNDM0MTRk
LzEvMWVoWVI4eEV1R0VDSnd1OWRvNU1QT3VoeVlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAeG6xEyl
8h005+jiRsosvFuBGCcEgrkIBL3Ww0QeJ5YIc8ypGah7lknJRkiukeEUW9c2f0cj
TjrkiAN+t05gMu7O8MgYwhyntJ2EHRBsNVwghObOXKE4vYEkhBFxtFByFaxuuyDw
EgeNfANWGIzgoGlApiyc0kvWLZpTrCe2a2PckPKqRu1wLvG5F7HP70WKccf+zvhU
B5VtG+Zm9/5uDgltzHYPCmmIRnbyqUtkbXmbIGrelkF5I1o98S7rDwaw4t/Ptp/A
eupABS5bsQoZlYNk9ZboHyyryBFxvj08N+Nhr5xQCTHgsMB2qfMlquGcgoKPB2iX
RqyRZCzQtfiRqA==
-----END CERTIFICATE-----
Generated at Mon Jun 16 10:32:17 2025 by rpki-client