Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
File: 2O6Q00LYZepn8rDS-3TAOfg-Skg.mft (raw, json)
Hash identifier: xi5I+Trg+R2h+VewRoQFmrfWW0aYu8HQD1zR4DhwDKs=
Subject key identifier: 9F:44:B7:7D:97:9F:B9:A9:D2:0F:ED:CA:99:FE:CA:9A:8E:94:6C:BE
Authority key identifier: D8:EE:90:D3:42:D8:65:EA:67:F2:B0:D2:FB:74:C0:39:F8:3E:4A:48
Certificate issuer: /CN=d8ee90d342d865ea67f2b0d2fb74c039f83e4a48
Certificate serial: 0197827C250C578DCB55A23FCB24C94EA90D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
Manifest number: 02BC
Signing time: Wed 18 Jun 2025 10:01:03 +0000
Manifest this update: Wed 18 Jun 2025 10:01:03 +0000
Manifest next update: Thu 19 Jun 2025 10:01:03 +0000
Files and hashes: 1: 1vvIkvJGRy621vVPsoLS7KLp9WQ.roa (hash: AaLmkGEE5WFi/MsCmNoVGVjYg2GotUKYwJ8yvjW+a60=)
2: 2O6Q00LYZepn8rDS-3TAOfg-Skg.crl (hash: O1TrnqAPqbhutKxBZYiELR+bP4e7IjXT7fM5zENwgHY=)
3: KLjjQzFk9GYkvqPEoe40SA-mXbg.roa (hash: 2jEymy+mMO9pWyCpodUhIwEZFiuwLfDEfoelvtg+xqA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Jun 2025 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:82:7c:25:0c:57:8d:cb:55:a2:3f:cb:24:c9:4e:a9:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8ee90d342d865ea67f2b0d2fb74c039f83e4a48
Validity
Not Before: Jun 18 10:01:03 2025 GMT
Not After : Jun 19 10:01:03 2025 GMT
Subject: CN=9f44b77d979fb9a9d20fedca99feca9a8e946cbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:53:9e:ef:d4:29:a7:4e:26:23:c3:e9:fa:23:
a4:7f:db:05:1e:20:1a:7b:14:b5:64:cd:e9:d7:f4:
8f:a0:90:70:12:ff:0d:3e:77:65:61:bc:40:af:ba:
4a:63:ec:6f:5a:0b:bd:ae:5a:bb:48:13:98:af:46:
ff:e8:c5:fd:5f:3c:e0:14:25:d5:71:6f:24:87:17:
a1:dc:bb:e5:ad:21:c7:6e:72:6d:41:7b:6d:ce:ee:
5c:ee:64:f7:93:04:02:cb:14:55:19:ae:a2:b8:d3:
2b:c6:19:a0:4b:9d:fc:b6:8b:ff:ab:c0:69:80:8f:
20:8f:c2:44:ff:4b:c4:53:ca:1a:53:91:95:49:cf:
1e:53:31:3f:48:a6:bf:7f:56:a3:31:82:45:e8:12:
07:69:b5:2c:3f:0d:21:4d:56:f1:ca:19:0d:f6:61:
da:00:08:d5:eb:5f:cf:cb:a2:b3:2e:ca:28:32:0d:
36:fc:13:53:c8:95:36:8a:33:49:f4:a4:78:5b:14:
ba:f9:c8:3c:64:fb:65:db:84:55:a8:09:81:55:4c:
72:ca:d8:a6:ee:6a:fa:12:55:19:92:e3:eb:45:f2:
00:ce:c7:bc:ad:6e:65:2e:12:4c:aa:65:c2:e5:87:
3a:8a:14:94:ee:00:64:de:d7:0f:bd:16:f9:76:8e:
83:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:44:B7:7D:97:9F:B9:A9:D2:0F:ED:CA:99:FE:CA:9A:8E:94:6C:BE
X509v3 Authority Key Identifier:
keyid:D8:EE:90:D3:42:D8:65:EA:67:F2:B0:D2:FB:74:C0:39:F8:3E:4A:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6e:45:f9:da:0b:6b:c3:f8:00:17:53:cc:55:65:a7:79:47:75:
57:02:d2:4b:1d:6f:00:ce:32:d1:7d:45:55:53:fa:57:b0:b6:
10:17:f7:a1:05:9f:43:7b:7c:41:ce:6c:42:e3:89:4b:64:70:
c6:4b:c2:fd:c1:eb:8c:ef:4a:37:55:02:0f:af:73:42:7b:95:
13:bc:e7:e5:99:52:ab:d9:33:bb:67:8e:16:54:e9:39:2a:6f:
ae:da:c7:b7:94:8d:3f:41:e9:6d:81:2c:16:06:a5:df:45:e6:
1c:c1:37:7e:7d:a1:c2:8b:b7:f7:32:82:d3:3c:df:14:5c:08:
05:a2:fe:17:24:fe:bd:71:62:f5:79:23:eb:4a:ec:c2:2d:f8:
eb:f0:63:3d:07:96:b8:13:35:0c:c9:69:61:78:2f:65:65:ff:
92:d1:52:45:59:bb:04:d5:16:34:70:05:3a:e7:e4:5e:39:f1:
c2:92:d0:2d:90:8f:5e:76:ee:a0:95:70:44:fc:83:fb:f0:b0:
56:b3:31:17:00:3c:4a:82:62:fc:d5:cf:ff:7f:e0:e1:6e:75:
4e:3a:ca:a9:60:46:92:13:20:30:93:d4:96:07:d7:41:57:a5:
08:ce:75:78:62:e7:a2:09:d4:aa:cb:cd:75:f0:ab:4e:ef:e4:
a4:3e:30:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZeCfCUMV43LVaI/yyTJTqkNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZWU5MGQzNDJkODY1ZWE2N2YyYjBkMmZiNzRjMDM5Zjgz
ZTRhNDgwHhcNMjUwNjE4MTAwMTAzWhcNMjUwNjE5MTAwMTAzWjAzMTEwLwYDVQQD
Eyg5ZjQ0Yjc3ZDk3OWZiOWE5ZDIwZmVkY2E5OWZlY2E5YThlOTQ2Y2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFOe79Qpp04mI8Pp+iOkf9sFHiAa
exS1ZM3p1/SPoJBwEv8NPndlYbxAr7pKY+xvWgu9rlq7SBOYr0b/6MX9XzzgFCXV
cW8khxeh3LvlrSHHbnJtQXttzu5c7mT3kwQCyxRVGa6iuNMrxhmgS538tov/q8Bp
gI8gj8JE/0vEU8oaU5GVSc8eUzE/SKa/f1ajMYJF6BIHabUsPw0hTVbxyhkN9mHa
AAjV61/Py6KzLsooMg02/BNTyJU2ijNJ9KR4WxS6+cg8ZPtl24RVqAmBVUxyytim
7mr6ElUZkuPrRfIAzse8rW5lLhJMqmXC5Yc6ihSU7gBk3tcPvRb5do6DiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ9Et32Xn7mp0g/typn+ypqOlGy+MB8GA1UdIwQY
MBaAFNjukNNC2GXqZ/Kw0vt0wDn4PkpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9jZjVjMTAtMjEzMS00MTE2LWI2Zjkt
NTEwNTI1YzQ3NDRjLzEvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9jZjVjMTAtMjEzMS00MTE2LWI2ZjktNTEwNTI1YzQ3NDRj
LzEvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbkX52gtr
w/gAF1PMVWWneUd1VwLSSx1vAM4y0X1FVVP6V7C2EBf3oQWfQ3t8Qc5sQuOJS2Rw
xkvC/cHrjO9KN1UCD69zQnuVE7zn5ZlSq9kzu2eOFlTpOSpvrtrHt5SNP0HpbYEs
Fgal30XmHME3fn2hwou39zKC0zzfFFwIBaL+FyT+vXFi9Xkj60rswi346/BjPQeW
uBM1DMlpYXgvZWX/ktFSRVm7BNUWNHAFOufkXjnxwpLQLZCPXnbuoJVwRPyD+/Cw
VrMxFwA8SoJi/NXP/3/g4W51TjrKqWBGkhMgMJPUlgfXQVelCM51eGLnognUqsvN
dfCrTu/kpD4wCA==
-----END CERTIFICATE-----
Generated at Wed Jun 18 15:28:28 2025 by rpki-client