Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft
File: shUnDjtZdrRPOt7OVwR9HgeHunU.mft (raw, json)
Hash identifier: DRnnrsTvTVcPlIn5mpWmljbECaWCEB69yD5VT5n9aIA=
Subject key identifier: A2:6F:C1:05:78:C7:35:5A:33:A0:CC:7B:44:86:4F:50:C4:E2:59:10
Authority key identifier: B2:15:27:0E:3B:59:76:B4:4F:3A:DE:CE:57:04:7D:1E:07:87:BA:75
Certificate issuer: /CN=b215270e3b5976b44f3adece57047d1e0787ba75
Certificate serial: 01987DF88ECC05E08649E59B27D1EFC45FD8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/shUnDjtZdrRPOt7OVwR9HgeHunU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft
Manifest number: 161B
Signing time: Wed 06 Aug 2025 06:01:38 +0000
Manifest this update: Wed 06 Aug 2025 06:01:38 +0000
Manifest next update: Thu 07 Aug 2025 06:01:38 +0000
Files and hashes: 1: P2sE-3tUICXx7cfC0favLdtRCZ0.roa (hash: ayIaE8Pk074Tx7I6FVVUWCPvr0NKwOuaUa8Xe24IzDg=)
2: eGoVDFCAKRgMU7yFCgUyj1lHOYk.roa (hash: i9IHtchSCoTvu2jWZ+d1LDgXIzrS7PbiIZtxvaQvRRk=)
3: shUnDjtZdrRPOt7OVwR9HgeHunU.crl (hash: L+V8t0Z0w5+9xMmfOVyQhNeRwDBnWNzemM4CkPS6k34=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft
rsync://rpki.ripe.net/repository/DEFAULT/shUnDjtZdrRPOt7OVwR9HgeHunU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 23:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7d:f8:8e:cc:05:e0:86:49:e5:9b:27:d1:ef:c4:5f:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b215270e3b5976b44f3adece57047d1e0787ba75
Validity
Not Before: Aug 6 06:01:38 2025 GMT
Not After : Aug 7 06:01:38 2025 GMT
Subject: CN=a26fc10578c7355a33a0cc7b44864f50c4e25910
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:b7:6a:34:b0:01:38:70:99:52:c8:47:7a:e6:
f1:9a:49:37:f0:88:81:bd:55:9c:7b:5f:a1:df:00:
a9:6b:32:d5:a7:b4:08:9c:11:87:88:3d:f1:2d:b1:
e6:9f:a9:81:ce:0d:91:b3:f0:d7:85:9e:83:c9:05:
5c:cb:6a:29:99:53:f3:63:e4:8b:a7:a4:22:ea:ae:
4d:bf:b5:e1:04:28:34:13:79:ff:4e:8e:4f:d0:c5:
c2:08:89:89:1a:24:bd:79:b9:d8:db:1c:70:a3:27:
57:7d:dc:5c:1f:da:4b:86:3f:c1:fc:bf:ec:c5:d8:
a4:ff:12:77:62:08:b7:ff:a2:4c:af:03:c1:55:92:
dd:45:29:d3:d2:ee:1a:d2:b5:21:33:9f:ed:8a:b7:
64:b7:06:4c:87:5e:18:a2:66:31:3f:77:56:15:18:
d1:0a:fa:76:96:02:32:ba:42:88:bb:80:fb:86:f9:
f8:a0:55:b1:ad:51:13:e0:dc:28:70:93:29:8f:35:
41:86:f6:81:7d:43:36:36:52:e9:30:6c:1f:d4:1a:
fc:f0:a5:be:1f:c0:33:48:5f:d2:80:9e:11:6d:2d:
62:a9:9a:9e:56:35:47:3d:a5:67:3d:fa:99:dd:43:
72:7f:64:41:b1:94:13:2b:3a:ae:72:4d:e9:df:c2:
e5:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:6F:C1:05:78:C7:35:5A:33:A0:CC:7B:44:86:4F:50:C4:E2:59:10
X509v3 Authority Key Identifier:
keyid:B2:15:27:0E:3B:59:76:B4:4F:3A:DE:CE:57:04:7D:1E:07:87:BA:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/shUnDjtZdrRPOt7OVwR9HgeHunU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3a:13:87:a4:f7:91:ef:0b:86:cd:b7:2e:af:72:86:68:84:e2:
e4:fb:c2:f8:f5:c6:1c:1e:20:cc:09:0b:66:3c:d7:35:af:17:
7f:ec:c5:2c:66:2d:87:dd:8b:1e:41:fb:17:9f:4d:e8:47:22:
b8:3e:f4:1b:50:9a:3e:d9:80:d0:a3:c2:85:fa:91:75:1f:ab:
39:76:0f:0d:73:e5:f8:aa:2f:86:f4:04:56:33:98:36:cb:83:
e2:f0:4f:7b:e6:f4:d4:3c:87:6a:de:ee:87:18:b8:d8:2a:5f:
16:11:a9:c5:eb:87:ff:fc:ff:79:75:9b:49:1e:8f:4d:39:2c:
9d:93:01:29:e4:a1:c2:5c:11:90:30:87:80:da:e4:ac:55:a4:
72:43:c4:f5:4b:dd:11:ec:59:a2:b5:c7:f8:96:e7:82:e0:82:
1f:5b:eb:4c:76:79:dd:26:57:de:2d:e8:fe:49:1d:7e:43:1e:
0c:4d:30:90:7e:d0:44:65:53:a6:10:9d:da:5c:09:1f:1b:f0:
6d:7c:9d:bd:95:c0:7e:33:1a:32:d4:c2:5d:69:6c:e7:af:55:
a9:d0:75:15:cf:a3:43:c9:39:74:36:bf:7d:94:81:51:5c:c6:
04:5b:39:92:7e:25:15:4f:e3:87:3b:97:cc:54:88:5b:1a:af:
b2:b2:85:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh9+I7MBeCGSeWbJ9HvxF/YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMTUyNzBlM2I1OTc2YjQ0ZjNhZGVjZTU3MDQ3ZDFlMDc4
N2JhNzUwHhcNMjUwODA2MDYwMTM4WhcNMjUwODA3MDYwMTM4WjAzMTEwLwYDVQQD
EyhhMjZmYzEwNTc4YzczNTVhMzNhMGNjN2I0NDg2NGY1MGM0ZTI1OTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6LdqNLABOHCZUshHeubxmkk38IiB
vVWce1+h3wCpazLVp7QInBGHiD3xLbHmn6mBzg2Rs/DXhZ6DyQVcy2opmVPzY+SL
p6Qi6q5Nv7XhBCg0E3n/To5P0MXCCImJGiS9ebnY2xxwoydXfdxcH9pLhj/B/L/s
xdik/xJ3Ygi3/6JMrwPBVZLdRSnT0u4a0rUhM5/tirdktwZMh14YomYxP3dWFRjR
Cvp2lgIyukKIu4D7hvn4oFWxrVET4NwocJMpjzVBhvaBfUM2NlLpMGwf1Br88KW+
H8AzSF/SgJ4RbS1iqZqeVjVHPaVnPfqZ3UNyf2RBsZQTKzquck3p38Ll8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKJvwQV4xzVaM6DMe0SGT1DE4lkQMB8GA1UdIwQY
MBaAFLIVJw47WXa0TzrezlcEfR4Hh7p1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2hVbkRqdFpkclJQT3Q3T1Z3UjlIZ2VIdW5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9iZDU5YWUtNWI3ZC00YzI2LThlMTQt
MjRiOWU4MjExODg1LzEvc2hVbkRqdFpkclJQT3Q3T1Z3UjlIZ2VIdW5VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9iZDU5YWUtNWI3ZC00YzI2LThlMTQtMjRiOWU4MjExODg1
LzEvc2hVbkRqdFpkclJQT3Q3T1Z3UjlIZ2VIdW5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOhOHpPeR
7wuGzbcur3KGaITi5PvC+PXGHB4gzAkLZjzXNa8Xf+zFLGYth92LHkH7F59N6Eci
uD70G1CaPtmA0KPChfqRdR+rOXYPDXPl+KovhvQEVjOYNsuD4vBPe+b01DyHat7u
hxi42CpfFhGpxeuH//z/eXWbSR6PTTksnZMBKeShwlwRkDCHgNrkrFWkckPE9Uvd
EexZorXH+JbnguCCH1vrTHZ53SZX3i3o/kkdfkMeDE0wkH7QRGVTphCd2lwJHxvw
bXydvZXAfjMaMtTCXWls569VqdB1Fc+jQ8k5dDa/fZSBUVzGBFs5kn4lFU/jhzuX
zFSIWxqvsrKFdg==
-----END CERTIFICATE-----
Generated at Wed Aug 6 07:57:27 2025 by rpki-client