Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft
File: shUnDjtZdrRPOt7OVwR9HgeHunU.mft (raw, json)
Hash identifier: JmY73AD6Lt0/ok5UNaYwq3y1lvOAeufHvWpGOjkzPcE=
Subject key identifier: 3D:5D:BC:95:CF:9C:09:2A:21:80:10:54:4C:22:33:2D:45:2A:35:C2
Authority key identifier: B2:15:27:0E:3B:59:76:B4:4F:3A:DE:CE:57:04:7D:1E:07:87:BA:75
Certificate issuer: /CN=b215270e3b5976b44f3adece57047d1e0787ba75
Certificate serial: 019769CF19DBC405B58455CA5BFF9325CBB6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/shUnDjtZdrRPOt7OVwR9HgeHunU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft
Manifest number: 158C
Signing time: Fri 13 Jun 2025 15:01:09 +0000
Manifest this update: Fri 13 Jun 2025 15:01:09 +0000
Manifest next update: Sat 14 Jun 2025 15:01:09 +0000
Files and hashes: 1: P2sE-3tUICXx7cfC0favLdtRCZ0.roa (hash: ayIaE8Pk074Tx7I6FVVUWCPvr0NKwOuaUa8Xe24IzDg=)
2: eGoVDFCAKRgMU7yFCgUyj1lHOYk.roa (hash: i9IHtchSCoTvu2jWZ+d1LDgXIzrS7PbiIZtxvaQvRRk=)
3: shUnDjtZdrRPOt7OVwR9HgeHunU.crl (hash: xffgCld2h7cDH6uVWokxcX1z+s++i71s0JJoRg1A2Hw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft
rsync://rpki.ripe.net/repository/DEFAULT/shUnDjtZdrRPOt7OVwR9HgeHunU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 13:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:69:cf:19:db:c4:05:b5:84:55:ca:5b:ff:93:25:cb:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b215270e3b5976b44f3adece57047d1e0787ba75
Validity
Not Before: Jun 13 15:01:09 2025 GMT
Not After : Jun 14 15:01:09 2025 GMT
Subject: CN=3d5dbc95cf9c092a218010544c22332d452a35c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:d5:d1:f3:f4:48:c7:c1:1c:08:22:0f:89:c7:
c6:9d:ad:79:22:0d:8c:f8:87:8b:95:5c:03:7c:10:
7d:cf:3f:8d:ea:39:15:23:6c:e1:fd:53:a5:5c:ae:
d0:a7:73:b1:19:50:5c:68:0a:65:f0:39:8f:81:47:
91:8e:00:b5:31:c0:60:cd:b0:d6:41:16:23:79:62:
93:83:52:8a:2b:77:3e:02:e1:06:de:e0:5b:23:06:
25:ab:66:49:79:c0:93:fc:25:c2:57:2d:58:f6:3f:
5c:26:56:77:c1:d9:e1:f8:b5:89:3d:8c:76:16:c2:
1e:c6:93:d7:36:04:d7:fd:2b:29:ce:2f:d6:85:eb:
57:25:82:c0:e2:26:ed:c7:e7:30:7b:a8:a4:d5:82:
3e:aa:92:50:b8:75:e3:35:25:de:cc:99:1f:7c:1f:
c6:e1:76:3b:26:66:d4:64:27:fe:54:4a:01:f4:e0:
a9:fa:ed:43:8c:14:a8:46:a5:b9:a1:46:f5:ef:02:
cb:75:a9:36:e2:c0:3b:a1:98:90:a1:7e:bb:42:24:
3f:11:7b:4a:d5:74:7e:e6:95:46:29:d8:19:6f:34:
fe:a4:9d:bb:95:da:37:12:53:11:b1:10:70:f6:41:
2f:80:ec:99:25:2b:05:c8:0e:cb:b2:f4:b9:4c:0a:
78:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:5D:BC:95:CF:9C:09:2A:21:80:10:54:4C:22:33:2D:45:2A:35:C2
X509v3 Authority Key Identifier:
keyid:B2:15:27:0E:3B:59:76:B4:4F:3A:DE:CE:57:04:7D:1E:07:87:BA:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/shUnDjtZdrRPOt7OVwR9HgeHunU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6b:72:bf:d4:15:c6:26:f1:47:0e:20:6a:5c:9d:69:8a:b2:99:
1d:91:1f:f3:26:d7:35:d1:b0:2f:c1:f7:06:f5:cf:8c:b2:61:
d6:d3:7c:5d:84:da:4c:2b:ce:26:29:6c:cf:56:f3:c1:52:30:
03:bd:d7:fe:be:35:f9:05:8b:3e:67:bc:e7:1f:c6:21:d8:36:
2e:e1:ec:2c:15:8d:ba:4a:84:f1:a4:40:5d:b2:8d:29:a3:2a:
16:5f:08:be:b9:99:3c:db:56:b3:2a:d5:d2:ae:14:f2:7a:d2:
7c:4a:e5:31:df:f3:2d:09:97:38:32:a0:07:56:0a:fd:59:66:
6e:a5:e7:a2:b5:7c:53:96:89:ce:d9:0e:c2:94:15:4a:4a:f0:
d6:5c:f1:54:ba:7c:f5:0b:4a:c1:f1:0f:a2:cb:f9:1e:e6:4f:
27:2c:79:6c:3e:a0:53:c6:40:69:ab:73:86:8b:61:47:b6:ac:
79:2b:6c:1d:31:82:c7:04:46:34:3b:93:f8:9b:03:63:0b:dc:
81:56:6b:b6:bf:b8:93:8f:04:af:7f:b3:d4:ae:60:b3:2f:15:
d8:12:cc:7e:32:32:1f:71:d2:d5:be:c3:44:5d:bc:7e:6f:1e:
7a:d2:f1:68:e5:75:b0:6f:2c:d0:bf:fb:f0:6f:de:87:b1:e9:
14:3b:3e:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpzxnbxAW1hFXKW/+TJcu2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMTUyNzBlM2I1OTc2YjQ0ZjNhZGVjZTU3MDQ3ZDFlMDc4
N2JhNzUwHhcNMjUwNjEzMTUwMTA5WhcNMjUwNjE0MTUwMTA5WjAzMTEwLwYDVQQD
EygzZDVkYmM5NWNmOWMwOTJhMjE4MDEwNTQ0YzIyMzMyZDQ1MmEzNWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0tXR8/RIx8EcCCIPicfGna15Ig2M
+IeLlVwDfBB9zz+N6jkVI2zh/VOlXK7Qp3OxGVBcaApl8DmPgUeRjgC1McBgzbDW
QRYjeWKTg1KKK3c+AuEG3uBbIwYlq2ZJecCT/CXCVy1Y9j9cJlZ3wdnh+LWJPYx2
FsIexpPXNgTX/Sspzi/WhetXJYLA4ibtx+cwe6ik1YI+qpJQuHXjNSXezJkffB/G
4XY7JmbUZCf+VEoB9OCp+u1DjBSoRqW5oUb17wLLdak24sA7oZiQoX67QiQ/EXtK
1XR+5pVGKdgZbzT+pJ27ldo3ElMRsRBw9kEvgOyZJSsFyA7LsvS5TAp4IQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD1dvJXPnAkqIYAQVEwiMy1FKjXCMB8GA1UdIwQY
MBaAFLIVJw47WXa0TzrezlcEfR4Hh7p1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2hVbkRqdFpkclJQT3Q3T1Z3UjlIZ2VIdW5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9iZDU5YWUtNWI3ZC00YzI2LThlMTQt
MjRiOWU4MjExODg1LzEvc2hVbkRqdFpkclJQT3Q3T1Z3UjlIZ2VIdW5VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9iZDU5YWUtNWI3ZC00YzI2LThlMTQtMjRiOWU4MjExODg1
LzEvc2hVbkRqdFpkclJQT3Q3T1Z3UjlIZ2VIdW5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa3K/1BXG
JvFHDiBqXJ1pirKZHZEf8ybXNdGwL8H3BvXPjLJh1tN8XYTaTCvOJilsz1bzwVIw
A73X/r41+QWLPme85x/GIdg2LuHsLBWNukqE8aRAXbKNKaMqFl8IvrmZPNtWsyrV
0q4U8nrSfErlMd/zLQmXODKgB1YK/VlmbqXnorV8U5aJztkOwpQVSkrw1lzxVLp8
9QtKwfEPosv5HuZPJyx5bD6gU8ZAaatzhothR7aseStsHTGCxwRGNDuT+JsDYwvc
gVZrtr+4k48Er3+z1K5gsy8V2BLMfjIyH3HS1b7DRF28fm8eetLxaOV1sG8s0L/7
8G/eh7HpFDs+Xw==
-----END CERTIFICATE-----
Generated at Fri Jun 13 19:30:27 2025 by rpki-client