Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.mft
File: NQtAztNuMfkF4abo4DxiHp-_yyk.mft (raw, json)
Hash identifier: iexHYr4kGng+xCDayDjF5Xm9ltZvxggr2M6FezIGS9U=
Subject key identifier: 8D:86:C7:7B:44:DD:FB:04:E6:53:B5:1D:B7:34:AE:FF:BD:3F:21:90
Authority key identifier: 35:0B:40:CE:D3:6E:31:F9:05:E1:A6:E8:E0:3C:62:1E:9F:BF:CB:29
Certificate issuer: /CN=350b40ced36e31f905e1a6e8e03c621e9fbfcb29
Certificate serial: 01976D3DCBD6E85EA517BEAABF71CB7F7F0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NQtAztNuMfkF4abo4DxiHp-_yyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.mft
Manifest number: 12CC
Signing time: Sat 14 Jun 2025 07:00:55 +0000
Manifest this update: Sat 14 Jun 2025 07:00:55 +0000
Manifest next update: Sun 15 Jun 2025 07:00:55 +0000
Files and hashes: 1: NQtAztNuMfkF4abo4DxiHp-_yyk.crl (hash: 2JpSHr12u5zn8dL9GZvlDPR20JD3+ylGszoITNuGAGc=)
2: u7-gL9wSp2bGW7DIF24NVuhmOKc.roa (hash: tP75Wdne3vqUbGN0hrtXpkGNXdZlPHZwjnI3xiXFlak=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.mft
rsync://rpki.ripe.net/repository/DEFAULT/NQtAztNuMfkF4abo4DxiHp-_yyk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6d:3d:cb:d6:e8:5e:a5:17:be:aa:bf:71:cb:7f:7f:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=350b40ced36e31f905e1a6e8e03c621e9fbfcb29
Validity
Not Before: Jun 14 07:00:55 2025 GMT
Not After : Jun 15 07:00:55 2025 GMT
Subject: CN=8d86c77b44ddfb04e653b51db734aeffbd3f2190
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:df:72:52:82:7a:ce:2e:86:89:6c:22:70:8a:
fd:b9:a4:7a:28:c8:84:e6:9a:15:c5:84:e1:52:ec:
43:90:02:07:a1:b2:c1:9f:39:b8:2a:ed:44:31:2a:
f7:13:1b:fd:7d:b5:b3:3f:70:ad:0f:34:ac:56:f2:
59:ed:87:a0:07:55:9c:8e:ad:c1:26:20:1e:7a:ce:
c2:53:56:3d:2e:49:96:b9:fa:3f:28:3e:b9:62:ea:
f4:44:83:dd:1d:5a:f0:8a:16:e5:46:f4:9e:ce:27:
cc:6a:6d:ae:c9:3f:6b:bc:40:8f:02:e2:1e:95:cd:
ca:86:2c:2b:c3:ac:cc:f6:b9:0a:99:64:33:43:9f:
29:ba:7a:27:2a:13:b6:95:9a:fd:85:32:2a:5d:e8:
ea:5b:3f:37:60:a7:c9:a7:6d:33:e0:07:21:b2:30:
c2:eb:df:16:b4:2b:37:80:cd:f8:f5:ac:b1:5b:ca:
39:00:a2:e4:c7:91:f7:51:ef:da:1e:f7:2c:4d:b5:
e0:28:53:5d:27:e7:c9:fa:40:3a:be:5b:23:4a:ff:
e1:c9:31:93:1e:9c:54:a4:dd:df:8a:22:4b:e5:49:
08:30:a7:43:d9:ff:03:19:44:45:9c:c0:11:59:b9:
67:9d:b4:dc:4a:4d:8c:78:c2:83:32:ff:e6:31:22:
9c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:86:C7:7B:44:DD:FB:04:E6:53:B5:1D:B7:34:AE:FF:BD:3F:21:90
X509v3 Authority Key Identifier:
keyid:35:0B:40:CE:D3:6E:31:F9:05:E1:A6:E8:E0:3C:62:1E:9F:BF:CB:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NQtAztNuMfkF4abo4DxiHp-_yyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1e:07:9a:56:9b:7f:4c:fd:eb:06:bd:7c:70:63:3c:42:29:fb:
da:55:94:83:a3:ea:71:17:9d:f7:4e:0a:bd:bf:4e:cf:1b:d4:
7b:1e:73:b9:f0:bd:08:4f:b8:94:4e:03:7c:74:c4:3b:6d:3e:
18:06:03:e7:ac:af:f8:dc:b0:f5:eb:9c:b0:f2:24:f0:34:56:
e9:f7:83:a9:70:29:e1:a1:25:d0:f7:52:85:e0:63:84:5f:8f:
a8:78:b6:28:d6:ad:77:5f:08:cc:ad:09:8e:fb:78:aa:dc:f5:
12:a9:4b:bc:1a:80:32:df:04:0d:3c:e1:8d:44:13:42:4e:a0:
ff:ae:06:9e:48:2c:3b:69:de:85:18:4e:84:01:7e:20:2a:0e:
c9:ea:2e:84:aa:94:ca:23:c0:86:08:c6:6d:2b:53:2b:6d:70:
52:38:74:8f:27:b7:07:4a:ab:ac:3f:5b:a2:7f:ce:ec:fc:93:
ee:f1:80:ad:7c:b3:e4:e4:a0:ec:24:eb:d9:dd:82:eb:9b:18:
f8:c9:54:9a:0f:83:e7:0e:90:f3:9c:8f:26:73:f0:3d:20:ac:
f2:ba:73:89:25:b1:c1:24:15:4e:03:99:05:0a:a3:f4:0e:1f:
77:ff:7d:3b:89:a6:ce:57:68:8c:f1:9c:3b:20:db:2f:da:99:
41:03:c1:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPcvW6F6lF76qv3HLf38NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MGI0MGNlZDM2ZTMxZjkwNWUxYTZlOGUwM2M2MjFlOWZi
ZmNiMjkwHhcNMjUwNjE0MDcwMDU1WhcNMjUwNjE1MDcwMDU1WjAzMTEwLwYDVQQD
Eyg4ZDg2Yzc3YjQ0ZGRmYjA0ZTY1M2I1MWRiNzM0YWVmZmJkM2YyMTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs99yUoJ6zi6GiWwicIr9uaR6KMiE
5poVxYThUuxDkAIHobLBnzm4Ku1EMSr3Exv9fbWzP3CtDzSsVvJZ7YegB1Wcjq3B
JiAees7CU1Y9LkmWufo/KD65Yur0RIPdHVrwihblRvSezifMam2uyT9rvECPAuIe
lc3Khiwrw6zM9rkKmWQzQ58punonKhO2lZr9hTIqXejqWz83YKfJp20z4AchsjDC
698WtCs3gM349ayxW8o5AKLkx5H3Ue/aHvcsTbXgKFNdJ+fJ+kA6vlsjSv/hyTGT
HpxUpN3fiiJL5UkIMKdD2f8DGURFnMARWblnnbTcSk2MeMKDMv/mMSKc1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI2Gx3tE3fsE5lO1Hbc0rv+9PyGQMB8GA1UdIwQY
MBaAFDULQM7TbjH5BeGm6OA8Yh6fv8spMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlF0QXp0TnVNZmtGNGFibzREeGlIcC1feXlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8yMjFmY2QtNjFlNS00YjQ1LWEzNTkt
NzJmNmNhNzU3YTA4LzEvTlF0QXp0TnVNZmtGNGFibzREeGlIcC1feXlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8yMjFmY2QtNjFlNS00YjQ1LWEzNTktNzJmNmNhNzU3YTA4
LzEvTlF0QXp0TnVNZmtGNGFibzREeGlIcC1feXlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHgeaVpt/
TP3rBr18cGM8Qin72lWUg6PqcRed904Kvb9OzxvUex5zufC9CE+4lE4DfHTEO20+
GAYD56yv+Nyw9eucsPIk8DRW6feDqXAp4aEl0PdSheBjhF+PqHi2KNatd18IzK0J
jvt4qtz1EqlLvBqAMt8EDTzhjUQTQk6g/64GnkgsO2nehRhOhAF+ICoOyeouhKqU
yiPAhgjGbStTK21wUjh0jye3B0qrrD9bon/O7PyT7vGArXyz5OSg7CTr2d2C65sY
+MlUmg+D5w6Q85yPJnPwPSCs8rpziSWxwSQVTgOZBQqj9A4fd/99O4mmzldojPGc
OyDbL9qZQQPBGQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 09:17:25 2025 by rpki-client