Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/d30b5d-7f3b-4a5a-9897-0c011c9c927d/1/aErIoCEnBoJ2XSPvAzjzXHht2zU.mft
File: aErIoCEnBoJ2XSPvAzjzXHht2zU.mft (raw, json)
Hash identifier: +Zp1TYDGuozhdQBiR0Je9mxC2Xq3DN0+jNYh0e6hCT8=
Subject key identifier: BD:65:CF:8B:46:34:6A:38:89:6C:EE:17:DD:B9:C2:9B:93:AD:5E:DA
Authority key identifier: 68:4A:C8:A0:21:27:06:82:76:5D:23:EF:03:38:F3:5C:78:6D:DB:35
Certificate issuer: /CN=684ac8a021270682765d23ef0338f35c786ddb35
Certificate serial: 01976CCFB5CF28E17ACE781E3D7352E7514A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aErIoCEnBoJ2XSPvAzjzXHht2zU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/d30b5d-7f3b-4a5a-9897-0c011c9c927d/1/aErIoCEnBoJ2XSPvAzjzXHht2zU.mft
Manifest number: 123D
Signing time: Sat 14 Jun 2025 05:00:41 +0000
Manifest this update: Sat 14 Jun 2025 05:00:41 +0000
Manifest next update: Sun 15 Jun 2025 05:00:41 +0000
Files and hashes: 1: aErIoCEnBoJ2XSPvAzjzXHht2zU.crl (hash: IBO69yAMqIHChmUjkbotTSXCT2MsTMXfyOOujaOpVcE=)
2: eEP1VypyuqVxmlLrgaA9LlVwYK4.roa (hash: 5dvQLaqP0vbYafUJXNT7sKTWbRstUgrMUzxGvHU5Rgc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/d30b5d-7f3b-4a5a-9897-0c011c9c927d/1/aErIoCEnBoJ2XSPvAzjzXHht2zU.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/d30b5d-7f3b-4a5a-9897-0c011c9c927d/1/aErIoCEnBoJ2XSPvAzjzXHht2zU.mft
rsync://rpki.ripe.net/repository/DEFAULT/aErIoCEnBoJ2XSPvAzjzXHht2zU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6c:cf:b5:cf:28:e1:7a:ce:78:1e:3d:73:52:e7:51:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=684ac8a021270682765d23ef0338f35c786ddb35
Validity
Not Before: Jun 14 05:00:41 2025 GMT
Not After : Jun 15 05:00:41 2025 GMT
Subject: CN=bd65cf8b46346a38896cee17ddb9c29b93ad5eda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:c3:12:55:d8:8d:3f:a7:55:1a:7c:18:6d:73:
7d:60:83:52:48:f9:11:5b:c1:04:f7:3d:56:8e:22:
75:1f:6f:b2:6c:a1:24:38:ac:94:a9:58:f7:10:f6:
e1:cd:02:37:27:f5:2c:67:fc:d6:83:42:0b:13:ef:
de:6a:72:d8:b8:2d:67:c5:98:a7:7b:f8:26:11:9b:
35:7d:e1:d4:b1:fc:2e:9c:ae:9e:bf:47:85:04:18:
89:35:b1:d2:23:9f:20:ea:aa:01:49:9b:43:a9:b7:
35:d7:3a:e8:38:06:b1:28:b6:8b:77:fb:45:e9:b4:
cf:18:da:c6:ea:ea:8d:b6:f5:51:ab:ce:d8:53:67:
af:4a:f5:f9:ff:67:2b:c2:5c:91:44:32:8e:2f:c3:
96:33:86:4a:cf:bd:51:53:d3:f7:4c:88:dd:18:41:
35:5f:03:c3:a2:d8:13:1f:b4:24:a2:f5:4a:2c:c4:
3e:fa:7f:11:e7:98:13:50:18:63:26:21:7b:8b:ac:
cd:81:35:79:b9:bf:30:b1:14:b2:18:30:86:53:63:
43:cf:e0:70:fc:98:04:cb:25:8a:0e:51:d2:d2:0c:
eb:c9:16:88:6a:f6:dc:80:55:51:59:21:04:30:01:
55:36:c9:bc:74:73:b3:a2:b5:c5:e8:e7:6c:af:32:
bb:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:65:CF:8B:46:34:6A:38:89:6C:EE:17:DD:B9:C2:9B:93:AD:5E:DA
X509v3 Authority Key Identifier:
keyid:68:4A:C8:A0:21:27:06:82:76:5D:23:EF:03:38:F3:5C:78:6D:DB:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aErIoCEnBoJ2XSPvAzjzXHht2zU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/d30b5d-7f3b-4a5a-9897-0c011c9c927d/1/aErIoCEnBoJ2XSPvAzjzXHht2zU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/d30b5d-7f3b-4a5a-9897-0c011c9c927d/1/aErIoCEnBoJ2XSPvAzjzXHht2zU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2b:33:c4:b3:00:9f:d8:08:63:18:99:63:d7:b2:bb:46:a8:2b:
e8:c6:7d:ec:15:58:fa:cf:5a:dc:97:74:13:a0:a0:be:2d:bf:
e8:93:47:0b:7d:30:bc:64:be:4c:b5:db:45:26:b0:0c:11:a0:
f6:3e:29:86:5d:49:7b:82:b8:96:2d:9b:c2:3b:0a:a2:85:21:
5a:64:82:6e:e0:74:97:2f:69:d7:bc:4a:05:01:00:85:27:0f:
55:54:6b:43:74:ef:aa:ae:ca:9b:6a:2e:a0:d0:27:74:63:2d:
52:89:50:04:fd:f0:de:26:d5:84:e5:6e:81:cb:a6:ba:b1:76:
c9:1d:b8:96:5d:c4:d7:55:0b:b4:49:57:1f:4b:80:b3:fe:92:
82:8b:42:b6:0f:36:e2:3b:2c:53:10:10:93:74:49:20:84:85:
2b:e7:84:00:eb:6a:c4:ac:47:e5:4b:44:b7:e8:6e:7a:29:77:
a4:ed:e4:18:02:2a:2f:da:d1:b0:57:58:97:d7:41:f8:60:7d:
fd:a6:34:81:c7:37:35:58:fa:87:06:71:ed:bc:ce:ba:91:82:
56:34:a4:2b:5c:d4:68:84:fb:52:07:54:35:50:23:86:56:5e:
81:ee:be:bd:ce:8d:8d:5b:9d:3c:fe:13:2a:3d:bc:58:da:77:
98:22:92:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsz7XPKOF6zngePXNS51FKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NGFjOGEwMjEyNzA2ODI3NjVkMjNlZjAzMzhmMzVjNzg2
ZGRiMzUwHhcNMjUwNjE0MDUwMDQxWhcNMjUwNjE1MDUwMDQxWjAzMTEwLwYDVQQD
EyhiZDY1Y2Y4YjQ2MzQ2YTM4ODk2Y2VlMTdkZGI5YzI5YjkzYWQ1ZWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8MSVdiNP6dVGnwYbXN9YINSSPkR
W8EE9z1WjiJ1H2+ybKEkOKyUqVj3EPbhzQI3J/UsZ/zWg0ILE+/eanLYuC1nxZin
e/gmEZs1feHUsfwunK6ev0eFBBiJNbHSI58g6qoBSZtDqbc11zroOAaxKLaLd/tF
6bTPGNrG6uqNtvVRq87YU2evSvX5/2crwlyRRDKOL8OWM4ZKz71RU9P3TIjdGEE1
XwPDotgTH7QkovVKLMQ++n8R55gTUBhjJiF7i6zNgTV5ub8wsRSyGDCGU2NDz+Bw
/JgEyyWKDlHS0gzryRaIavbcgFVRWSEEMAFVNsm8dHOzorXF6OdsrzK7TwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL1lz4tGNGo4iWzuF925wpuTrV7aMB8GA1UdIwQY
MBaAFGhKyKAhJwaCdl0j7wM481x4bds1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUVySW9DRW5Cb0oyWFNQdkF6anpYSGh0MnpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kMzBiNWQtN2YzYi00YTVhLTk4OTct
MGMwMTFjOWM5MjdkLzEvYUVySW9DRW5Cb0oyWFNQdkF6anpYSGh0MnpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kMzBiNWQtN2YzYi00YTVhLTk4OTctMGMwMTFjOWM5Mjdk
LzEvYUVySW9DRW5Cb0oyWFNQdkF6anpYSGh0MnpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKzPEswCf
2AhjGJlj17K7Rqgr6MZ97BVY+s9a3Jd0E6Cgvi2/6JNHC30wvGS+TLXbRSawDBGg
9j4phl1Je4K4li2bwjsKooUhWmSCbuB0ly9p17xKBQEAhScPVVRrQ3Tvqq7Km2ou
oNAndGMtUolQBP3w3ibVhOVugcumurF2yR24ll3E11ULtElXH0uAs/6SgotCtg82
4jssUxAQk3RJIISFK+eEAOtqxKxH5UtEt+hueil3pO3kGAIqL9rRsFdYl9dB+GB9
/aY0gcc3NVj6hwZx7bzOupGCVjSkK1zUaIT7UgdUNVAjhlZege6+vc6NjVudPP4T
Kj28WNp3mCKSIA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 09:13:00 2025 by rpki-client