Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft
File: hD524S0l3izPRxnfAlToU5UO7rk.mft (raw, json)
Hash identifier: DTjwt8XaQmMhcbdsd0xxnzgIZ0gVI1/fcyp0vyG1kPc=
Subject key identifier: 5A:B0:47:EB:B9:C8:E0:36:06:F2:8E:08:6B:B0:71:A9:FF:AB:ED:41
Authority key identifier: 84:3E:76:E1:2D:25:DE:2C:CF:47:19:DF:02:54:E8:53:95:0E:EE:B9
Certificate issuer: /CN=843e76e12d25de2ccf4719df0254e853950eeeb9
Certificate serial: 01977CB134EF1BA6F25B7A991473303D8F2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hD524S0l3izPRxnfAlToU5UO7rk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft
Manifest number: 0BEC
Signing time: Tue 17 Jun 2025 07:01:17 +0000
Manifest this update: Tue 17 Jun 2025 07:01:17 +0000
Manifest next update: Wed 18 Jun 2025 07:01:17 +0000
Files and hashes: 1: hD524S0l3izPRxnfAlToU5UO7rk.crl (hash: y+9pirpz3sbLTqP0VmpUzbsTyTSyukYH7GR2b17WQeQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft
rsync://rpki.ripe.net/repository/DEFAULT/hD524S0l3izPRxnfAlToU5UO7rk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 18 Jun 2025 07:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7c:b1:34:ef:1b:a6:f2:5b:7a:99:14:73:30:3d:8f:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=843e76e12d25de2ccf4719df0254e853950eeeb9
Validity
Not Before: Jun 17 07:01:17 2025 GMT
Not After : Jun 18 07:01:17 2025 GMT
Subject: CN=5ab047ebb9c8e03606f28e086bb071a9ffabed41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:1b:9f:48:ae:e1:77:3b:e0:16:40:c8:ee:90:
fd:d7:6b:7e:11:20:11:ea:3c:e2:d7:48:93:b9:21:
6e:7c:37:a8:88:f5:66:20:20:4b:ab:06:20:9d:68:
bc:38:2f:2a:78:4a:c7:16:59:55:c4:5a:3a:de:9a:
a3:eb:c5:ca:57:89:41:37:73:6d:00:c4:a1:e4:9e:
fa:ee:7d:09:2e:d0:2c:8f:fa:54:f7:99:f5:b8:3a:
a1:88:81:8b:ee:60:eb:1c:5b:5b:95:6a:33:74:f1:
a5:a8:db:53:75:08:f0:57:80:98:60:a6:50:ad:43:
dd:f1:e9:c4:c1:c2:84:eb:4d:4b:1d:aa:99:e9:7e:
71:05:b6:75:67:f0:1d:49:17:01:77:ba:6f:3f:6e:
29:dc:9a:4c:eb:c2:84:ed:ae:36:b8:13:5d:fc:b7:
a1:60:37:19:46:83:a0:c9:ba:5f:c1:fe:b9:4b:9e:
39:10:62:05:9a:d6:3c:7c:d8:b7:c8:bd:9d:1f:0d:
f4:f0:76:42:de:9a:5d:2f:3c:fa:c7:52:9e:ff:4c:
1a:7a:ee:fe:33:0c:e2:14:7b:71:5e:f7:03:c4:4a:
5f:d3:25:3a:98:be:ca:0e:8b:5b:ef:64:0f:3c:48:
7b:65:4a:01:5e:f5:71:91:b3:3d:d9:2d:b2:24:df:
58:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:B0:47:EB:B9:C8:E0:36:06:F2:8E:08:6B:B0:71:A9:FF:AB:ED:41
X509v3 Authority Key Identifier:
keyid:84:3E:76:E1:2D:25:DE:2C:CF:47:19:DF:02:54:E8:53:95:0E:EE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hD524S0l3izPRxnfAlToU5UO7rk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9d:8b:df:21:12:3a:37:cd:7c:af:66:30:83:e8:cc:f0:f3:36:
6f:27:44:bf:ce:e4:46:37:a4:f9:45:f9:c8:db:6a:b7:3a:ea:
8b:23:6c:e7:6d:ce:30:2c:8d:07:63:01:0c:e7:97:2f:1d:c9:
3f:23:c8:af:b8:a4:80:a4:b3:70:81:1b:a4:1b:82:37:56:9b:
7c:e7:26:a3:19:dc:fd:73:17:c3:45:9b:bd:2e:20:48:5f:c4:
fc:de:6c:7e:95:a9:4b:cf:4f:2b:8b:6f:23:2f:c8:6d:95:5d:
97:8d:f4:b1:ab:6d:d4:48:98:44:06:88:05:22:8c:60:c5:b5:
e8:bf:6d:0a:9a:23:ad:a9:c3:a8:e8:55:5e:27:f0:ba:04:14:
bb:08:a3:8a:17:00:2d:92:b1:1b:67:68:1b:eb:12:60:1e:a6:
a8:62:50:f0:c1:ab:d8:bc:a3:55:ca:dc:7d:60:38:ce:b0:84:
32:bc:33:de:25:98:a5:3f:e9:90:c5:8b:0a:45:a5:08:21:63:
86:ed:8c:97:e3:80:08:e3:e0:d0:a9:20:82:57:6f:bb:69:0a:
d7:c5:c4:36:5f:4f:6c:10:e4:be:68:c4:6a:f3:99:1a:b9:58:
dc:b4:85:6a:86:df:73:b2:c1:e5:fd:6c:0d:ae:2d:2a:4d:48:
c0:cf:10:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd8sTTvG6byW3qZFHMwPY8rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0M2U3NmUxMmQyNWRlMmNjZjQ3MTlkZjAyNTRlODUzOTUw
ZWVlYjkwHhcNMjUwNjE3MDcwMTE3WhcNMjUwNjE4MDcwMTE3WjAzMTEwLwYDVQQD
Eyg1YWIwNDdlYmI5YzhlMDM2MDZmMjhlMDg2YmIwNzFhOWZmYWJlZDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhufSK7hdzvgFkDI7pD912t+ESAR
6jzi10iTuSFufDeoiPVmICBLqwYgnWi8OC8qeErHFllVxFo63pqj68XKV4lBN3Nt
AMSh5J767n0JLtAsj/pU95n1uDqhiIGL7mDrHFtblWozdPGlqNtTdQjwV4CYYKZQ
rUPd8enEwcKE601LHaqZ6X5xBbZ1Z/AdSRcBd7pvP24p3JpM68KE7a42uBNd/Leh
YDcZRoOgybpfwf65S545EGIFmtY8fNi3yL2dHw308HZC3ppdLzz6x1Ke/0waeu7+
MwziFHtxXvcDxEpf0yU6mL7KDotb72QPPEh7ZUoBXvVxkbM92S2yJN9YRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFqwR+u5yOA2BvKOCGuwcan/q+1BMB8GA1UdIwQY
MBaAFIQ+duEtJd4sz0cZ3wJU6FOVDu65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEQ1MjRTMGwzaXpQUnhuZkFsVG9VNVVPN3JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS85MzI1NmItYzkxMy00OTVhLWE3Zjkt
NjdmYzhkMjA2NWIxLzEvaEQ1MjRTMGwzaXpQUnhuZkFsVG9VNVVPN3JrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS85MzI1NmItYzkxMy00OTVhLWE3ZjktNjdmYzhkMjA2NWIx
LzEvaEQ1MjRTMGwzaXpQUnhuZkFsVG9VNVVPN3JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnYvfIRI6
N818r2Ywg+jM8PM2bydEv87kRjek+UX5yNtqtzrqiyNs523OMCyNB2MBDOeXLx3J
PyPIr7ikgKSzcIEbpBuCN1abfOcmoxnc/XMXw0WbvS4gSF/E/N5sfpWpS89PK4tv
Iy/IbZVdl430satt1EiYRAaIBSKMYMW16L9tCpojranDqOhVXifwugQUuwijihcA
LZKxG2doG+sSYB6mqGJQ8MGr2LyjVcrcfWA4zrCEMrwz3iWYpT/pkMWLCkWlCCFj
hu2Ml+OACOPg0Kkggldvu2kK18XENl9PbBDkvmjEavOZGrlY3LSFaobfc7LB5f1s
Da4tKk1IwM8Qyg==
-----END CERTIFICATE-----
Generated at Tue Jun 17 15:38:40 2025 by rpki-client