Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft
File: ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft (raw, json)
Hash identifier: KQUgJgXZRKgLLswc2mSGeHv6k1lDl7hmWvoX3/tMsFc=
Subject key identifier: 36:52:D4:FF:CF:1C:39:11:D1:BC:C4:E7:D4:64:54:47:8B:C6:54:46
Authority key identifier: B9:F1:D5:B0:6F:57:01:55:5F:F5:88:81:54:DD:14:1B:48:89:61:17
Certificate issuer: /CN=b9f1d5b06f5701555ff5888154dd141b48896117
Certificate serial: 01976F2CE4BF85CDD8AC4D028A120D1B6F04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft
Manifest number: 15A7
Signing time: Sat 14 Jun 2025 16:01:42 +0000
Manifest this update: Sat 14 Jun 2025 16:01:42 +0000
Manifest next update: Sun 15 Jun 2025 16:01:42 +0000
Files and hashes: 1: ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl (hash: HHPWaMeXFH6sLfSqvojcLejBnXX8AtBfwMwgFEb41BU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 16:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6f:2c:e4:bf:85:cd:d8:ac:4d:02:8a:12:0d:1b:6f:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9f1d5b06f5701555ff5888154dd141b48896117
Validity
Not Before: Jun 14 16:01:42 2025 GMT
Not After : Jun 15 16:01:42 2025 GMT
Subject: CN=3652d4ffcf1c3911d1bcc4e7d46454478bc65446
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:7d:c9:29:37:01:3c:64:8e:a4:d9:fb:fa:1a:
60:8a:46:8f:4f:70:da:d4:65:f7:6d:d4:b2:f2:cf:
f3:4a:a8:26:a2:4d:26:13:b4:34:08:fb:3f:8e:fa:
90:43:82:b5:58:85:24:7f:96:2e:74:89:fe:7e:33:
f3:3f:2d:04:68:ee:40:f4:8a:48:21:6f:36:45:a7:
6b:37:ac:9e:7b:5a:26:33:ad:1f:ca:11:dc:2e:37:
9b:33:c5:dc:e6:9d:c3:a7:f0:bd:f7:8d:f2:bb:61:
fd:9c:b2:d4:c1:2f:8e:65:0e:8c:13:82:1c:4a:4c:
2b:b5:20:09:b2:a6:c5:15:e3:75:83:d4:3d:fd:48:
10:27:5d:54:09:90:fc:3b:24:cf:3d:20:fa:df:cd:
6b:aa:83:27:9b:39:5b:f9:f0:f2:17:b8:1a:75:c2:
4d:e8:ef:24:d9:dd:ea:ed:20:ce:f1:5c:14:8e:7f:
58:61:b9:b6:0d:a2:43:56:df:36:40:ae:8f:c2:55:
78:0c:5d:0d:e6:b3:98:ed:2b:81:24:74:2c:ed:a3:
c0:75:9d:44:dc:c0:d6:d2:15:de:c6:60:83:aa:4c:
2d:a8:1b:69:b8:e2:40:0c:54:1e:9f:fc:0d:2e:13:
16:c1:19:09:35:ad:e4:eb:cc:c3:a3:1b:f4:97:d3:
e7:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:52:D4:FF:CF:1C:39:11:D1:BC:C4:E7:D4:64:54:47:8B:C6:54:46
X509v3 Authority Key Identifier:
keyid:B9:F1:D5:B0:6F:57:01:55:5F:F5:88:81:54:DD:14:1B:48:89:61:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9a:b6:3e:88:77:d1:87:11:ba:a3:69:39:3f:b5:16:2c:57:26:
43:b8:e4:ef:10:0a:af:31:05:6a:a0:f5:86:33:74:8d:ef:33:
40:9b:19:c8:f4:1d:1b:3f:14:53:eb:40:0c:6a:be:41:65:20:
7d:53:e7:53:9c:bf:d0:a7:09:df:de:e8:e3:2c:bc:2f:15:ea:
99:bb:b6:16:ef:98:6f:c0:0e:96:cd:cd:d2:1d:12:32:b9:b8:
55:db:e4:4f:9c:3f:ae:0f:8f:f5:b0:ef:b1:bf:2f:d2:fd:37:
39:98:32:15:f0:9d:4a:37:f6:be:ee:3d:0c:57:08:6c:36:2a:
1b:4e:f3:f1:85:1e:db:f7:6f:7b:8b:c5:a3:dd:0b:0f:72:c1:
1b:84:82:93:4c:76:7f:fd:86:9d:d5:31:bd:cf:13:dd:85:9c:
bd:f1:cc:fa:ce:6d:74:81:c6:05:58:55:b0:f4:d3:ea:32:ed:
ba:b3:4f:68:5e:4b:38:d2:8a:e1:dc:8f:0c:ec:03:91:c6:cc:
a1:77:13:27:46:23:3b:53:20:68:19:ae:81:3b:e3:ee:ed:7b:
de:ad:04:c8:20:ff:f4:37:2b:b2:78:58:63:ed:12:e4:44:16:
b7:dd:a8:1a:25:ef:9c:3e:d1:3e:d7:0a:ab:d2:66:e6:c7:f1:
5e:a2:d2:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvLOS/hc3YrE0CihING28EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZjFkNWIwNmY1NzAxNTU1ZmY1ODg4MTU0ZGQxNDFiNDg4
OTYxMTcwHhcNMjUwNjE0MTYwMTQyWhcNMjUwNjE1MTYwMTQyWjAzMTEwLwYDVQQD
EygzNjUyZDRmZmNmMWMzOTExZDFiY2M0ZTdkNDY0NTQ0NzhiYzY1NDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoH3JKTcBPGSOpNn7+hpgikaPT3Da
1GX3bdSy8s/zSqgmok0mE7Q0CPs/jvqQQ4K1WIUkf5YudIn+fjPzPy0EaO5A9IpI
IW82RadrN6yee1omM60fyhHcLjebM8Xc5p3Dp/C9943yu2H9nLLUwS+OZQ6ME4Ic
SkwrtSAJsqbFFeN1g9Q9/UgQJ11UCZD8OyTPPSD6381rqoMnmzlb+fDyF7gadcJN
6O8k2d3q7SDO8VwUjn9YYbm2DaJDVt82QK6PwlV4DF0N5rOY7SuBJHQs7aPAdZ1E
3MDW0hXexmCDqkwtqBtpuOJADFQen/wNLhMWwRkJNa3k68zDoxv0l9PnwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDZS1P/PHDkR0bzE59RkVEeLxlRGMB8GA1UdIwQY
MBaAFLnx1bBvVwFVX/WIgVTdFBtIiWEXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9jYWY1ZWEtNjI2ZS00NTVhLTg3MDgt
ZjVjYThmYTcyNzBkLzEvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9jYWY1ZWEtNjI2ZS00NTVhLTg3MDgtZjVjYThmYTcyNzBk
LzEvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmrY+iHfR
hxG6o2k5P7UWLFcmQ7jk7xAKrzEFaqD1hjN0je8zQJsZyPQdGz8UU+tADGq+QWUg
fVPnU5y/0KcJ397o4yy8LxXqmbu2Fu+Yb8AOls3N0h0SMrm4VdvkT5w/rg+P9bDv
sb8v0v03OZgyFfCdSjf2vu49DFcIbDYqG07z8YUe2/dve4vFo90LD3LBG4SCk0x2
f/2GndUxvc8T3YWcvfHM+s5tdIHGBVhVsPTT6jLturNPaF5LONKK4dyPDOwDkcbM
oXcTJ0YjO1MgaBmugTvj7u173q0EyCD/9DcrsnhYY+0S5EQWt92oGiXvnD7RPtcK
q9Jm5sfxXqLSLg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 23:51:39 2025 by rpki-client