Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
File: a0P3ovQ2ixel4DXOS9km-KFC1os.mft (raw, json)
Hash identifier: PWwGuwXC3tHFwCLUcgyNzYZh2bk5Rj7eTcuSPLm7Uvc=
Subject key identifier: AB:1A:7E:21:81:C2:8C:72:41:D5:E1:EC:3D:F6:40:EB:D2:B4:AE:11
Authority key identifier: 6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B
Certificate issuer: /CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b
Certificate serial: 01976EBE0667B12862C1016794B73CF8160F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
Manifest number: 158E
Signing time: Sat 14 Jun 2025 14:00:36 +0000
Manifest this update: Sat 14 Jun 2025 14:00:36 +0000
Manifest next update: Sun 15 Jun 2025 14:00:36 +0000
Files and hashes: 1: MRvoKs_tNg3-xTMgCbueoBg-yMU.roa (hash: lEsMSNpmyZrLO0pVpESTwzarMUanf5zfZ6XbX+ha5s8=)
2: a0P3ovQ2ixel4DXOS9km-KFC1os.crl (hash: PlF/AMLvstNvBY8nFaCNn0bQmktKWDTKxElfdfN2XWc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6e:be:06:67:b1:28:62:c1:01:67:94:b7:3c:f8:16:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b
Validity
Not Before: Jun 14 14:00:36 2025 GMT
Not After : Jun 15 14:00:36 2025 GMT
Subject: CN=ab1a7e2181c28c7241d5e1ec3df640ebd2b4ae11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:da:08:de:b6:ac:6e:db:93:09:7e:2f:8e:41:
f4:26:5e:04:9a:9c:f6:42:d7:45:0b:0b:19:ee:a5:
fd:be:d3:bb:37:ac:6f:75:b6:06:9e:0a:95:3d:55:
ca:e3:50:60:b1:b4:a1:a7:dd:99:e0:47:7e:59:9d:
f6:45:c8:43:4c:e6:e5:b3:9e:6a:e1:f9:75:27:2b:
5f:d6:6c:2d:7d:4e:8a:04:47:7d:fa:4a:76:9c:29:
4d:6e:ac:37:95:82:92:b9:25:e7:3b:93:e1:7c:3a:
32:9c:9d:1f:e2:4a:66:8f:6c:b3:cf:70:ce:a6:dc:
49:9f:00:17:8b:b6:c5:bd:ba:ae:72:b1:0f:91:ca:
c1:14:55:9a:a5:0a:a4:41:da:38:da:9a:8a:fb:6b:
d6:2d:9e:43:f1:bb:6f:3b:a6:79:89:c6:bd:1b:4d:
0a:44:c3:9f:23:15:93:45:3d:c7:a5:a2:15:3c:de:
53:f5:5f:23:a5:6d:47:70:62:99:c1:c1:38:7e:92:
b4:27:2b:10:c2:88:de:8a:6a:2a:19:77:e8:62:8d:
42:2d:86:6b:92:79:40:79:06:12:eb:03:6f:53:a9:
1c:01:af:12:f0:02:d0:33:69:90:f2:48:d3:6f:2e:
47:22:39:30:8d:b9:10:07:8f:57:ce:c5:8a:22:be:
ea:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:1A:7E:21:81:C2:8C:72:41:D5:E1:EC:3D:F6:40:EB:D2:B4:AE:11
X509v3 Authority Key Identifier:
keyid:6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7a:dc:96:3f:98:12:4c:f9:53:97:8e:ab:8a:78:64:40:8c:61:
7a:91:4d:9c:ca:21:ce:c3:4b:ea:2f:41:01:85:d5:3f:ec:03:
d8:b5:19:e6:28:68:64:2b:25:46:5b:d5:61:ca:2f:71:04:d2:
a5:32:ef:4c:6f:0e:b0:3b:3f:3a:32:a0:38:23:b7:cf:a8:e8:
93:93:1f:a8:35:6b:40:ff:5d:74:70:58:9f:cd:0a:7c:3b:4c:
51:f1:ec:09:42:95:55:20:eb:e0:a8:cf:48:52:2f:c6:1e:e0:
dc:40:af:85:c1:ab:48:d7:8c:15:e0:1c:3c:86:8e:91:c7:47:
ad:37:07:64:b0:f9:93:75:bf:00:e9:b3:3b:b7:4f:7e:b0:58:
ab:d8:77:5e:ce:b8:23:17:e2:49:e9:7a:1b:7a:70:20:16:91:
00:93:18:26:c7:7f:5f:41:b4:da:9a:9f:6d:63:52:84:3e:f3:
51:3f:5c:49:a4:4d:94:9a:be:cb:ef:62:06:8b:90:2d:62:a0:
5e:bc:5b:ce:83:f0:a2:cc:74:e0:4c:08:94:11:1d:16:33:96:
f9:3a:ae:3c:3a:88:c1:50:d7:86:94:8f:a2:ac:02:71:c3:7e:
3a:2d:2c:05:08:4e:46:3b:b5:ea:0c:24:15:21:f2:20:7e:16:
19:6e:57:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZduvgZnsShiwQFnlLc8+BYPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNDNmN2EyZjQzNjhiMTdhNWUwMzVjZTRiZDkyNmY4YTE0
MmQ2OGIwHhcNMjUwNjE0MTQwMDM2WhcNMjUwNjE1MTQwMDM2WjAzMTEwLwYDVQQD
EyhhYjFhN2UyMTgxYzI4YzcyNDFkNWUxZWMzZGY2NDBlYmQyYjRhZTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9oI3rasbtuTCX4vjkH0Jl4Empz2
QtdFCwsZ7qX9vtO7N6xvdbYGngqVPVXK41BgsbShp92Z4Ed+WZ32RchDTObls55q
4fl1Jytf1mwtfU6KBEd9+kp2nClNbqw3lYKSuSXnO5PhfDoynJ0f4kpmj2yzz3DO
ptxJnwAXi7bFvbqucrEPkcrBFFWapQqkQdo42pqK+2vWLZ5D8btvO6Z5ica9G00K
RMOfIxWTRT3HpaIVPN5T9V8jpW1HcGKZwcE4fpK0JysQwojeimoqGXfoYo1CLYZr
knlAeQYS6wNvU6kcAa8S8ALQM2mQ8kjTby5HIjkwjbkQB49XzsWKIr7q7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKsafiGBwoxyQdXh7D32QOvStK4RMB8GA1UdIwQY
MBaAFGtD96L0NosXpeA1zkvZJvihQtaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMt
MzViMDMxMzZkZDAzLzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMtMzViMDMxMzZkZDAz
LzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAetyWP5gS
TPlTl46rinhkQIxhepFNnMohzsNL6i9BAYXVP+wD2LUZ5ihoZCslRlvVYcovcQTS
pTLvTG8OsDs/OjKgOCO3z6jok5MfqDVrQP9ddHBYn80KfDtMUfHsCUKVVSDr4KjP
SFIvxh7g3ECvhcGrSNeMFeAcPIaOkcdHrTcHZLD5k3W/AOmzO7dPfrBYq9h3Xs64
IxfiSel6G3pwIBaRAJMYJsd/X0G02pqfbWNShD7zUT9cSaRNlJq+y+9iBouQLWKg
XrxbzoPwosx04EwIlBEdFjOW+TquPDqIwVDXhpSPoqwCccN+Oi0sBQhORju16gwk
FSHyIH4WGW5X1w==
-----END CERTIFICATE-----
Generated at Sat Jun 14 22:22:27 2025 by rpki-client