Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
File: cHl9sHv21Fl6wtyL40-JKYAI8s0.mft (raw, json)
Hash identifier: /xptQGKMaK3XU6jjUEX/wYxFOt9jer0PA+xvCxu2Hzc=
Subject key identifier: F3:0B:CF:14:72:CD:56:FE:65:C1:B9:9D:9E:59:79:49:02:72:64:98
Authority key identifier: 70:79:7D:B0:7B:F6:D4:59:7A:C2:DC:8B:E3:4F:89:29:80:08:F2:CD
Certificate issuer: /CN=70797db07bf6d4597ac2dc8be34f89298008f2cd
Certificate serial: 019768F2AB4A218D216497BD08BAA2C54B28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
Manifest number: 1591
Signing time: Fri 13 Jun 2025 11:00:23 +0000
Manifest this update: Fri 13 Jun 2025 11:00:23 +0000
Manifest next update: Sat 14 Jun 2025 11:00:23 +0000
Files and hashes: 1: aSlfyLBw9tgMgXUQzZob6GMDMuM.roa (hash: DQ6riuAx/+y5wvPOEmkDzdZnToFJiPSBUt3sxo+9O3s=)
2: cHl9sHv21Fl6wtyL40-JKYAI8s0.crl (hash: 7ru78YfumtZoTWgSujDyzxPd/A1Ndsb6IK62+5lK3SE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 11:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:68:f2:ab:4a:21:8d:21:64:97:bd:08:ba:a2:c5:4b:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70797db07bf6d4597ac2dc8be34f89298008f2cd
Validity
Not Before: Jun 13 11:00:23 2025 GMT
Not After : Jun 14 11:00:23 2025 GMT
Subject: CN=f30bcf1472cd56fe65c1b99d9e59794902726498
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:6e:af:99:1d:f0:5c:c0:8d:28:6a:c0:13:7e:
30:1f:a5:8a:43:d3:9d:65:60:37:46:40:13:56:97:
8d:6a:5f:3d:44:a9:0a:ce:c4:08:71:72:d7:e7:45:
51:f4:55:2f:5f:ab:5a:2b:c6:74:9f:40:66:31:5b:
3a:d5:78:f7:90:23:3f:84:6b:95:92:67:09:02:4b:
2a:8c:f3:39:81:fd:d3:31:6c:fc:a8:9b:0a:42:67:
fc:54:68:bc:34:b7:e6:63:4d:45:2d:34:44:1b:09:
07:fa:c7:21:40:17:8f:f3:75:28:c3:b1:78:84:dd:
0c:b9:f7:63:31:e1:02:97:5a:05:2b:c8:08:33:7b:
11:1c:99:7b:d7:8e:f3:8a:9f:99:20:4b:17:a4:ed:
ef:bc:a8:04:cd:84:1f:3b:74:8e:16:5b:a3:ae:2d:
6f:58:ea:6b:c9:13:34:b9:84:18:37:07:3c:19:58:
0e:c8:4d:04:b5:be:51:5b:07:66:ae:a3:08:1c:11:
ab:59:11:23:9c:03:69:90:4c:e8:ea:a8:ca:e8:16:
96:b8:27:f3:a1:4d:2e:40:df:7d:0a:55:82:0b:f7:
a8:b4:89:5d:78:3b:21:07:56:22:20:c9:64:4c:9e:
9b:c9:85:58:da:e9:48:ff:66:ce:ff:1a:aa:c1:88:
20:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:0B:CF:14:72:CD:56:FE:65:C1:B9:9D:9E:59:79:49:02:72:64:98
X509v3 Authority Key Identifier:
keyid:70:79:7D:B0:7B:F6:D4:59:7A:C2:DC:8B:E3:4F:89:29:80:08:F2:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2d:be:93:8a:6b:1e:04:f1:41:da:48:ba:04:6b:2b:a0:83:8b:
43:29:5b:dd:d6:cb:53:a1:5d:dd:bd:8e:9a:c3:37:42:a5:eb:
d2:d2:51:77:57:57:1f:81:97:cc:af:0c:4a:6b:6a:d6:25:a8:
cd:e5:71:7a:eb:b1:48:7a:41:15:70:62:d8:41:e2:0d:e6:be:
20:8f:df:2a:38:4d:6f:e5:d9:5a:6e:87:aa:66:d6:a6:37:e9:
00:24:e8:e3:a6:d0:14:39:21:67:fd:96:4b:90:ce:14:53:38:
35:d0:76:2e:19:dd:74:94:ac:48:1c:7d:b6:a5:b9:59:d5:b5:
03:4d:40:dc:55:a2:87:1f:a8:96:55:e0:94:98:41:8d:bc:c5:
38:d8:0c:81:63:7d:c2:6b:2e:56:62:e1:84:03:da:a4:5e:52:
b0:1e:69:75:91:87:f6:5e:c3:f9:06:95:51:d5:e1:b0:0e:a5:
93:4c:a4:52:ac:22:4c:c8:b4:d7:46:a9:38:0b:97:34:a0:81:
d0:c5:71:34:47:be:59:a4:ce:5d:c2:c4:b2:b1:ee:61:f3:bc:
ce:03:02:0c:8f:f4:a3:fd:df:46:fa:9b:06:3c:50:59:9c:aa:
23:76:a3:d2:20:0f:20:2f:9a:57:dd:40:7b:0c:d2:16:21:da:
19:65:61:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdo8qtKIY0hZJe9CLqixUsoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNzk3ZGIwN2JmNmQ0NTk3YWMyZGM4YmUzNGY4OTI5ODAw
OGYyY2QwHhcNMjUwNjEzMTEwMDIzWhcNMjUwNjE0MTEwMDIzWjAzMTEwLwYDVQQD
EyhmMzBiY2YxNDcyY2Q1NmZlNjVjMWI5OWQ5ZTU5Nzk0OTAyNzI2NDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAim6vmR3wXMCNKGrAE34wH6WKQ9Od
ZWA3RkATVpeNal89RKkKzsQIcXLX50VR9FUvX6taK8Z0n0BmMVs61Xj3kCM/hGuV
kmcJAksqjPM5gf3TMWz8qJsKQmf8VGi8NLfmY01FLTREGwkH+schQBeP83Uow7F4
hN0MufdjMeECl1oFK8gIM3sRHJl7147zip+ZIEsXpO3vvKgEzYQfO3SOFlujri1v
WOpryRM0uYQYNwc8GVgOyE0Etb5RWwdmrqMIHBGrWREjnANpkEzo6qjK6BaWuCfz
oU0uQN99ClWCC/eotIldeDshB1YiIMlkTJ6byYVY2ulI/2bO/xqqwYggXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPMLzxRyzVb+ZcG5nZ5ZeUkCcmSYMB8GA1UdIwQY
MBaAFHB5fbB79tRZesLci+NPiSmACPLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9jMmVlN2EtY2JiNy00NzBlLWI5NjUt
OTA3ZGFhNDY0NjNiLzEvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9jMmVlN2EtY2JiNy00NzBlLWI5NjUtOTA3ZGFhNDY0NjNi
LzEvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALb6Timse
BPFB2ki6BGsroIOLQylb3dbLU6Fd3b2OmsM3QqXr0tJRd1dXH4GXzK8MSmtq1iWo
zeVxeuuxSHpBFXBi2EHiDea+II/fKjhNb+XZWm6HqmbWpjfpACTo46bQFDkhZ/2W
S5DOFFM4NdB2LhnddJSsSBx9tqW5WdW1A01A3FWihx+ollXglJhBjbzFONgMgWN9
wmsuVmLhhAPapF5SsB5pdZGH9l7D+QaVUdXhsA6lk0ykUqwiTMi010apOAuXNKCB
0MVxNEe+WaTOXcLEsrHuYfO8zgMCDI/0o/3fRvqbBjxQWZyqI3aj0iAPIC+aV91A
ewzSFiHaGWVhow==
-----END CERTIFICATE-----
Generated at Fri Jun 13 18:59:42 2025 by rpki-client