Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/86641e-669c-4a8d-ae0b-fe341b3005e3/1/mRQlj7nTZXszdhQr_GPazk-CEcQ.mft
File: mRQlj7nTZXszdhQr_GPazk-CEcQ.mft (raw, json)
Hash identifier: 2R5tzKRoGyEHegIVVZLmFlBA1wlAV9G+per8zxFK4vI=
Subject key identifier: CB:53:82:33:DE:F5:2D:E3:79:B7:79:75:F1:96:0C:AC:1A:28:74:71
Authority key identifier: 99:14:25:8F:B9:D3:65:7B:33:76:14:2B:FC:63:DA:CE:4F:82:11:C4
Certificate issuer: /CN=9914258fb9d3657b3376142bfc63dace4f8211c4
Certificate serial: 0198D5F174FD8C0838690AB316AA31C4FE5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mRQlj7nTZXszdhQr_GPazk-CEcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/86641e-669c-4a8d-ae0b-fe341b3005e3/1/mRQlj7nTZXszdhQr_GPazk-CEcQ.mft
Manifest number: 1649
Signing time: Sat 23 Aug 2025 08:00:27 +0000
Manifest this update: Sat 23 Aug 2025 08:00:27 +0000
Manifest next update: Sun 24 Aug 2025 08:00:27 +0000
Files and hashes: 1: 2JXcaA80r7d-EIDaMijpbBPasoc.roa (hash: gf95/nywAYIZdNJbfxynwrtY4coqSX3R7aiF8YJONgo=)
2: mRQlj7nTZXszdhQr_GPazk-CEcQ.crl (hash: TMUr/cOGARcirNTcUSvAehTzCL3IL54kirCHL0Psc6A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/86641e-669c-4a8d-ae0b-fe341b3005e3/1/mRQlj7nTZXszdhQr_GPazk-CEcQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/86641e-669c-4a8d-ae0b-fe341b3005e3/1/mRQlj7nTZXszdhQr_GPazk-CEcQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/mRQlj7nTZXszdhQr_GPazk-CEcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:f1:74:fd:8c:08:38:69:0a:b3:16:aa:31:c4:fe:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9914258fb9d3657b3376142bfc63dace4f8211c4
Validity
Not Before: Aug 23 08:00:27 2025 GMT
Not After : Aug 24 08:00:27 2025 GMT
Subject: CN=cb538233def52de379b77975f1960cac1a287471
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:0b:b5:76:d6:82:5b:ed:57:2c:ca:91:d2:2b:
0c:03:39:3b:67:25:70:83:0b:73:0b:df:a3:c0:01:
83:60:d9:21:d6:d5:81:06:99:3c:f5:e9:82:d9:a4:
79:f5:98:01:79:d0:b3:ec:08:e8:d3:0f:f5:99:0a:
70:f0:44:db:3c:b2:ee:9c:a8:57:b0:8b:be:1a:8a:
a0:55:11:b4:52:a3:56:02:37:6d:cf:b9:6d:8e:b9:
64:ca:82:0e:f1:c9:2f:ee:a4:8e:c3:0e:45:48:a9:
88:ab:d5:dc:8b:86:e3:a0:c5:fe:3f:08:8d:37:04:
63:bc:de:ee:e9:01:e3:a1:14:52:15:58:99:ab:e9:
2c:6a:64:94:ca:41:4a:15:46:70:9a:cb:9d:5b:ee:
87:77:09:4f:0f:1a:fd:33:f9:73:f1:e6:33:58:f4:
ec:98:c3:74:08:38:20:e7:d2:99:a7:0f:38:4e:12:
64:63:67:a7:ca:ea:34:75:6e:57:b7:dc:c9:d1:44:
ac:44:75:ba:57:9b:2a:89:d5:84:aa:77:1f:81:61:
14:95:22:d5:33:1c:a9:f6:af:48:e1:ee:9b:c1:f5:
2a:b0:29:7c:54:dd:a2:be:0c:7c:51:ae:47:c5:a7:
9a:13:2b:d1:0d:ec:5e:c3:da:6c:db:f1:46:d8:0e:
b7:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:53:82:33:DE:F5:2D:E3:79:B7:79:75:F1:96:0C:AC:1A:28:74:71
X509v3 Authority Key Identifier:
keyid:99:14:25:8F:B9:D3:65:7B:33:76:14:2B:FC:63:DA:CE:4F:82:11:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mRQlj7nTZXszdhQr_GPazk-CEcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/86641e-669c-4a8d-ae0b-fe341b3005e3/1/mRQlj7nTZXszdhQr_GPazk-CEcQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/86641e-669c-4a8d-ae0b-fe341b3005e3/1/mRQlj7nTZXszdhQr_GPazk-CEcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
95:bb:6f:04:fc:86:ef:e2:a0:84:b3:b1:bb:57:95:68:8c:45:
82:20:6c:4a:95:d1:cb:3e:3a:26:bd:81:08:01:22:44:ad:e1:
a8:e1:ce:67:5b:c7:43:ad:bc:34:0f:7c:45:04:56:30:60:e0:
9b:78:83:91:a2:51:27:87:9e:5e:24:a9:95:27:ea:7a:64:b0:
ed:03:07:bb:bc:47:7e:c3:e3:ba:4c:04:fc:ab:44:81:fe:1a:
35:e7:ab:8f:2b:2a:b4:55:66:48:80:c4:1a:6d:bf:b6:4c:bb:
12:62:5a:d2:70:75:86:c2:60:51:43:72:18:8b:37:2a:15:e4:
73:89:c9:2a:0f:e4:29:cc:1a:87:37:a0:ea:4c:4d:5a:74:a7:
f4:a8:36:9e:78:29:55:ca:39:15:7e:26:79:43:1d:0c:50:3a:
b7:87:0d:fe:77:81:69:81:4f:07:f4:86:4c:f5:91:2b:7e:8a:
42:76:94:a0:1d:bd:77:f6:0b:fa:91:11:06:8d:67:8a:5e:41:
c5:0b:9a:d2:7c:d2:54:d5:b4:33:68:c3:54:ef:dd:80:5c:1c:
f8:90:d9:7e:b3:3a:6a:fa:52:5d:3a:13:cf:51:46:18:73:b8:
36:a2:cf:48:67:3e:6d:3e:4f:21:a4:e6:43:b7:a7:dc:95:58:
34:61:9a:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjV8XT9jAg4aQqzFqoxxP5eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MTQyNThmYjlkMzY1N2IzMzc2MTQyYmZjNjNkYWNlNGY4
MjExYzQwHhcNMjUwODIzMDgwMDI3WhcNMjUwODI0MDgwMDI3WjAzMTEwLwYDVQQD
EyhjYjUzODIzM2RlZjUyZGUzNzliNzc5NzVmMTk2MGNhYzFhMjg3NDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwu1dtaCW+1XLMqR0isMAzk7ZyVw
gwtzC9+jwAGDYNkh1tWBBpk89emC2aR59ZgBedCz7Ajo0w/1mQpw8ETbPLLunKhX
sIu+GoqgVRG0UqNWAjdtz7ltjrlkyoIO8ckv7qSOww5FSKmIq9Xci4bjoMX+PwiN
NwRjvN7u6QHjoRRSFViZq+ksamSUykFKFUZwmsudW+6HdwlPDxr9M/lz8eYzWPTs
mMN0CDgg59KZpw84ThJkY2enyuo0dW5Xt9zJ0USsRHW6V5sqidWEqncfgWEUlSLV
Mxyp9q9I4e6bwfUqsCl8VN2ivgx8Ua5HxaeaEyvRDexew9ps2/FG2A63SwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMtTgjPe9S3jebd5dfGWDKwaKHRxMB8GA1UdIwQY
MBaAFJkUJY+502V7M3YUK/xj2s5PghHEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVJRbGo3blRaWHN6ZGhRcl9HUGF6ay1DRWNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS84NjY0MWUtNjY5Yy00YThkLWFlMGIt
ZmUzNDFiMzAwNWUzLzEvbVJRbGo3blRaWHN6ZGhRcl9HUGF6ay1DRWNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS84NjY0MWUtNjY5Yy00YThkLWFlMGItZmUzNDFiMzAwNWUz
LzEvbVJRbGo3blRaWHN6ZGhRcl9HUGF6ay1DRWNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlbtvBPyG
7+KghLOxu1eVaIxFgiBsSpXRyz46Jr2BCAEiRK3hqOHOZ1vHQ628NA98RQRWMGDg
m3iDkaJRJ4eeXiSplSfqemSw7QMHu7xHfsPjukwE/KtEgf4aNeerjysqtFVmSIDE
Gm2/tky7EmJa0nB1hsJgUUNyGIs3KhXkc4nJKg/kKcwahzeg6kxNWnSn9Kg2nngp
Vco5FX4meUMdDFA6t4cN/neBaYFPB/SGTPWRK36KQnaUoB29d/YL+pERBo1nil5B
xQua0nzSVNW0M2jDVO/dgFwc+JDZfrM6avpSXToTz1FGGHO4NqLPSGc+bT5PIaTm
Q7en3JVYNGGaSQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:33:20 2025 by rpki-client