Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
File: bP-QsXePU3Q_kng8rxdIouzWaKA.mft (raw, json)
Hash identifier: pZqpDI3iZ3dtjQg4eESjDMKIDI3hcz+mViKCb5tfvBg=
Subject key identifier: FD:8A:AD:0A:E3:8A:52:83:0B:4A:CF:81:1B:DE:9D:46:B1:25:39:43
Authority key identifier: 6C:FF:90:B1:77:8F:53:74:3F:92:78:3C:AF:17:48:A2:EC:D6:68:A0
Certificate issuer: /CN=6cff90b1778f53743f92783caf1748a2ecd668a0
Certificate serial: 0198D404CC884A280CF3D0AC1DE5A795CA1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
Manifest number: 035D
Signing time: Fri 22 Aug 2025 23:02:20 +0000
Manifest this update: Fri 22 Aug 2025 23:02:20 +0000
Manifest next update: Sat 23 Aug 2025 23:02:20 +0000
Files and hashes: 1: bP-QsXePU3Q_kng8rxdIouzWaKA.crl (hash: bDE/cM5N8pQfPwqZ8/GFEnwHRGhQDpNNJrbls3MAtSM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Aug 2025 23:02:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:04:cc:88:4a:28:0c:f3:d0:ac:1d:e5:a7:95:ca:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cff90b1778f53743f92783caf1748a2ecd668a0
Validity
Not Before: Aug 22 23:02:20 2025 GMT
Not After : Aug 23 23:02:20 2025 GMT
Subject: CN=fd8aad0ae38a52830b4acf811bde9d46b1253943
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:56:14:e3:fe:f1:91:a3:fa:6e:b8:cb:8a:62:
26:5f:54:5b:c3:12:af:7e:0e:d7:6a:9b:31:71:d4:
c6:3d:34:bc:5e:80:3f:3a:57:5d:a3:ea:f7:b0:30:
23:2e:01:03:c2:50:04:2e:cf:e6:f0:ad:4a:8d:28:
cc:9c:c6:fc:c9:72:33:fb:ee:c4:99:48:90:ab:e6:
70:83:a1:58:76:f5:db:89:6c:06:47:79:ee:db:e8:
7c:d2:70:99:fa:b0:41:8e:65:37:a3:e1:82:9c:71:
9b:58:83:66:40:a6:b8:44:1b:eb:a7:2b:4b:76:34:
3e:5e:20:11:b6:94:ae:a3:0f:55:fa:3a:ee:7d:11:
a0:f4:9c:08:4a:67:2b:de:4f:ee:75:0a:c1:a6:d8:
3a:cb:35:3b:e8:d4:40:fc:db:b3:93:5d:f7:1a:db:
af:d1:4d:70:6b:92:4e:4c:dd:10:89:cd:d7:82:61:
a8:ba:0f:a3:1b:8d:f3:85:54:ed:78:1f:1e:5c:47:
5f:b0:6a:a3:c5:87:49:b0:64:37:e5:0f:42:13:9c:
2b:0d:b1:9d:ce:83:94:f9:1a:f2:28:c5:b3:77:3b:
00:6c:76:10:8e:6f:c1:62:7a:41:1e:95:00:06:93:
56:cf:f5:51:eb:22:d5:99:fb:75:3c:f9:6f:92:7a:
9f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:8A:AD:0A:E3:8A:52:83:0B:4A:CF:81:1B:DE:9D:46:B1:25:39:43
X509v3 Authority Key Identifier:
keyid:6C:FF:90:B1:77:8F:53:74:3F:92:78:3C:AF:17:48:A2:EC:D6:68:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9f:3d:dd:f4:3a:0e:4e:e0:23:9d:f9:e6:d8:76:36:1f:09:7e:
7d:e1:4d:d5:f4:6d:fb:99:8d:25:63:13:dc:2f:68:a0:5e:f4:
d2:12:6a:85:74:87:cb:14:e9:e6:77:f9:96:72:b1:2d:0f:61:
74:f7:11:f0:58:10:3c:5e:69:11:d9:ba:7d:55:77:f8:2c:ea:
a5:24:3f:d0:9e:87:e5:82:cd:12:9b:a3:a7:9c:ca:ba:6d:f7:
d6:06:38:9e:b9:db:c3:c3:39:47:ce:94:cd:32:b4:b9:32:c1:
86:2a:18:a2:8b:81:61:88:97:59:67:e3:8a:85:d2:ff:28:15:
d6:72:40:79:b6:03:a2:87:af:60:1e:d1:76:77:b8:6e:56:79:
bc:97:5e:31:00:0b:f5:2c:40:ce:8c:12:b5:0c:38:89:b9:f8:
c6:44:00:0b:f5:7e:63:90:02:82:8b:80:65:e0:40:ee:9d:0a:
f7:4b:ee:2a:4f:fd:10:99:83:f4:de:aa:b1:ca:73:0e:c7:93:
1f:7a:e9:ff:db:2a:28:e5:82:ae:d4:0a:89:51:83:4b:a1:63:
02:e9:ce:a9:3a:14:e1:18:4c:77:54:6c:2e:3d:8e:10:cf:85:
06:22:d2:d9:54:ee:22:3b:ae:a7:97:41:f0:6e:44:d3:9d:58:
bb:9b:df:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUBMyISigM89CsHeWnlcoaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZmY5MGIxNzc4ZjUzNzQzZjkyNzgzY2FmMTc0OGEyZWNk
NjY4YTAwHhcNMjUwODIyMjMwMjIwWhcNMjUwODIzMjMwMjIwWjAzMTEwLwYDVQQD
EyhmZDhhYWQwYWUzOGE1MjgzMGI0YWNmODExYmRlOWQ0NmIxMjUzOTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0VYU4/7xkaP6brjLimImX1RbwxKv
fg7XapsxcdTGPTS8XoA/Olddo+r3sDAjLgEDwlAELs/m8K1KjSjMnMb8yXIz++7E
mUiQq+Zwg6FYdvXbiWwGR3nu2+h80nCZ+rBBjmU3o+GCnHGbWINmQKa4RBvrpytL
djQ+XiARtpSuow9V+jrufRGg9JwISmcr3k/udQrBptg6yzU76NRA/Nuzk133Gtuv
0U1wa5JOTN0Qic3XgmGoug+jG43zhVTteB8eXEdfsGqjxYdJsGQ35Q9CE5wrDbGd
zoOU+RryKMWzdzsAbHYQjm/BYnpBHpUABpNWz/VR6yLVmft1PPlvknqfTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP2KrQrjilKDC0rPgRvenUaxJTlDMB8GA1UdIwQY
MBaAFGz/kLF3j1N0P5J4PK8XSKLs1migMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9kYmI1MjUtOGJhNS00MGMzLThjMTIt
N2RlZDRkNjFlOGQyLzEvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9kYmI1MjUtOGJhNS00MGMzLThjMTItN2RlZDRkNjFlOGQy
LzEvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnz3d9DoO
TuAjnfnm2HY2Hwl+feFN1fRt+5mNJWMT3C9ooF700hJqhXSHyxTp5nf5lnKxLQ9h
dPcR8FgQPF5pEdm6fVV3+CzqpSQ/0J6H5YLNEpujp5zKum331gY4nrnbw8M5R86U
zTK0uTLBhioYoouBYYiXWWfjioXS/ygV1nJAebYDooevYB7Rdne4blZ5vJdeMQAL
9SxAzowStQw4ibn4xkQAC/V+Y5ACgouAZeBA7p0K90vuKk/9EJmD9N6qscpzDseT
H3rp/9sqKOWCrtQKiVGDS6FjAunOqToU4RhMd1RsLj2OEM+FBiLS2VTuIjuup5dB
8G5E051Yu5vfVA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:20:13 2025 by rpki-client