Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/35b49b-03a3-4101-a3fe-1d8e19df4a62/1/MtOVxX39MMDNLDD0IziuTBSnUKE.mft
File: MtOVxX39MMDNLDD0IziuTBSnUKE.mft (raw, json)
Hash identifier: 12o3weg64SEUZN8sv7GCTp1c2h6B26q6fYA6BEdTI7c=
Subject key identifier: B4:A7:7C:C3:32:CF:A9:8E:20:33:04:9A:4D:C7:C9:9D:95:F2:C3:81
Authority key identifier: 32:D3:95:C5:7D:FD:30:C0:CD:2C:30:F4:23:38:AE:4C:14:A7:50:A1
Certificate issuer: /CN=32d395c57dfd30c0cd2c30f42338ae4c14a750a1
Certificate serial: 0198D515740CA95F4330BFB9D36C0852B741
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MtOVxX39MMDNLDD0IziuTBSnUKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/35b49b-03a3-4101-a3fe-1d8e19df4a62/1/MtOVxX39MMDNLDD0IziuTBSnUKE.mft
Manifest number: 0B32
Signing time: Sat 23 Aug 2025 04:00:09 +0000
Manifest this update: Sat 23 Aug 2025 04:00:09 +0000
Manifest next update: Sun 24 Aug 2025 04:00:09 +0000
Files and hashes: 1: MtOVxX39MMDNLDD0IziuTBSnUKE.crl (hash: dhGsyJaIhy/9KSMR3AW/fNqDuYWO5fuVSoh7bhauOMk=)
2: SwDsrRhvfBw9F4XGJ9jQ9aLMXmM.roa (hash: 3d2l7JTHz6vbNzzhkSjJTHAcnYSSZFmoaOBcI2qRo/o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/35b49b-03a3-4101-a3fe-1d8e19df4a62/1/MtOVxX39MMDNLDD0IziuTBSnUKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/35b49b-03a3-4101-a3fe-1d8e19df4a62/1/MtOVxX39MMDNLDD0IziuTBSnUKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/MtOVxX39MMDNLDD0IziuTBSnUKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:15:74:0c:a9:5f:43:30:bf:b9:d3:6c:08:52:b7:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32d395c57dfd30c0cd2c30f42338ae4c14a750a1
Validity
Not Before: Aug 23 04:00:09 2025 GMT
Not After : Aug 24 04:00:09 2025 GMT
Subject: CN=b4a77cc332cfa98e2033049a4dc7c99d95f2c381
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a9:dd:00:37:c1:35:69:e6:9a:97:3d:7e:55:
d6:9d:73:3a:3a:de:e4:7f:a5:2b:bb:3d:37:d7:b5:
3a:b3:95:2c:ae:39:13:53:ec:74:28:52:ba:fe:07:
0e:2a:7b:ff:ce:33:de:b1:5b:29:b8:dc:a0:96:3e:
2b:ba:84:aa:fc:2c:20:bc:ec:3e:73:22:ac:12:fd:
c7:12:6f:58:87:0f:e9:84:8c:a0:74:75:ce:69:bf:
1d:cb:10:89:ec:f9:c3:de:42:07:35:09:41:5e:83:
e9:15:87:d9:3a:52:f6:b7:9f:ab:1b:36:60:3c:9d:
6b:7d:1e:13:98:ce:dd:d8:27:02:8f:78:6b:43:4b:
41:6b:f5:b1:c0:d8:16:5c:a9:72:4f:14:7e:a9:64:
94:d4:a5:51:f8:72:5b:95:10:bb:9c:a7:26:e6:f3:
19:dd:b0:f8:09:7a:6d:25:cb:31:d8:68:10:c0:4d:
10:c0:86:de:e5:27:3f:a8:41:b6:6f:ca:92:ac:66:
67:c9:5e:e3:42:03:4a:a1:af:2b:1d:87:2b:e6:eb:
e7:ed:77:c5:d9:46:a8:60:fe:a0:ee:fb:e0:dc:83:
41:0a:27:cd:3a:f8:3a:ce:0c:64:07:c4:76:05:73:
31:b0:2c:7b:de:1d:62:94:ec:88:98:a2:fe:6d:f1:
a5:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:A7:7C:C3:32:CF:A9:8E:20:33:04:9A:4D:C7:C9:9D:95:F2:C3:81
X509v3 Authority Key Identifier:
keyid:32:D3:95:C5:7D:FD:30:C0:CD:2C:30:F4:23:38:AE:4C:14:A7:50:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MtOVxX39MMDNLDD0IziuTBSnUKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/35b49b-03a3-4101-a3fe-1d8e19df4a62/1/MtOVxX39MMDNLDD0IziuTBSnUKE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/35b49b-03a3-4101-a3fe-1d8e19df4a62/1/MtOVxX39MMDNLDD0IziuTBSnUKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3f:ee:8b:ae:33:6d:b7:48:43:79:87:3b:2c:ee:c8:ea:a4:71:
90:f4:44:2a:b5:e0:f2:07:d2:0a:08:ab:3e:ee:b4:9d:43:9d:
63:eb:81:34:ab:10:82:7f:e4:f1:73:c1:df:97:90:55:8c:5c:
d3:02:f6:f2:46:ba:8d:73:74:c5:2d:cf:ad:b4:db:fe:74:6b:
b6:2f:8f:a4:46:36:e4:f0:e6:ab:7c:76:4e:75:cf:fb:0a:2c:
58:6e:c7:f2:2f:7b:b6:2c:f1:ca:59:f5:71:8a:94:d2:dc:e8:
92:a0:e6:4f:7c:2f:10:3f:d6:ba:cc:19:1d:42:e9:bd:2f:f5:
b7:ab:30:3a:4e:19:53:38:a8:d2:01:6b:76:86:43:bb:5c:ab:
30:99:0b:e6:69:49:55:71:03:1b:98:45:d3:d2:e3:f7:58:46:
39:a4:92:ed:27:40:12:e0:54:03:86:33:cb:41:fb:4d:52:45:
72:d2:5c:bf:49:16:0a:30:8d:a3:90:06:8f:63:21:8f:3a:52:
7a:86:2d:5d:09:ea:80:ea:03:80:39:9a:1a:66:e6:19:58:d7:
69:06:8d:6b:f5:08:98:9c:d6:2f:3c:c8:84:21:d3:b0:ba:a2:
34:6d:29:ce:28:60:57:96:a2:1d:0c:9a:23:2f:b0:f4:d8:5d:
0d:94:c0:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFXQMqV9DML+502wIUrdBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyZDM5NWM1N2RmZDMwYzBjZDJjMzBmNDIzMzhhZTRjMTRh
NzUwYTEwHhcNMjUwODIzMDQwMDA5WhcNMjUwODI0MDQwMDA5WjAzMTEwLwYDVQQD
EyhiNGE3N2NjMzMyY2ZhOThlMjAzMzA0OWE0ZGM3Yzk5ZDk1ZjJjMzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqndADfBNWnmmpc9flXWnXM6Ot7k
f6Uruz0317U6s5UsrjkTU+x0KFK6/gcOKnv/zjPesVspuNyglj4ruoSq/CwgvOw+
cyKsEv3HEm9Yhw/phIygdHXOab8dyxCJ7PnD3kIHNQlBXoPpFYfZOlL2t5+rGzZg
PJ1rfR4TmM7d2CcCj3hrQ0tBa/WxwNgWXKlyTxR+qWSU1KVR+HJblRC7nKcm5vMZ
3bD4CXptJcsx2GgQwE0QwIbe5Sc/qEG2b8qSrGZnyV7jQgNKoa8rHYcr5uvn7XfF
2UaoYP6g7vvg3INBCifNOvg6zgxkB8R2BXMxsCx73h1ilOyImKL+bfGlfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLSnfMMyz6mOIDMEmk3HyZ2V8sOBMB8GA1UdIwQY
MBaAFDLTlcV9/TDAzSww9CM4rkwUp1ChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXRPVnhYMzlNTUROTEREMEl6aXVUQlNuVUtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8zNWI0OWItMDNhMy00MTAxLWEzZmUt
MWQ4ZTE5ZGY0YTYyLzEvTXRPVnhYMzlNTUROTEREMEl6aXVUQlNuVUtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8zNWI0OWItMDNhMy00MTAxLWEzZmUtMWQ4ZTE5ZGY0YTYy
LzEvTXRPVnhYMzlNTUROTEREMEl6aXVUQlNuVUtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP+6LrjNt
t0hDeYc7LO7I6qRxkPREKrXg8gfSCgirPu60nUOdY+uBNKsQgn/k8XPB35eQVYxc
0wL28ka6jXN0xS3PrbTb/nRrti+PpEY25PDmq3x2TnXP+wosWG7H8i97tizxyln1
cYqU0tzokqDmT3wvED/WuswZHULpvS/1t6swOk4ZUzio0gFrdoZDu1yrMJkL5mlJ
VXEDG5hF09Lj91hGOaSS7SdAEuBUA4Yzy0H7TVJFctJcv0kWCjCNo5AGj2MhjzpS
eoYtXQnqgOoDgDmaGmbmGVjXaQaNa/UImJzWLzzIhCHTsLqiNG0pzihgV5aiHQya
Iy+w9NhdDZTAAQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:12:07 2025 by rpki-client