Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
File: HR3nlQkjqWQxniwzg0m9Emh75K4.mft (raw, json)
Hash identifier: vHh00ZLzI3S8R3WboGBl7snjhwD1PJ8VRneMUhMYFzY=
Subject key identifier: C2:D9:4D:02:4F:33:4D:77:CA:5D:39:00:E7:6A:2D:42:74:A7:27:10
Authority key identifier: 1D:1D:E7:95:09:23:A9:64:31:9E:2C:33:83:49:BD:12:68:7B:E4:AE
Certificate issuer: /CN=1d1de7950923a964319e2c338349bd12687be4ae
Certificate serial: 0198D660311B2D38DC68605241B22A660B66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
Manifest number: 0AC0
Signing time: Sat 23 Aug 2025 10:01:24 +0000
Manifest this update: Sat 23 Aug 2025 10:01:24 +0000
Manifest next update: Sun 24 Aug 2025 10:01:24 +0000
Files and hashes: 1: HR3nlQkjqWQxniwzg0m9Emh75K4.crl (hash: N+KYiLVlbUteFddHI+1NO0XuKcR/LQ95Jmj/alZeuio=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 10:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:60:31:1b:2d:38:dc:68:60:52:41:b2:2a:66:0b:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d1de7950923a964319e2c338349bd12687be4ae
Validity
Not Before: Aug 23 10:01:24 2025 GMT
Not After : Aug 24 10:01:24 2025 GMT
Subject: CN=c2d94d024f334d77ca5d3900e76a2d4274a72710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:2f:a5:11:1b:b6:a6:72:88:24:7f:b4:29:9d:
73:68:ba:95:16:73:c9:03:a0:b0:96:36:dd:b8:74:
27:f6:60:fb:0d:f2:40:15:e1:8c:83:b1:ad:c0:d5:
ad:57:56:4c:2f:1d:9a:45:6a:7e:52:d2:3a:26:68:
15:00:b0:5a:d4:99:3e:a1:b0:39:72:99:74:56:2c:
db:6e:64:3a:c6:d8:08:a1:98:90:bd:d4:9b:c8:34:
44:79:50:9e:d5:fd:8b:28:59:81:94:e4:23:aa:70:
18:3f:10:3c:ed:73:f6:b3:66:0e:ab:51:61:95:78:
72:7b:00:f8:4b:83:46:82:cd:80:46:43:c7:0f:8e:
05:80:57:8a:c5:69:6d:a6:32:60:f4:a6:a6:59:8c:
a8:7c:bc:18:f8:dc:60:1b:02:ba:cc:83:a5:64:dd:
78:b3:63:eb:cc:f0:2b:75:8c:22:93:83:59:96:bc:
ad:2b:26:e6:2a:54:19:6e:83:1d:af:b2:09:bc:87:
0d:22:65:aa:b8:9b:7c:55:fc:5a:cb:b8:b4:d7:5a:
99:35:2d:00:02:b4:12:a0:1f:db:6c:0d:9a:3c:29:
88:a7:92:e4:39:24:a0:5c:9c:4e:6c:97:8c:5c:87:
2a:c7:f9:5f:1a:2b:39:99:45:5d:f3:5b:c2:53:51:
2c:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:D9:4D:02:4F:33:4D:77:CA:5D:39:00:E7:6A:2D:42:74:A7:27:10
X509v3 Authority Key Identifier:
keyid:1D:1D:E7:95:09:23:A9:64:31:9E:2C:33:83:49:BD:12:68:7B:E4:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:28:c4:cf:43:24:f0:15:07:50:66:0e:4b:e4:f8:c5:2c:c0:
f9:31:8f:23:e9:16:34:8d:07:04:37:eb:35:89:1d:1b:1f:56:
f7:09:90:d5:e8:80:c1:bb:5f:13:55:f0:2f:8c:66:44:c8:20:
27:43:c7:15:a2:03:43:39:48:41:ef:34:4a:78:38:59:1d:bb:
82:cb:ec:1a:9c:0e:7b:7f:f2:a3:38:2f:06:a6:2f:3d:03:e4:
37:30:b8:ae:5e:e6:47:fc:3f:4a:1d:89:8f:8c:fa:b6:c6:36:
45:76:42:58:1c:02:b3:f3:55:33:12:2c:9a:5f:14:24:5b:9a:
cd:92:b8:7e:bf:c2:39:71:a6:d8:22:57:8a:69:48:e5:f3:85:
cf:e2:65:c0:8e:b6:a6:cc:4c:62:89:f5:73:9a:21:fd:a2:ac:
89:17:58:4a:55:ed:70:44:c4:f9:6b:3e:74:63:e0:dd:c9:2d:
df:b5:c8:ba:6f:a9:c3:59:16:2c:28:b1:16:f4:52:48:46:ed:
f8:e9:c4:a5:96:7a:ff:ff:c3:1d:41:8f:8c:de:30:b2:cd:b6:
cb:66:3a:08:0d:b7:12:d9:12:5a:01:6b:61:fa:3f:9b:65:ac:
9a:bc:13:04:c2:26:16:e2:59:8a:9f:84:e7:66:1a:ea:b6:42:
ec:fd:cd:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYDEbLTjcaGBSQbIqZgtmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMWRlNzk1MDkyM2E5NjQzMTllMmMzMzgzNDliZDEyNjg3
YmU0YWUwHhcNMjUwODIzMTAwMTI0WhcNMjUwODI0MTAwMTI0WjAzMTEwLwYDVQQD
EyhjMmQ5NGQwMjRmMzM0ZDc3Y2E1ZDM5MDBlNzZhMmQ0Mjc0YTcyNzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqy+lERu2pnKIJH+0KZ1zaLqVFnPJ
A6CwljbduHQn9mD7DfJAFeGMg7GtwNWtV1ZMLx2aRWp+UtI6JmgVALBa1Jk+obA5
cpl0VizbbmQ6xtgIoZiQvdSbyDREeVCe1f2LKFmBlOQjqnAYPxA87XP2s2YOq1Fh
lXhyewD4S4NGgs2ARkPHD44FgFeKxWltpjJg9KamWYyofLwY+NxgGwK6zIOlZN14
s2PrzPArdYwik4NZlrytKybmKlQZboMdr7IJvIcNImWquJt8Vfxay7i011qZNS0A
ArQSoB/bbA2aPCmIp5LkOSSgXJxObJeMXIcqx/lfGis5mUVd81vCU1EsMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMLZTQJPM013yl05AOdqLUJ0pycQMB8GA1UdIwQY
MBaAFB0d55UJI6lkMZ4sM4NJvRJoe+SuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9iYmUxNjAtZDliYi00YjRkLTg3Mzct
ZDhkMDBlMTZjNTkwLzEvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9iYmUxNjAtZDliYi00YjRkLTg3MzctZDhkMDBlMTZjNTkw
LzEvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhyjEz0Mk
8BUHUGYOS+T4xSzA+TGPI+kWNI0HBDfrNYkdGx9W9wmQ1eiAwbtfE1XwL4xmRMgg
J0PHFaIDQzlIQe80Sng4WR27gsvsGpwOe3/yozgvBqYvPQPkNzC4rl7mR/w/Sh2J
j4z6tsY2RXZCWBwCs/NVMxIsml8UJFuazZK4fr/COXGm2CJXimlI5fOFz+JlwI62
psxMYon1c5oh/aKsiRdYSlXtcETE+Ws+dGPg3ckt37XIum+pw1kWLCixFvRSSEbt
+OnEpZZ6///DHUGPjN4wss22y2Y6CA23EtkSWgFrYfo/m2WsmrwTBMImFuJZip+E
52Ya6rZC7P3Nuw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:24:02 2025 by rpki-client