Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/6b8ea6-f907-40d1-9e7d-d94e601843d1/1/r4poziKkwZ8XcA9izPi7bC2vUeE.mft
File: r4poziKkwZ8XcA9izPi7bC2vUeE.mft (raw, json)
Hash identifier: vdJyJXDm265UdWJewCB2F+dpx2hhzoK3/JchEM9bofo=
Subject key identifier: A1:7E:AA:F4:8E:88:1A:17:4A:F6:AD:AF:8E:C3:2E:1C:23:4C:67:25
Authority key identifier: AF:8A:68:CE:22:A4:C1:9F:17:70:0F:62:CC:F8:BB:6C:2D:AF:51:E1
Certificate issuer: /CN=af8a68ce22a4c19f17700f62ccf8bb6c2daf51e1
Certificate serial: 0198D54E8493C54232D312451E2AB2B3CEA9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4poziKkwZ8XcA9izPi7bC2vUeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/6b8ea6-f907-40d1-9e7d-d94e601843d1/1/r4poziKkwZ8XcA9izPi7bC2vUeE.mft
Manifest number: 0FC5
Signing time: Sat 23 Aug 2025 05:02:29 +0000
Manifest this update: Sat 23 Aug 2025 05:02:29 +0000
Manifest next update: Sun 24 Aug 2025 05:02:29 +0000
Files and hashes: 1: r4poziKkwZ8XcA9izPi7bC2vUeE.crl (hash: /2J1JrAAFAWYSj8JEygLDOi2Yzo/Z2o4J68s/imGwFU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/6b8ea6-f907-40d1-9e7d-d94e601843d1/1/r4poziKkwZ8XcA9izPi7bC2vUeE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/6b8ea6-f907-40d1-9e7d-d94e601843d1/1/r4poziKkwZ8XcA9izPi7bC2vUeE.mft
rsync://rpki.ripe.net/repository/DEFAULT/r4poziKkwZ8XcA9izPi7bC2vUeE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:4e:84:93:c5:42:32:d3:12:45:1e:2a:b2:b3:ce:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af8a68ce22a4c19f17700f62ccf8bb6c2daf51e1
Validity
Not Before: Aug 23 05:02:29 2025 GMT
Not After : Aug 24 05:02:29 2025 GMT
Subject: CN=a17eaaf48e881a174af6adaf8ec32e1c234c6725
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:20:83:54:fa:13:4b:85:d8:2d:15:45:56:ec:
f5:a7:29:53:49:31:47:67:0c:67:48:5a:4c:67:26:
c9:e9:09:d7:ef:2b:ed:d7:70:b7:54:3e:73:6e:b4:
59:da:2d:4e:31:59:3d:26:ae:67:49:4e:6f:50:65:
83:aa:e8:eb:5c:b9:40:d3:7b:6c:86:d4:f2:85:84:
c5:e1:75:ef:3b:4b:9c:66:4f:0a:55:6b:40:76:d5:
1f:5f:5b:13:85:3d:8f:dc:bf:fd:a9:1c:5c:ca:35:
8c:d8:e2:9d:55:f8:27:20:99:ea:d1:ad:45:56:28:
b3:e2:d8:61:cf:0e:29:5b:de:92:2e:3b:e5:9c:5d:
ae:8e:87:7b:cf:45:36:d2:6b:04:bd:bb:d7:77:8a:
b1:af:58:34:d6:57:2e:be:b2:cb:02:e4:66:89:06:
58:34:f8:22:3d:4f:38:f2:ca:c5:01:61:01:6c:1b:
0d:e7:c9:ef:55:d9:63:79:d2:71:f1:0f:d0:2c:cf:
0f:3c:75:75:66:0a:ba:a7:bd:fd:2f:3d:4c:d7:48:
0c:c3:f5:60:8a:02:d8:22:e7:d6:02:7d:45:7c:41:
d0:41:37:fc:32:23:24:af:5b:96:d7:e8:3a:23:ef:
c3:c7:a2:3d:2c:93:4c:6a:2f:65:bd:7c:a5:71:41:
53:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:7E:AA:F4:8E:88:1A:17:4A:F6:AD:AF:8E:C3:2E:1C:23:4C:67:25
X509v3 Authority Key Identifier:
keyid:AF:8A:68:CE:22:A4:C1:9F:17:70:0F:62:CC:F8:BB:6C:2D:AF:51:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4poziKkwZ8XcA9izPi7bC2vUeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/6b8ea6-f907-40d1-9e7d-d94e601843d1/1/r4poziKkwZ8XcA9izPi7bC2vUeE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/6b8ea6-f907-40d1-9e7d-d94e601843d1/1/r4poziKkwZ8XcA9izPi7bC2vUeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
eb:b5:27:35:e0:52:0b:69:29:7e:c7:86:7d:36:61:60:05:84:
62:99:fb:c5:1c:f2:08:c9:04:c4:72:b6:f6:11:08:8c:fe:6b:
bd:4e:ab:d3:f4:b8:b5:97:d3:a4:4c:1d:57:6c:95:1c:b8:6b:
7c:b5:a7:2f:0f:bc:0e:7b:db:9a:dd:25:e7:13:46:65:a6:96:
6b:fc:89:e3:9f:20:7f:e1:01:6a:1e:23:eb:96:43:9c:41:ef:
de:ea:3a:a6:16:b2:c5:83:3e:c0:34:d4:79:3a:c4:ee:15:7a:
87:31:cf:01:e1:40:eb:fd:46:73:04:0c:1c:47:d1:55:ba:1a:
26:df:de:cf:21:71:7c:36:70:27:ff:89:c7:18:38:3e:d5:35:
3e:29:83:70:42:d3:f9:d7:61:cd:79:a6:4e:ff:e7:51:11:bf:
08:02:b8:06:a2:38:bb:ae:3f:8e:06:06:19:d5:f6:e6:d4:22:
ee:e7:44:ca:f3:78:01:da:a0:b2:bc:7c:5e:37:0f:68:fa:77:
97:0d:2e:40:56:b5:33:99:c9:93:1b:b1:7a:53:43:e4:cc:76:
e8:96:05:a0:09:81:02:b4:c8:4c:b4:56:9d:c5:2f:65:0e:00:
b5:3e:5f:b5:6d:7c:b6:3e:07:1d:91:21:32:f7:ff:3a:b3:dc:
9b:25:cd:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVToSTxUIy0xJFHiqys86pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOGE2OGNlMjJhNGMxOWYxNzcwMGY2MmNjZjhiYjZjMmRh
ZjUxZTEwHhcNMjUwODIzMDUwMjI5WhcNMjUwODI0MDUwMjI5WjAzMTEwLwYDVQQD
EyhhMTdlYWFmNDhlODgxYTE3NGFmNmFkYWY4ZWMzMmUxYzIzNGM2NzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtiCDVPoTS4XYLRVFVuz1pylTSTFH
ZwxnSFpMZybJ6QnX7yvt13C3VD5zbrRZ2i1OMVk9Jq5nSU5vUGWDqujrXLlA03ts
htTyhYTF4XXvO0ucZk8KVWtAdtUfX1sThT2P3L/9qRxcyjWM2OKdVfgnIJnq0a1F
Viiz4thhzw4pW96SLjvlnF2ujod7z0U20msEvbvXd4qxr1g01lcuvrLLAuRmiQZY
NPgiPU848srFAWEBbBsN58nvVdljedJx8Q/QLM8PPHV1Zgq6p739Lz1M10gMw/Vg
igLYIufWAn1FfEHQQTf8MiMkr1uW1+g6I+/Dx6I9LJNMai9lvXylcUFT6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKF+qvSOiBoXSvatr47DLhwjTGclMB8GA1UdIwQY
MBaAFK+KaM4ipMGfF3APYsz4u2wtr1HhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRwb3ppS2t3WjhYY0E5aXpQaTdiQzJ2VWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi82YjhlYTYtZjkwNy00MGQxLTllN2Qt
ZDk0ZTYwMTg0M2QxLzEvcjRwb3ppS2t3WjhYY0E5aXpQaTdiQzJ2VWVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi82YjhlYTYtZjkwNy00MGQxLTllN2QtZDk0ZTYwMTg0M2Qx
LzEvcjRwb3ppS2t3WjhYY0E5aXpQaTdiQzJ2VWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA67UnNeBS
C2kpfseGfTZhYAWEYpn7xRzyCMkExHK29hEIjP5rvU6r0/S4tZfTpEwdV2yVHLhr
fLWnLw+8Dnvbmt0l5xNGZaaWa/yJ458gf+EBah4j65ZDnEHv3uo6phayxYM+wDTU
eTrE7hV6hzHPAeFA6/1GcwQMHEfRVboaJt/ezyFxfDZwJ/+Jxxg4PtU1PimDcELT
+ddhzXmmTv/nURG/CAK4BqI4u64/jgYGGdX25tQi7udEyvN4Adqgsrx8XjcPaPp3
lw0uQFa1M5nJkxuxelND5Mx26JYFoAmBArTITLRWncUvZQ4AtT5ftW18tj4HHZEh
Mvf/OrPcmyXN4w==
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:17:41 2025 by rpki-client