Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft
File: 8QMX8k1xpRbXUEO-kPWr4_ocklk.mft (raw, json)
Hash identifier: 6g6y1XlP1cS8s06/EjNbnglcCAatssvjsy+ujdXX+Wk=
Subject key identifier: B0:7C:19:42:62:94:5A:CA:14:76:64:7B:1D:6A:BB:17:C5:DE:51:BF
Authority key identifier: F1:03:17:F2:4D:71:A5:16:D7:50:43:BE:90:F5:AB:E3:FA:1C:92:59
Certificate issuer: /CN=f10317f24d71a516d75043be90f5abe3fa1c9259
Certificate serial: 0198D4DFE1A63819DC568C0CFEAE18F50AC3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8QMX8k1xpRbXUEO-kPWr4_ocklk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft
Manifest number: 11FD
Signing time: Sat 23 Aug 2025 03:01:38 +0000
Manifest this update: Sat 23 Aug 2025 03:01:38 +0000
Manifest next update: Sun 24 Aug 2025 03:01:38 +0000
Files and hashes: 1: 8QMX8k1xpRbXUEO-kPWr4_ocklk.crl (hash: cs17LiwUYdCQlet7p+uLjcSdgYocMhX3uJsqjGjxK0U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft
rsync://rpki.ripe.net/repository/DEFAULT/8QMX8k1xpRbXUEO-kPWr4_ocklk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:df:e1:a6:38:19:dc:56:8c:0c:fe:ae:18:f5:0a:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f10317f24d71a516d75043be90f5abe3fa1c9259
Validity
Not Before: Aug 23 03:01:38 2025 GMT
Not After : Aug 24 03:01:38 2025 GMT
Subject: CN=b07c194262945aca1476647b1d6abb17c5de51bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:4a:74:ec:50:d6:6c:83:31:4f:21:cf:68:45:
47:d6:56:1d:4a:7e:af:bc:99:f6:1b:37:dc:07:9a:
da:96:d2:44:79:b5:45:42:17:ee:ce:de:7c:39:30:
1e:61:3c:21:8b:17:37:0d:bc:f8:83:46:0d:75:21:
07:f6:cd:86:a4:b7:19:1e:fa:6c:01:e3:32:2c:e4:
12:8f:4c:6f:09:c4:1a:89:05:59:3a:bf:9d:fb:fb:
b8:9a:3f:aa:33:c2:06:e3:ba:cd:c4:3c:45:49:d7:
80:cf:23:45:1f:9e:aa:0c:6b:0c:d0:5c:53:c0:46:
db:49:ba:a6:af:ea:56:4e:e9:70:50:48:2d:43:bc:
88:fb:ab:0b:a4:e0:e2:09:38:01:43:f3:e2:13:37:
53:a1:57:ac:40:40:4c:f7:ab:18:3e:00:e6:8e:f6:
61:50:5b:1d:35:8e:e8:1d:0f:b3:b4:b6:37:5e:c3:
fb:e0:4b:8f:25:b3:9a:0d:7d:1e:3d:5e:99:c6:c3:
69:ec:33:df:3c:17:64:cc:ce:7d:1b:d2:0f:4b:18:
18:8c:da:48:42:70:71:c3:0f:ad:80:b0:a5:94:f1:
16:9b:9b:42:fb:e8:37:18:65:ef:ed:16:4b:9f:fc:
51:b5:af:5a:b6:df:25:e4:63:39:a1:42:9e:66:b5:
3d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:7C:19:42:62:94:5A:CA:14:76:64:7B:1D:6A:BB:17:C5:DE:51:BF
X509v3 Authority Key Identifier:
keyid:F1:03:17:F2:4D:71:A5:16:D7:50:43:BE:90:F5:AB:E3:FA:1C:92:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8QMX8k1xpRbXUEO-kPWr4_ocklk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8e:c8:aa:bf:ef:18:13:4e:ec:de:93:99:ac:0b:af:57:4d:20:
da:12:fe:f9:40:ff:1a:3d:7d:8e:64:29:19:b1:bb:c9:5d:99:
32:5f:3a:8c:8b:b8:1e:9e:1a:52:e5:62:7a:53:3f:ac:78:65:
ca:b3:ed:43:f5:34:66:91:22:86:d5:9a:97:58:d9:db:b3:06:
f5:0f:cb:d8:d1:2b:0c:a9:e4:dd:19:53:ac:64:bd:3a:5c:71:
d1:94:fc:5a:cd:de:f9:62:da:71:fb:5d:79:e6:ea:57:f1:16:
9f:6f:69:e3:3b:61:23:32:91:95:f3:b5:66:c0:87:30:70:53:
2e:3e:8f:80:53:b0:29:6f:4c:a5:06:c5:dc:b3:bb:fb:2d:26:
63:05:40:0d:5d:b5:00:50:80:83:6f:38:ae:b2:ed:81:41:fe:
62:fc:e5:5d:02:93:a7:c0:34:50:95:db:7b:35:41:6d:b5:0c:
0d:5e:ca:4d:74:51:9b:f2:9a:3c:6a:ab:db:34:df:58:ce:e5:
a6:b0:14:a4:6a:e1:81:e0:cf:42:e9:45:94:b8:8b:77:5c:9b:
dd:e1:9f:7b:cb:e0:f6:3d:36:d9:82:69:8a:c1:90:2d:34:11:
0e:34:bb:63:a6:c9:cd:d7:7a:7c:31:da:9b:22:53:40:79:7e:
21:ea:8a:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU3+GmOBncVowM/q4Y9QrDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMDMxN2YyNGQ3MWE1MTZkNzUwNDNiZTkwZjVhYmUzZmEx
YzkyNTkwHhcNMjUwODIzMDMwMTM4WhcNMjUwODI0MDMwMTM4WjAzMTEwLwYDVQQD
EyhiMDdjMTk0MjYyOTQ1YWNhMTQ3NjY0N2IxZDZhYmIxN2M1ZGU1MWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA60p07FDWbIMxTyHPaEVH1lYdSn6v
vJn2GzfcB5raltJEebVFQhfuzt58OTAeYTwhixc3Dbz4g0YNdSEH9s2GpLcZHvps
AeMyLOQSj0xvCcQaiQVZOr+d+/u4mj+qM8IG47rNxDxFSdeAzyNFH56qDGsM0FxT
wEbbSbqmr+pWTulwUEgtQ7yI+6sLpODiCTgBQ/PiEzdToVesQEBM96sYPgDmjvZh
UFsdNY7oHQ+ztLY3XsP74EuPJbOaDX0ePV6ZxsNp7DPfPBdkzM59G9IPSxgYjNpI
QnBxww+tgLCllPEWm5tC++g3GGXv7RZLn/xRta9att8l5GM5oUKeZrU9dwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLB8GUJilFrKFHZkex1quxfF3lG/MB8GA1UdIwQY
MBaAFPEDF/JNcaUW11BDvpD1q+P6HJJZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFFNWDhrMXhwUmJYVUVPLWtQV3I0X29ja2xrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8xMzVhMDMtZTExYS00NzBhLTg0NmMt
NjZkNDlkZjUzZWYxLzEvOFFNWDhrMXhwUmJYVUVPLWtQV3I0X29ja2xrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8xMzVhMDMtZTExYS00NzBhLTg0NmMtNjZkNDlkZjUzZWYx
LzEvOFFNWDhrMXhwUmJYVUVPLWtQV3I0X29ja2xrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjsiqv+8Y
E07s3pOZrAuvV00g2hL++UD/Gj19jmQpGbG7yV2ZMl86jIu4Hp4aUuVielM/rHhl
yrPtQ/U0ZpEihtWal1jZ27MG9Q/L2NErDKnk3RlTrGS9Olxx0ZT8Ws3e+WLacftd
eebqV/EWn29p4zthIzKRlfO1ZsCHMHBTLj6PgFOwKW9MpQbF3LO7+y0mYwVADV21
AFCAg284rrLtgUH+YvzlXQKTp8A0UJXbezVBbbUMDV7KTXRRm/KaPGqr2zTfWM7l
prAUpGrhgeDPQulFlLiLd1yb3eGfe8vg9j022YJpisGQLTQRDjS7Y6bJzdd6fDHa
myJTQHl+IeqK3g==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:21:03 2025 by rpki-client