Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.mft
File: I6IOrOflZNlFaAhkd3q-nCu41NY.mft (raw, json)
Hash identifier: AJrT9NHEnu3H5iplOtFsI1orJVH/q/tQ3A3veW2vCXU=
Subject key identifier: 9D:EA:3D:5D:4C:11:8D:B1:9F:B7:F5:40:06:1B:11:E9:EA:86:AF:98
Authority key identifier: 23:A2:0E:AC:E7:E5:64:D9:45:68:08:64:77:7A:BE:9C:2B:B8:D4:D6
Certificate issuer: /CN=23a20eace7e564d945680864777abe9c2bb8d4d6
Certificate serial: 0198D4DFCCE3F2DCF4475FA0E73E795A6C6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I6IOrOflZNlFaAhkd3q-nCu41NY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.mft
Manifest number: 97
Signing time: Sat 23 Aug 2025 03:01:33 +0000
Manifest this update: Sat 23 Aug 2025 03:01:33 +0000
Manifest next update: Sun 24 Aug 2025 03:01:33 +0000
Files and hashes: 1: I6IOrOflZNlFaAhkd3q-nCu41NY.crl (hash: Aad/3yPAtEk2omtTDcio9YpIVwzywQ93NVIPSxJe+hA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.mft
rsync://rpki.ripe.net/repository/DEFAULT/I6IOrOflZNlFaAhkd3q-nCu41NY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 03:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:df:cc:e3:f2:dc:f4:47:5f:a0:e7:3e:79:5a:6c:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23a20eace7e564d945680864777abe9c2bb8d4d6
Validity
Not Before: Aug 23 03:01:33 2025 GMT
Not After : Aug 24 03:01:33 2025 GMT
Subject: CN=9dea3d5d4c118db19fb7f540061b11e9ea86af98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:fb:dc:f9:d7:52:e8:9f:a4:e2:4c:81:e3:a5:
97:ef:1a:60:50:6c:0e:e6:45:a2:46:e3:74:97:34:
91:57:67:27:88:25:99:48:f3:d0:b2:18:e2:88:bc:
30:c5:26:1c:6c:c5:28:9c:e2:31:55:d8:71:29:cc:
d5:4b:32:01:f5:e3:ac:10:8e:5b:d7:ac:6c:a7:c9:
a9:9b:11:31:42:ee:62:8d:af:09:4c:3a:d4:56:18:
0e:5f:04:8b:b8:87:10:d7:f3:a9:47:91:18:dc:64:
17:15:04:d3:d1:f5:e0:a3:fb:27:e9:77:7e:84:60:
f2:e9:9a:bd:4d:ed:e3:0c:32:ec:76:05:8e:c8:5d:
40:d5:73:6a:83:ac:3b:88:5d:26:be:3e:fa:0b:29:
f9:07:a3:88:7e:96:5d:3f:8b:12:96:72:f3:8a:ec:
fb:9b:03:0f:c8:1a:15:5f:ea:04:dc:dc:dc:c7:44:
86:e8:79:6d:80:da:36:cb:78:29:35:11:e0:95:1c:
47:12:39:82:b8:84:03:2e:eb:46:12:e1:32:f9:54:
11:f7:4b:4e:b6:25:3e:a6:2c:d6:29:99:08:5a:30:
ee:02:11:53:da:96:6f:02:46:03:bc:fe:20:07:d0:
47:58:b6:17:f5:01:ab:a9:96:3e:61:0a:a6:1f:65:
2c:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:EA:3D:5D:4C:11:8D:B1:9F:B7:F5:40:06:1B:11:E9:EA:86:AF:98
X509v3 Authority Key Identifier:
keyid:23:A2:0E:AC:E7:E5:64:D9:45:68:08:64:77:7A:BE:9C:2B:B8:D4:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I6IOrOflZNlFaAhkd3q-nCu41NY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
58:81:74:9b:0a:0d:1a:dd:b4:50:43:d7:3c:69:c7:d4:4e:66:
e6:84:9f:69:aa:25:c6:34:8f:1a:a6:d2:1e:74:47:80:f5:88:
b6:d4:75:3a:b3:c0:54:01:e5:8a:b8:69:61:8b:30:e6:7f:dc:
2b:66:ec:f6:77:2c:0f:aa:1a:a8:a0:59:4f:17:88:73:ee:f7:
49:8e:9f:c0:0e:9e:81:52:1b:7a:08:a5:1a:f3:b3:a5:7c:28:
89:6c:a8:48:1d:61:2f:66:fe:d7:77:09:2b:95:87:77:99:58:
a6:ce:9f:8b:0d:77:bb:62:eb:7a:63:26:88:2b:33:46:c5:2a:
e7:7e:7f:bc:67:7d:29:17:da:3f:26:10:ba:3f:e6:75:26:e1:
9f:14:2f:a2:eb:cc:79:93:6b:94:e5:cc:38:5f:7e:93:05:8d:
a6:1d:a7:4c:4c:4b:99:03:14:6a:85:d0:41:39:95:08:d9:4c:
50:e8:ce:8d:27:f3:12:47:a3:a7:c6:02:a9:c6:cd:f7:e6:f1:
8d:2c:cd:0a:9e:9c:81:a2:06:c8:9e:ea:1a:a6:b2:14:cf:44:
0d:f8:3b:28:5a:1e:b2:e7:6b:ee:e0:9a:6b:cc:b6:08:12:e8:
7f:81:b4:af:6f:7d:5e:c3:12:55:e2:7a:63:ea:6c:ec:33:93:
31:0d:f8:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU38zj8tz0R1+g5z55WmxuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYTIwZWFjZTdlNTY0ZDk0NTY4MDg2NDc3N2FiZTljMmJi
OGQ0ZDYwHhcNMjUwODIzMDMwMTMzWhcNMjUwODI0MDMwMTMzWjAzMTEwLwYDVQQD
Eyg5ZGVhM2Q1ZDRjMTE4ZGIxOWZiN2Y1NDAwNjFiMTFlOWVhODZhZjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPvc+ddS6J+k4kyB46WX7xpgUGwO
5kWiRuN0lzSRV2cniCWZSPPQshjiiLwwxSYcbMUonOIxVdhxKczVSzIB9eOsEI5b
16xsp8mpmxExQu5ija8JTDrUVhgOXwSLuIcQ1/OpR5EY3GQXFQTT0fXgo/sn6Xd+
hGDy6Zq9Te3jDDLsdgWOyF1A1XNqg6w7iF0mvj76Cyn5B6OIfpZdP4sSlnLziuz7
mwMPyBoVX+oE3Nzcx0SG6HltgNo2y3gpNRHglRxHEjmCuIQDLutGEuEy+VQR90tO
tiU+pizWKZkIWjDuAhFT2pZvAkYDvP4gB9BHWLYX9QGrqZY+YQqmH2UsTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ3qPV1MEY2xn7f1QAYbEenqhq+YMB8GA1UdIwQY
MBaAFCOiDqzn5WTZRWgIZHd6vpwruNTWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTZJT3JPZmxaTmxGYUFoa2QzcS1uQ3U0MU5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS85YTBhYTUtNWJkMy00ZTg3LTlkMmYt
NzVlMGQ0Nzk3NTNmLzEvSTZJT3JPZmxaTmxGYUFoa2QzcS1uQ3U0MU5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS85YTBhYTUtNWJkMy00ZTg3LTlkMmYtNzVlMGQ0Nzk3NTNm
LzEvSTZJT3JPZmxaTmxGYUFoa2QzcS1uQ3U0MU5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWIF0mwoN
Gt20UEPXPGnH1E5m5oSfaaolxjSPGqbSHnRHgPWIttR1OrPAVAHlirhpYYsw5n/c
K2bs9ncsD6oaqKBZTxeIc+73SY6fwA6egVIbegilGvOzpXwoiWyoSB1hL2b+13cJ
K5WHd5lYps6fiw13u2LremMmiCszRsUq535/vGd9KRfaPyYQuj/mdSbhnxQvouvM
eZNrlOXMOF9+kwWNph2nTExLmQMUaoXQQTmVCNlMUOjOjSfzEkejp8YCqcbN9+bx
jSzNCp6cgaIGyJ7qGqayFM9EDfg7KFoesudr7uCaa8y2CBLof4G0r299XsMSVeJ6
Y+ps7DOTMQ34yA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:16:08 2025 by rpki-client