Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c54f42-912f-4b81-8b00-5c00fcd73619/1/Kz9vqfA3dl50vfKsgsy6vH5PyO0.mft
File: Kz9vqfA3dl50vfKsgsy6vH5PyO0.mft (raw, json)
Hash identifier: mGpSge3LTtQoztPkIeaHhV3hMCdZXkmd7uheN8qRPSk=
Subject key identifier: A9:0B:2A:64:D2:8D:1A:72:20:E5:4C:AE:D5:65:18:14:60:4F:DD:A9
Authority key identifier: 2B:3F:6F:A9:F0:37:76:5E:74:BD:F2:AC:82:CC:BA:BC:7E:4F:C8:ED
Certificate issuer: /CN=2b3f6fa9f037765e74bdf2ac82ccbabc7e4fc8ed
Certificate serial: 0198D5F193FCAF6D12363FFC6A2B240C3E3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kz9vqfA3dl50vfKsgsy6vH5PyO0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c54f42-912f-4b81-8b00-5c00fcd73619/1/Kz9vqfA3dl50vfKsgsy6vH5PyO0.mft
Manifest number: 023D
Signing time: Sat 23 Aug 2025 08:00:35 +0000
Manifest this update: Sat 23 Aug 2025 08:00:35 +0000
Manifest next update: Sun 24 Aug 2025 08:00:35 +0000
Files and hashes: 1: 7RtSvYvJ-s26z4jJmihBpc9PPTg.roa (hash: +WPL+eLMOyDQbtRDqabesCoaqYzO2nUYgvkky6oLihM=)
2: Kz9vqfA3dl50vfKsgsy6vH5PyO0.crl (hash: AuzbMn3RAa38GmmQWZMmsMKnMeztT8w9n00SwQBaATo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/c54f42-912f-4b81-8b00-5c00fcd73619/1/Kz9vqfA3dl50vfKsgsy6vH5PyO0.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/c54f42-912f-4b81-8b00-5c00fcd73619/1/Kz9vqfA3dl50vfKsgsy6vH5PyO0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Kz9vqfA3dl50vfKsgsy6vH5PyO0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:f1:93:fc:af:6d:12:36:3f:fc:6a:2b:24:0c:3e:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b3f6fa9f037765e74bdf2ac82ccbabc7e4fc8ed
Validity
Not Before: Aug 23 08:00:35 2025 GMT
Not After : Aug 24 08:00:35 2025 GMT
Subject: CN=a90b2a64d28d1a7220e54caed5651814604fdda9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:02:fd:66:65:60:03:e5:a2:c7:ad:4f:32:17:
88:74:d0:74:dc:09:fa:37:d0:d2:ac:4b:7b:97:b2:
7d:b9:1b:26:67:12:30:03:bf:ff:b7:85:61:7b:a2:
c9:33:b6:ba:66:5c:10:b6:f8:53:69:ea:73:b8:94:
dc:e6:72:1f:04:ca:6d:28:40:43:77:b6:36:b3:d1:
da:dd:db:7e:6d:d8:b9:b0:62:83:d9:eb:72:81:3a:
50:78:e9:e2:4e:7f:ca:d2:f0:3f:9c:19:f2:a5:88:
01:71:b4:69:2a:95:be:35:02:db:14:86:cb:4b:a4:
74:44:1a:95:3e:ab:79:8d:5d:f2:03:d2:48:34:85:
a7:27:77:3c:26:3e:cd:b5:24:e6:fb:b5:2c:aa:56:
83:71:b5:d1:cf:c8:10:38:13:2e:af:f0:c1:0b:0a:
ef:72:29:37:db:42:83:e1:a1:ec:4f:63:c1:71:e7:
f1:4d:4a:69:a8:00:c5:cd:0e:99:18:e5:bf:d0:42:
57:8f:b6:18:fa:13:94:a0:3b:15:45:4b:bc:fe:db:
28:f1:ee:90:d2:af:48:67:a7:8c:7f:c9:1b:77:0d:
b3:26:51:bf:f9:f2:5b:32:d6:b5:9c:e0:64:a0:58:
3a:42:93:af:c8:6e:b7:0b:a1:2e:e2:bd:fd:06:1e:
b3:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:0B:2A:64:D2:8D:1A:72:20:E5:4C:AE:D5:65:18:14:60:4F:DD:A9
X509v3 Authority Key Identifier:
keyid:2B:3F:6F:A9:F0:37:76:5E:74:BD:F2:AC:82:CC:BA:BC:7E:4F:C8:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kz9vqfA3dl50vfKsgsy6vH5PyO0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c54f42-912f-4b81-8b00-5c00fcd73619/1/Kz9vqfA3dl50vfKsgsy6vH5PyO0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c54f42-912f-4b81-8b00-5c00fcd73619/1/Kz9vqfA3dl50vfKsgsy6vH5PyO0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:70:ae:00:de:b5:4f:f6:aa:64:2e:e7:a0:b3:21:85:90:d4:
46:2c:a8:51:41:b9:72:1b:47:8c:6f:b3:68:14:99:c6:e3:e8:
b6:cb:31:b4:1f:bb:73:8f:ab:f3:c7:9d:cd:c1:88:2c:b3:10:
3a:52:71:1c:d9:a1:bb:aa:9e:c5:34:96:ba:4d:40:b7:42:c9:
dc:a4:a3:c7:d6:8e:9a:c4:71:72:1a:1d:b0:00:40:79:22:e2:
49:2f:09:fb:be:dc:19:55:c2:2b:ac:d9:28:66:6c:3c:04:e7:
68:92:f9:7d:c0:6e:e5:db:de:f0:01:ca:78:c7:80:47:4a:f0:
d3:7b:57:fc:99:2d:3d:10:34:d8:bc:12:60:f8:27:47:82:fd:
0b:e2:67:e7:a5:f5:65:4f:24:ee:e7:11:66:e4:1a:21:ee:64:
70:07:c4:69:9d:07:87:05:c7:db:a9:65:3e:4f:78:d2:e0:a9:
ec:2f:48:2a:37:64:38:ce:3a:3f:2f:6e:00:52:ae:59:66:65:
af:80:25:cf:fa:d3:2a:7b:9b:4d:d1:69:73:fb:b6:8c:ca:3d:
90:3f:ee:f5:7c:2f:e9:ec:0c:39:49:e2:08:05:da:0a:f4:78:
a8:2f:7e:ce:c7:cd:e6:82:ef:93:ea:18:c8:5e:2c:83:f9:9b:
f4:ec:48:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjV8ZP8r20SNj/8aiskDD46MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiM2Y2ZmE5ZjAzNzc2NWU3NGJkZjJhYzgyY2NiYWJjN2U0
ZmM4ZWQwHhcNMjUwODIzMDgwMDM1WhcNMjUwODI0MDgwMDM1WjAzMTEwLwYDVQQD
EyhhOTBiMmE2NGQyOGQxYTcyMjBlNTRjYWVkNTY1MTgxNDYwNGZkZGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAL9ZmVgA+Wix61PMheIdNB03An6
N9DSrEt7l7J9uRsmZxIwA7//t4Vhe6LJM7a6ZlwQtvhTaepzuJTc5nIfBMptKEBD
d7Y2s9Ha3dt+bdi5sGKD2etygTpQeOniTn/K0vA/nBnypYgBcbRpKpW+NQLbFIbL
S6R0RBqVPqt5jV3yA9JINIWnJ3c8Jj7NtSTm+7UsqlaDcbXRz8gQOBMur/DBCwrv
cik320KD4aHsT2PBcefxTUppqADFzQ6ZGOW/0EJXj7YY+hOUoDsVRUu8/tso8e6Q
0q9IZ6eMf8kbdw2zJlG/+fJbMta1nOBkoFg6QpOvyG63C6Eu4r39Bh6zqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKkLKmTSjRpyIOVMrtVlGBRgT92pMB8GA1UdIwQY
MBaAFCs/b6nwN3ZedL3yrILMurx+T8jtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3o5dnFmQTNkbDUwdmZLc2dzeTZ2SDVQeU8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jNTRmNDItOTEyZi00YjgxLThiMDAt
NWMwMGZjZDczNjE5LzEvS3o5dnFmQTNkbDUwdmZLc2dzeTZ2SDVQeU8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jNTRmNDItOTEyZi00YjgxLThiMDAtNWMwMGZjZDczNjE5
LzEvS3o5dnFmQTNkbDUwdmZLc2dzeTZ2SDVQeU8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApHCuAN61
T/aqZC7noLMhhZDURiyoUUG5chtHjG+zaBSZxuPotssxtB+7c4+r88edzcGILLMQ
OlJxHNmhu6qexTSWuk1At0LJ3KSjx9aOmsRxchodsABAeSLiSS8J+77cGVXCK6zZ
KGZsPATnaJL5fcBu5dve8AHKeMeAR0rw03tX/JktPRA02LwSYPgnR4L9C+Jn56X1
ZU8k7ucRZuQaIe5kcAfEaZ0HhwXH26llPk940uCp7C9IKjdkOM46Py9uAFKuWWZl
r4Alz/rTKnubTdFpc/u2jMo9kD/u9Xwv6ewMOUniCAXaCvR4qC9+zsfN5oLvk+oY
yF4sg/mb9OxItQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:23:42 2025 by rpki-client