Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
File: gh8Shdd1qfWJJD6shErcWridl8k.mft (raw, json)
Hash identifier: vjWFpw/9JzqAaMO3ObB+Ohs7b8Q4G5BinYc8gnzS6ok=
Subject key identifier: 9C:E4:45:DB:68:70:DC:2D:8E:53:4D:B6:76:49:68:FA:3E:F4:CA:E0
Authority key identifier: 82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
Certificate issuer: /CN=821f1285d775a9f589243eac844adc5ab89d97c9
Certificate serial: 0198D54DDBF025F5A07093D86C91BA1A90F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
Manifest number: 0AEE
Signing time: Sat 23 Aug 2025 05:01:46 +0000
Manifest this update: Sat 23 Aug 2025 05:01:46 +0000
Manifest next update: Sun 24 Aug 2025 05:01:46 +0000
Files and hashes: 1: 9ZpW1MFLfzhcDdO5wTaJpRND5LI.roa (hash: eD8scxSV/Ipj3PNHolMKD1Dy5Nq6O0rfumsVRuff780=)
2: gh8Shdd1qfWJJD6shErcWridl8k.crl (hash: bWIiGn0usG1ClzKXJPRlA8A78Dz00INKjYODDmbU5gc=)
3: yGExv6aT2zwwq4E64R4PQ7ZXbjU.roa (hash: UK4ZT9heAIw8jcnXNcqfBznXiBKMuH0NwH/ajGH3z/U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:4d:db:f0:25:f5:a0:70:93:d8:6c:91:ba:1a:90:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821f1285d775a9f589243eac844adc5ab89d97c9
Validity
Not Before: Aug 23 05:01:46 2025 GMT
Not After : Aug 24 05:01:46 2025 GMT
Subject: CN=9ce445db6870dc2d8e534db6764968fa3ef4cae0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:43:67:c5:6a:19:93:6f:93:a3:11:0f:e6:24:
c4:89:3c:77:ee:76:05:48:9d:9a:b0:de:89:f4:3c:
e0:98:60:fe:91:67:4e:65:fa:2f:07:20:22:d3:e5:
02:6a:ce:f8:dd:58:8c:ac:16:5f:eb:13:c5:4b:52:
46:2b:cd:53:c9:ed:5d:94:34:f3:f5:41:ec:92:2b:
d0:71:8c:4d:72:c0:12:50:d5:2e:e3:93:41:41:f1:
62:9c:4b:60:a9:d0:cb:4c:79:56:6c:c5:d6:ce:70:
6e:36:80:45:cf:1d:9a:15:08:45:72:42:ba:85:8a:
87:af:97:2f:98:4c:e6:32:e1:6c:e1:d3:69:dd:1d:
72:a3:92:09:73:b1:26:89:24:1f:94:53:ab:16:8b:
8b:04:4a:c0:c5:2d:34:55:25:03:f5:55:98:c4:0b:
97:56:02:a9:94:b0:00:6a:8e:0f:08:1a:35:04:af:
b9:17:b8:dc:6d:24:73:ca:a8:b8:a5:3f:d3:87:e9:
8a:6d:e8:10:14:1e:c8:2a:3e:dd:9f:09:1d:b3:ad:
6c:ed:2e:46:41:d7:33:ae:57:1b:17:5c:7b:7e:65:
3d:35:5e:ad:6a:8f:a9:76:ac:9c:54:69:2c:73:ad:
05:a8:0f:3b:07:41:d0:6d:5f:8b:cf:26:11:69:25:
6d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:E4:45:DB:68:70:DC:2D:8E:53:4D:B6:76:49:68:FA:3E:F4:CA:E0
X509v3 Authority Key Identifier:
keyid:82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6e:e2:9f:d6:e7:f1:6c:3b:64:3b:e3:0f:b6:71:73:b5:61:38:
37:33:1c:9a:03:ae:63:d2:d0:2a:a1:6d:27:40:01:d3:ed:b0:
24:02:7b:37:55:f7:84:6d:75:6e:9d:5c:79:42:e9:f4:b7:8f:
74:46:cd:cf:4b:13:e1:22:2d:ca:bf:dc:ce:b8:59:03:87:27:
5d:45:dc:b3:60:8c:28:8e:4b:d8:d7:e4:b4:47:09:8d:b1:6f:
f7:19:70:4d:de:b7:3c:45:01:a0:dc:ac:a6:2f:30:17:92:db:
9f:f0:3e:49:7f:23:ac:8f:13:7f:cb:ed:b8:ed:51:4b:c6:35:
1e:62:39:bb:b3:59:f5:10:67:cb:38:73:bd:37:7c:43:33:4a:
e2:3f:39:23:c7:76:30:2e:21:fa:69:5b:9d:26:3e:98:6e:ae:
47:f1:65:64:72:21:7c:ff:ca:85:b3:2d:17:de:1e:dc:ac:c7:
99:63:2c:c7:d6:1d:46:e9:ec:56:d1:b3:bc:30:53:8b:be:a1:
34:03:88:21:56:1f:42:cf:63:0d:dd:f7:3c:67:27:a4:a0:9c:
36:38:bb:1b:22:c7:47:e0:86:64:e7:0f:e0:07:b5:b8:37:69:
12:a0:f6:d4:d9:e4:29:80:1c:40:c1:19:36:a3:79:12:50:1d:
3e:fc:46:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTdvwJfWgcJPYbJG6GpD4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWYxMjg1ZDc3NWE5ZjU4OTI0M2VhYzg0NGFkYzVhYjg5
ZDk3YzkwHhcNMjUwODIzMDUwMTQ2WhcNMjUwODI0MDUwMTQ2WjAzMTEwLwYDVQQD
Eyg5Y2U0NDVkYjY4NzBkYzJkOGU1MzRkYjY3NjQ5NjhmYTNlZjRjYWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00NnxWoZk2+ToxEP5iTEiTx37nYF
SJ2asN6J9DzgmGD+kWdOZfovByAi0+UCas743ViMrBZf6xPFS1JGK81Tye1dlDTz
9UHskivQcYxNcsASUNUu45NBQfFinEtgqdDLTHlWbMXWznBuNoBFzx2aFQhFckK6
hYqHr5cvmEzmMuFs4dNp3R1yo5IJc7EmiSQflFOrFouLBErAxS00VSUD9VWYxAuX
VgKplLAAao4PCBo1BK+5F7jcbSRzyqi4pT/Th+mKbegQFB7IKj7dnwkds61s7S5G
QdczrlcbF1x7fmU9NV6tao+pdqycVGksc60FqA87B0HQbV+LzyYRaSVtBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJzkRdtocNwtjlNNtnZJaPo+9MrgMB8GA1UdIwQY
MBaAFIIfEoXXdan1iSQ+rIRK3Fq4nZfJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQt
NDhlZWE4ZDVmZWYxLzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQtNDhlZWE4ZDVmZWYx
LzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbuKf1ufx
bDtkO+MPtnFztWE4NzMcmgOuY9LQKqFtJ0AB0+2wJAJ7N1X3hG11bp1ceULp9LeP
dEbNz0sT4SItyr/czrhZA4cnXUXcs2CMKI5L2NfktEcJjbFv9xlwTd63PEUBoNys
pi8wF5Lbn/A+SX8jrI8Tf8vtuO1RS8Y1HmI5u7NZ9RBnyzhzvTd8QzNK4j85I8d2
MC4h+mlbnSY+mG6uR/FlZHIhfP/KhbMtF94e3KzHmWMsx9YdRunsVtGzvDBTi76h
NAOIIVYfQs9jDd33PGcnpKCcNji7GyLHR+CGZOcP4Ae1uDdpEqD21NnkKYAcQMEZ
NqN5ElAdPvxGJw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:27:21 2025 by rpki-client