Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.mft
File: rKbwaDzHS63SOoFAw4XxyBziTfc.mft (raw, json)
Hash identifier: b0BeJWz3Aw5X6cyOYp3OUkRg8eyrjqldtwP+0p1aJOE=
Subject key identifier: 88:A4:F9:DD:86:E3:C6:A5:9C:2F:7B:D9:60:93:DE:88:22:F4:E2:1C
Authority key identifier: AC:A6:F0:68:3C:C7:4B:AD:D2:3A:81:40:C3:85:F1:C8:1C:E2:4D:F7
Certificate issuer: /CN=aca6f0683cc74badd23a8140c385f1c81ce24df7
Certificate serial: 0198D4E08FF0E1463788A95F501FA34F239F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKbwaDzHS63SOoFAw4XxyBziTfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.mft
Manifest number: 0CF2
Signing time: Sat 23 Aug 2025 03:02:23 +0000
Manifest this update: Sat 23 Aug 2025 03:02:23 +0000
Manifest next update: Sun 24 Aug 2025 03:02:23 +0000
Files and hashes: 1: 0vFnPnyD0rk0NBq-vHcuUjmsih4.roa (hash: 8C+9WOepMdgxD+Xcj7Wjy9LCISmYrp2hucRDb6Vj6WM=)
2: rKbwaDzHS63SOoFAw4XxyBziTfc.crl (hash: K2AU/7rQb32wh9p7C2yTrwrTHwytCj3pDg4KxoMx1F0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKbwaDzHS63SOoFAw4XxyBziTfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:e0:8f:f0:e1:46:37:88:a9:5f:50:1f:a3:4f:23:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca6f0683cc74badd23a8140c385f1c81ce24df7
Validity
Not Before: Aug 23 03:02:23 2025 GMT
Not After : Aug 24 03:02:23 2025 GMT
Subject: CN=88a4f9dd86e3c6a59c2f7bd96093de8822f4e21c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:95:b1:25:e7:66:15:2c:0e:c2:ad:7f:76:6d:
85:a1:81:26:40:7f:4f:15:b7:99:f1:fc:7a:3c:38:
87:39:d2:16:3b:5b:e1:1f:89:af:b8:e7:56:3f:85:
15:26:4f:ef:a4:68:90:f8:c3:d1:1c:28:87:75:26:
3d:c2:21:22:aa:34:48:c1:ad:a1:63:41:57:dc:2c:
b7:b7:81:6e:74:96:15:a6:6e:96:a2:81:51:68:9f:
2b:bf:68:d5:47:69:74:d7:23:45:50:6b:8d:bc:ce:
c1:bd:81:e2:54:70:91:12:e9:53:fb:99:91:dc:a8:
5f:22:f2:d2:05:d0:8d:01:76:ee:01:99:23:77:81:
c6:07:e8:bc:c7:c0:75:39:f6:ab:44:c9:0e:cd:81:
b9:5a:87:6d:c7:6d:b3:3b:31:d5:ed:77:93:d8:eb:
40:48:86:dd:1f:3f:ae:c4:f6:a3:28:38:e9:10:cf:
a8:a8:8e:a0:ad:5b:bd:b3:35:b3:c8:19:14:5b:78:
10:04:17:72:14:fb:85:11:14:aa:d2:62:c2:4d:a2:
bf:c5:14:74:dc:01:44:03:c5:3d:2f:b5:85:a9:26:
60:2d:5a:df:15:6f:e2:da:3d:e4:86:11:32:c8:c7:
db:02:b5:8e:da:f4:da:a3:e7:2f:10:15:37:d6:0f:
80:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:A4:F9:DD:86:E3:C6:A5:9C:2F:7B:D9:60:93:DE:88:22:F4:E2:1C
X509v3 Authority Key Identifier:
keyid:AC:A6:F0:68:3C:C7:4B:AD:D2:3A:81:40:C3:85:F1:C8:1C:E2:4D:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKbwaDzHS63SOoFAw4XxyBziTfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
58:12:03:ee:b7:10:6e:65:44:b7:d0:39:e9:71:b9:04:cd:73:
20:2c:65:f1:cd:7f:b1:02:de:9c:c6:5c:cb:ab:3c:07:eb:f0:
cd:de:e9:82:a8:19:92:35:3c:bc:1d:80:a6:17:33:56:f4:26:
07:cb:68:e1:bb:33:77:31:57:e0:3d:a7:1e:bd:90:04:c6:ca:
cb:8e:b9:e3:f9:1c:37:51:03:54:33:0f:4a:04:50:ff:46:3b:
a1:b0:e8:69:05:5c:1a:33:9c:80:51:67:dc:05:f1:7f:d7:1b:
8e:1b:3b:8d:b7:d8:8b:52:46:99:33:a3:bd:18:e8:dd:63:08:
f1:f7:2a:59:f6:38:3f:d1:8f:67:ef:2a:69:45:07:e8:b1:b7:
3d:16:f0:60:5c:75:bb:2a:67:69:91:7f:ae:5b:f1:eb:33:c7:
d3:25:25:15:21:55:29:a5:69:c8:da:17:81:a6:f3:1e:52:1a:
93:20:57:f8:be:8b:b0:ba:fe:79:ba:40:bb:ee:4b:11:63:b2:
06:92:1d:4a:15:99:d9:e5:cc:9f:6d:ce:fe:5c:b6:a1:39:a8:
3c:57:af:13:15:d5:42:d1:e3:d5:ab:99:d2:58:dd:cb:79:54:
12:20:85:fd:59:b5:13:ca:0f:a4:8d:06:5a:16:74:1d:b8:83:
93:10:04:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4I/w4UY3iKlfUB+jTyOfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTZmMDY4M2NjNzRiYWRkMjNhODE0MGMzODVmMWM4MWNl
MjRkZjcwHhcNMjUwODIzMDMwMjIzWhcNMjUwODI0MDMwMjIzWjAzMTEwLwYDVQQD
Eyg4OGE0ZjlkZDg2ZTNjNmE1OWMyZjdiZDk2MDkzZGU4ODIyZjRlMjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJWxJedmFSwOwq1/dm2FoYEmQH9P
FbeZ8fx6PDiHOdIWO1vhH4mvuOdWP4UVJk/vpGiQ+MPRHCiHdSY9wiEiqjRIwa2h
Y0FX3Cy3t4FudJYVpm6WooFRaJ8rv2jVR2l01yNFUGuNvM7BvYHiVHCREulT+5mR
3KhfIvLSBdCNAXbuAZkjd4HGB+i8x8B1OfarRMkOzYG5Wodtx22zOzHV7XeT2OtA
SIbdHz+uxPajKDjpEM+oqI6grVu9szWzyBkUW3gQBBdyFPuFERSq0mLCTaK/xRR0
3AFEA8U9L7WFqSZgLVrfFW/i2j3khhEyyMfbArWO2vTao+cvEBU31g+AlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIik+d2G48alnC972WCT3ogi9OIcMB8GA1UdIwQY
MBaAFKym8Gg8x0ut0jqBQMOF8cgc4k33MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktid2FEekhTNjNTT29GQXc0WHh5QnppVGZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8yZDQ4MTgtZjE4Mi00YjQ2LTllOGMt
MDgyNzk2MWMwNWUwLzEvcktid2FEekhTNjNTT29GQXc0WHh5QnppVGZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8yZDQ4MTgtZjE4Mi00YjQ2LTllOGMtMDgyNzk2MWMwNWUw
LzEvcktid2FEekhTNjNTT29GQXc0WHh5QnppVGZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWBID7rcQ
bmVEt9A56XG5BM1zICxl8c1/sQLenMZcy6s8B+vwzd7pgqgZkjU8vB2AphczVvQm
B8to4bszdzFX4D2nHr2QBMbKy4654/kcN1EDVDMPSgRQ/0Y7obDoaQVcGjOcgFFn
3AXxf9cbjhs7jbfYi1JGmTOjvRjo3WMI8fcqWfY4P9GPZ+8qaUUH6LG3PRbwYFx1
uypnaZF/rlvx6zPH0yUlFSFVKaVpyNoXgabzHlIakyBX+L6LsLr+ebpAu+5LEWOy
BpIdShWZ2eXMn23O/ly2oTmoPFevExXVQtHj1auZ0ljdy3lUEiCF/Vm1E8oPpI0G
WhZ0HbiDkxAEnQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:25:45 2025 by rpki-client