Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.mft
File: d9LZKEIxBOXDSA4htKPtFJiyon4.mft (raw, json)
Hash identifier: GX66NOWGrwz2YekDShjE1CCOrO0xvu3D1DFOE6wRKDg=
Subject key identifier: CB:05:15:30:6A:47:C3:BF:FF:34:99:45:53:E4:04:D1:CA:CA:CB:A9
Authority key identifier: 77:D2:D9:28:42:31:04:E5:C3:48:0E:21:B4:A3:ED:14:98:B2:A2:7E
Certificate issuer: /CN=77d2d928423104e5c3480e21b4a3ed1498b2a27e
Certificate serial: 0198D65F426E4DC988ACD58F63940B85098A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d9LZKEIxBOXDSA4htKPtFJiyon4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.mft
Manifest number: 0BC2
Signing time: Sat 23 Aug 2025 10:00:23 +0000
Manifest this update: Sat 23 Aug 2025 10:00:23 +0000
Manifest next update: Sun 24 Aug 2025 10:00:23 +0000
Files and hashes: 1: HX3f5FZnDXBVPEnE5bxp-46XcDI.roa (hash: Cn4L/fOgVlSahDb0v8tdmodjivbISS4FJEJArlg0b+Y=)
2: d9LZKEIxBOXDSA4htKPtFJiyon4.crl (hash: 8IJ7wKQaEkFbj4nxO81IL71/8vzXZ5JpRydOsEWU8wQ=)
3: jKFJgU1IkNXTMlJ4fb3SLPhpIEs.roa (hash: gVNSWZlrE4CqYnhrjWkiPYyY6GBkTGDHd/hL4ezDiUs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.mft
rsync://rpki.ripe.net/repository/DEFAULT/d9LZKEIxBOXDSA4htKPtFJiyon4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:5f:42:6e:4d:c9:88:ac:d5:8f:63:94:0b:85:09:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77d2d928423104e5c3480e21b4a3ed1498b2a27e
Validity
Not Before: Aug 23 10:00:23 2025 GMT
Not After : Aug 24 10:00:23 2025 GMT
Subject: CN=cb0515306a47c3bfff34994553e404d1cacacba9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:bf:8c:b8:17:89:83:48:7b:3d:9c:5c:34:df:
c5:03:0d:75:6d:85:f8:a3:04:12:6d:d6:e5:80:7f:
f3:88:07:65:40:24:ee:61:ed:98:bb:ab:30:d1:83:
53:c5:23:1a:51:a9:8e:27:0e:1a:61:cc:f5:3f:f6:
24:67:ba:ce:4f:e9:59:cd:85:c8:b7:52:a5:40:90:
f3:ea:a6:18:da:68:a8:9f:08:b6:c2:0b:44:cb:ac:
7e:fa:22:c8:35:c3:d0:6e:90:13:9c:9b:79:13:1f:
06:3b:2e:7f:5c:81:bd:b1:c1:74:34:3b:0e:63:ba:
20:a5:69:2e:81:4c:dd:7d:99:f2:c3:04:04:f4:f2:
6e:af:6f:55:65:b2:4c:3d:41:d7:60:dc:08:36:48:
f2:25:20:eb:d2:c4:37:ac:76:c7:b5:a0:ba:42:37:
b9:fa:6a:4a:2d:2c:c2:a1:88:f0:86:40:7f:17:14:
f4:39:60:f2:75:ad:9a:67:3e:0e:1e:55:de:9d:f0:
5f:6b:c9:6d:c0:33:5e:f0:51:91:0f:63:ff:d5:98:
ad:38:4a:7a:8d:00:a4:eb:3b:c9:78:0e:6c:82:1a:
b8:f5:58:c2:73:5b:7f:5c:38:22:b1:ce:de:63:00:
47:41:36:f5:63:d5:6d:b2:ae:1b:b3:ce:27:c6:16:
c3:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:05:15:30:6A:47:C3:BF:FF:34:99:45:53:E4:04:D1:CA:CA:CB:A9
X509v3 Authority Key Identifier:
keyid:77:D2:D9:28:42:31:04:E5:C3:48:0E:21:B4:A3:ED:14:98:B2:A2:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9LZKEIxBOXDSA4htKPtFJiyon4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:19:7f:09:f0:9f:16:67:52:38:c6:62:a4:26:ff:5e:54:78:
2e:01:2b:2f:a4:df:70:b8:9b:2c:e9:73:60:98:4b:7c:fd:6a:
75:23:ca:7e:17:77:d6:8e:f7:5d:9b:9c:65:76:36:1d:a6:a2:
cb:fe:2a:b0:4c:16:ea:a6:72:ba:b3:b6:f2:07:47:9a:9d:fc:
ad:62:91:4e:22:d9:dc:46:f6:48:88:ff:bc:0d:90:bf:ba:6f:
12:c3:d9:50:2f:89:72:fb:0d:77:7f:0d:78:ef:6a:2c:3d:5b:
98:e2:58:96:1f:5d:93:b2:0f:f0:f1:5f:77:ae:07:91:f8:50:
8b:4e:a0:3c:6c:ff:16:19:b5:0f:1c:69:dc:9a:82:d9:2f:c9:
af:b9:ae:5b:1a:c1:e5:96:e4:e2:3d:a9:92:fc:47:a7:22:93:
fb:4b:25:d8:45:e2:f5:92:28:d9:7e:28:10:ef:0d:28:a8:9c:
3f:9b:8f:f9:02:1e:49:40:ef:7a:df:75:4d:02:85:bf:69:81:
4f:c8:4b:e2:b7:29:5a:32:42:36:b9:be:61:f0:36:67:b9:80:
5d:25:ab:f0:01:42:eb:76:9e:d3:e5:9c:62:c8:e1:ea:ff:f6:
c4:86:b5:09:14:61:61:aa:cf:cb:fe:bc:ef:cb:fe:ea:e2:1e:
81:90:3c:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX0JuTcmIrNWPY5QLhQmKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZDJkOTI4NDIzMTA0ZTVjMzQ4MGUyMWI0YTNlZDE0OThi
MmEyN2UwHhcNMjUwODIzMTAwMDIzWhcNMjUwODI0MTAwMDIzWjAzMTEwLwYDVQQD
EyhjYjA1MTUzMDZhNDdjM2JmZmYzNDk5NDU1M2U0MDRkMWNhY2FjYmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtb+MuBeJg0h7PZxcNN/FAw11bYX4
owQSbdblgH/ziAdlQCTuYe2Yu6sw0YNTxSMaUamOJw4aYcz1P/YkZ7rOT+lZzYXI
t1KlQJDz6qYY2mionwi2wgtEy6x++iLINcPQbpATnJt5Ex8GOy5/XIG9scF0NDsO
Y7ogpWkugUzdfZnywwQE9PJur29VZbJMPUHXYNwINkjyJSDr0sQ3rHbHtaC6Qje5
+mpKLSzCoYjwhkB/FxT0OWDyda2aZz4OHlXenfBfa8ltwDNe8FGRD2P/1ZitOEp6
jQCk6zvJeA5sghq49VjCc1t/XDgisc7eYwBHQTb1Y9Vtsq4bs84nxhbDzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMsFFTBqR8O//zSZRVPkBNHKysupMB8GA1UdIwQY
MBaAFHfS2ShCMQTlw0gOIbSj7RSYsqJ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDlMWktFSXhCT1hEU0E0aHRLUHRGSml5b240LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8yYjllMjktZDU2OC00ZDUzLWIxMjgt
NDg4NzkyMzg4ZTViLzEvZDlMWktFSXhCT1hEU0E0aHRLUHRGSml5b240Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8yYjllMjktZDU2OC00ZDUzLWIxMjgtNDg4NzkyMzg4ZTVi
LzEvZDlMWktFSXhCT1hEU0E0aHRLUHRGSml5b240LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGxl/CfCf
FmdSOMZipCb/XlR4LgErL6TfcLibLOlzYJhLfP1qdSPKfhd31o73XZucZXY2Haai
y/4qsEwW6qZyurO28gdHmp38rWKRTiLZ3Eb2SIj/vA2Qv7pvEsPZUC+JcvsNd38N
eO9qLD1bmOJYlh9dk7IP8PFfd64HkfhQi06gPGz/Fhm1Dxxp3JqC2S/Jr7muWxrB
5Zbk4j2pkvxHpyKT+0sl2EXi9ZIo2X4oEO8NKKicP5uP+QIeSUDvet91TQKFv2mB
T8hL4rcpWjJCNrm+YfA2Z7mAXSWr8AFC63ae0+WcYsjh6v/2xIa1CRRhYarPy/68
78v+6uIegZA8rg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:40:48 2025 by rpki-client