Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft
File: 0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft (raw, json)
Hash identifier: 8UcYE9FzB+w0JVNaGIZ0rmYpNVtWENTC4G2+8Vuo9cs=
Subject key identifier: F1:B4:6C:3D:F2:53:09:82:62:8B:F2:96:52:32:B6:3B:90:DC:CB:DC
Authority key identifier: D2:48:18:59:56:E4:43:B5:5B:06:22:00:F9:64:53:7B:C1:0B:C1:30
Certificate issuer: /CN=d248185956e443b55b062200f964537bc10bc130
Certificate serial: 0198D4A7F6103A4D80CFE7617A5F7B1990CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft
Manifest number: 02B8
Signing time: Sat 23 Aug 2025 02:00:33 +0000
Manifest this update: Sat 23 Aug 2025 02:00:33 +0000
Manifest next update: Sun 24 Aug 2025 02:00:33 +0000
Files and hashes: 1: 0kgYWVbkQ7VbBiIA-WRTe8ELwTA.crl (hash: vHG9VqHg/DYF3xhgBJ96LK2n8yBwddaHhNX1ghK4hXw=)
2: _O0LKSVD2FWQH20B8h-W2BSyf7E.roa (hash: /osVaD1xwsZSvzrjM1Npx7gTyOHOWobbSsuEq9U9lZY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft
rsync://rpki.ripe.net/repository/DEFAULT/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 02:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:a7:f6:10:3a:4d:80:cf:e7:61:7a:5f:7b:19:90:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d248185956e443b55b062200f964537bc10bc130
Validity
Not Before: Aug 23 02:00:33 2025 GMT
Not After : Aug 24 02:00:33 2025 GMT
Subject: CN=f1b46c3df2530982628bf2965232b63b90dccbdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:11:fc:69:7b:4c:b4:a1:47:c9:87:24:f9:8e:
22:f8:94:b7:2b:1a:2e:14:45:4a:81:14:6f:1f:e3:
1f:cd:f3:31:9b:e2:31:e5:62:4b:9b:67:08:c3:7f:
30:b1:e0:50:40:61:43:6a:2d:e4:73:9e:1c:ed:31:
3a:06:ee:92:a4:82:64:85:b3:0c:87:99:cd:77:19:
37:54:59:29:59:8a:39:e0:d6:d5:f8:be:18:c9:ff:
32:cd:80:60:c5:75:ca:2e:c2:ff:6d:72:e0:0c:6d:
55:62:d9:56:62:40:64:9c:63:20:a3:21:73:1a:26:
81:4e:a0:1d:00:3b:20:f6:64:9b:36:07:bd:1d:98:
55:3e:0c:7d:d2:69:4b:9e:1a:2d:9b:66:9b:ba:d9:
f6:3b:89:95:db:db:ea:68:21:3f:3e:67:37:8b:af:
62:cd:22:0b:9e:83:5d:cc:a0:bb:2f:64:d2:c6:26:
e6:41:55:db:aa:59:e6:b3:35:41:f3:b0:96:13:e4:
d1:11:e6:9f:ff:6f:93:fb:35:63:1c:f7:89:58:28:
25:da:dc:47:9c:fc:8e:15:35:c6:9b:df:9f:07:04:
a2:75:65:b4:08:96:fc:9a:e9:27:f2:36:11:5e:4b:
d8:2f:62:12:3b:dc:d1:1f:a3:04:78:35:d8:c0:b3:
4b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:B4:6C:3D:F2:53:09:82:62:8B:F2:96:52:32:B6:3B:90:DC:CB:DC
X509v3 Authority Key Identifier:
keyid:D2:48:18:59:56:E4:43:B5:5B:06:22:00:F9:64:53:7B:C1:0B:C1:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c2:2e:13:f5:f5:20:36:72:47:57:27:51:6a:c8:37:ab:e8:84:
f7:51:bd:bc:79:bd:d4:4d:f0:08:95:d6:af:14:64:81:39:99:
6f:ba:18:e2:f0:51:ee:e8:8a:ba:88:1a:59:fb:f7:f3:e1:49:
cb:b9:fa:b7:c0:02:6b:73:fa:6d:9f:af:7e:36:68:5a:16:17:
f5:e8:1c:cd:88:0e:95:cc:d9:b5:1b:4a:43:cf:56:e5:e1:a2:
b7:3a:69:6b:00:46:d9:42:ee:45:62:4e:10:ea:e5:1a:55:69:
01:c7:97:ef:65:81:65:72:ff:79:6a:4d:19:c1:44:71:22:14:
7b:a1:89:a5:db:d9:1b:8f:29:1e:a8:01:91:ba:c8:02:09:c1:
fd:f4:5d:5b:bf:44:db:97:e8:dc:f5:ff:d4:95:d1:7b:90:b6:
32:ab:ee:54:3c:25:98:d4:1e:52:58:3e:f0:1f:c5:85:9c:1a:
c0:af:b7:b0:de:11:a5:9c:1c:f8:86:41:04:b9:0e:47:1a:42:
99:c0:0c:ac:b9:a8:18:92:d6:2f:67:fb:19:2f:ea:91:64:58:
35:d4:5d:15:a5:d0:d8:20:44:0b:b1:33:27:dc:1c:c6:df:4c:
ac:4e:42:32:ce:2b:d6:11:00:bd:0f:1d:3a:3f:b6:b8:e5:e8:
87:9c:df:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUp/YQOk2Az+dhel97GZDKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNDgxODU5NTZlNDQzYjU1YjA2MjIwMGY5NjQ1MzdiYzEw
YmMxMzAwHhcNMjUwODIzMDIwMDMzWhcNMjUwODI0MDIwMDMzWjAzMTEwLwYDVQQD
EyhmMWI0NmMzZGYyNTMwOTgyNjI4YmYyOTY1MjMyYjYzYjkwZGNjYmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2xH8aXtMtKFHyYck+Y4i+JS3Kxou
FEVKgRRvH+MfzfMxm+Ix5WJLm2cIw38wseBQQGFDai3kc54c7TE6Bu6SpIJkhbMM
h5nNdxk3VFkpWYo54NbV+L4Yyf8yzYBgxXXKLsL/bXLgDG1VYtlWYkBknGMgoyFz
GiaBTqAdADsg9mSbNge9HZhVPgx90mlLnhotm2abutn2O4mV29vqaCE/Pmc3i69i
zSILnoNdzKC7L2TSxibmQVXbqlnmszVB87CWE+TREeaf/2+T+zVjHPeJWCgl2txH
nPyOFTXGm9+fBwSidWW0CJb8mukn8jYRXkvYL2ISO9zRH6MEeDXYwLNLmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPG0bD3yUwmCYovyllIytjuQ3MvcMB8GA1UdIwQY
MBaAFNJIGFlW5EO1WwYiAPlkU3vBC8EwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGtnWVdWYmtRN1ZiQmlJQS1XUlRlOEVMd1RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZTg3NWEtMDU3Ni00YTE1LWJlMjMt
YWVhMDU0Y2Y0M2JiLzEvMGtnWVdWYmtRN1ZiQmlJQS1XUlRlOEVMd1RBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZTg3NWEtMDU3Ni00YTE1LWJlMjMtYWVhMDU0Y2Y0M2Ji
LzEvMGtnWVdWYmtRN1ZiQmlJQS1XUlRlOEVMd1RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwi4T9fUg
NnJHVydRasg3q+iE91G9vHm91E3wCJXWrxRkgTmZb7oY4vBR7uiKuogaWfv38+FJ
y7n6t8ACa3P6bZ+vfjZoWhYX9egczYgOlczZtRtKQ89W5eGitzppawBG2ULuRWJO
EOrlGlVpAceX72WBZXL/eWpNGcFEcSIUe6GJpdvZG48pHqgBkbrIAgnB/fRdW79E
25fo3PX/1JXRe5C2MqvuVDwlmNQeUlg+8B/FhZwawK+3sN4RpZwc+IZBBLkORxpC
mcAMrLmoGJLWL2f7GS/qkWRYNdRdFaXQ2CBEC7EzJ9wcxt9MrE5CMs4r1hEAvQ8d
Oj+2uOXoh5zf6Q==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:53:01 2025 by rpki-client