Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/70AaUuP95plIbplnjb9Ih1Mpwz0.mft
File: 70AaUuP95plIbplnjb9Ih1Mpwz0.mft (raw, json)
Hash identifier: XkgMjwtm/Qbtw7hhpcKTf5iQPOelOilfVuETcxungV0=
Subject key identifier: 40:E2:A8:3C:DE:EB:6B:DE:E9:12:9C:FA:83:C6:07:42:0E:DB:E7:7A
Authority key identifier: EF:40:1A:52:E3:FD:E6:99:48:6E:99:67:8D:BF:48:87:53:29:C3:3D
Certificate issuer: /CN=ef401a52e3fde699486e99678dbf48875329c33d
Certificate serial: 0198D660025DF867F14D2DA6ECC68F5E0324
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/70AaUuP95plIbplnjb9Ih1Mpwz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/70AaUuP95plIbplnjb9Ih1Mpwz0.mft
Manifest number: 0DB5
Signing time: Sat 23 Aug 2025 10:01:12 +0000
Manifest this update: Sat 23 Aug 2025 10:01:12 +0000
Manifest next update: Sun 24 Aug 2025 10:01:12 +0000
Files and hashes: 1: 70AaUuP95plIbplnjb9Ih1Mpwz0.crl (hash: znSNPRrHJTJHpJWlr4brncGKKA8N3OLU4UNn3birvdM=)
2: S4KhO_-8xzMvt1B6k_-GK_XNTGs.roa (hash: 298ot3rN9ux+k96S6A3kz+LkCwnTR/d/qtOX4jSeeqQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/70AaUuP95plIbplnjb9Ih1Mpwz0.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/70AaUuP95plIbplnjb9Ih1Mpwz0.mft
rsync://rpki.ripe.net/repository/DEFAULT/70AaUuP95plIbplnjb9Ih1Mpwz0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:60:02:5d:f8:67:f1:4d:2d:a6:ec:c6:8f:5e:03:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef401a52e3fde699486e99678dbf48875329c33d
Validity
Not Before: Aug 23 10:01:12 2025 GMT
Not After : Aug 24 10:01:12 2025 GMT
Subject: CN=40e2a83cdeeb6bdee9129cfa83c607420edbe77a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:46:05:41:72:2a:32:4c:74:f8:86:ac:df:3b:
4f:31:eb:7a:b4:90:68:e5:a3:9a:56:d9:be:d2:98:
1e:9d:be:67:ec:1a:a8:3a:28:e9:53:02:80:1a:bd:
0a:45:9a:84:0c:8a:f4:1a:03:5c:9b:e4:82:02:74:
94:28:8c:9b:fe:f0:0d:f7:c3:a7:f9:05:ce:f8:62:
11:af:74:65:b3:b6:df:d5:f8:b9:54:7a:04:1e:b4:
28:5d:22:5f:ce:82:a1:84:87:74:c0:62:7f:e6:b3:
b4:ca:46:f0:34:32:cf:4d:5f:18:5a:fa:80:f2:4b:
4f:a5:54:a3:de:2c:16:08:7f:63:fd:90:da:04:59:
33:34:e6:d0:56:6f:69:da:0b:df:bd:b3:5f:7a:67:
bf:bb:3d:89:3f:3d:0a:15:75:1c:ab:c1:1d:ec:ce:
a5:e1:48:77:1e:a2:c0:5c:6a:bf:c6:11:99:2e:a6:
7f:71:ae:93:84:82:85:d7:9a:aa:a9:8f:f3:57:55:
79:ab:0f:ba:c3:a7:c2:5e:c5:6d:09:45:f2:02:85:
bd:29:cc:6a:de:19:40:b6:7b:3d:11:a8:2f:2d:6c:
b4:40:b2:5b:b7:98:04:df:85:bc:ef:1a:18:20:09:
1b:a4:7c:2c:d1:ee:db:1d:62:61:41:37:2c:81:ad:
c2:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:E2:A8:3C:DE:EB:6B:DE:E9:12:9C:FA:83:C6:07:42:0E:DB:E7:7A
X509v3 Authority Key Identifier:
keyid:EF:40:1A:52:E3:FD:E6:99:48:6E:99:67:8D:BF:48:87:53:29:C3:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/70AaUuP95plIbplnjb9Ih1Mpwz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/70AaUuP95plIbplnjb9Ih1Mpwz0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/70AaUuP95plIbplnjb9Ih1Mpwz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
94:1b:7f:71:22:a8:0d:a5:4c:ec:7e:88:a0:a9:74:6f:05:d0:
e3:78:1a:99:f1:1d:c5:aa:62:ae:80:d8:ff:f1:ab:26:55:96:
19:b7:c1:9c:82:16:83:78:75:30:68:a9:05:8e:33:06:a7:26:
c0:73:43:7f:bd:8b:ce:10:c1:58:5b:8e:d0:d7:55:6a:46:3b:
f5:4e:60:5c:c3:ac:94:ed:e3:86:be:c6:ec:a2:79:09:fc:db:
c2:7a:a5:a5:be:50:36:91:f7:03:c4:e8:18:06:00:90:c0:2b:
2d:9b:22:0a:82:b5:58:33:5a:1b:d4:a5:df:9f:c0:3a:e0:6b:
08:cc:55:81:3d:91:fd:95:29:a3:2f:1f:85:3e:22:a1:3b:22:
60:25:fb:c0:8f:1e:41:25:08:b8:f6:84:cc:5e:d2:7c:80:a4:
02:56:51:9b:e8:ae:d0:a5:bf:df:8c:6c:eb:54:58:16:87:f3:
fb:ba:58:43:05:4e:75:e9:b9:c8:85:9e:7e:29:d0:bf:9d:0f:
cf:44:da:de:23:b8:38:8f:33:78:6d:08:6b:6c:25:72:f8:e8:
b6:66:d7:81:c2:3b:07:28:80:1d:34:2b:be:cd:42:ce:68:f5:
61:44:6c:7d:5d:2f:1c:4f:43:bd:de:45:2f:d9:a9:e0:05:44:
5a:27:48:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYAJd+GfxTS2m7MaPXgMkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNDAxYTUyZTNmZGU2OTk0ODZlOTk2NzhkYmY0ODg3NTMy
OWMzM2QwHhcNMjUwODIzMTAwMTEyWhcNMjUwODI0MTAwMTEyWjAzMTEwLwYDVQQD
Eyg0MGUyYTgzY2RlZWI2YmRlZTkxMjljZmE4M2M2MDc0MjBlZGJlNzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8EYFQXIqMkx0+Ias3ztPMet6tJBo
5aOaVtm+0pgenb5n7BqoOijpUwKAGr0KRZqEDIr0GgNcm+SCAnSUKIyb/vAN98On
+QXO+GIRr3Rls7bf1fi5VHoEHrQoXSJfzoKhhId0wGJ/5rO0ykbwNDLPTV8YWvqA
8ktPpVSj3iwWCH9j/ZDaBFkzNObQVm9p2gvfvbNfeme/uz2JPz0KFXUcq8Ed7M6l
4Uh3HqLAXGq/xhGZLqZ/ca6ThIKF15qqqY/zV1V5qw+6w6fCXsVtCUXyAoW9Kcxq
3hlAtns9EagvLWy0QLJbt5gE34W87xoYIAkbpHws0e7bHWJhQTcsga3CBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEDiqDze62ve6RKc+oPGB0IO2+d6MB8GA1UdIwQY
MBaAFO9AGlLj/eaZSG6ZZ42/SIdTKcM9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzBBYVV1UDk1cGxJYnBsbmpiOUloMU1wd3owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8yNTIzOGMtOGVlZS00NDAzLTkxMDQt
OWNhOTQ3YWE2NjVhLzEvNzBBYVV1UDk1cGxJYnBsbmpiOUloMU1wd3owLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8yNTIzOGMtOGVlZS00NDAzLTkxMDQtOWNhOTQ3YWE2NjVh
LzEvNzBBYVV1UDk1cGxJYnBsbmpiOUloMU1wd3owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlBt/cSKo
DaVM7H6IoKl0bwXQ43gamfEdxapiroDY//GrJlWWGbfBnIIWg3h1MGipBY4zBqcm
wHNDf72LzhDBWFuO0NdVakY79U5gXMOslO3jhr7G7KJ5Cfzbwnqlpb5QNpH3A8To
GAYAkMArLZsiCoK1WDNaG9Sl35/AOuBrCMxVgT2R/ZUpoy8fhT4ioTsiYCX7wI8e
QSUIuPaEzF7SfICkAlZRm+iu0KW/34xs61RYFofz+7pYQwVOdem5yIWefinQv50P
z0Ta3iO4OI8zeG0Ia2wlcvjotmbXgcI7ByiAHTQrvs1Czmj1YURsfV0vHE9Dvd5F
L9mp4AVEWidIeA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:36:03 2025 by rpki-client