Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.mft
File: MAhC2wg32vMRozS3IjGOcLWIsAk.mft (raw, json)
Hash identifier: sOPVcpbEbaXfP2KNxgTnKh59Myw4PdNdA/RG28g19q8=
Subject key identifier: F1:CC:E2:0A:AC:3B:2E:6F:45:03:35:3A:01:AC:47:51:66:9D:BD:16
Authority key identifier: 30:08:42:DB:08:37:DA:F3:11:A3:34:B7:22:31:8E:70:B5:88:B0:09
Certificate issuer: /CN=300842db0837daf311a334b722318e70b588b009
Certificate serial: 0198D6613BCD1CBCD68C171A043EA8EED34B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MAhC2wg32vMRozS3IjGOcLWIsAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.mft
Manifest number: 1647
Signing time: Sat 23 Aug 2025 10:02:33 +0000
Manifest this update: Sat 23 Aug 2025 10:02:33 +0000
Manifest next update: Sun 24 Aug 2025 10:02:33 +0000
Files and hashes: 1: MAhC2wg32vMRozS3IjGOcLWIsAk.crl (hash: pGAIL3SMMp1UgeE1RX5/XF0WRN0bXLzLqGFhjAPP8Wo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/MAhC2wg32vMRozS3IjGOcLWIsAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 10:02:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:61:3b:cd:1c:bc:d6:8c:17:1a:04:3e:a8:ee:d3:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=300842db0837daf311a334b722318e70b588b009
Validity
Not Before: Aug 23 10:02:33 2025 GMT
Not After : Aug 24 10:02:33 2025 GMT
Subject: CN=f1cce20aac3b2e6f4503353a01ac4751669dbd16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ab:0c:e1:e0:42:6f:ae:e4:e3:69:d0:c3:24:
1a:d5:d1:99:29:08:50:af:9e:8e:07:a2:cf:02:7f:
1c:ab:53:c3:5a:92:b7:f6:84:65:33:c2:0b:94:b4:
c9:0e:2e:c7:89:95:e7:a0:e5:ad:93:d8:c1:48:d0:
01:2f:bc:81:c2:84:69:13:82:dc:09:b6:ac:31:23:
00:e1:cf:ea:95:8c:2a:2f:bd:f4:24:c3:3e:e5:2e:
5a:bd:02:28:cf:4d:8d:a3:45:ee:2d:d6:12:e5:1f:
a4:cb:b2:b2:50:95:a1:9e:d3:4e:52:6f:cc:f3:a9:
69:07:60:12:29:9d:d6:52:df:38:14:33:85:a9:4c:
c5:c6:45:07:20:44:e7:a8:7b:a4:7d:7c:df:77:ae:
35:d1:e6:25:30:29:c6:a3:97:14:aa:10:03:94:3f:
2e:99:09:49:0d:15:0d:e7:b6:64:db:4e:6f:fa:f9:
6f:dd:dd:34:50:1c:5f:92:59:42:35:02:a2:b7:54:
4a:62:f5:b5:da:d5:79:5e:70:1c:3f:8a:49:f5:12:
df:34:b7:a8:37:2e:ce:51:51:37:eb:58:e9:08:f1:
79:59:2b:73:8e:6c:68:95:f6:12:71:e5:ed:a7:d5:
2f:e6:3c:4a:d7:e5:25:9b:bb:f9:cf:e0:f8:e4:77:
61:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:CC:E2:0A:AC:3B:2E:6F:45:03:35:3A:01:AC:47:51:66:9D:BD:16
X509v3 Authority Key Identifier:
keyid:30:08:42:DB:08:37:DA:F3:11:A3:34:B7:22:31:8E:70:B5:88:B0:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MAhC2wg32vMRozS3IjGOcLWIsAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
24:da:bb:29:0a:cd:75:05:91:da:27:df:84:a9:e5:0c:0a:f6:
85:76:d8:19:8d:95:e9:35:68:cc:77:c5:03:12:49:4a:24:a3:
10:f7:18:3f:b5:96:5e:56:db:6c:55:c9:8a:ca:d1:bc:5f:5f:
d0:26:f3:6f:90:67:c3:28:8e:1f:b7:50:57:70:a4:6d:fd:f6:
c5:77:73:93:02:90:b8:b8:aa:25:54:84:99:2d:e6:55:3d:42:
9b:a1:ff:0d:15:0a:41:09:47:0e:fd:9c:25:8a:6e:1f:66:f8:
f0:09:bd:89:fa:20:4f:cd:ce:82:44:75:ae:5a:42:20:95:f3:
76:b4:00:ea:9e:d8:3c:c4:4e:e1:db:82:0c:78:4d:8e:92:29:
43:22:71:d6:98:c3:00:f6:54:be:32:39:92:e2:e6:f3:97:4b:
d2:4c:36:ac:36:14:9b:2b:1a:84:7b:f9:ca:2a:7c:8c:fb:7d:
c1:de:d0:a9:8f:f6:cb:3c:a1:77:c2:97:34:bf:95:b6:f0:fe:
17:a1:9e:fe:a4:2c:69:88:3f:9e:0d:95:01:7d:c6:8f:be:48:
42:ca:57:90:01:3e:50:27:8e:37:65:d4:01:df:05:3a:42:7d:
da:14:f6:aa:4f:25:3b:e0:99:90:8f:b7:40:59:d0:97:6f:2b:
47:38:3e:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYTvNHLzWjBcaBD6o7tNLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMDg0MmRiMDgzN2RhZjMxMWEzMzRiNzIyMzE4ZTcwYjU4
OGIwMDkwHhcNMjUwODIzMTAwMjMzWhcNMjUwODI0MTAwMjMzWjAzMTEwLwYDVQQD
EyhmMWNjZTIwYWFjM2IyZTZmNDUwMzM1M2EwMWFjNDc1MTY2OWRiZDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqsM4eBCb67k42nQwyQa1dGZKQhQ
r56OB6LPAn8cq1PDWpK39oRlM8ILlLTJDi7HiZXnoOWtk9jBSNABL7yBwoRpE4Lc
CbasMSMA4c/qlYwqL730JMM+5S5avQIoz02No0XuLdYS5R+ky7KyUJWhntNOUm/M
86lpB2ASKZ3WUt84FDOFqUzFxkUHIETnqHukfXzfd6410eYlMCnGo5cUqhADlD8u
mQlJDRUN57Zk205v+vlv3d00UBxfkllCNQKit1RKYvW12tV5XnAcP4pJ9RLfNLeo
Ny7OUVE361jpCPF5WStzjmxolfYSceXtp9Uv5jxK1+Ulm7v5z+D45Hdh+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPHM4gqsOy5vRQM1OgGsR1Fmnb0WMB8GA1UdIwQY
MBaAFDAIQtsIN9rzEaM0tyIxjnC1iLAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUFoQzJ3ZzMydk1Sb3pTM0lqR09jTFdJc0FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84ZDY0ZDEtNDk0MC00MGU3LTg5NWMt
NTMxMmExMzNiOTRlLzEvTUFoQzJ3ZzMydk1Sb3pTM0lqR09jTFdJc0FrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84ZDY0ZDEtNDk0MC00MGU3LTg5NWMtNTMxMmExMzNiOTRl
LzEvTUFoQzJ3ZzMydk1Sb3pTM0lqR09jTFdJc0FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJNq7KQrN
dQWR2iffhKnlDAr2hXbYGY2V6TVozHfFAxJJSiSjEPcYP7WWXlbbbFXJisrRvF9f
0Cbzb5BnwyiOH7dQV3Ckbf32xXdzkwKQuLiqJVSEmS3mVT1Cm6H/DRUKQQlHDv2c
JYpuH2b48Am9ifogT83OgkR1rlpCIJXzdrQA6p7YPMRO4duCDHhNjpIpQyJx1pjD
APZUvjI5kuLm85dL0kw2rDYUmysahHv5yip8jPt9wd7QqY/2yzyhd8KXNL+VtvD+
F6Ge/qQsaYg/ng2VAX3Gj75IQspXkAE+UCeON2XUAd8FOkJ92hT2qk8lO+CZkI+3
QFnQl28rRzg+7A==
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:27:24 2025 by rpki-client