Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/cimwOc-KrxQdbm1hbnwWkInLyzI.mft
File: cimwOc-KrxQdbm1hbnwWkInLyzI.mft (raw, json)
Hash identifier: huRuFNaYTQm8DdRppj2XX9titkhaiClBkiEU7Hzl8HU=
Subject key identifier: AF:85:75:9C:26:01:C4:1D:6D:BB:6E:DB:D6:3A:7B:B2:47:90:04:38
Authority key identifier: 72:29:B0:39:CF:8A:AF:14:1D:6E:6D:61:6E:7C:16:90:89:CB:CB:32
Certificate issuer: /CN=7229b039cf8aaf141d6e6d616e7c169089cbcb32
Certificate serial: 0198D51612CB5559416E77CF29FE688F4FB1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cimwOc-KrxQdbm1hbnwWkInLyzI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/cimwOc-KrxQdbm1hbnwWkInLyzI.mft
Manifest number: 0D86
Signing time: Sat 23 Aug 2025 04:00:50 +0000
Manifest this update: Sat 23 Aug 2025 04:00:50 +0000
Manifest next update: Sun 24 Aug 2025 04:00:50 +0000
Files and hashes: 1: _11c4KnryngFBZ3LrSwCjXVWAnI.roa (hash: 4suX3JVW+dbra41XqoLSgaNnHC7+X6k6GS1R8JLgxL8=)
2: cimwOc-KrxQdbm1hbnwWkInLyzI.crl (hash: Vl+KxjiSjmaRvWt7z0wxH6/PftMYUsAECBfIRkU2EIg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/cimwOc-KrxQdbm1hbnwWkInLyzI.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/cimwOc-KrxQdbm1hbnwWkInLyzI.mft
rsync://rpki.ripe.net/repository/DEFAULT/cimwOc-KrxQdbm1hbnwWkInLyzI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 04:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:16:12:cb:55:59:41:6e:77:cf:29:fe:68:8f:4f:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7229b039cf8aaf141d6e6d616e7c169089cbcb32
Validity
Not Before: Aug 23 04:00:50 2025 GMT
Not After : Aug 24 04:00:50 2025 GMT
Subject: CN=af85759c2601c41d6dbb6edbd63a7bb247900438
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:c1:c2:68:50:52:cf:09:7a:c4:29:0d:c3:c1:
5b:13:b5:f7:31:07:cf:b5:4c:24:30:07:f5:3e:0d:
78:e1:42:02:e3:dc:30:d1:71:a0:4d:da:09:dc:95:
0c:59:d3:97:2a:b5:e7:ae:93:7a:6d:37:3f:b2:d1:
d0:98:ad:7b:5b:0a:c6:af:3f:ac:79:b6:c4:ce:52:
fd:b6:8f:f5:bf:e8:fb:c1:d3:34:0b:83:2b:bb:48:
12:8e:3a:07:51:73:ed:60:ca:4b:75:35:76:af:a1:
2e:48:2c:9d:41:f6:e6:02:b7:2a:8b:d6:bf:43:2f:
19:03:08:46:7b:7e:d4:60:13:56:10:d8:b5:f0:e4:
3d:b7:d6:8e:4d:de:f2:85:c2:33:21:4c:f6:1c:c0:
39:63:78:f9:ac:02:9b:aa:6f:fe:8b:58:d5:4e:5b:
06:e6:1a:c2:cc:ea:49:7c:63:d0:b9:23:bd:22:25:
de:ae:26:00:f2:e7:30:62:1d:cd:07:53:26:f5:17:
5e:23:5e:b2:73:24:7a:cc:d2:ad:f6:e0:7f:c1:d5:
7c:d6:64:22:cd:21:ac:62:c0:93:41:84:f2:1c:05:
3e:61:0c:d3:8c:d1:7d:f4:6b:08:93:b7:ac:21:d3:
6b:26:35:e6:01:f5:18:84:3a:1a:2d:61:87:0e:2c:
8c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:85:75:9C:26:01:C4:1D:6D:BB:6E:DB:D6:3A:7B:B2:47:90:04:38
X509v3 Authority Key Identifier:
keyid:72:29:B0:39:CF:8A:AF:14:1D:6E:6D:61:6E:7C:16:90:89:CB:CB:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cimwOc-KrxQdbm1hbnwWkInLyzI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/cimwOc-KrxQdbm1hbnwWkInLyzI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/cimwOc-KrxQdbm1hbnwWkInLyzI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:ae:9a:70:e8:dc:79:1a:66:f2:f6:8d:3d:da:b4:81:80:2c:
15:c4:18:5c:f6:82:a7:51:1d:5f:59:06:8f:a1:c3:4e:f4:f1:
c7:e4:b7:d2:4a:34:34:a1:68:8b:7c:45:b7:07:7d:47:43:ae:
5f:4a:86:8f:f5:86:b5:96:f9:89:ab:0b:89:33:0f:e9:bb:03:
a8:8d:b3:b8:f2:75:da:06:ae:00:ad:ed:29:43:d9:12:1d:59:
1a:c6:de:80:da:4c:f0:e5:bc:7d:28:33:97:f9:e8:94:6b:1a:
11:4d:cb:ff:20:a8:91:83:92:75:89:f9:8c:cb:54:e0:76:9f:
ce:25:2d:f9:53:96:8e:2c:a7:85:df:a8:43:d4:5d:2a:76:e1:
05:08:9b:18:1a:f0:2b:d9:dd:b6:d8:e8:82:eb:39:b6:b0:fc:
75:61:ea:c8:9e:e3:a1:c0:c0:09:99:2f:e4:71:25:7b:fb:4b:
00:1f:7b:9f:8d:e9:fa:27:85:70:68:4c:b5:8d:1f:27:ba:6e:
23:f9:cc:9c:34:b1:34:9a:73:d8:d9:1a:a4:dc:91:4c:a4:6e:
38:0d:d5:b1:da:e1:5a:6e:0c:98:76:c2:11:6a:bb:df:8e:d5:
01:ef:b6:49:73:f4:34:92:5b:a1:e4:43:1e:c1:79:3f:3a:38:
b8:c2:a4:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFhLLVVlBbnfPKf5oj0+xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMjliMDM5Y2Y4YWFmMTQxZDZlNmQ2MTZlN2MxNjkwODlj
YmNiMzIwHhcNMjUwODIzMDQwMDUwWhcNMjUwODI0MDQwMDUwWjAzMTEwLwYDVQQD
EyhhZjg1NzU5YzI2MDFjNDFkNmRiYjZlZGJkNjNhN2JiMjQ3OTAwNDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksHCaFBSzwl6xCkNw8FbE7X3MQfP
tUwkMAf1Pg144UIC49ww0XGgTdoJ3JUMWdOXKrXnrpN6bTc/stHQmK17WwrGrz+s
ebbEzlL9to/1v+j7wdM0C4Mru0gSjjoHUXPtYMpLdTV2r6EuSCydQfbmArcqi9a/
Qy8ZAwhGe37UYBNWENi18OQ9t9aOTd7yhcIzIUz2HMA5Y3j5rAKbqm/+i1jVTlsG
5hrCzOpJfGPQuSO9IiXeriYA8ucwYh3NB1Mm9RdeI16ycyR6zNKt9uB/wdV81mQi
zSGsYsCTQYTyHAU+YQzTjNF99GsIk7esIdNrJjXmAfUYhDoaLWGHDiyMgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK+FdZwmAcQdbbtu29Y6e7JHkAQ4MB8GA1UdIwQY
MBaAFHIpsDnPiq8UHW5tYW58FpCJy8syMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2ltd09jLUtyeFFkYm0xaGJud1drSW5MeXpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9jNDA4NzUtMDYxYS00MmRmLTljNmQt
ODdhNjg0NWY2NmY5LzEvY2ltd09jLUtyeFFkYm0xaGJud1drSW5MeXpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9jNDA4NzUtMDYxYS00MmRmLTljNmQtODdhNjg0NWY2NmY5
LzEvY2ltd09jLUtyeFFkYm0xaGJud1drSW5MeXpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW66acOjc
eRpm8vaNPdq0gYAsFcQYXPaCp1EdX1kGj6HDTvTxx+S30ko0NKFoi3xFtwd9R0Ou
X0qGj/WGtZb5iasLiTMP6bsDqI2zuPJ12gauAK3tKUPZEh1ZGsbegNpM8OW8fSgz
l/nolGsaEU3L/yCokYOSdYn5jMtU4HafziUt+VOWjiynhd+oQ9RdKnbhBQibGBrw
K9ndttjogus5trD8dWHqyJ7jocDACZkv5HEle/tLAB97n43p+ieFcGhMtY0fJ7pu
I/nMnDSxNJpz2NkapNyRTKRuOA3VsdrhWm4MmHbCEWq7347VAe+2SXP0NJJboeRD
HsF5Pzo4uMKkXA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:22:57 2025 by rpki-client