Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/dc9082-5a9f-41ee-8d44-618cd0682b10/1/gXS2uiCeYit5ihT86qlEdi-nYpo.mft
File: gXS2uiCeYit5ihT86qlEdi-nYpo.mft (raw, json)
Hash identifier: iCPoLcOZbcnDPfH8bHsHbm9NPCkTlzifxnXcx2eWwKk=
Subject key identifier: 96:6C:E9:C5:AD:AC:9B:0D:E0:B0:6E:7F:88:64:E1:31:EC:AB:00:7F
Authority key identifier: 81:74:B6:BA:20:9E:62:2B:79:8A:14:FC:EA:A9:44:76:2F:A7:62:9A
Certificate issuer: /CN=8174b6ba209e622b798a14fceaa944762fa7629a
Certificate serial: 0198D705904DB1C8F3F3557D049E7F3C09E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gXS2uiCeYit5ihT86qlEdi-nYpo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/dc9082-5a9f-41ee-8d44-618cd0682b10/1/gXS2uiCeYit5ihT86qlEdi-nYpo.mft
Manifest number: 0109
Signing time: Sat 23 Aug 2025 13:02:02 +0000
Manifest this update: Sat 23 Aug 2025 13:02:02 +0000
Manifest next update: Sun 24 Aug 2025 13:02:02 +0000
Files and hashes: 1: gXS2uiCeYit5ihT86qlEdi-nYpo.crl (hash: KG/JaCXxu1q0aYtKzOYZ95C8qMJlcTHHIqJkYaqoork=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/dc9082-5a9f-41ee-8d44-618cd0682b10/1/gXS2uiCeYit5ihT86qlEdi-nYpo.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/dc9082-5a9f-41ee-8d44-618cd0682b10/1/gXS2uiCeYit5ihT86qlEdi-nYpo.mft
rsync://rpki.ripe.net/repository/DEFAULT/gXS2uiCeYit5ihT86qlEdi-nYpo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d7:05:90:4d:b1:c8:f3:f3:55:7d:04:9e:7f:3c:09:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8174b6ba209e622b798a14fceaa944762fa7629a
Validity
Not Before: Aug 23 13:02:02 2025 GMT
Not After : Aug 24 13:02:02 2025 GMT
Subject: CN=966ce9c5adac9b0de0b06e7f8864e131ecab007f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ad:84:37:2c:ee:8c:7d:3f:c3:53:84:24:9b:
a9:18:62:1c:86:f5:a8:76:07:78:92:47:67:da:40:
95:a4:d9:56:05:37:f9:56:a8:e2:89:e1:a0:66:87:
f0:4c:df:43:f2:b5:4c:61:04:4f:37:1d:b2:f2:a8:
d1:a3:4d:43:11:91:cb:e6:50:0f:02:99:d4:85:0d:
c9:85:ca:1d:6e:d6:75:66:8b:45:73:2f:93:ed:38:
2d:9f:bc:7c:39:14:0d:e2:13:f2:71:50:61:98:d2:
a1:05:6b:99:5a:95:47:d1:43:d8:5a:43:22:58:44:
c3:42:40:dd:0f:d2:ee:b9:b0:20:8d:2b:23:ea:d5:
96:67:32:32:4f:ab:3d:9c:9a:77:66:e0:62:08:c1:
17:00:f7:99:f7:ea:9d:aa:5f:32:85:27:c4:ad:bd:
10:62:ef:54:32:fe:7d:6a:af:6a:bb:31:4f:2d:1a:
f6:ac:b6:3d:d0:98:cb:12:ac:87:71:77:14:61:e9:
ed:f7:33:a8:c4:6f:9d:ec:4f:68:9d:5c:0a:16:42:
cb:96:f1:a1:c1:40:c4:23:26:0b:42:e8:f2:27:d8:
57:5f:d8:a8:9e:1b:5b:4e:e2:ae:69:1a:60:5d:6a:
76:0e:02:86:5e:35:68:97:d9:6b:52:a8:49:6f:19:
0e:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:6C:E9:C5:AD:AC:9B:0D:E0:B0:6E:7F:88:64:E1:31:EC:AB:00:7F
X509v3 Authority Key Identifier:
keyid:81:74:B6:BA:20:9E:62:2B:79:8A:14:FC:EA:A9:44:76:2F:A7:62:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gXS2uiCeYit5ihT86qlEdi-nYpo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/dc9082-5a9f-41ee-8d44-618cd0682b10/1/gXS2uiCeYit5ihT86qlEdi-nYpo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/dc9082-5a9f-41ee-8d44-618cd0682b10/1/gXS2uiCeYit5ihT86qlEdi-nYpo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
24:33:8a:21:f7:2b:8a:ba:07:10:23:19:76:e5:2e:c4:a9:51:
cb:45:d8:a7:28:f0:93:ab:f4:39:39:5a:35:f1:9d:0f:32:bf:
0f:cc:70:04:79:34:3c:4c:ba:6a:20:17:3c:e6:79:9b:cb:b9:
33:38:22:cf:4b:7b:b6:e5:15:80:90:27:c2:9e:2c:38:cd:dc:
a8:c6:f8:82:18:d9:73:bd:52:57:1f:77:23:e1:40:c9:7c:43:
f6:67:75:af:73:2e:5a:ff:d1:76:55:29:95:32:92:d7:41:45:
8e:dc:b7:63:67:5f:4d:ac:b0:4f:a7:db:88:35:58:a3:62:92:
19:e8:b0:39:58:9e:9c:6a:1a:63:83:c9:41:47:0e:a3:bd:42:
54:ea:22:fb:51:3d:16:82:47:87:ec:14:9c:ba:73:1f:ba:77:
e8:33:27:e3:4e:5c:bb:22:85:51:41:6b:65:86:35:b8:29:c9:
43:35:b7:6f:02:a9:9d:ee:c6:56:01:a4:a8:30:b6:db:f9:ad:
41:53:e0:2d:c9:6d:cf:2a:5f:a8:ec:6c:94:1c:43:71:30:14:
e7:b6:31:4f:df:f2:cc:96:67:de:32:81:10:10:6f:fa:ac:31:
59:19:03:44:ff:dc:2a:87:f7:ee:9b:76:2b:2f:0d:37:49:29:
a4:d6:21:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXBZBNscjz81V9BJ5/PAnlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNzRiNmJhMjA5ZTYyMmI3OThhMTRmY2VhYTk0NDc2MmZh
NzYyOWEwHhcNMjUwODIzMTMwMjAyWhcNMjUwODI0MTMwMjAyWjAzMTEwLwYDVQQD
Eyg5NjZjZTljNWFkYWM5YjBkZTBiMDZlN2Y4ODY0ZTEzMWVjYWIwMDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu62ENyzujH0/w1OEJJupGGIchvWo
dgd4kkdn2kCVpNlWBTf5VqjiieGgZofwTN9D8rVMYQRPNx2y8qjRo01DEZHL5lAP
ApnUhQ3JhcodbtZ1ZotFcy+T7Tgtn7x8ORQN4hPycVBhmNKhBWuZWpVH0UPYWkMi
WETDQkDdD9LuubAgjSsj6tWWZzIyT6s9nJp3ZuBiCMEXAPeZ9+qdql8yhSfErb0Q
Yu9UMv59aq9quzFPLRr2rLY90JjLEqyHcXcUYent9zOoxG+d7E9onVwKFkLLlvGh
wUDEIyYLQujyJ9hXX9ionhtbTuKuaRpgXWp2DgKGXjVol9lrUqhJbxkOJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJZs6cWtrJsN4LBuf4hk4THsqwB/MB8GA1UdIwQY
MBaAFIF0trognmIreYoU/OqpRHYvp2KaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1hTMnVpQ2VZaXQ1aWhUODZxbEVkaS1uWXBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9kYzkwODItNWE5Zi00MWVlLThkNDQt
NjE4Y2QwNjgyYjEwLzEvZ1hTMnVpQ2VZaXQ1aWhUODZxbEVkaS1uWXBvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9kYzkwODItNWE5Zi00MWVlLThkNDQtNjE4Y2QwNjgyYjEw
LzEvZ1hTMnVpQ2VZaXQ1aWhUODZxbEVkaS1uWXBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJDOKIfcr
iroHECMZduUuxKlRy0XYpyjwk6v0OTlaNfGdDzK/D8xwBHk0PEy6aiAXPOZ5m8u5
Mzgiz0t7tuUVgJAnwp4sOM3cqMb4ghjZc71SVx93I+FAyXxD9md1r3MuWv/RdlUp
lTKS10FFjty3Y2dfTaywT6fbiDVYo2KSGeiwOVienGoaY4PJQUcOo71CVOoi+1E9
FoJHh+wUnLpzH7p36DMn405cuyKFUUFrZYY1uCnJQzW3bwKpne7GVgGkqDC22/mt
QVPgLcltzypfqOxslBxDcTAU57YxT9/yzJZn3jKBEBBv+qwxWRkDRP/cKof37pt2
Ky8NN0kppNYhVg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:04:20 2025 by rpki-client