Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.mft
File: r3gchFM5kA9-ayAz5jiItTrleHU.mft (raw, json)
Hash identifier: TMUDEIoHIeURqLiUtN8fBSOOKxjOMnN5EAS9TX8kk94=
Subject key identifier: 8D:CE:CE:6B:5C:39:5C:11:FB:60:D6:4D:7F:85:9A:57:22:CB:C3:B3
Authority key identifier: AF:78:1C:84:53:39:90:0F:7E:6B:20:33:E6:38:88:B5:3A:E5:78:75
Certificate issuer: /CN=af781c845339900f7e6b2033e63888b53ae57875
Certificate serial: 0198D4A7BD3054F2BF15FD96FA28C00168C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.mft
Manifest number: 164A
Signing time: Sat 23 Aug 2025 02:00:19 +0000
Manifest this update: Sat 23 Aug 2025 02:00:19 +0000
Manifest next update: Sun 24 Aug 2025 02:00:19 +0000
Files and hashes: 1: qZsU012FOT7iNKmn0Q6fmLHg-jY.roa (hash: t+/X1ob1d2V1rnzYvMBrQBRc/+JtrsZ+AHNltw325kg=)
2: r3gchFM5kA9-ayAz5jiItTrleHU.crl (hash: r/IGT0gCzFLNXU0N5mX4WvRg3iuMpPQobEgFCts1xf4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.mft
rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 02:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:a7:bd:30:54:f2:bf:15:fd:96:fa:28:c0:01:68:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af781c845339900f7e6b2033e63888b53ae57875
Validity
Not Before: Aug 23 02:00:19 2025 GMT
Not After : Aug 24 02:00:19 2025 GMT
Subject: CN=8dcece6b5c395c11fb60d64d7f859a5722cbc3b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:c3:68:7b:f4:a8:d6:9b:99:c6:0e:9e:d9:af:
f6:80:2f:b9:8e:ec:f9:73:19:a1:f1:96:c7:a0:e4:
1d:11:33:40:f6:61:3d:1a:5b:c8:00:a0:eb:92:72:
0d:4b:3b:cd:1c:a4:ff:eb:a1:7d:5c:44:9a:a6:ab:
c8:6d:62:93:0f:3e:da:c4:8b:c7:46:e9:d5:b5:b8:
a4:d3:ca:89:c0:29:79:52:9f:86:a4:1d:28:fd:16:
d5:e6:dc:18:df:1a:f4:1b:6c:32:ea:29:2e:48:46:
ed:97:31:17:f3:1d:2f:ae:4e:ee:f2:aa:2d:6f:d4:
41:ce:05:90:ce:35:e4:ec:f9:a8:bd:0b:ec:bb:51:
f3:24:7c:36:80:e0:07:0f:a1:06:e3:e2:16:4d:b8:
c6:a7:e9:25:2a:eb:9d:9d:8c:b2:36:d6:a0:0d:16:
5b:a9:8a:0d:38:68:64:7e:b7:15:b7:bd:79:a2:42:
43:b4:96:06:85:78:d2:ac:e3:73:df:a3:82:a1:a2:
49:a7:b9:22:ba:4b:1c:9d:da:94:46:90:04:2b:86:
d7:83:9d:75:69:a7:76:89:8d:bc:d7:0b:c8:f2:49:
7a:3f:84:31:db:bf:79:91:95:20:29:67:4c:d0:e5:
e2:19:68:50:36:8b:3a:d0:6c:da:79:c2:9c:3c:c6:
61:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:CE:CE:6B:5C:39:5C:11:FB:60:D6:4D:7F:85:9A:57:22:CB:C3:B3
X509v3 Authority Key Identifier:
keyid:AF:78:1C:84:53:39:90:0F:7E:6B:20:33:E6:38:88:B5:3A:E5:78:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0c:72:80:9b:ec:7f:48:be:ca:92:71:b4:34:74:ba:d9:8b:ed:
75:55:48:f3:09:27:f4:34:5b:01:94:4a:93:7d:3a:0e:9d:a8:
9e:28:e8:7d:fa:cf:4a:d0:33:40:18:3a:4c:0f:bd:d3:99:69:
ae:58:69:36:f3:c4:fd:31:51:26:0d:44:47:fd:4f:f0:be:56:
bb:40:cc:5e:11:7b:86:2e:3e:78:57:83:97:1c:a2:6f:27:31:
98:23:44:29:40:d7:f5:94:0a:90:d0:94:2e:4a:c4:45:42:1b:
67:42:a5:62:df:8a:0e:32:e5:c6:93:4f:23:8a:d3:aa:be:61:
65:ed:58:5f:e6:bc:37:41:8d:bf:88:97:3b:27:60:8c:a6:97:
62:d3:8b:ef:f1:04:58:b3:88:e1:b7:bd:6b:f2:ca:4d:36:24:
c4:60:84:e1:0a:89:bd:d7:da:b5:b7:fb:c2:81:78:87:be:ea:
02:6e:c3:d7:6b:86:c4:b5:83:ef:12:4a:6e:ea:b3:92:24:ce:
d4:a6:ed:53:67:77:8d:c8:7f:5a:09:45:72:17:72:24:83:e9:
d7:8d:2b:d1:2b:76:01:03:19:8b:df:7f:b9:54:67:37:1c:9b:
0a:69:3d:14:60:37:86:d1:fb:70:9a:93:5f:87:99:8e:8c:7c:
a7:35:97:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUp70wVPK/Ff2W+ijAAWjCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzgxYzg0NTMzOTkwMGY3ZTZiMjAzM2U2Mzg4OGI1M2Fl
NTc4NzUwHhcNMjUwODIzMDIwMDE5WhcNMjUwODI0MDIwMDE5WjAzMTEwLwYDVQQD
Eyg4ZGNlY2U2YjVjMzk1YzExZmI2MGQ2NGQ3Zjg1OWE1NzIyY2JjM2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0sNoe/So1puZxg6e2a/2gC+5juz5
cxmh8ZbHoOQdETNA9mE9GlvIAKDrknINSzvNHKT/66F9XESapqvIbWKTDz7axIvH
RunVtbik08qJwCl5Up+GpB0o/RbV5twY3xr0G2wy6ikuSEbtlzEX8x0vrk7u8qot
b9RBzgWQzjXk7PmovQvsu1HzJHw2gOAHD6EG4+IWTbjGp+klKuudnYyyNtagDRZb
qYoNOGhkfrcVt715okJDtJYGhXjSrONz36OCoaJJp7kiukscndqURpAEK4bXg511
aad2iY281wvI8kl6P4Qx2795kZUgKWdM0OXiGWhQNos60GzaecKcPMZhBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI3OzmtcOVwR+2DWTX+Fmlciy8OzMB8GA1UdIwQY
MBaAFK94HIRTOZAPfmsgM+Y4iLU65Xh1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNnY2hGTTVrQTktYXlBejVqaUl0VHJsZUhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9kMWM3MWQtYWE1MC00ZDc4LThlNTIt
NWNmMzdhMzQ4MzBkLzEvcjNnY2hGTTVrQTktYXlBejVqaUl0VHJsZUhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9kMWM3MWQtYWE1MC00ZDc4LThlNTItNWNmMzdhMzQ4MzBk
LzEvcjNnY2hGTTVrQTktYXlBejVqaUl0VHJsZUhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADHKAm+x/
SL7KknG0NHS62YvtdVVI8wkn9DRbAZRKk306Dp2onijoffrPStAzQBg6TA+905lp
rlhpNvPE/TFRJg1ER/1P8L5Wu0DMXhF7hi4+eFeDlxyibycxmCNEKUDX9ZQKkNCU
LkrERUIbZ0KlYt+KDjLlxpNPI4rTqr5hZe1YX+a8N0GNv4iXOydgjKaXYtOL7/EE
WLOI4be9a/LKTTYkxGCE4QqJvdfatbf7woF4h77qAm7D12uGxLWD7xJKbuqzkiTO
1KbtU2d3jch/WglFchdyJIPp140r0St2AQMZi99/uVRnNxybCmk9FGA3htH7cJqT
X4eZjox8pzWXkw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:51:55 2025 by rpki-client