Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
File: r433xPeRM3MP4-aJR3enlgSly3k.mft (raw, json)
Hash identifier: 8YploDDuvVFk6hbMIIO3AbhZogBUnwi2FcL/JY3jU6U=
Subject key identifier: 8B:5B:CF:7E:FC:BA:91:F5:BC:56:1A:F8:48:55:30:62:7F:FC:A2:D0
Authority key identifier: AF:8D:F7:C4:F7:91:33:73:0F:E3:E6:89:47:77:A7:96:04:A5:CB:79
Certificate issuer: /CN=af8df7c4f79133730fe3e6894777a79604a5cb79
Certificate serial: 0198D583EE9D53FC05E7D53FFFE04A638FC0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
Manifest number: 1649
Signing time: Sat 23 Aug 2025 06:00:49 +0000
Manifest this update: Sat 23 Aug 2025 06:00:49 +0000
Manifest next update: Sun 24 Aug 2025 06:00:49 +0000
Files and hashes: 1: Sj0PB6C71UQWy93CM-Vpj4pjoBg.roa (hash: StQmSXi8WTjztpX70qdwwtDI4sB0dsxFMynA07YhLgY=)
2: r433xPeRM3MP4-aJR3enlgSly3k.crl (hash: fiqmXym7d8GhGX+j2DvUtJmzfGthHTtNezTZA4DS/cI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:83:ee:9d:53:fc:05:e7:d5:3f:ff:e0:4a:63:8f:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af8df7c4f79133730fe3e6894777a79604a5cb79
Validity
Not Before: Aug 23 06:00:49 2025 GMT
Not After : Aug 24 06:00:49 2025 GMT
Subject: CN=8b5bcf7efcba91f5bc561af8485530627ffca2d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b2:e9:87:40:f0:da:f2:9f:55:9b:8e:79:a2:
33:f1:96:98:dd:3d:9e:c5:30:24:1d:9f:1a:60:b1:
43:bc:86:e3:8b:01:5a:95:97:c1:65:7a:7d:d1:ee:
91:44:74:93:66:58:5d:ab:1f:52:0a:35:8b:4e:5c:
75:a4:64:f2:d0:ac:11:8e:1a:33:15:65:af:53:58:
88:25:ee:e8:98:a5:83:5e:3e:ef:63:9e:d6:4d:ad:
04:f4:af:80:9a:2a:93:9e:ed:42:67:e8:eb:60:01:
0a:92:97:2d:b4:5a:28:d5:f3:82:75:42:f1:fa:ac:
2d:ea:fd:00:2e:73:4c:ba:8a:9f:3a:8e:b3:cf:7b:
03:a4:1a:3f:e2:c1:98:63:71:a7:86:74:b3:e3:ae:
23:79:eb:1d:b4:65:88:04:32:5f:94:31:ea:32:68:
93:13:4a:10:81:83:aa:41:b1:b4:70:0d:0f:80:f4:
7d:6c:fa:ae:83:d7:6a:06:04:e6:ae:5c:58:66:f6:
4b:e9:9b:63:11:f3:e8:ad:ca:20:ec:88:a7:ce:2c:
46:0c:cc:95:ec:ab:c6:6a:0c:ff:d5:33:54:cc:f9:
00:b0:0d:7d:f3:7a:61:b4:8d:a4:2d:68:da:f7:f9:
6d:1f:6b:6f:19:b7:63:ed:af:2a:8e:d8:fb:a3:c8:
58:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:5B:CF:7E:FC:BA:91:F5:BC:56:1A:F8:48:55:30:62:7F:FC:A2:D0
X509v3 Authority Key Identifier:
keyid:AF:8D:F7:C4:F7:91:33:73:0F:E3:E6:89:47:77:A7:96:04:A5:CB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bd:33:37:e3:c8:10:51:78:29:ec:f7:2a:74:24:e2:b4:98:54:
96:64:b8:61:f2:6a:90:76:ce:fb:1a:47:e6:01:33:8f:9d:97:
21:a8:d0:39:11:d0:20:7e:79:7c:f9:e5:c5:42:6b:67:76:a4:
69:ce:f9:7d:4c:4f:be:14:ce:e4:5d:ce:02:cb:ec:3b:6e:ed:
cc:8c:1b:cc:c1:32:87:7f:bf:b8:fb:1f:0f:c3:12:60:29:1b:
e9:8f:f9:5e:2c:ba:e2:04:be:57:f2:c8:73:18:72:f7:69:57:
0d:47:8c:4d:95:ab:c6:de:84:2a:eb:4e:2d:f5:88:03:f9:1f:
ea:f4:4c:0a:1f:46:ab:87:31:06:ea:7c:9d:80:23:2a:1d:ec:
d6:44:61:98:4c:1e:70:9e:81:15:bb:4c:05:1a:9b:c7:c9:f5:
f8:c8:b7:1a:2f:df:47:11:27:da:de:20:39:6c:45:da:2e:8f:
64:d0:89:dc:76:e2:6c:38:55:10:58:e4:48:93:3f:8e:c7:14:
6e:b1:65:fe:aa:9c:f9:52:fd:fc:61:15:3d:89:3d:23:84:e0:
4a:29:f1:c6:04:b6:35:f4:90:e6:2e:90:8b:90:8f:56:32:68:
e8:29:d3:af:5a:ed:1c:80:6f:9e:6a:4a:d6:12:ce:5a:e6:a6:
a1:a5:03:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVg+6dU/wF59U//+BKY4/AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOGRmN2M0Zjc5MTMzNzMwZmUzZTY4OTQ3NzdhNzk2MDRh
NWNiNzkwHhcNMjUwODIzMDYwMDQ5WhcNMjUwODI0MDYwMDQ5WjAzMTEwLwYDVQQD
Eyg4YjViY2Y3ZWZjYmE5MWY1YmM1NjFhZjg0ODU1MzA2MjdmZmNhMmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLLph0Dw2vKfVZuOeaIz8ZaY3T2e
xTAkHZ8aYLFDvIbjiwFalZfBZXp90e6RRHSTZlhdqx9SCjWLTlx1pGTy0KwRjhoz
FWWvU1iIJe7omKWDXj7vY57WTa0E9K+AmiqTnu1CZ+jrYAEKkpcttFoo1fOCdULx
+qwt6v0ALnNMuoqfOo6zz3sDpBo/4sGYY3GnhnSz464jeesdtGWIBDJflDHqMmiT
E0oQgYOqQbG0cA0PgPR9bPqug9dqBgTmrlxYZvZL6ZtjEfPorcog7IinzixGDMyV
7KvGagz/1TNUzPkAsA1983phtI2kLWja9/ltH2tvGbdj7a8qjtj7o8hY2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFItbz378upH1vFYa+EhVMGJ//KLQMB8GA1UdIwQY
MBaAFK+N98T3kTNzD+PmiUd3p5YEpct5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC81MGZmMDAtNzc3YS00MTFkLTkzOGIt
ZjRkNjBlY2RmMmIyLzEvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC81MGZmMDAtNzc3YS00MTFkLTkzOGItZjRkNjBlY2RmMmIy
LzEvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvTM348gQ
UXgp7PcqdCTitJhUlmS4YfJqkHbO+xpH5gEzj52XIajQORHQIH55fPnlxUJrZ3ak
ac75fUxPvhTO5F3OAsvsO27tzIwbzMEyh3+/uPsfD8MSYCkb6Y/5Xiy64gS+V/LI
cxhy92lXDUeMTZWrxt6EKutOLfWIA/kf6vRMCh9Gq4cxBup8nYAjKh3s1kRhmEwe
cJ6BFbtMBRqbx8n1+Mi3Gi/fRxEn2t4gOWxF2i6PZNCJ3HbibDhVEFjkSJM/jscU
brFl/qqc+VL9/GEVPYk9I4TgSinxxgS2NfSQ5i6Qi5CPVjJo6CnTr1rtHIBvnmpK
1hLOWuamoaUDJg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:37:34 2025 by rpki-client