Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft
File: CKkhe9gwYnyz5lfAuQY8giNN28s.mft (raw, json)
Hash identifier: i4sk3NDlUl+idhTSJ2pOuyim+Vrw/tOfuXHYoATOm+Y=
Subject key identifier: 82:9B:B6:ED:9D:E6:05:17:D2:2A:10:43:7D:AA:0B:34:2C:05:C4:7D
Authority key identifier: 08:A9:21:7B:D8:30:62:7C:B3:E6:57:C0:B9:06:3C:82:23:4D:DB:CB
Certificate issuer: /CN=08a9217bd830627cb3e657c0b9063c82234ddbcb
Certificate serial: 0198D6CD95CA1F9D068C8F378A917B08CBD8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft
Manifest number: 164D
Signing time: Sat 23 Aug 2025 12:00:54 +0000
Manifest this update: Sat 23 Aug 2025 12:00:54 +0000
Manifest next update: Sun 24 Aug 2025 12:00:54 +0000
Files and hashes: 1: 34veN2ucTJBbi388PrmLekhLRzM.roa (hash: zPkkR8nXQL9mfEVd+D/kn8bIVDt7EDLAoyKRPC1BVEk=)
2: CKkhe9gwYnyz5lfAuQY8giNN28s.crl (hash: VwP+HJoZnIIrZLeDBhpKXdvvDN2X8q53iypCtjM73OE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft
rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:cd:95:ca:1f:9d:06:8c:8f:37:8a:91:7b:08:cb:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08a9217bd830627cb3e657c0b9063c82234ddbcb
Validity
Not Before: Aug 23 12:00:54 2025 GMT
Not After : Aug 24 12:00:54 2025 GMT
Subject: CN=829bb6ed9de60517d22a10437daa0b342c05c47d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c5:a3:5a:4e:ec:60:13:4d:f6:f7:b2:27:be:
09:9c:77:07:e0:13:4a:07:c1:62:f5:0e:f9:ec:27:
f1:f0:88:8e:e6:ad:b4:9f:1b:58:ae:3c:59:f4:53:
c0:23:8b:ef:bf:82:3d:5f:e8:2e:0e:2d:9e:d6:db:
3b:72:e1:c2:0f:9b:97:3c:26:0b:27:8e:89:d7:03:
c9:50:7f:dd:bc:ef:7e:6d:ca:f5:c2:ef:af:7c:e6:
97:53:a5:4c:d7:9e:d6:9f:40:a2:ab:dd:3b:e4:45:
e0:0c:be:83:df:f8:90:e9:d8:97:17:26:52:31:f5:
6c:80:99:27:f2:ed:d8:a6:41:69:ca:d4:5c:8d:eb:
a3:3c:1e:36:7a:c2:26:e5:21:a2:5a:7c:81:64:7d:
cd:9c:8f:4a:85:09:1f:77:02:fb:dd:0a:28:43:08:
8c:c5:f9:ba:3d:c6:71:ec:08:6f:5d:2b:5b:a7:db:
56:6e:a2:11:11:fe:67:1c:98:e9:12:a0:ae:4e:04:
fb:07:c1:d4:90:1d:c6:d5:13:3c:3c:b3:49:27:10:
7e:9c:3d:af:5a:4b:9c:ec:2c:86:4a:46:fa:3b:93:
bd:26:58:32:5e:41:c2:69:c1:d1:78:5d:ca:9f:ce:
6b:9c:dd:a2:0d:04:c9:d8:77:51:a5:da:80:27:29:
0e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:9B:B6:ED:9D:E6:05:17:D2:2A:10:43:7D:AA:0B:34:2C:05:C4:7D
X509v3 Authority Key Identifier:
keyid:08:A9:21:7B:D8:30:62:7C:B3:E6:57:C0:B9:06:3C:82:23:4D:DB:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7a:52:3b:da:d1:6a:f0:b2:c6:c8:fc:40:f5:94:41:8a:f1:ed:
b4:e6:c5:7d:2c:4c:9b:40:6e:d0:01:ce:4d:a5:2c:ef:76:76:
9d:13:52:2a:28:f3:bf:53:df:7e:29:2c:83:59:96:e9:7f:90:
d1:f7:56:b4:a8:41:1b:70:ce:87:52:6c:19:f1:42:d2:c1:46:
8a:d5:00:d2:94:15:d1:9e:28:9f:de:5a:f3:e0:ac:0e:c5:fa:
d3:07:ca:55:9b:1e:5d:bd:3e:62:bb:26:f9:d6:c1:ec:0e:99:
2a:0e:f4:27:e9:62:bc:27:e0:87:32:89:69:0d:60:2c:7d:11:
d5:3c:c4:d3:3b:71:fb:83:9b:fd:7c:54:f3:6c:c4:c0:f9:37:
8b:83:48:d6:87:a3:be:de:ab:a6:56:ae:ae:0a:b6:ae:45:ed:
f8:f9:a5:7f:e1:93:bc:6c:14:ce:48:0e:02:84:b1:ee:91:57:
5e:05:b0:9f:45:6b:0d:31:97:a5:8c:10:85:af:5c:99:8b:34:
b0:5a:f4:a2:22:6d:c7:db:30:91:7e:07:19:53:66:d8:47:c3:
dd:5d:74:d2:71:fd:66:79:90:43:4c:a7:a6:75:07:e1:bb:ce:
66:c9:71:97:fa:4f:1c:13:25:8d:c4:50:f3:bc:8a:ea:8a:29:
27:ad:27:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzZXKH50GjI83ipF7CMvYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YTkyMTdiZDgzMDYyN2NiM2U2NTdjMGI5MDYzYzgyMjM0
ZGRiY2IwHhcNMjUwODIzMTIwMDU0WhcNMjUwODI0MTIwMDU0WjAzMTEwLwYDVQQD
Eyg4MjliYjZlZDlkZTYwNTE3ZDIyYTEwNDM3ZGFhMGIzNDJjMDVjNDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8WjWk7sYBNN9veyJ74JnHcH4BNK
B8Fi9Q757Cfx8IiO5q20nxtYrjxZ9FPAI4vvv4I9X+guDi2e1ts7cuHCD5uXPCYL
J46J1wPJUH/dvO9+bcr1wu+vfOaXU6VM157Wn0Ciq9075EXgDL6D3/iQ6diXFyZS
MfVsgJkn8u3YpkFpytRcjeujPB42esIm5SGiWnyBZH3NnI9KhQkfdwL73QooQwiM
xfm6PcZx7AhvXStbp9tWbqIREf5nHJjpEqCuTgT7B8HUkB3G1RM8PLNJJxB+nD2v
Wkuc7CyGSkb6O5O9JlgyXkHCacHReF3Kn85rnN2iDQTJ2HdRpdqAJykO6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIKbtu2d5gUX0ioQQ32qCzQsBcR9MB8GA1UdIwQY
MBaAFAipIXvYMGJ8s+ZXwLkGPIIjTdvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0traGU5Z3dZbnl6NWxmQXVRWThnaU5OMjhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC83ZGRlNDQtZDdiNS00OGRhLWJjNjgt
MmM1YmFjMzVjMzQ0LzEvQ0traGU5Z3dZbnl6NWxmQXVRWThnaU5OMjhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC83ZGRlNDQtZDdiNS00OGRhLWJjNjgtMmM1YmFjMzVjMzQ0
LzEvQ0traGU5Z3dZbnl6NWxmQXVRWThnaU5OMjhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAelI72tFq
8LLGyPxA9ZRBivHttObFfSxMm0Bu0AHOTaUs73Z2nRNSKijzv1Pffiksg1mW6X+Q
0fdWtKhBG3DOh1JsGfFC0sFGitUA0pQV0Z4on95a8+CsDsX60wfKVZseXb0+Yrsm
+dbB7A6ZKg70J+livCfghzKJaQ1gLH0R1TzE0ztx+4Ob/XxU82zEwPk3i4NI1oej
vt6rplaurgq2rkXt+Pmlf+GTvGwUzkgOAoSx7pFXXgWwn0VrDTGXpYwQha9cmYs0
sFr0oiJtx9swkX4HGVNm2EfD3V100nH9ZnmQQ0ynpnUH4bvOZslxl/pPHBMljcRQ
87yK6oopJ60nEQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 21:27:26 2025 by rpki-client