Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/8HHkN5gsw0b26BfKZIknI-21QZo.mft
File: 8HHkN5gsw0b26BfKZIknI-21QZo.mft (raw, json)
Hash identifier: uLDXPQ3t26YOblghyfLEE3KHkcVj/Rkc5Hzzedpkiac=
Subject key identifier: 70:3F:D2:C9:94:1A:0B:1D:E9:30:7C:B9:0C:5C:18:B4:85:E9:6C:55
Authority key identifier: F0:71:E4:37:98:2C:C3:46:F6:E8:17:CA:64:89:27:23:ED:B5:41:9A
Certificate issuer: /CN=f071e437982cc346f6e817ca64892723edb5419a
Certificate serial: 0198D8BD7E73EF6835D21B5A79D6BBFBBA18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8HHkN5gsw0b26BfKZIknI-21QZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/8HHkN5gsw0b26BfKZIknI-21QZo.mft
Manifest number: 0FAC
Signing time: Sat 23 Aug 2025 21:02:33 +0000
Manifest this update: Sat 23 Aug 2025 21:02:33 +0000
Manifest next update: Sun 24 Aug 2025 21:02:33 +0000
Files and hashes: 1: 8HHkN5gsw0b26BfKZIknI-21QZo.crl (hash: qjrtgILNe7iIuUa0FV/uR8eu3JCjKzE4pwsGfSRY/Tg=)
2: Wb0clcxCuCcUH9RDxENV44_1l9w.roa (hash: IOO34gWbQwbQwVQDhS544nKGrCLE+a+zuAW9waRkyRU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/8HHkN5gsw0b26BfKZIknI-21QZo.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/8HHkN5gsw0b26BfKZIknI-21QZo.mft
rsync://rpki.ripe.net/repository/DEFAULT/8HHkN5gsw0b26BfKZIknI-21QZo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d8:bd:7e:73:ef:68:35:d2:1b:5a:79:d6:bb:fb:ba:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f071e437982cc346f6e817ca64892723edb5419a
Validity
Not Before: Aug 23 21:02:33 2025 GMT
Not After : Aug 24 21:02:33 2025 GMT
Subject: CN=703fd2c9941a0b1de9307cb90c5c18b485e96c55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e1:e2:73:65:3e:29:05:9b:85:20:c2:16:0c:
22:76:e8:1e:99:94:9d:4a:b9:4e:31:97:7e:dd:2d:
5d:86:ff:bb:74:3d:23:55:a7:51:34:57:32:d8:e5:
2e:f1:9d:0c:68:8d:45:50:64:ce:97:83:29:25:84:
43:ba:95:26:67:35:9c:b5:b5:d6:85:e7:3f:d5:2b:
df:c5:2a:a1:f0:e0:d9:6b:19:50:2f:26:82:e9:8c:
db:e3:66:b5:62:73:0f:ce:08:15:eb:da:7d:12:35:
54:20:b5:ef:0a:0f:34:42:9e:84:03:27:5a:33:59:
f3:af:d9:d4:18:16:0c:07:d6:3c:03:5e:dd:74:a3:
b9:ae:a4:d2:d6:69:4c:ff:4f:db:b8:fb:5a:4a:fc:
1d:b8:13:57:90:b2:25:f1:ca:78:0e:dc:1a:4a:d4:
70:ad:19:e7:e6:76:de:d1:60:d2:f9:9f:63:ce:96:
c6:0e:c4:f0:fa:87:ad:36:55:2a:48:d5:7c:57:ba:
42:4c:85:05:2d:7f:11:9b:40:3b:37:a5:e0:ee:f7:
d3:44:42:73:ae:f5:a0:c8:a3:85:6e:2b:95:e2:75:
85:80:cc:cd:c9:62:fa:6e:f4:4f:ab:41:70:7d:e4:
01:5c:ae:e2:f5:46:a2:c2:32:d0:02:17:b9:de:76:
27:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:3F:D2:C9:94:1A:0B:1D:E9:30:7C:B9:0C:5C:18:B4:85:E9:6C:55
X509v3 Authority Key Identifier:
keyid:F0:71:E4:37:98:2C:C3:46:F6:E8:17:CA:64:89:27:23:ED:B5:41:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8HHkN5gsw0b26BfKZIknI-21QZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/8HHkN5gsw0b26BfKZIknI-21QZo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/8HHkN5gsw0b26BfKZIknI-21QZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
70:3e:d3:17:a1:d8:6b:80:97:1f:78:e2:0f:12:93:05:b0:a9:
2e:51:a3:03:3f:30:ea:ca:c3:b0:0f:2b:2b:7e:41:ac:93:87:
61:a1:af:f3:12:fc:e7:18:86:63:99:b8:01:69:36:33:8b:a7:
6e:fc:17:a6:74:d0:5d:db:83:e4:59:4f:45:51:59:fe:80:a8:
ee:ee:87:91:a4:76:12:69:a8:3a:6f:8b:54:46:6f:59:20:b7:
5f:ea:b2:e1:70:3e:31:d4:44:a1:95:ea:f4:89:f8:7f:e9:7e:
89:75:7b:76:da:1e:3b:9f:59:17:8e:70:0c:5a:21:ed:e0:5f:
47:f1:6f:5e:78:e8:ca:ae:2a:d2:07:87:03:80:46:5f:6b:bb:
8a:20:1f:76:af:46:53:07:c0:03:83:df:1c:0b:82:55:b3:34:
da:2a:06:bd:4f:63:23:ba:7c:ca:48:66:08:8e:cc:92:19:ab:
e4:62:29:02:01:ab:b7:ef:00:21:36:8b:34:e2:6f:18:e1:93:
2c:37:cc:cc:42:3d:e9:a6:40:73:0d:51:97:cb:2f:85:22:03:
62:26:1a:d4:9e:78:e3:8d:55:44:32:99:25:8a:37:73:a9:71:
39:d6:1d:c5:b8:71:0e:53:cf:ba:88:1c:56:8d:2c:da:9e:dd:
12:ab:00:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjYvX5z72g10htaeda7+7oYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNzFlNDM3OTgyY2MzNDZmNmU4MTdjYTY0ODkyNzIzZWRi
NTQxOWEwHhcNMjUwODIzMjEwMjMzWhcNMjUwODI0MjEwMjMzWjAzMTEwLwYDVQQD
Eyg3MDNmZDJjOTk0MWEwYjFkZTkzMDdjYjkwYzVjMThiNDg1ZTk2YzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueHic2U+KQWbhSDCFgwidugemZSd
SrlOMZd+3S1dhv+7dD0jVadRNFcy2OUu8Z0MaI1FUGTOl4MpJYRDupUmZzWctbXW
hec/1SvfxSqh8ODZaxlQLyaC6Yzb42a1YnMPzggV69p9EjVUILXvCg80Qp6EAyda
M1nzr9nUGBYMB9Y8A17ddKO5rqTS1mlM/0/buPtaSvwduBNXkLIl8cp4DtwaStRw
rRnn5nbe0WDS+Z9jzpbGDsTw+oetNlUqSNV8V7pCTIUFLX8Rm0A7N6Xg7vfTREJz
rvWgyKOFbiuV4nWFgMzNyWL6bvRPq0FwfeQBXK7i9UaiwjLQAhe53nYnnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHA/0smUGgsd6TB8uQxcGLSF6WxVMB8GA1UdIwQY
MBaAFPBx5DeYLMNG9ugXymSJJyPttUGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEhIa041Z3N3MGIyNkJmS1pJa25JLTIxUVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8wMDcyNWEtMTllZi00MjQ0LTg4OTct
NzhjYjU5Yjc4YTRmLzEvOEhIa041Z3N3MGIyNkJmS1pJa25JLTIxUVpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8wMDcyNWEtMTllZi00MjQ0LTg4OTctNzhjYjU5Yjc4YTRm
LzEvOEhIa041Z3N3MGIyNkJmS1pJa25JLTIxUVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcD7TF6HY
a4CXH3jiDxKTBbCpLlGjAz8w6srDsA8rK35BrJOHYaGv8xL85xiGY5m4AWk2M4un
bvwXpnTQXduD5FlPRVFZ/oCo7u6HkaR2EmmoOm+LVEZvWSC3X+qy4XA+MdREoZXq
9In4f+l+iXV7dtoeO59ZF45wDFoh7eBfR/FvXnjoyq4q0geHA4BGX2u7iiAfdq9G
UwfAA4PfHAuCVbM02ioGvU9jI7p8ykhmCI7Mkhmr5GIpAgGrt+8AITaLNOJvGOGT
LDfMzEI96aZAcw1Rl8svhSIDYiYa1J54441VRDKZJYo3c6lxOdYdxbhxDlPPuogc
Vo0s2p7dEqsAaA==
-----END CERTIFICATE-----
Generated at Sun Aug 24 00:07:49 2025 by rpki-client