Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
File: VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft (raw, json)
Hash identifier: pdYVbulzorNk6l//cXx4dWgBnj12rZyqgy5y+DWXI78=
Subject key identifier: 3B:43:7B:DA:24:8F:4D:D1:5F:67:B9:E0:D5:0A:11:69:7B:25:E4:BB
Authority key identifier: 54:76:E0:90:01:C3:18:65:26:19:0D:1F:35:D2:A5:B9:9F:CA:A2:70
Certificate issuer: /CN=5476e09001c3186526190d1f35d2a5b99fcaa270
Certificate serial: 0198D66141BE1D8B5D51D9B44C9D4350878C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
Manifest number: 1648
Signing time: Sat 23 Aug 2025 10:02:34 +0000
Manifest this update: Sat 23 Aug 2025 10:02:34 +0000
Manifest next update: Sun 24 Aug 2025 10:02:34 +0000
Files and hashes: 1: VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl (hash: iO882rCKDiYPhK/ttslsJPkrmj19OKOURdcX6QD0UiQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 10:02:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:61:41:be:1d:8b:5d:51:d9:b4:4c:9d:43:50:87:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5476e09001c3186526190d1f35d2a5b99fcaa270
Validity
Not Before: Aug 23 10:02:34 2025 GMT
Not After : Aug 24 10:02:34 2025 GMT
Subject: CN=3b437bda248f4dd15f67b9e0d50a11697b25e4bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:69:b3:1b:df:95:25:48:3f:57:ae:b1:5d:06:
4b:96:a3:ec:b9:0d:38:2e:05:bd:34:b1:4b:91:27:
ae:5b:d7:31:db:0c:23:ef:2f:94:dd:0a:a3:c8:e5:
27:8a:8e:4e:88:4c:8e:84:96:af:4d:51:b6:c5:e8:
9f:c6:f8:24:90:46:c4:03:7e:5c:3b:05:76:31:30:
fb:38:57:10:6d:0b:42:22:94:52:5f:21:3a:bd:b4:
af:f0:54:07:ea:6e:6d:2f:fc:97:40:10:90:8d:2f:
2e:60:b4:83:72:b9:7e:b1:34:84:b2:7a:4e:35:ec:
86:1a:0e:b9:c9:bf:a3:7c:81:3f:b2:b0:59:6b:8f:
95:fd:a0:02:07:b4:e2:5b:77:01:55:6f:f9:b0:2c:
9f:76:a7:53:87:e6:96:c5:aa:7b:94:9b:58:00:34:
6c:35:b6:0d:27:f7:e3:3b:7b:57:03:25:08:40:70:
54:9a:eb:ac:39:d2:4c:5c:9b:22:61:ed:97:8e:03:
3c:27:45:82:7e:0a:d3:41:9a:65:49:08:c7:42:b6:
a6:72:15:d7:31:0e:7e:f4:a2:83:6c:97:ca:2d:8e:
cc:17:f9:a3:1f:d0:b1:a8:79:3e:f7:65:2d:6d:b0:
89:8c:f9:ca:56:dd:eb:1c:9c:38:99:5a:1e:60:dd:
98:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:43:7B:DA:24:8F:4D:D1:5F:67:B9:E0:D5:0A:11:69:7B:25:E4:BB
X509v3 Authority Key Identifier:
keyid:54:76:E0:90:01:C3:18:65:26:19:0D:1F:35:D2:A5:B9:9F:CA:A2:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5d:03:9d:cf:df:e1:27:e8:84:32:c5:11:84:81:c8:99:59:bb:
6d:bb:91:24:35:71:fc:ab:c0:87:08:a5:e9:c0:ed:35:5e:90:
67:0f:03:51:bb:39:79:93:ce:60:9c:fa:e1:44:53:fb:35:79:
bb:b5:c9:ea:80:35:4c:27:cd:90:c2:3d:89:c7:c9:a2:07:30:
f9:f6:a5:72:50:2a:5b:43:ef:70:77:27:39:0f:46:ae:ac:54:
e0:59:82:94:ab:26:94:a2:50:b2:5a:8a:4f:f5:53:fd:55:f5:
68:28:92:b2:d5:6c:dd:92:ae:a0:6d:30:50:8a:88:7e:e8:0c:
6f:c8:7d:03:73:8b:fd:20:70:28:0f:8a:7b:f0:90:36:d2:28:
9d:39:31:9b:25:a3:e3:3b:1f:08:da:d9:c0:fa:01:f9:65:69:
32:55:a5:a0:64:9b:89:05:59:30:c8:23:b6:58:a0:f1:96:d9:
cf:1c:ab:a0:55:07:74:09:f3:35:aa:74:f4:a7:b0:99:a3:da:
a0:cd:24:47:91:e8:e9:48:b8:d5:b7:4e:0b:b1:6b:ea:61:81:
88:ac:42:43:ea:37:d3:a9:a7:bd:79:d7:dc:7e:cb:3e:d2:5d:
0a:a6:af:10:4b:58:69:57:1e:51:38:81:a3:42:5d:52:36:be:
46:f5:8f:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYUG+HYtdUdm0TJ1DUIeMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NzZlMDkwMDFjMzE4NjUyNjE5MGQxZjM1ZDJhNWI5OWZj
YWEyNzAwHhcNMjUwODIzMTAwMjM0WhcNMjUwODI0MTAwMjM0WjAzMTEwLwYDVQQD
EygzYjQzN2JkYTI0OGY0ZGQxNWY2N2I5ZTBkNTBhMTE2OTdiMjVlNGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2mzG9+VJUg/V66xXQZLlqPsuQ04
LgW9NLFLkSeuW9cx2wwj7y+U3QqjyOUnio5OiEyOhJavTVG2xeifxvgkkEbEA35c
OwV2MTD7OFcQbQtCIpRSXyE6vbSv8FQH6m5tL/yXQBCQjS8uYLSDcrl+sTSEsnpO
NeyGGg65yb+jfIE/srBZa4+V/aACB7TiW3cBVW/5sCyfdqdTh+aWxap7lJtYADRs
NbYNJ/fjO3tXAyUIQHBUmuusOdJMXJsiYe2XjgM8J0WCfgrTQZplSQjHQramchXX
MQ5+9KKDbJfKLY7MF/mjH9CxqHk+92UtbbCJjPnKVt3rHJw4mVoeYN2YUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDtDe9okj03RX2e54NUKEWl7JeS7MB8GA1UdIwQY
MBaAFFR24JABwxhlJhkNHzXSpbmfyqJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC80YmM0N2UtMzk4Ny00YTM0LTkyYmMt
ODkwMWU4ODEzYWFjLzEvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC80YmM0N2UtMzk4Ny00YTM0LTkyYmMtODkwMWU4ODEzYWFj
LzEvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXQOdz9/h
J+iEMsURhIHImVm7bbuRJDVx/KvAhwil6cDtNV6QZw8DUbs5eZPOYJz64URT+zV5
u7XJ6oA1TCfNkMI9icfJogcw+falclAqW0PvcHcnOQ9GrqxU4FmClKsmlKJQslqK
T/VT/VX1aCiSstVs3ZKuoG0wUIqIfugMb8h9A3OL/SBwKA+Ke/CQNtIonTkxmyWj
4zsfCNrZwPoB+WVpMlWloGSbiQVZMMgjtlig8ZbZzxyroFUHdAnzNap09KewmaPa
oM0kR5Ho6Ui41bdOC7Fr6mGBiKxCQ+o306mnvXnX3H7LPtJdCqavEEtYaVceUTiB
o0JdUja+RvWPww==
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:33:55 2025 by rpki-client