Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
File: bNmlABXpaTdlb8DKW21WXkWb02A.mft (raw, json)
Hash identifier: B/N8603ljOZthlmBHswnggtcaOsccKR1oPi9kD9v3BM=
Subject key identifier: A8:4F:82:A3:58:FC:64:78:80:49:CF:19:CF:73:33:30:1E:55:94:96
Authority key identifier: 6C:D9:A5:00:15:E9:69:37:65:6F:C0:CA:5B:6D:56:5E:45:9B:D3:60
Certificate issuer: /CN=6cd9a50015e96937656fc0ca5b6d565e459bd360
Certificate serial: 0198D66012006DB46F4C0364D244A080E8A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
Manifest number: 1648
Signing time: Sat 23 Aug 2025 10:01:16 +0000
Manifest this update: Sat 23 Aug 2025 10:01:16 +0000
Manifest next update: Sun 24 Aug 2025 10:01:16 +0000
Files and hashes: 1: bNmlABXpaTdlb8DKW21WXkWb02A.crl (hash: ofMBLazWPvgXBqjXemTigHakT1euWp0UaSiOFdzFzVE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:60:12:00:6d:b4:6f:4c:03:64:d2:44:a0:80:e8:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cd9a50015e96937656fc0ca5b6d565e459bd360
Validity
Not Before: Aug 23 10:01:16 2025 GMT
Not After : Aug 24 10:01:16 2025 GMT
Subject: CN=a84f82a358fc64788049cf19cf7333301e559496
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:9f:00:0b:2d:2b:30:f6:1b:93:c2:ee:e5:fd:
95:e4:39:5a:1a:62:67:03:ad:d6:3e:90:1a:4d:5b:
07:bd:82:fe:a3:f4:dd:e5:83:5c:61:f7:98:3c:bb:
b3:3d:0b:28:ac:2c:8e:8a:9b:87:2d:03:11:22:23:
66:f0:62:9f:26:3b:db:02:80:46:e0:ec:36:39:b5:
20:c3:26:3c:3d:28:09:95:77:8f:96:16:ff:e2:bf:
72:d3:cf:3b:a3:97:2e:d2:bf:ba:b0:9b:f7:aa:4d:
70:8c:c6:26:95:c6:f0:9b:f4:c7:87:47:34:50:f9:
fc:3e:cc:de:2e:ba:4f:0b:7e:74:dd:14:60:f5:a6:
c1:ee:9a:2e:55:9c:c1:91:34:88:5e:b8:2b:48:a1:
95:4f:f2:db:95:ee:ce:9a:4c:a5:bb:9f:bf:2c:73:
16:26:4b:e8:fb:84:2a:2c:2d:75:11:3a:22:e3:6b:
49:01:47:88:e2:4d:aa:7b:d6:58:5f:b7:50:87:79:
29:e6:62:56:c2:f4:74:d6:ea:0c:95:ff:ae:a5:3a:
e6:15:e4:e7:d4:5f:f2:5f:4a:d9:01:2a:82:87:6c:
91:40:a6:49:67:27:46:66:13:cd:97:e3:34:7f:91:
c6:79:27:60:05:f5:e8:0f:df:82:e5:db:33:e9:16:
8d:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:4F:82:A3:58:FC:64:78:80:49:CF:19:CF:73:33:30:1E:55:94:96
X509v3 Authority Key Identifier:
keyid:6C:D9:A5:00:15:E9:69:37:65:6F:C0:CA:5B:6D:56:5E:45:9B:D3:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
97:f0:b8:6d:03:f9:49:03:e6:95:65:22:f8:42:16:db:53:f1:
6a:07:bb:11:21:47:f4:65:bc:45:2b:5b:27:f0:e3:60:65:7b:
40:8b:95:7f:36:7a:49:c0:5f:aa:01:2d:dc:67:44:06:06:5f:
02:65:e8:06:52:06:59:82:1a:7b:e9:6e:c3:bc:53:f5:90:7d:
b2:cf:89:5d:79:03:1d:d2:e1:b6:eb:ae:ca:be:10:69:a8:e6:
cf:c3:e8:44:ff:99:86:37:34:ed:99:66:4f:c0:c6:bd:d5:df:
bd:bd:44:c2:23:39:4a:ed:9a:0d:b2:9c:92:82:f7:23:24:2f:
ae:be:de:46:9d:cd:91:99:2e:90:1e:c4:ea:55:bf:7f:d4:fa:
b6:30:45:59:72:e6:a2:1a:8e:a9:05:c3:c2:73:32:94:dd:f7:
7f:3d:96:49:db:80:98:7d:ee:1d:eb:52:1e:9c:f1:a1:a6:f7:
bb:d9:87:da:0a:7f:98:75:4a:a5:32:4b:ef:a7:06:66:de:09:
7c:3a:26:29:33:05:59:c4:a1:21:6c:51:c6:11:a8:57:46:cd:
e9:07:2b:32:c7:2b:63:41:d6:64:f0:81:4d:c3:d9:0f:39:fe:
6a:b4:b5:b5:e3:df:32:8c:9e:98:b9:8c:70:9a:f0:5f:89:32:
34:f1:47:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYBIAbbRvTANk0kSggOioMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZDlhNTAwMTVlOTY5Mzc2NTZmYzBjYTViNmQ1NjVlNDU5
YmQzNjAwHhcNMjUwODIzMTAwMTE2WhcNMjUwODI0MTAwMTE2WjAzMTEwLwYDVQQD
EyhhODRmODJhMzU4ZmM2NDc4ODA0OWNmMTljZjczMzMzMDFlNTU5NDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJ8ACy0rMPYbk8Lu5f2V5DlaGmJn
A63WPpAaTVsHvYL+o/Td5YNcYfeYPLuzPQsorCyOipuHLQMRIiNm8GKfJjvbAoBG
4Ow2ObUgwyY8PSgJlXePlhb/4r9y0887o5cu0r+6sJv3qk1wjMYmlcbwm/THh0c0
UPn8PszeLrpPC3503RRg9abB7pouVZzBkTSIXrgrSKGVT/Lble7Omkylu5+/LHMW
Jkvo+4QqLC11EToi42tJAUeI4k2qe9ZYX7dQh3kp5mJWwvR01uoMlf+upTrmFeTn
1F/yX0rZASqCh2yRQKZJZydGZhPNl+M0f5HGeSdgBfXoD9+C5dsz6RaNtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKhPgqNY/GR4gEnPGc9zMzAeVZSWMB8GA1UdIwQY
MBaAFGzZpQAV6Wk3ZW/AylttVl5Fm9NgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi83ZGJkMTEtMWIyMi00MDRjLTk0ZDMt
MmI5ZDQzN2ZlOTAyLzEvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi83ZGJkMTEtMWIyMi00MDRjLTk0ZDMtMmI5ZDQzN2ZlOTAy
LzEvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl/C4bQP5
SQPmlWUi+EIW21Pxage7ESFH9GW8RStbJ/DjYGV7QIuVfzZ6ScBfqgEt3GdEBgZf
AmXoBlIGWYIae+luw7xT9ZB9ss+JXXkDHdLhtuuuyr4Qaajmz8PoRP+Zhjc07Zlm
T8DGvdXfvb1EwiM5Su2aDbKckoL3IyQvrr7eRp3NkZkukB7E6lW/f9T6tjBFWXLm
ohqOqQXDwnMylN33fz2WSduAmH3uHetSHpzxoab3u9mH2gp/mHVKpTJL76cGZt4J
fDomKTMFWcShIWxRxhGoV0bN6QcrMscrY0HWZPCBTcPZDzn+arS1tePfMoyemLmM
cJrwX4kyNPFH5w==
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:12:54 2025 by rpki-client