Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.mft
File: otP5vJZWutwm594auw-nLD1yjdg.mft (raw, json)
Hash identifier: k4l55WWAH0GrsHsQzAYFrC3/kRvpvQ/rHAjGj6zWuho=
Subject key identifier: 03:17:66:23:63:0F:FB:E5:E5:C6:2A:C2:3D:28:B9:48:8C:35:39:1A
Authority key identifier: A2:D3:F9:BC:96:56:BA:DC:26:E7:DE:1A:BB:0F:A7:2C:3D:72:8D:D8
Certificate issuer: /CN=a2d3f9bc9656badc26e7de1abb0fa72c3d728dd8
Certificate serial: 0198D6CD96E462D94A7E80B95132AE00E621
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/otP5vJZWutwm594auw-nLD1yjdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.mft
Manifest number: 02AF
Signing time: Sat 23 Aug 2025 12:00:54 +0000
Manifest this update: Sat 23 Aug 2025 12:00:54 +0000
Manifest next update: Sun 24 Aug 2025 12:00:54 +0000
Files and hashes: 1: otP5vJZWutwm594auw-nLD1yjdg.crl (hash: dzNa6PUyK4NLGgYq5wmSPGqUUT0gdNED81jr57YIe6Q=)
2: yntKueGdh_gRYfTjbFRGz4s6BD8.roa (hash: 8wVmYZSgIm0dCsPvd2oqoO7MS+FukiT5t5Ke1EaX2FA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.mft
rsync://rpki.ripe.net/repository/DEFAULT/otP5vJZWutwm594auw-nLD1yjdg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:cd:96:e4:62:d9:4a:7e:80:b9:51:32:ae:00:e6:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2d3f9bc9656badc26e7de1abb0fa72c3d728dd8
Validity
Not Before: Aug 23 12:00:54 2025 GMT
Not After : Aug 24 12:00:54 2025 GMT
Subject: CN=03176623630ffbe5e5c62ac23d28b9488c35391a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:fd:7b:ce:27:a8:9a:68:6c:47:3c:6c:62:ef:
f1:51:c1:fb:85:37:6a:64:e1:4b:96:ba:76:df:ea:
24:5a:3f:2c:8d:3a:51:16:cd:4a:0f:8b:d5:e2:1d:
d7:c1:71:11:9b:12:4f:b0:d8:5e:67:aa:22:99:71:
e1:d5:28:37:90:9d:50:41:18:b0:15:94:32:4e:14:
d3:d1:03:2e:f7:67:c1:39:86:ee:f0:aa:95:2e:93:
f0:f7:40:0b:f3:18:41:42:7d:8e:2c:a7:bf:f7:ff:
5c:e4:a0:bf:f5:d0:61:14:9d:b7:a6:0d:1a:b1:0f:
e6:a0:62:0c:e7:92:f2:1d:c3:25:da:79:49:76:5f:
9e:f4:d0:3c:33:75:4d:da:8c:ac:b0:7a:cd:be:ee:
63:39:d7:d0:f0:31:71:2a:15:fa:0c:8e:b5:63:d3:
3e:b1:45:96:61:97:be:77:f1:24:40:4a:d9:eb:e9:
c9:81:8e:53:cd:1e:75:68:77:46:a6:4e:5c:28:e0:
46:2b:04:67:ef:58:24:1b:55:cb:b1:fb:61:d6:9b:
a4:5c:92:18:c2:16:1e:00:99:48:d5:bd:07:4c:02:
28:08:80:3e:be:59:34:41:a4:fa:4b:42:13:b1:e2:
bd:41:1b:2b:3e:dd:c4:c2:70:07:b0:63:1a:b1:f1:
fc:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:17:66:23:63:0F:FB:E5:E5:C6:2A:C2:3D:28:B9:48:8C:35:39:1A
X509v3 Authority Key Identifier:
keyid:A2:D3:F9:BC:96:56:BA:DC:26:E7:DE:1A:BB:0F:A7:2C:3D:72:8D:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/otP5vJZWutwm594auw-nLD1yjdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3e:ff:3d:b2:8f:5b:f3:4e:eb:79:b8:8a:63:d8:10:c9:a9:ba:
6b:18:6e:5f:eb:e5:11:6c:8a:f5:d7:e4:a4:a5:a6:98:d0:6c:
28:be:cb:f2:3c:b9:da:18:53:2a:61:d8:af:d2:f1:2a:a0:51:
c4:ae:c4:25:46:5e:aa:69:29:b5:28:3d:2a:4a:45:6e:53:d8:
49:78:84:d4:43:b6:e3:11:1c:4e:5a:16:fc:1e:60:09:df:e1:
a0:1e:9f:f0:33:ef:a2:9a:b6:64:39:e7:20:51:d4:27:d2:2e:
48:23:88:69:d5:fe:17:5f:cd:77:21:f2:62:cd:87:fc:59:8b:
b0:64:a4:b2:b3:fe:c7:f8:54:07:63:0b:5f:28:a5:da:73:5c:
03:49:3e:eb:77:f4:4b:fd:0d:24:6e:3c:ce:67:39:29:5d:40:
0e:f6:14:51:e2:5e:42:37:46:cf:74:72:4e:a1:29:80:2f:64:
73:25:67:b0:23:e9:e6:12:98:80:41:19:c2:c0:90:cf:2a:60:
9b:bb:5b:d7:16:c2:1c:0e:51:3e:7c:f9:27:5d:4a:d4:55:c6:
c6:e1:dc:66:3d:27:db:75:6b:2d:5a:d1:55:15:0c:ae:f0:38:
62:d8:a1:32:51:a1:e1:85:e9:48:35:01:3d:a0:6a:d7:21:58:
af:0b:6a:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzZbkYtlKfoC5UTKuAOYhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZDNmOWJjOTY1NmJhZGMyNmU3ZGUxYWJiMGZhNzJjM2Q3
MjhkZDgwHhcNMjUwODIzMTIwMDU0WhcNMjUwODI0MTIwMDU0WjAzMTEwLwYDVQQD
EygwMzE3NjYyMzYzMGZmYmU1ZTVjNjJhYzIzZDI4Yjk0ODhjMzUzOTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqf17zieommhsRzxsYu/xUcH7hTdq
ZOFLlrp23+okWj8sjTpRFs1KD4vV4h3XwXERmxJPsNheZ6oimXHh1Sg3kJ1QQRiw
FZQyThTT0QMu92fBOYbu8KqVLpPw90AL8xhBQn2OLKe/9/9c5KC/9dBhFJ23pg0a
sQ/moGIM55LyHcMl2nlJdl+e9NA8M3VN2oyssHrNvu5jOdfQ8DFxKhX6DI61Y9M+
sUWWYZe+d/EkQErZ6+nJgY5TzR51aHdGpk5cKOBGKwRn71gkG1XLsfth1pukXJIY
whYeAJlI1b0HTAIoCIA+vlk0QaT6S0ITseK9QRsrPt3EwnAHsGMasfH8TwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAMXZiNjD/vl5cYqwj0ouUiMNTkaMB8GA1UdIwQY
MBaAFKLT+byWVrrcJufeGrsPpyw9co3YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3RQNXZKWld1dHdtNTk0YXV3LW5MRDF5amRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82OGZkMGYtMmI4Ny00NzA0LWEzMmYt
ZDcxMWU4NGMyOWExLzEvb3RQNXZKWld1dHdtNTk0YXV3LW5MRDF5amRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82OGZkMGYtMmI4Ny00NzA0LWEzMmYtZDcxMWU4NGMyOWEx
LzEvb3RQNXZKWld1dHdtNTk0YXV3LW5MRDF5amRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPv89so9b
807rebiKY9gQyam6axhuX+vlEWyK9dfkpKWmmNBsKL7L8jy52hhTKmHYr9LxKqBR
xK7EJUZeqmkptSg9KkpFblPYSXiE1EO24xEcTloW/B5gCd/hoB6f8DPvopq2ZDnn
IFHUJ9IuSCOIadX+F1/NdyHyYs2H/FmLsGSksrP+x/hUB2MLXyil2nNcA0k+63f0
S/0NJG48zmc5KV1ADvYUUeJeQjdGz3RyTqEpgC9kcyVnsCPp5hKYgEEZwsCQzypg
m7tb1xbCHA5RPnz5J11K1FXGxuHcZj0n23VrLVrRVRUMrvA4YtihMlGh4YXpSDUB
PaBq1yFYrwtqVg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:57:46 2025 by rpki-client