Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft
File: nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft (raw, json)
Hash identifier: S0GL6p6Dhgg0CjvEQTNWyizhcvOpFgizV/S0AqmQwpo=
Subject key identifier: A6:20:4F:80:33:9E:44:85:3F:20:EA:A9:53:4C:BD:CE:F6:E8:B2:F8
Authority key identifier: 9D:23:9C:08:EA:D9:4B:B0:4F:C3:E6:B4:A6:5E:6E:1C:7D:CF:38:F4
Certificate issuer: /CN=9d239c08ead94bb04fc3e6b4a65e6e1c7dcf38f4
Certificate serial: 0198D6CD7E0BF054198DE6EA521C49CBF4A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft
Manifest number: 164C
Signing time: Sat 23 Aug 2025 12:00:47 +0000
Manifest this update: Sat 23 Aug 2025 12:00:47 +0000
Manifest next update: Sun 24 Aug 2025 12:00:47 +0000
Files and hashes: 1: CPqSq0ytAxDio98lkjeb_dYwRZ4.roa (hash: DBQ2P8ThG/7CNm8RF8WiO7psAqOGJ9hYf3OIiBNBEtw=)
2: nSOcCOrZS7BPw-a0pl5uHH3POPQ.crl (hash: hf9vnDTlP1GlAmU+7UU7LFxPYe8kG5iSmzNb89Aft4Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:cd:7e:0b:f0:54:19:8d:e6:ea:52:1c:49:cb:f4:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d239c08ead94bb04fc3e6b4a65e6e1c7dcf38f4
Validity
Not Before: Aug 23 12:00:47 2025 GMT
Not After : Aug 24 12:00:47 2025 GMT
Subject: CN=a6204f80339e44853f20eaa9534cbdcef6e8b2f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:47:59:6c:21:94:6d:76:8e:be:a7:8a:ef:50:
cf:50:f6:0d:f3:46:3b:e7:1b:72:c1:e2:6f:01:81:
4f:70:4d:64:d3:7e:ec:c6:62:dc:dd:6f:3e:98:71:
b4:26:09:7a:91:cf:4f:40:e1:0e:5f:6e:43:c7:15:
c1:1d:3f:34:3a:2a:99:e9:b8:ec:fd:ad:2d:e0:97:
a2:33:3a:fd:13:61:c8:56:b3:5d:39:4f:9b:cb:2b:
d0:d0:47:fe:d7:e7:c1:2e:1f:61:9a:11:55:d4:b4:
87:84:ed:6b:6a:be:dc:e0:9b:af:da:f9:6d:cf:fc:
14:be:ff:98:e1:a0:63:6a:49:25:1a:ee:5a:1c:1a:
a5:d8:f7:e2:ad:fb:0d:2b:d1:a9:e0:e4:71:84:35:
26:3a:f6:67:b5:67:9c:e8:a7:35:f5:64:67:12:c3:
b2:e1:06:52:71:63:ae:3f:88:44:d9:87:d4:c4:53:
35:ed:06:f3:41:ca:58:95:04:54:d9:21:27:0a:1c:
da:91:78:d7:b6:73:07:ba:b6:24:81:7a:95:3c:62:
e3:e3:b1:cc:e8:bf:91:77:0e:62:da:c2:b7:cc:b4:
5f:1e:e2:da:40:50:c8:c5:43:53:37:8c:a9:6f:18:
45:f2:99:50:a3:48:b0:42:ec:cb:c4:ca:08:f1:8a:
5f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:20:4F:80:33:9E:44:85:3F:20:EA:A9:53:4C:BD:CE:F6:E8:B2:F8
X509v3 Authority Key Identifier:
keyid:9D:23:9C:08:EA:D9:4B:B0:4F:C3:E6:B4:A6:5E:6E:1C:7D:CF:38:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:85:bc:4f:55:5f:02:41:d0:50:03:4f:8c:d8:19:5d:1f:9f:
cc:89:ec:dd:ae:e7:06:3e:c4:a8:8d:8d:25:c4:9a:f8:65:16:
56:32:3c:17:db:1a:67:27:42:7a:ae:33:47:90:03:7f:30:79:
23:d1:ad:5e:e0:ed:cb:fd:7c:a7:17:0b:96:fa:73:8c:19:6b:
db:03:d4:8c:0d:e2:3a:e1:54:8c:7a:f4:23:0d:77:eb:85:38:
89:bc:ce:be:52:70:9d:02:b7:49:f0:21:6b:48:0a:19:ea:68:
98:1b:c0:66:fc:ee:87:ad:50:8e:d8:e3:5b:5d:99:35:ad:14:
df:9d:07:e7:89:1e:62:bd:65:91:9b:48:11:88:54:ae:d6:13:
d7:5e:d9:e0:85:88:72:88:e2:36:32:4c:52:6a:d0:37:66:a5:
e7:3c:bd:d7:d8:a2:f2:80:7f:ef:db:15:1e:f1:55:a5:f3:93:
2f:09:78:54:1c:c2:d7:99:61:d7:79:e5:73:ec:ff:0b:5c:81:
e0:3c:62:55:9f:78:7e:f3:12:9c:50:10:98:5b:97:93:5d:0e:
d3:dd:c2:f5:90:aa:fa:42:08:05:47:f7:55:e9:b5:44:20:8a:
15:87:9d:5d:9e:86:08:22:f0:fd:c9:70:95:53:11:c6:51:7a:
af:cd:7b:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzX4L8FQZjebqUhxJy/ShMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjM5YzA4ZWFkOTRiYjA0ZmMzZTZiNGE2NWU2ZTFjN2Rj
ZjM4ZjQwHhcNMjUwODIzMTIwMDQ3WhcNMjUwODI0MTIwMDQ3WjAzMTEwLwYDVQQD
EyhhNjIwNGY4MDMzOWU0NDg1M2YyMGVhYTk1MzRjYmRjZWY2ZThiMmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUdZbCGUbXaOvqeK71DPUPYN80Y7
5xtyweJvAYFPcE1k037sxmLc3W8+mHG0Jgl6kc9PQOEOX25DxxXBHT80OiqZ6bjs
/a0t4JeiMzr9E2HIVrNdOU+byyvQ0Ef+1+fBLh9hmhFV1LSHhO1rar7c4Juv2vlt
z/wUvv+Y4aBjakklGu5aHBql2PfirfsNK9Gp4ORxhDUmOvZntWec6Kc19WRnEsOy
4QZScWOuP4hE2YfUxFM17QbzQcpYlQRU2SEnChzakXjXtnMHurYkgXqVPGLj47HM
6L+Rdw5i2sK3zLRfHuLaQFDIxUNTN4ypbxhF8plQo0iwQuzLxMoI8YpfIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKYgT4AznkSFPyDqqVNMvc726LL4MB8GA1UdIwQY
MBaAFJ0jnAjq2UuwT8PmtKZebhx9zzj0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNPY0NPclpTN0JQdy1hMHBsNXVISDNQT1BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8wNjA4NTktNzcwNy00MTJhLTk4MTAt
ZGJiMjkzMWEwZjY0LzEvblNPY0NPclpTN0JQdy1hMHBsNXVISDNQT1BRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8wNjA4NTktNzcwNy00MTJhLTk4MTAtZGJiMjkzMWEwZjY0
LzEvblNPY0NPclpTN0JQdy1hMHBsNXVISDNQT1BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW4W8T1Vf
AkHQUANPjNgZXR+fzIns3a7nBj7EqI2NJcSa+GUWVjI8F9saZydCeq4zR5ADfzB5
I9GtXuDty/18pxcLlvpzjBlr2wPUjA3iOuFUjHr0Iw1364U4ibzOvlJwnQK3SfAh
a0gKGepomBvAZvzuh61QjtjjW12ZNa0U350H54keYr1lkZtIEYhUrtYT117Z4IWI
cojiNjJMUmrQN2al5zy919ii8oB/79sVHvFVpfOTLwl4VBzC15lh13nlc+z/C1yB
4DxiVZ94fvMSnFAQmFuXk10O093C9ZCq+kIIBUf3Vem1RCCKFYedXZ6GCCLw/clw
lVMRxlF6r817aQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:27:22 2025 by rpki-client