Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/0219c1-a551-4b91-9ca3-032b3b614dd8/1/D3jqRswh1F7WEmjUqfVnMsheIVA.mft
File: D3jqRswh1F7WEmjUqfVnMsheIVA.mft (raw, json)
Hash identifier: btnylf5AzAG8LJ/SM+EXGqHdiSqxEuisvWSEvA2YFEk=
Subject key identifier: 4A:66:4B:D2:19:70:FF:7E:D9:DF:E3:9F:76:39:50:93:ED:B8:3E:90
Authority key identifier: 0F:78:EA:46:CC:21:D4:5E:D6:12:68:D4:A9:F5:67:32:C8:5E:21:50
Certificate issuer: /CN=0f78ea46cc21d45ed61268d4a9f56732c85e2150
Certificate serial: 0198D6986C05B697E5BA7B150B0A002F34BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D3jqRswh1F7WEmjUqfVnMsheIVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/0219c1-a551-4b91-9ca3-032b3b614dd8/1/D3jqRswh1F7WEmjUqfVnMsheIVA.mft
Manifest number: 1649
Signing time: Sat 23 Aug 2025 11:02:50 +0000
Manifest this update: Sat 23 Aug 2025 11:02:50 +0000
Manifest next update: Sun 24 Aug 2025 11:02:50 +0000
Files and hashes: 1: 8SQTxy_p8cY9en9UR93vjFnnH74.roa (hash: LPCNfHY24fbVR2x4GxfhYD0c8Fxi97g9FBcWFfU2h/o=)
2: D3jqRswh1F7WEmjUqfVnMsheIVA.crl (hash: 1Wevdw9TZ+AZVfoqMYylFnftAW3M0JEtxcSLZaVjuOc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/0219c1-a551-4b91-9ca3-032b3b614dd8/1/D3jqRswh1F7WEmjUqfVnMsheIVA.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/0219c1-a551-4b91-9ca3-032b3b614dd8/1/D3jqRswh1F7WEmjUqfVnMsheIVA.mft
rsync://rpki.ripe.net/repository/DEFAULT/D3jqRswh1F7WEmjUqfVnMsheIVA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 11:02:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:98:6c:05:b6:97:e5:ba:7b:15:0b:0a:00:2f:34:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f78ea46cc21d45ed61268d4a9f56732c85e2150
Validity
Not Before: Aug 23 11:02:50 2025 GMT
Not After : Aug 24 11:02:50 2025 GMT
Subject: CN=4a664bd21970ff7ed9dfe39f76395093edb83e90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:4b:67:c7:9d:bd:de:b3:0a:eb:b6:71:2c:13:
9b:43:47:a7:b3:5d:3f:10:2b:67:a3:35:ca:fc:3c:
d9:c8:93:44:33:ca:aa:7a:81:49:9c:1d:da:40:fe:
4b:57:01:49:2d:04:95:7e:ac:f1:fe:0f:d5:5b:a0:
10:94:3b:b4:79:e0:cd:b8:e1:9b:18:e7:8b:47:01:
03:b2:9f:e0:5a:1e:23:b9:bf:9b:dd:00:46:97:1b:
6e:b6:f5:f1:c8:37:5f:36:fc:a6:6b:4c:ae:a3:82:
3b:14:a2:93:f5:c7:5b:cf:c0:57:da:22:ff:cb:f5:
db:fa:23:ea:d3:9e:2f:55:08:4e:af:df:67:50:eb:
1a:69:6e:d7:76:4d:d0:12:96:17:3e:d3:6f:c7:10:
3b:f1:d7:13:01:79:32:31:91:88:f9:c8:e7:dc:ac:
6f:d7:0d:2a:a8:5f:18:33:e2:21:93:3e:0b:03:b6:
25:ff:fb:4c:4d:89:01:e4:64:67:34:3f:16:b1:d2:
9c:2f:03:f8:23:fb:f3:99:b4:b3:1e:80:f9:73:f5:
b5:d5:fe:52:9a:3e:a3:a8:b1:69:29:19:47:e2:64:
ae:a5:0d:7f:a5:06:ab:13:a2:68:1e:67:9b:6e:1f:
73:01:26:ea:4b:d0:db:4e:50:bc:6d:22:88:02:da:
77:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:66:4B:D2:19:70:FF:7E:D9:DF:E3:9F:76:39:50:93:ED:B8:3E:90
X509v3 Authority Key Identifier:
keyid:0F:78:EA:46:CC:21:D4:5E:D6:12:68:D4:A9:F5:67:32:C8:5E:21:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D3jqRswh1F7WEmjUqfVnMsheIVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0219c1-a551-4b91-9ca3-032b3b614dd8/1/D3jqRswh1F7WEmjUqfVnMsheIVA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0219c1-a551-4b91-9ca3-032b3b614dd8/1/D3jqRswh1F7WEmjUqfVnMsheIVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
49:5e:e6:15:f2:33:a5:1a:7b:97:95:4d:8b:a6:54:80:8f:3e:
33:f1:c4:54:08:3f:ea:5e:9a:03:b0:cb:5c:bf:98:80:c1:83:
da:9b:97:31:51:49:b7:98:11:85:8c:21:53:18:9c:08:fb:9e:
8e:a0:62:79:32:c8:d9:b3:e9:22:c5:a8:2c:02:e1:72:90:90:
95:ab:aa:a7:9c:2e:8d:e6:02:72:71:4e:4c:61:0d:8e:50:71:
2f:91:6c:8f:1b:f7:54:b9:d4:ac:06:8e:4c:e3:e1:60:1f:f3:
1a:e5:d3:06:d7:03:0b:da:2c:0f:c8:6d:62:48:25:96:b6:bd:
2e:f9:63:73:77:e8:4d:18:fb:45:d2:ba:8b:06:86:46:00:1f:
d8:4b:c5:64:ed:47:6d:a9:ac:b6:8c:4e:34:b0:a8:37:90:1c:
48:d0:04:c9:ae:2b:ee:17:78:b8:ca:d9:ec:a5:73:6f:1c:89:
88:76:89:2f:76:c8:15:7c:6c:0f:c9:4e:f8:a3:7b:10:3c:99:
aa:9b:65:cf:e7:88:f7:78:8a:09:b7:13:0d:c9:87:01:7c:d2:
cc:7b:0a:65:10:c2:38:c7:ba:18:d9:0a:a2:37:b4:6b:4e:a0:
44:39:08:b7:0f:74:37:ca:a6:6a:84:81:38:b8:e3:b5:eb:e2:
7b:73:9d:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWmGwFtpflunsVCwoALzS6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNzhlYTQ2Y2MyMWQ0NWVkNjEyNjhkNGE5ZjU2NzMyYzg1
ZTIxNTAwHhcNMjUwODIzMTEwMjUwWhcNMjUwODI0MTEwMjUwWjAzMTEwLwYDVQQD
Eyg0YTY2NGJkMjE5NzBmZjdlZDlkZmUzOWY3NjM5NTA5M2VkYjgzZTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEtnx5293rMK67ZxLBObQ0ens10/
ECtnozXK/DzZyJNEM8qqeoFJnB3aQP5LVwFJLQSVfqzx/g/VW6AQlDu0eeDNuOGb
GOeLRwEDsp/gWh4jub+b3QBGlxtutvXxyDdfNvyma0yuo4I7FKKT9cdbz8BX2iL/
y/Xb+iPq054vVQhOr99nUOsaaW7Xdk3QEpYXPtNvxxA78dcTAXkyMZGI+cjn3Kxv
1w0qqF8YM+Ihkz4LA7Yl//tMTYkB5GRnND8WsdKcLwP4I/vzmbSzHoD5c/W11f5S
mj6jqLFpKRlH4mSupQ1/pQarE6JoHmebbh9zASbqS9DbTlC8bSKIAtp3pwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEpmS9IZcP9+2d/jn3Y5UJPtuD6QMB8GA1UdIwQY
MBaAFA946kbMIdRe1hJo1Kn1ZzLIXiFQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDNqcVJzd2gxRjdXRW1qVXFmVm5Nc2hlSVZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8wMjE5YzEtYTU1MS00YjkxLTljYTMt
MDMyYjNiNjE0ZGQ4LzEvRDNqcVJzd2gxRjdXRW1qVXFmVm5Nc2hlSVZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8wMjE5YzEtYTU1MS00YjkxLTljYTMtMDMyYjNiNjE0ZGQ4
LzEvRDNqcVJzd2gxRjdXRW1qVXFmVm5Nc2hlSVZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASV7mFfIz
pRp7l5VNi6ZUgI8+M/HEVAg/6l6aA7DLXL+YgMGD2puXMVFJt5gRhYwhUxicCPue
jqBieTLI2bPpIsWoLALhcpCQlauqp5wujeYCcnFOTGENjlBxL5Fsjxv3VLnUrAaO
TOPhYB/zGuXTBtcDC9osD8htYkgllra9Lvljc3foTRj7RdK6iwaGRgAf2EvFZO1H
bamstoxONLCoN5AcSNAEya4r7hd4uMrZ7KVzbxyJiHaJL3bIFXxsD8lO+KN7EDyZ
qptlz+eI93iKCbcTDcmHAXzSzHsKZRDCOMe6GNkKoje0a06gRDkItw90N8qmaoSB
OLjjtevie3Odvw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 21:23:36 2025 by rpki-client