Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
File: nSh1M866BkWhSM8QyMJ-qachoJ0.mft (raw, json)
Hash identifier: VEZv2zIpxhZX/zZM8BQhrPxcwNLjOeLSxEx+KXNY7UA=
Subject key identifier: 22:78:BA:E7:B3:66:A3:E1:CC:66:8A:37:DC:CB:97:06:3A:84:C2:0A
Authority key identifier: 9D:28:75:33:CE:BA:06:45:A1:48:CF:10:C8:C2:7E:A9:A7:21:A0:9D
Certificate issuer: /CN=9d287533ceba0645a148cf10c8c27ea9a721a09d
Certificate serial: 0198D4E0B9321C67C7B5AD7FCDC8A40606A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSh1M866BkWhSM8QyMJ-qachoJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
Manifest number: 1648
Signing time: Sat 23 Aug 2025 03:02:33 +0000
Manifest this update: Sat 23 Aug 2025 03:02:33 +0000
Manifest next update: Sun 24 Aug 2025 03:02:33 +0000
Files and hashes: 1: MEQtA-51-LVqFHEVZDRMjfjnudY.roa (hash: mP68hXGlyjMnNhpMDZaBlI/pFMVdjYCWoJ7Gpxv9o84=)
2: Re1CMq4a8GRTlVAhciRLdjmNzME.roa (hash: e1LlxuTfucQ1ynw/jUhK7unO/vlcuYPu64TBZ3UmBVk=)
3: nSh1M866BkWhSM8QyMJ-qachoJ0.crl (hash: auLtga0NSbWPeLmu8gsR6Jvpa5OaNJs1nqn8IwHJqes=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSh1M866BkWhSM8QyMJ-qachoJ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 03:02:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:e0:b9:32:1c:67:c7:b5:ad:7f:cd:c8:a4:06:06:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d287533ceba0645a148cf10c8c27ea9a721a09d
Validity
Not Before: Aug 23 03:02:33 2025 GMT
Not After : Aug 24 03:02:33 2025 GMT
Subject: CN=2278bae7b366a3e1cc668a37dccb97063a84c20a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:1a:50:70:60:1b:4d:6b:cd:ae:dc:d9:ab:d3:
c3:82:68:8b:02:17:72:be:24:92:a0:70:27:6e:23:
7b:f8:93:1c:ac:73:78:25:69:5d:fd:0f:45:79:54:
11:11:5a:ce:a3:62:e7:4c:ae:6b:f5:ff:57:b9:eb:
e1:d0:07:f8:54:ee:cf:08:e1:9c:31:2c:17:7b:ef:
39:30:6f:da:d5:52:b8:c8:92:da:7e:40:4d:a7:89:
0b:ed:93:55:32:47:45:f9:5c:ce:65:07:12:81:b9:
d8:e8:75:01:e0:ac:bd:07:f9:3e:77:bb:33:9a:26:
7b:33:98:f6:78:5d:22:14:5c:35:b9:3a:b8:d3:ce:
87:6d:4e:f7:ae:d7:08:55:e9:a2:16:6d:92:7e:bc:
a1:f6:92:37:de:33:b0:cb:31:31:e0:1e:96:d2:24:
1b:c2:1d:d5:65:4a:45:70:4e:b7:47:08:38:6e:ef:
9a:17:94:98:75:4f:2f:5d:b8:fa:c1:03:84:eb:52:
eb:13:cb:68:2f:96:33:32:03:ea:b0:ec:0b:3c:d2:
95:fe:b8:ed:ba:25:b0:90:e8:23:db:48:b0:ed:8a:
b1:d6:69:37:49:88:4c:b7:98:b2:d6:d5:ff:df:d4:
71:ec:e2:f4:a6:4c:34:36:66:b3:f9:c6:d6:e5:26:
35:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:78:BA:E7:B3:66:A3:E1:CC:66:8A:37:DC:CB:97:06:3A:84:C2:0A
X509v3 Authority Key Identifier:
keyid:9D:28:75:33:CE:BA:06:45:A1:48:CF:10:C8:C2:7E:A9:A7:21:A0:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSh1M866BkWhSM8QyMJ-qachoJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7f:74:6f:57:eb:88:19:b5:9e:46:2c:82:35:34:03:52:c3:fe:
30:59:f0:8d:df:19:33:e0:c0:c8:84:7e:5e:41:b4:2b:51:bd:
f4:13:70:47:38:0f:01:53:cd:0e:d9:9d:57:ee:99:fd:e0:47:
0a:57:71:b9:a7:70:44:ed:f6:d6:bc:8e:25:8d:a9:83:ba:4a:
c6:56:e1:0a:24:e6:e3:74:e6:24:80:06:95:bc:22:20:16:a0:
2a:75:f4:d9:80:a6:05:4f:25:9e:5e:c1:e7:69:57:cd:13:45:
e2:6f:3a:bb:4c:f6:13:06:18:4a:21:c6:29:f9:f0:f9:6f:24:
2b:0e:a3:5b:00:57:94:df:19:61:44:93:83:ab:fe:33:2f:e6:
d8:5d:ab:2f:cc:45:56:2f:66:28:fa:76:60:4f:fa:2b:0a:1a:
e0:dd:15:81:c8:b4:d1:da:dc:24:48:25:2e:37:d2:93:3d:76:
f6:11:82:d0:d1:ce:d0:c6:cf:f3:20:8d:40:be:57:d0:b6:76:
69:f2:be:5f:2e:a1:25:ac:32:b0:01:b5:d8:f0:42:9b:f0:36:
b6:45:37:7e:6b:9a:f0:56:82:3d:e4:fe:4f:2f:76:33:df:d3:
a5:65:00:6c:7a:1e:4d:98:69:3d:47:66:f7:fb:79:61:a0:27:
ac:8e:41:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4LkyHGfHta1/zcikBgahMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjg3NTMzY2ViYTA2NDVhMTQ4Y2YxMGM4YzI3ZWE5YTcy
MWEwOWQwHhcNMjUwODIzMDMwMjMzWhcNMjUwODI0MDMwMjMzWjAzMTEwLwYDVQQD
EygyMjc4YmFlN2IzNjZhM2UxY2M2NjhhMzdkY2NiOTcwNjNhODRjMjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1hpQcGAbTWvNrtzZq9PDgmiLAhdy
viSSoHAnbiN7+JMcrHN4JWld/Q9FeVQREVrOo2LnTK5r9f9Xuevh0Af4VO7PCOGc
MSwXe+85MG/a1VK4yJLafkBNp4kL7ZNVMkdF+VzOZQcSgbnY6HUB4Ky9B/k+d7sz
miZ7M5j2eF0iFFw1uTq4086HbU73rtcIVemiFm2Sfryh9pI33jOwyzEx4B6W0iQb
wh3VZUpFcE63Rwg4bu+aF5SYdU8vXbj6wQOE61LrE8toL5YzMgPqsOwLPNKV/rjt
uiWwkOgj20iw7Yqx1mk3SYhMt5iy1tX/39Rx7OL0pkw0Nmaz+cbW5SY19wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCJ4uuezZqPhzGaKN9zLlwY6hMIKMB8GA1UdIwQY
MBaAFJ0odTPOugZFoUjPEMjCfqmnIaCdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNoMU04NjZCa1doU004UXlNSi1xYWNob0owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC84YTY2OTItZjY0Ni00OWYwLTg4MjEt
MDIxMmIzZWFlOTdjLzEvblNoMU04NjZCa1doU004UXlNSi1xYWNob0owLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC84YTY2OTItZjY0Ni00OWYwLTg4MjEtMDIxMmIzZWFlOTdj
LzEvblNoMU04NjZCa1doU004UXlNSi1xYWNob0owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf3RvV+uI
GbWeRiyCNTQDUsP+MFnwjd8ZM+DAyIR+XkG0K1G99BNwRzgPAVPNDtmdV+6Z/eBH
CldxuadwRO321ryOJY2pg7pKxlbhCiTm43TmJIAGlbwiIBagKnX02YCmBU8lnl7B
52lXzRNF4m86u0z2EwYYSiHGKfnw+W8kKw6jWwBXlN8ZYUSTg6v+My/m2F2rL8xF
Vi9mKPp2YE/6Kwoa4N0Vgci00drcJEglLjfSkz129hGC0NHO0MbP8yCNQL5X0LZ2
afK+Xy6hJawysAG12PBCm/A2tkU3fmua8FaCPeT+Ty92M9/TpWUAbHoeTZhpPUdm
9/t5YaAnrI5Bsg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:13:33 2025 by rpki-client