Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft
File: hD524S0l3izPRxnfAlToU5UO7rk.mft (raw, json)
Hash identifier: 5nG/ukE/pnRfk4ExPGbcXafYFGLkBQ6KSiWDHwT3N/E=
Subject key identifier: 85:71:DD:3C:F3:77:C5:6D:93:2D:B7:6E:3D:D9:E3:15:E7:4F:0D:D0
Authority key identifier: 84:3E:76:E1:2D:25:DE:2C:CF:47:19:DF:02:54:E8:53:95:0E:EE:B9
Certificate issuer: /CN=843e76e12d25de2ccf4719df0254e853950eeeb9
Certificate serial: 0198D473EB955DBF97D9E6E5EE8D48A9255F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hD524S0l3izPRxnfAlToU5UO7rk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft
Manifest number: 0C9E
Signing time: Sat 23 Aug 2025 01:03:43 +0000
Manifest this update: Sat 23 Aug 2025 01:03:43 +0000
Manifest next update: Sun 24 Aug 2025 01:03:43 +0000
Files and hashes: 1: hD524S0l3izPRxnfAlToU5UO7rk.crl (hash: mjvcED+g5OK9G4tEsxj86vn76iyDW/DOSfQ9H8f/Hw8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft
rsync://rpki.ripe.net/repository/DEFAULT/hD524S0l3izPRxnfAlToU5UO7rk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 01:03:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:73:eb:95:5d:bf:97:d9:e6:e5:ee:8d:48:a9:25:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=843e76e12d25de2ccf4719df0254e853950eeeb9
Validity
Not Before: Aug 23 01:03:43 2025 GMT
Not After : Aug 24 01:03:43 2025 GMT
Subject: CN=8571dd3cf377c56d932db76e3dd9e315e74f0dd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:4d:4f:0c:fe:40:7d:18:7b:68:39:ac:9d:99:
a3:40:46:92:29:d0:78:f5:31:4a:af:2c:89:f4:01:
c8:d0:0a:57:da:13:dc:63:81:76:cc:06:bd:c5:ad:
d9:99:bd:a1:18:c7:c0:2c:d4:c9:00:fe:ec:0a:d7:
14:ec:bd:13:a1:ba:0a:05:2e:33:dd:80:54:91:fd:
c8:75:a1:8f:51:1a:83:3d:e8:3e:b4:9a:be:ac:2c:
6a:73:81:a5:73:9d:d6:f1:21:b9:64:28:67:7f:06:
f3:39:86:32:fe:c3:79:44:ff:a8:0d:ca:a3:dc:b4:
70:69:33:10:79:11:58:2e:2a:35:3c:b9:be:93:8c:
fe:ff:7a:1f:6e:cf:b2:0a:f6:fa:7f:5f:59:f1:7b:
73:8d:49:05:11:c6:b6:80:33:76:57:e5:4f:00:6a:
31:ef:9b:34:33:b7:8d:65:31:7e:21:cf:14:1e:e1:
34:b1:76:88:34:1a:50:50:89:a8:e7:d1:5d:0f:14:
db:e5:02:73:06:67:88:48:69:4c:b7:dd:03:73:17:
47:ab:e0:13:e8:16:46:92:9b:6a:6f:34:4b:29:66:
29:2f:36:da:4d:e4:8a:a4:d4:57:7d:04:d2:65:e9:
ae:82:3f:21:39:0f:13:1b:78:06:2d:26:44:06:66:
1d:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:71:DD:3C:F3:77:C5:6D:93:2D:B7:6E:3D:D9:E3:15:E7:4F:0D:D0
X509v3 Authority Key Identifier:
keyid:84:3E:76:E1:2D:25:DE:2C:CF:47:19:DF:02:54:E8:53:95:0E:EE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hD524S0l3izPRxnfAlToU5UO7rk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:d4:c6:08:68:97:cd:df:0d:d9:34:a4:ff:65:6d:1f:e8:64:
bb:37:9a:e5:27:bc:0d:c7:79:83:9e:47:4a:04:b1:da:bc:b8:
f2:d6:15:89:21:1d:0c:95:87:07:dd:67:0a:1a:75:fc:7e:01:
48:67:0e:d5:7d:e2:38:cb:ca:04:bd:54:71:38:38:8c:2f:c0:
f4:e6:3d:c2:c3:e5:70:f0:e0:db:2d:06:c2:b7:f3:16:ad:6b:
10:aa:5c:16:5d:0e:ae:1a:da:9f:d6:bf:6a:6e:f6:0d:af:63:
aa:f4:23:93:a0:03:4e:94:79:67:bf:4d:1a:8a:9c:22:5c:db:
93:28:f1:2b:83:d4:60:92:50:43:0d:00:08:b2:4f:c4:89:be:
4b:c8:4d:fa:24:67:fd:3f:96:18:ab:05:4f:62:1f:fb:cb:f3:
f1:04:02:ea:8b:0a:10:29:e6:bc:e4:66:1f:01:aa:3f:e1:48:
e3:fb:c8:84:2a:65:1a:69:59:72:ec:3b:21:6d:12:17:e5:7a:
ea:80:4b:a0:c0:80:0e:08:e1:73:b2:80:84:af:9c:c9:d6:9f:
bd:5e:28:70:9b:e6:ab:55:6a:ed:ed:a3:02:ed:0e:2e:fe:06:
43:97:ec:a9:ba:ea:69:f1:3d:fc:ce:14:2e:c7:94:96:10:0d:
fd:30:6f:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUc+uVXb+X2ebl7o1IqSVfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0M2U3NmUxMmQyNWRlMmNjZjQ3MTlkZjAyNTRlODUzOTUw
ZWVlYjkwHhcNMjUwODIzMDEwMzQzWhcNMjUwODI0MDEwMzQzWjAzMTEwLwYDVQQD
Eyg4NTcxZGQzY2YzNzdjNTZkOTMyZGI3NmUzZGQ5ZTMxNWU3NGYwZGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo01PDP5AfRh7aDmsnZmjQEaSKdB4
9TFKryyJ9AHI0ApX2hPcY4F2zAa9xa3Zmb2hGMfALNTJAP7sCtcU7L0ToboKBS4z
3YBUkf3IdaGPURqDPeg+tJq+rCxqc4Glc53W8SG5ZChnfwbzOYYy/sN5RP+oDcqj
3LRwaTMQeRFYLio1PLm+k4z+/3ofbs+yCvb6f19Z8XtzjUkFEca2gDN2V+VPAGox
75s0M7eNZTF+Ic8UHuE0sXaINBpQUImo59FdDxTb5QJzBmeISGlMt90DcxdHq+AT
6BZGkptqbzRLKWYpLzbaTeSKpNRXfQTSZemugj8hOQ8TG3gGLSZEBmYdiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIVx3Tzzd8Vtky23bj3Z4xXnTw3QMB8GA1UdIwQY
MBaAFIQ+duEtJd4sz0cZ3wJU6FOVDu65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEQ1MjRTMGwzaXpQUnhuZkFsVG9VNVVPN3JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS85MzI1NmItYzkxMy00OTVhLWE3Zjkt
NjdmYzhkMjA2NWIxLzEvaEQ1MjRTMGwzaXpQUnhuZkFsVG9VNVVPN3JrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS85MzI1NmItYzkxMy00OTVhLWE3ZjktNjdmYzhkMjA2NWIx
LzEvaEQ1MjRTMGwzaXpQUnhuZkFsVG9VNVVPN3JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGtTGCGiX
zd8N2TSk/2VtH+hkuzea5Se8Dcd5g55HSgSx2ry48tYViSEdDJWHB91nChp1/H4B
SGcO1X3iOMvKBL1UcTg4jC/A9OY9wsPlcPDg2y0GwrfzFq1rEKpcFl0Orhran9a/
am72Da9jqvQjk6ADTpR5Z79NGoqcIlzbkyjxK4PUYJJQQw0ACLJPxIm+S8hN+iRn
/T+WGKsFT2If+8vz8QQC6osKECnmvORmHwGqP+FI4/vIhCplGmlZcuw7IW0SF+V6
6oBLoMCADgjhc7KAhK+cydafvV4ocJvmq1Vq7e2jAu0OLv4GQ5fsqbrqafE9/M4U
LseUlhAN/TBvIw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:48:14 2025 by rpki-client