Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.mft
File: D5x3odzbju1izTyoClFE3E4kP04.mft (raw, json)
Hash identifier: XIZzX4/HkZ/UNrtembONrYnHBH6a2xNzYdvPCR4GYOc=
Subject key identifier: B9:A5:C8:F1:36:83:F8:B3:82:27:72:22:3D:EE:40:27:86:11:A0:7C
Authority key identifier: 0F:9C:77:A1:DC:DB:8E:ED:62:CD:3C:A8:0A:51:44:DC:4E:24:3F:4E
Certificate issuer: /CN=0f9c77a1dcdb8eed62cd3ca80a5144dc4e243f4e
Certificate serial: 0198D4A8460BF3DB4818B9C10174E034B351
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D5x3odzbju1izTyoClFE3E4kP04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.mft
Manifest number: 1654
Signing time: Sat 23 Aug 2025 02:00:54 +0000
Manifest this update: Sat 23 Aug 2025 02:00:54 +0000
Manifest next update: Sun 24 Aug 2025 02:00:54 +0000
Files and hashes: 1: D5x3odzbju1izTyoClFE3E4kP04.crl (hash: DD9crbZQwkHtBEjaB/B090FkMO632ZXjwP5YSgooAWs=)
2: EU9ZI9FwGK9Je2LIHv8oyryDbQ0.roa (hash: lg1hblUtV5bfdjAsYpP/FKql2pfxKFHlS2JkI4euny0=)
3: UttiV2rZhXbpiEroK90NOoWzeyo.roa (hash: clJAUfrgzlJXm2cn+fD7HIKwQaoQPkMOMFf6DpqSgo0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.mft
rsync://rpki.ripe.net/repository/DEFAULT/D5x3odzbju1izTyoClFE3E4kP04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 02:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:a8:46:0b:f3:db:48:18:b9:c1:01:74:e0:34:b3:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f9c77a1dcdb8eed62cd3ca80a5144dc4e243f4e
Validity
Not Before: Aug 23 02:00:54 2025 GMT
Not After : Aug 24 02:00:54 2025 GMT
Subject: CN=b9a5c8f13683f8b3822772223dee40278611a07c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:57:27:07:ef:1b:35:7d:21:17:06:ed:86:17:
8c:b7:04:46:f0:81:c8:7c:9c:6e:b9:d7:f8:76:96:
c7:6d:e1:ce:ca:76:e2:10:71:06:54:eb:8c:57:c5:
51:ab:5c:6f:f9:98:bb:b9:87:a1:f6:a5:85:67:7e:
49:53:c5:eb:37:b6:cd:be:c8:7a:c8:f1:7c:0a:31:
82:8e:eb:cd:48:cc:76:67:24:8d:b9:d2:f4:d5:a0:
b0:f1:de:d1:67:1d:f1:cf:03:d4:cc:ac:02:0e:cf:
78:b0:cb:ec:f3:a0:b2:80:8c:7c:64:da:23:6f:2b:
9c:e8:e7:df:85:bc:06:dd:eb:e6:91:b6:b7:15:57:
4f:9a:65:46:41:6e:ed:b1:e4:8f:64:78:20:13:27:
f6:dc:3b:77:01:f4:ff:81:b2:6e:b4:6b:be:ea:d4:
64:e2:6a:bc:21:6e:b3:11:60:4c:0a:b7:a3:34:1f:
4b:59:53:2c:6a:58:ae:f7:b2:ba:f5:22:24:8e:df:
2b:1e:2c:e5:81:46:06:97:16:36:8d:86:22:f7:d2:
18:ac:02:65:05:f6:60:2d:f8:60:c1:b2:5e:4c:83:
a4:24:ce:cc:05:c2:d7:6c:af:e9:bc:0f:31:e0:34:
e5:1e:fc:fe:4c:1e:79:7c:54:2c:87:97:02:bb:4b:
18:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:A5:C8:F1:36:83:F8:B3:82:27:72:22:3D:EE:40:27:86:11:A0:7C
X509v3 Authority Key Identifier:
keyid:0F:9C:77:A1:DC:DB:8E:ED:62:CD:3C:A8:0A:51:44:DC:4E:24:3F:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D5x3odzbju1izTyoClFE3E4kP04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
46:f6:5a:7a:ea:f4:41:29:ed:c2:63:c7:1f:ec:d3:3b:69:c9:
94:3b:4d:cc:7d:04:b0:36:74:11:8a:a0:8a:58:b2:ec:fa:49:
6e:10:5b:ac:23:83:78:58:5f:a8:36:80:bf:a0:53:47:80:e7:
e8:12:1c:6d:30:93:7b:71:e2:f7:78:10:cf:26:7b:8e:9a:86:
cb:d7:5d:c2:4a:99:e6:2c:57:39:e5:76:c7:f9:32:99:ce:09:
2c:d5:d8:54:6d:53:a9:68:87:7b:f4:fe:78:6e:01:67:53:65:
c7:70:08:fb:6a:c7:e1:72:e4:cd:a0:73:cf:00:5a:a0:40:f6:
da:52:b6:d5:38:41:bd:26:b0:24:76:b4:f6:32:d7:7b:b7:a6:
92:07:c8:95:dd:fb:28:31:97:6a:e4:ef:25:59:db:3a:1e:33:
78:f3:78:e9:09:b0:08:0d:c5:ab:36:73:1f:8f:e8:ac:56:d6:
4a:1c:e2:d6:ff:22:08:0d:82:a7:8b:b5:1a:28:33:09:f7:90:
5c:66:9e:ff:9f:d8:38:8b:12:31:d5:88:01:ff:d9:d2:8f:bc:
c9:39:e8:8a:95:e4:1f:ca:42:90:7a:5e:06:80:78:c8:01:fa:
d0:4c:36:4c:93:47:46:09:99:17:5b:8c:72:22:bd:ab:1c:23:
33:46:fa:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUqEYL89tIGLnBAXTgNLNRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmOWM3N2ExZGNkYjhlZWQ2MmNkM2NhODBhNTE0NGRjNGUy
NDNmNGUwHhcNMjUwODIzMDIwMDU0WhcNMjUwODI0MDIwMDU0WjAzMTEwLwYDVQQD
EyhiOWE1YzhmMTM2ODNmOGIzODIyNzcyMjIzZGVlNDAyNzg2MTFhMDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjlcnB+8bNX0hFwbthheMtwRG8IHI
fJxuudf4dpbHbeHOynbiEHEGVOuMV8VRq1xv+Zi7uYeh9qWFZ35JU8XrN7bNvsh6
yPF8CjGCjuvNSMx2ZySNudL01aCw8d7RZx3xzwPUzKwCDs94sMvs86CygIx8ZNoj
byuc6OffhbwG3evmkba3FVdPmmVGQW7tseSPZHggEyf23Dt3AfT/gbJutGu+6tRk
4mq8IW6zEWBMCrejNB9LWVMsaliu97K69SIkjt8rHizlgUYGlxY2jYYi99IYrAJl
BfZgLfhgwbJeTIOkJM7MBcLXbK/pvA8x4DTlHvz+TB55fFQsh5cCu0sYSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLmlyPE2g/izgidyIj3uQCeGEaB8MB8GA1UdIwQY
MBaAFA+cd6Hc247tYs08qApRRNxOJD9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDV4M29kemJqdTFpelR5b0NsRkUzRTRrUDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85ZDBlMTQtMTEzYi00Y2JhLTgzMDgt
YWNjNTY5NzdiNmY0LzEvRDV4M29kemJqdTFpelR5b0NsRkUzRTRrUDA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85ZDBlMTQtMTEzYi00Y2JhLTgzMDgtYWNjNTY5NzdiNmY0
LzEvRDV4M29kemJqdTFpelR5b0NsRkUzRTRrUDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARvZaeur0
QSntwmPHH+zTO2nJlDtNzH0EsDZ0EYqgiliy7PpJbhBbrCODeFhfqDaAv6BTR4Dn
6BIcbTCTe3Hi93gQzyZ7jpqGy9ddwkqZ5ixXOeV2x/kymc4JLNXYVG1TqWiHe/T+
eG4BZ1Nlx3AI+2rH4XLkzaBzzwBaoED22lK21ThBvSawJHa09jLXe7emkgfIld37
KDGXauTvJVnbOh4zePN46QmwCA3FqzZzH4/orFbWShzi1v8iCA2Cp4u1GigzCfeQ
XGae/5/YOIsSMdWIAf/Z0o+8yTnoipXkH8pCkHpeBoB4yAH60Ew2TJNHRgmZF1uM
ciK9qxwjM0b6+Q==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:40:22 2025 by rpki-client