Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/8c3fb8-40df-4d5d-9363-504727a50b8e/1/cdm6oCIZQu3-SzqaVwgpXARBboA.mft
File: cdm6oCIZQu3-SzqaVwgpXARBboA.mft (raw, json)
Hash identifier: QMAwWVHYYeL8nbGIw369nJz4aMsmGlbHIZi8ZqmquOc=
Subject key identifier: 31:5F:E7:32:5D:0B:6E:7F:38:67:93:83:4D:46:71:7B:0D:FA:D3:2C
Authority key identifier: 71:D9:BA:A0:22:19:42:ED:FE:4B:3A:9A:57:08:29:5C:04:41:6E:80
Certificate issuer: /CN=71d9baa0221942edfe4b3a9a5708295c04416e80
Certificate serial: 0198D474281B8571C284C2EA0437D1AF2D25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdm6oCIZQu3-SzqaVwgpXARBboA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/8c3fb8-40df-4d5d-9363-504727a50b8e/1/cdm6oCIZQu3-SzqaVwgpXARBboA.mft
Manifest number: 1649
Signing time: Sat 23 Aug 2025 01:03:58 +0000
Manifest this update: Sat 23 Aug 2025 01:03:58 +0000
Manifest next update: Sun 24 Aug 2025 01:03:58 +0000
Files and hashes: 1: Uqk6ZpOTGE36LT5fcwe3jUUK8bs.roa (hash: 3ocr9qZ6ri2OW2BEWPNTcZs9jR00BhDPO+YzVSk3MLY=)
2: cdm6oCIZQu3-SzqaVwgpXARBboA.crl (hash: M5ryPX3B9TsSycrFr0TSJruj1rJXRtqcKOKpCiLm/cA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/8c3fb8-40df-4d5d-9363-504727a50b8e/1/cdm6oCIZQu3-SzqaVwgpXARBboA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/8c3fb8-40df-4d5d-9363-504727a50b8e/1/cdm6oCIZQu3-SzqaVwgpXARBboA.mft
rsync://rpki.ripe.net/repository/DEFAULT/cdm6oCIZQu3-SzqaVwgpXARBboA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 01:03:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:74:28:1b:85:71:c2:84:c2:ea:04:37:d1:af:2d:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d9baa0221942edfe4b3a9a5708295c04416e80
Validity
Not Before: Aug 23 01:03:58 2025 GMT
Not After : Aug 24 01:03:58 2025 GMT
Subject: CN=315fe7325d0b6e7f386793834d46717b0dfad32c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:42:2d:04:3f:76:75:d8:77:c2:fd:ec:b8:ce:
b8:7e:d8:55:ec:b3:8f:ce:3b:e8:0c:4b:d1:3d:5a:
15:e6:6d:4b:58:60:52:e0:e2:07:b8:68:dd:34:4c:
14:6d:e6:b8:d9:a9:72:f6:3e:e3:c8:a4:d5:ca:e2:
3f:a8:5b:4b:0f:a7:b4:0a:01:85:d7:14:0c:a4:0b:
7d:41:5d:17:e5:d0:a4:6f:b4:5f:b8:c1:c4:72:7d:
fc:3d:5c:0b:71:7a:32:fb:a0:59:6a:b1:ff:be:2d:
92:5c:d9:32:61:1a:d2:0c:38:a3:17:5d:35:89:e5:
70:ee:f5:12:0d:cd:75:28:f0:be:23:12:4b:82:eb:
6c:4e:a2:52:c7:7e:f2:29:2e:a0:bf:d3:03:8f:0f:
3f:dd:3e:5d:a9:5d:3a:da:c7:58:a4:14:04:d0:b8:
91:17:c8:5e:b2:a6:c2:2c:7c:8b:60:c7:2a:25:99:
4a:e7:d0:c1:ff:13:1b:ea:28:45:e1:63:d4:48:28:
bb:4f:f3:41:54:0d:5b:12:f3:0c:4f:da:d1:5e:a5:
e5:ea:28:63:c6:7a:6f:b3:c3:a4:69:76:41:0a:57:
53:ec:b3:94:08:d7:ae:fd:6c:b9:0e:3c:b5:1f:ce:
3b:1e:bb:ea:c4:d6:25:62:c0:9f:b1:c7:50:ac:f7:
28:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:5F:E7:32:5D:0B:6E:7F:38:67:93:83:4D:46:71:7B:0D:FA:D3:2C
X509v3 Authority Key Identifier:
keyid:71:D9:BA:A0:22:19:42:ED:FE:4B:3A:9A:57:08:29:5C:04:41:6E:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdm6oCIZQu3-SzqaVwgpXARBboA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/8c3fb8-40df-4d5d-9363-504727a50b8e/1/cdm6oCIZQu3-SzqaVwgpXARBboA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/8c3fb8-40df-4d5d-9363-504727a50b8e/1/cdm6oCIZQu3-SzqaVwgpXARBboA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
47:2a:5a:5d:61:7b:a6:b2:df:d2:13:4d:71:22:c3:c7:1d:4f:
84:9d:dc:07:1f:20:89:8d:73:dd:a3:27:7d:eb:fd:91:63:41:
58:07:94:94:0e:6e:22:37:0f:d1:e9:45:3b:60:08:cb:14:2e:
66:f6:5a:db:25:85:03:64:7a:2c:08:72:ca:f8:de:5e:b0:ff:
a9:5f:51:61:31:98:91:1d:69:e8:70:97:aa:ff:fb:16:d5:e5:
36:7c:49:7e:c3:54:65:56:41:d7:d0:8b:ec:e7:a9:f9:06:2a:
71:0a:7a:c8:c0:84:cc:7a:bb:26:e6:c8:42:b0:30:ea:c6:1e:
25:d8:74:b0:90:d3:29:da:e5:77:d6:0b:dd:9d:b7:f4:24:9d:
7d:cb:ab:67:f6:8e:72:de:a3:31:50:79:5b:7d:7d:b0:d4:ec:
3e:0a:d0:67:cc:32:17:32:b4:db:be:21:d6:6e:9d:d8:d6:cf:
9d:e4:63:d2:5c:29:22:1e:92:e4:53:89:52:d9:1c:ed:9c:d0:
ce:02:52:9c:b0:b3:c5:8c:ea:b1:75:77:d9:09:ad:35:23:81:
b8:26:3a:80:e1:6b:52:ea:95:e7:f7:d9:4e:34:e5:09:aa:21:
e9:9f:2a:1b:d7:e9:6f:6a:82:97:7b:11:65:d4:8d:f0:b4:e2:
74:0c:ff:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUdCgbhXHChMLqBDfRry0lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxZDliYWEwMjIxOTQyZWRmZTRiM2E5YTU3MDgyOTVjMDQ0
MTZlODAwHhcNMjUwODIzMDEwMzU4WhcNMjUwODI0MDEwMzU4WjAzMTEwLwYDVQQD
EygzMTVmZTczMjVkMGI2ZTdmMzg2NzkzODM0ZDQ2NzE3YjBkZmFkMzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3EItBD92ddh3wv3suM64fthV7LOP
zjvoDEvRPVoV5m1LWGBS4OIHuGjdNEwUbea42aly9j7jyKTVyuI/qFtLD6e0CgGF
1xQMpAt9QV0X5dCkb7RfuMHEcn38PVwLcXoy+6BZarH/vi2SXNkyYRrSDDijF101
ieVw7vUSDc11KPC+IxJLgutsTqJSx37yKS6gv9MDjw8/3T5dqV062sdYpBQE0LiR
F8hesqbCLHyLYMcqJZlK59DB/xMb6ihF4WPUSCi7T/NBVA1bEvMMT9rRXqXl6ihj
xnpvs8OkaXZBCldT7LOUCNeu/Wy5Djy1H847HrvqxNYlYsCfscdQrPcovwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDFf5zJdC25/OGeTg01GcXsN+tMsMB8GA1UdIwQY
MBaAFHHZuqAiGULt/ks6mlcIKVwEQW6AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2RtNm9DSVpRdTMtU3pxYVZ3Z3BYQVJCYm9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS84YzNmYjgtNDBkZi00ZDVkLTkzNjMt
NTA0NzI3YTUwYjhlLzEvY2RtNm9DSVpRdTMtU3pxYVZ3Z3BYQVJCYm9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS84YzNmYjgtNDBkZi00ZDVkLTkzNjMtNTA0NzI3YTUwYjhl
LzEvY2RtNm9DSVpRdTMtU3pxYVZ3Z3BYQVJCYm9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARypaXWF7
prLf0hNNcSLDxx1PhJ3cBx8giY1z3aMnfev9kWNBWAeUlA5uIjcP0elFO2AIyxQu
ZvZa2yWFA2R6LAhyyvjeXrD/qV9RYTGYkR1p6HCXqv/7FtXlNnxJfsNUZVZB19CL
7Oep+QYqcQp6yMCEzHq7JubIQrAw6sYeJdh0sJDTKdrld9YL3Z239CSdfcurZ/aO
ct6jMVB5W319sNTsPgrQZ8wyFzK0274h1m6d2NbPneRj0lwpIh6S5FOJUtkc7ZzQ
zgJSnLCzxYzqsXV32QmtNSOBuCY6gOFrUuqV5/fZTjTlCaoh6Z8qG9fpb2qCl3sR
ZdSN8LTidAz/qA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:31:52 2025 by rpki-client