Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/e4b3f6-040b-406e-b438-6ab8a879a17b/1/h3OqvdPia0S3mDfBRwq44XQV6o4.mft
File: h3OqvdPia0S3mDfBRwq44XQV6o4.mft (raw, json)
Hash identifier: EcunDXgoB+/XDWbitdeYv1T5OU2aeimtfYBvBffPgBM=
Subject key identifier: FE:9A:88:09:1A:A7:7F:AF:AB:D7:C9:83:55:41:E7:63:8B:D8:AC:DD
Authority key identifier: 87:73:AA:BD:D3:E2:6B:44:B7:98:37:C1:47:0A:B8:E1:74:15:EA:8E
Certificate issuer: /CN=8773aabdd3e26b44b79837c1470ab8e17415ea8e
Certificate serial: 0198D6CDFDBB39AF8E7FEE99C38D7CCC6EB7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3OqvdPia0S3mDfBRwq44XQV6o4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/e4b3f6-040b-406e-b438-6ab8a879a17b/1/h3OqvdPia0S3mDfBRwq44XQV6o4.mft
Manifest number: 0236
Signing time: Sat 23 Aug 2025 12:01:20 +0000
Manifest this update: Sat 23 Aug 2025 12:01:20 +0000
Manifest next update: Sun 24 Aug 2025 12:01:20 +0000
Files and hashes: 1: h3OqvdPia0S3mDfBRwq44XQV6o4.crl (hash: tknVA1+6bXQAx/nS64JHRqEY32BOoLrDW0hWSzHVbzg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/e4b3f6-040b-406e-b438-6ab8a879a17b/1/h3OqvdPia0S3mDfBRwq44XQV6o4.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/e4b3f6-040b-406e-b438-6ab8a879a17b/1/h3OqvdPia0S3mDfBRwq44XQV6o4.mft
rsync://rpki.ripe.net/repository/DEFAULT/h3OqvdPia0S3mDfBRwq44XQV6o4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:cd:fd:bb:39:af:8e:7f:ee:99:c3:8d:7c:cc:6e:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8773aabdd3e26b44b79837c1470ab8e17415ea8e
Validity
Not Before: Aug 23 12:01:20 2025 GMT
Not After : Aug 24 12:01:20 2025 GMT
Subject: CN=fe9a88091aa77fafabd7c9835541e7638bd8acdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:85:c7:1d:7b:53:5f:0f:57:3e:5f:a3:e2:23:
da:1e:13:b1:34:6e:f7:f1:cf:f6:b9:f4:28:30:ab:
2c:f6:9c:6f:1c:21:72:14:43:ea:a7:37:91:c0:c3:
29:35:ae:9d:05:f1:02:92:5a:0e:b6:1e:bd:d5:61:
83:7e:d6:96:9b:99:82:bd:15:81:cc:9a:68:57:bc:
ed:c2:d9:55:30:d7:27:43:67:37:91:40:4a:4e:b8:
20:21:00:12:ac:84:0c:65:74:da:11:80:2b:69:89:
ad:2f:e1:d0:e4:5d:90:b4:c2:86:80:3b:90:12:63:
45:dd:ab:de:e6:8d:7b:05:c6:09:d2:06:52:5e:5b:
0d:0e:ab:5b:41:ca:e6:eb:9b:72:96:e2:54:14:16:
e5:9e:36:2a:55:88:52:5b:72:80:b8:ce:7c:31:73:
53:39:e9:d0:55:2f:17:c8:95:1d:e6:fe:f0:01:33:
25:01:44:5e:43:de:0c:07:04:84:43:79:5f:ad:26:
73:f3:4d:58:16:9e:c8:db:aa:7a:65:d6:c5:c4:a2:
4b:7f:86:cf:23:d8:2f:61:91:c1:fd:8c:4e:36:7a:
fc:f8:b1:ad:0d:a3:f2:55:98:8c:8a:03:61:8d:43:
87:7a:4a:df:76:be:84:8b:9b:0a:e8:7f:11:b7:de:
37:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:9A:88:09:1A:A7:7F:AF:AB:D7:C9:83:55:41:E7:63:8B:D8:AC:DD
X509v3 Authority Key Identifier:
keyid:87:73:AA:BD:D3:E2:6B:44:B7:98:37:C1:47:0A:B8:E1:74:15:EA:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3OqvdPia0S3mDfBRwq44XQV6o4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/e4b3f6-040b-406e-b438-6ab8a879a17b/1/h3OqvdPia0S3mDfBRwq44XQV6o4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/e4b3f6-040b-406e-b438-6ab8a879a17b/1/h3OqvdPia0S3mDfBRwq44XQV6o4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
86:cc:f5:2b:1c:1c:69:33:16:be:ec:c4:2c:b0:9c:59:11:c7:
61:b2:b4:93:de:81:d4:03:dc:4c:f2:03:03:01:a8:0c:9d:13:
61:23:09:e0:c4:6a:68:bc:04:43:b5:97:f2:10:37:f0:b7:dd:
b7:6e:8a:7f:51:41:dc:c9:2d:25:cf:0b:24:f5:37:9f:6b:e0:
6c:eb:8b:60:7d:bd:06:97:3a:bd:1d:0c:2f:93:e3:4b:5f:30:
0f:c5:fc:89:d0:be:53:67:cb:c6:17:35:da:96:a9:36:b2:14:
65:1e:37:d6:ba:73:a8:cc:7b:e9:f1:ed:fc:e5:d8:0c:38:1c:
0f:89:5c:d3:a7:66:23:ee:3e:e0:e5:16:72:ae:b6:9f:dd:25:
99:a7:f3:d3:42:2f:3d:b9:13:9e:f1:da:6e:3f:36:95:60:ac:
ec:c6:ec:6d:e0:ca:bd:6d:13:e6:a8:8f:2c:08:b6:7c:29:71:
4a:21:27:2c:f0:38:23:82:6c:95:21:92:6e:7d:65:46:61:dc:
30:e2:55:c8:3a:d7:38:28:2e:39:a7:7e:bc:e9:6c:c4:ef:92:
f0:fc:4f:2b:b6:82:6f:ec:89:f4:f0:38:bf:f1:8b:46:14:22:
0a:98:d4:e6:18:f0:54:25:7c:18:b3:a1:cc:64:a8:56:7f:5e:
a8:10:4c:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzf27Oa+Of+6Zw418zG63MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzNhYWJkZDNlMjZiNDRiNzk4MzdjMTQ3MGFiOGUxNzQx
NWVhOGUwHhcNMjUwODIzMTIwMTIwWhcNMjUwODI0MTIwMTIwWjAzMTEwLwYDVQQD
EyhmZTlhODgwOTFhYTc3ZmFmYWJkN2M5ODM1NTQxZTc2MzhiZDhhY2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYXHHXtTXw9XPl+j4iPaHhOxNG73
8c/2ufQoMKss9pxvHCFyFEPqpzeRwMMpNa6dBfECkloOth691WGDftaWm5mCvRWB
zJpoV7ztwtlVMNcnQ2c3kUBKTrggIQASrIQMZXTaEYAraYmtL+HQ5F2QtMKGgDuQ
EmNF3ave5o17BcYJ0gZSXlsNDqtbQcrm65tyluJUFBblnjYqVYhSW3KAuM58MXNT
OenQVS8XyJUd5v7wATMlAUReQ94MBwSEQ3lfrSZz801YFp7I26p6ZdbFxKJLf4bP
I9gvYZHB/YxONnr8+LGtDaPyVZiMigNhjUOHekrfdr6Ei5sK6H8Rt943AQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP6aiAkap3+vq9fJg1VB52OL2KzdMB8GA1UdIwQY
MBaAFIdzqr3T4mtEt5g3wUcKuOF0FeqOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNPcXZkUGlhMFMzbURmQlJ3cTQ0WFFWNm80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9lNGIzZjYtMDQwYi00MDZlLWI0Mzgt
NmFiOGE4NzlhMTdiLzEvaDNPcXZkUGlhMFMzbURmQlJ3cTQ0WFFWNm80Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9lNGIzZjYtMDQwYi00MDZlLWI0MzgtNmFiOGE4NzlhMTdi
LzEvaDNPcXZkUGlhMFMzbURmQlJ3cTQ0WFFWNm80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhsz1Kxwc
aTMWvuzELLCcWRHHYbK0k96B1APcTPIDAwGoDJ0TYSMJ4MRqaLwEQ7WX8hA38Lfd
t26Kf1FB3MktJc8LJPU3n2vgbOuLYH29Bpc6vR0ML5PjS18wD8X8idC+U2fLxhc1
2papNrIUZR431rpzqMx76fHt/OXYDDgcD4lc06dmI+4+4OUWcq62n90lmafz00Iv
PbkTnvHabj82lWCs7MbsbeDKvW0T5qiPLAi2fClxSiEnLPA4I4JslSGSbn1lRmHc
MOJVyDrXOCguOad+vOlsxO+S8PxPK7aCb+yJ9PA4v/GLRhQiCpjU5hjwVCV8GLOh
zGSoVn9eqBBM8Q==
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:09:29 2025 by rpki-client