Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft
File: OneLgrqpeIoayvLsNothmB71HfI.mft (raw, json)
Hash identifier: bQdu1TfvrxJcWh3DbDe6LFEVSzpCVRHrgCdLOBIxQSA=
Subject key identifier: 4D:FB:77:F3:4F:FA:0F:17:21:92:DB:65:FD:09:43:D8:13:B2:C9:D5
Authority key identifier: 3A:77:8B:82:BA:A9:78:8A:1A:CA:F2:EC:36:8B:61:98:1E:F5:1D:F2
Certificate issuer: /CN=3a778b82baa9788a1acaf2ec368b61981ef51df2
Certificate serial: 0198D705F38F74131528A9D3D21E7F4E1088
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OneLgrqpeIoayvLsNothmB71HfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft
Manifest number: 1650
Signing time: Sat 23 Aug 2025 13:02:28 +0000
Manifest this update: Sat 23 Aug 2025 13:02:28 +0000
Manifest next update: Sun 24 Aug 2025 13:02:28 +0000
Files and hashes: 1: OneLgrqpeIoayvLsNothmB71HfI.crl (hash: yYx/o/Jt5+ZQJL9LyJji/erxh1WuA3BT7runNExBGEE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft
rsync://rpki.ripe.net/repository/DEFAULT/OneLgrqpeIoayvLsNothmB71HfI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d7:05:f3:8f:74:13:15:28:a9:d3:d2:1e:7f:4e:10:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a778b82baa9788a1acaf2ec368b61981ef51df2
Validity
Not Before: Aug 23 13:02:28 2025 GMT
Not After : Aug 24 13:02:28 2025 GMT
Subject: CN=4dfb77f34ffa0f172192db65fd0943d813b2c9d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:de:eb:4c:7c:53:6c:01:2d:9b:c8:4a:c7:01:
17:a3:55:ee:d5:b9:7a:03:72:5a:c7:fb:0a:7e:6a:
77:cb:68:30:1c:2e:6e:85:0d:c8:42:d2:ec:2b:24:
04:ad:93:fc:6a:69:42:2a:17:5a:2e:46:7d:90:64:
b7:dc:c2:28:ed:56:be:46:1c:9b:28:c0:c6:8d:1e:
5b:68:b0:0b:b1:cb:dc:64:6f:74:ef:24:c5:a6:54:
ce:68:1c:17:c1:04:e4:a6:a5:1f:24:a2:66:12:7b:
98:4b:cf:6c:c3:86:3a:6e:26:32:aa:8a:dc:ec:7d:
8e:2a:14:69:10:9c:b1:c1:79:ff:e3:e1:b6:4f:47:
45:8b:ff:46:70:19:31:09:5a:f5:c6:ee:ea:92:6f:
c5:09:1c:dd:fa:e7:e8:99:9b:a9:98:88:36:e9:a6:
5b:9d:ca:d1:db:f3:08:a8:40:7f:40:5a:34:4d:4c:
7c:20:10:33:66:71:8b:bc:fb:c8:72:0e:b4:ee:5e:
93:32:c3:02:63:88:a1:47:24:45:dc:00:0c:be:09:
e5:f3:ab:13:f8:38:e2:50:20:9d:d1:5e:2e:2e:32:
19:56:91:59:80:3e:d4:5f:63:38:f9:30:27:01:04:
8e:00:a7:2f:8a:e7:dd:70:0f:1d:7e:45:09:40:49:
43:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:FB:77:F3:4F:FA:0F:17:21:92:DB:65:FD:09:43:D8:13:B2:C9:D5
X509v3 Authority Key Identifier:
keyid:3A:77:8B:82:BA:A9:78:8A:1A:CA:F2:EC:36:8B:61:98:1E:F5:1D:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OneLgrqpeIoayvLsNothmB71HfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2d:77:e5:25:35:f7:43:4f:1b:71:8b:ac:29:e1:39:9b:81:75:
ee:23:b4:b2:4a:71:d9:a8:07:7d:cc:e0:24:fc:1d:8f:a6:a4:
fa:39:74:4a:2f:ea:c2:d2:fe:a2:18:a5:9e:05:bd:cc:77:15:
ea:68:ad:b8:0e:70:d3:6e:fb:32:5f:ba:87:15:79:26:8e:49:
69:0b:e8:b1:49:a8:50:c3:72:fd:e5:c5:f7:87:29:2e:65:fc:
ff:c1:28:a3:be:65:bc:f8:08:d8:96:97:ae:f1:91:de:05:b1:
f2:81:cc:75:e9:1e:17:4b:95:8a:51:8e:15:28:ac:03:c3:49:
7b:3b:db:8f:c6:b0:41:d7:4a:74:32:94:a5:5a:f1:70:4d:97:
3a:84:8c:18:76:ae:f5:f4:6e:1b:6d:3f:f9:40:cd:5c:82:1d:
34:a6:45:c8:8c:a7:30:90:22:59:25:37:10:81:c8:0d:07:76:
c1:60:f0:68:29:d0:8b:74:60:fe:68:c3:e6:4b:bc:c0:4d:42:
8b:01:d5:c9:3e:d0:18:c2:fd:f3:10:7a:a9:75:07:06:83:5c:
14:fe:ee:6f:3d:a3:06:56:19:3a:1e:00:9f:fc:ad:29:2e:1e:
6f:b8:19:e8:5d:c6:9e:68:64:1d:fc:27:f4:a2:2f:84:78:6b:
15:86:2d:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXBfOPdBMVKKnT0h5/ThCIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzc4YjgyYmFhOTc4OGExYWNhZjJlYzM2OGI2MTk4MWVm
NTFkZjIwHhcNMjUwODIzMTMwMjI4WhcNMjUwODI0MTMwMjI4WjAzMTEwLwYDVQQD
Eyg0ZGZiNzdmMzRmZmEwZjE3MjE5MmRiNjVmZDA5NDNkODEzYjJjOWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv97rTHxTbAEtm8hKxwEXo1Xu1bl6
A3Jax/sKfmp3y2gwHC5uhQ3IQtLsKyQErZP8amlCKhdaLkZ9kGS33MIo7Va+Rhyb
KMDGjR5baLALscvcZG907yTFplTOaBwXwQTkpqUfJKJmEnuYS89sw4Y6biYyqorc
7H2OKhRpEJyxwXn/4+G2T0dFi/9GcBkxCVr1xu7qkm/FCRzd+ufomZupmIg26aZb
ncrR2/MIqEB/QFo0TUx8IBAzZnGLvPvIcg607l6TMsMCY4ihRyRF3AAMvgnl86sT
+DjiUCCd0V4uLjIZVpFZgD7UX2M4+TAnAQSOAKcviufdcA8dfkUJQElDRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE37d/NP+g8XIZLbZf0JQ9gTssnVMB8GA1UdIwQY
MBaAFDp3i4K6qXiKGsry7DaLYZge9R3yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25lTGdycXBlSW9heXZMc05vdGhtQjcxSGZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC80MDRjMDQtYTdmNS00Y2RmLThlOTct
MThkMzNiZWI3YzMxLzEvT25lTGdycXBlSW9heXZMc05vdGhtQjcxSGZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC80MDRjMDQtYTdmNS00Y2RmLThlOTctMThkMzNiZWI3YzMx
LzEvT25lTGdycXBlSW9heXZMc05vdGhtQjcxSGZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALXflJTX3
Q08bcYusKeE5m4F17iO0skpx2agHfczgJPwdj6ak+jl0Si/qwtL+ohilngW9zHcV
6mituA5w0277Ml+6hxV5Jo5JaQvosUmoUMNy/eXF94cpLmX8/8Eoo75lvPgI2JaX
rvGR3gWx8oHMdekeF0uVilGOFSisA8NJezvbj8awQddKdDKUpVrxcE2XOoSMGHau
9fRuG20/+UDNXIIdNKZFyIynMJAiWSU3EIHIDQd2wWDwaCnQi3Rg/mjD5ku8wE1C
iwHVyT7QGML98xB6qXUHBoNcFP7ubz2jBlYZOh4An/ytKS4eb7gZ6F3GnmhkHfwn
9KIvhHhrFYYt9Q==
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:23:52 2025 by rpki-client