Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/1cdbb1-e265-44c5-b980-4a566add54b2/1/MxpRr9TLZoLCMN7WQGWMETxWL9I.mft
File: MxpRr9TLZoLCMN7WQGWMETxWL9I.mft (raw, json)
Hash identifier: RlYHxW4K1G+yT+TdAsUGK1VPOe7zoyliDO1QGmpEkrU=
Subject key identifier: 03:41:4F:4D:58:78:09:57:93:E9:57:36:DE:0B:17:9C:5B:75:2D:09
Authority key identifier: 33:1A:51:AF:D4:CB:66:82:C2:30:DE:D6:40:65:8C:11:3C:56:2F:D2
Certificate issuer: /CN=331a51afd4cb6682c230ded640658c113c562fd2
Certificate serial: 0198D4A7DFC67E45C322598C55A2D88DC201
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MxpRr9TLZoLCMN7WQGWMETxWL9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/1cdbb1-e265-44c5-b980-4a566add54b2/1/MxpRr9TLZoLCMN7WQGWMETxWL9I.mft
Manifest number: 0897
Signing time: Sat 23 Aug 2025 02:00:28 +0000
Manifest this update: Sat 23 Aug 2025 02:00:28 +0000
Manifest next update: Sun 24 Aug 2025 02:00:28 +0000
Files and hashes: 1: MxpRr9TLZoLCMN7WQGWMETxWL9I.crl (hash: rUoVqfOJF+kNZb9atdSaa87pntIRuFdvX6D1e+xA2O0=)
2: TS9TQNQnmKCUyfNW3iHSrKN4kHU.roa (hash: FKmub+udVUMJc6SCu1H3/G3fAnw8GwGXkDsFmXaZ8+8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/1cdbb1-e265-44c5-b980-4a566add54b2/1/MxpRr9TLZoLCMN7WQGWMETxWL9I.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/1cdbb1-e265-44c5-b980-4a566add54b2/1/MxpRr9TLZoLCMN7WQGWMETxWL9I.mft
rsync://rpki.ripe.net/repository/DEFAULT/MxpRr9TLZoLCMN7WQGWMETxWL9I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 02:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:a7:df:c6:7e:45:c3:22:59:8c:55:a2:d8:8d:c2:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=331a51afd4cb6682c230ded640658c113c562fd2
Validity
Not Before: Aug 23 02:00:28 2025 GMT
Not After : Aug 24 02:00:28 2025 GMT
Subject: CN=03414f4d5878095793e95736de0b179c5b752d09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:35:3c:e9:f8:9d:4e:42:fc:a2:14:03:24:07:
e7:20:90:e2:06:60:42:fc:3c:04:e7:d4:c3:38:23:
1b:1a:0e:15:17:85:12:0f:e9:48:81:91:3f:c9:8c:
f5:dc:2c:26:0a:8b:b4:fd:c2:82:cd:df:a7:c9:50:
3d:46:32:0f:48:c1:8a:2a:eb:b4:6a:ce:ce:8b:19:
3d:c8:a7:8b:cd:72:51:27:8b:98:e5:26:ee:38:4b:
ee:b3:3c:21:3a:03:91:8e:ac:7f:b3:81:68:c2:f9:
1d:5f:88:e1:8a:03:6a:0d:c9:56:9d:20:f4:a8:71:
fb:06:fe:0e:14:6b:57:0d:0c:04:92:84:b0:5d:12:
b1:dc:87:24:9a:52:17:8c:7f:9b:c2:17:b6:84:02:
98:02:35:c0:2a:46:3f:01:4d:d4:48:7b:f0:b4:25:
e3:08:d5:b5:cb:5e:e2:a3:32:d8:b0:5d:6a:fe:2c:
76:44:03:99:35:4b:bc:01:bb:70:f4:64:e5:56:ac:
e9:7b:73:51:94:36:a1:b5:5a:f1:75:14:65:af:a3:
8e:6c:69:54:27:8f:c0:89:74:79:00:4d:c5:ca:3a:
aa:a0:bd:5f:69:83:c5:39:8a:d5:fe:c0:c6:f5:62:
b0:fc:98:ce:3b:1d:a6:13:90:6b:55:53:81:4a:61:
19:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:41:4F:4D:58:78:09:57:93:E9:57:36:DE:0B:17:9C:5B:75:2D:09
X509v3 Authority Key Identifier:
keyid:33:1A:51:AF:D4:CB:66:82:C2:30:DE:D6:40:65:8C:11:3C:56:2F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MxpRr9TLZoLCMN7WQGWMETxWL9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/1cdbb1-e265-44c5-b980-4a566add54b2/1/MxpRr9TLZoLCMN7WQGWMETxWL9I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/1cdbb1-e265-44c5-b980-4a566add54b2/1/MxpRr9TLZoLCMN7WQGWMETxWL9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
28:c7:e7:fc:0b:32:7a:1f:8a:ec:95:e5:4a:22:88:33:69:9b:
7f:37:d5:37:61:8f:c3:9b:e9:d5:2d:9d:89:ef:43:51:ba:a4:
f2:65:03:1b:52:4f:cc:95:fb:f0:0c:46:ca:f1:4d:9d:cf:f4:
71:c6:f8:d2:28:4b:18:8f:9c:44:8d:16:9c:4b:6a:1a:01:95:
48:1b:69:96:e4:80:82:cf:87:94:d9:98:29:08:48:a5:d1:ab:
fe:36:ab:69:88:14:aa:70:8c:f5:6b:8a:54:9d:f9:d3:a3:34:
51:69:94:26:12:ab:e8:e0:28:f2:31:7d:8e:a6:03:2c:1e:dd:
42:45:f0:d8:d1:19:21:f0:5a:7e:50:14:4f:ac:24:8a:7c:e4:
37:ef:cd:87:78:db:c7:69:b0:ce:47:60:6a:c7:c4:16:2c:d8:
a1:e1:de:59:77:c0:3c:ab:c8:7e:a4:64:2b:fc:a0:eb:62:cb:
ec:8c:88:8f:0d:98:20:df:9a:aa:53:85:56:4b:c0:a5:27:5c:
3c:6f:87:da:12:48:6f:33:53:36:af:22:a0:53:a8:c8:a3:74:
b7:05:cb:c3:a3:bd:05:8a:ad:aa:b9:17:e7:fc:c1:5d:e3:d9:
8b:59:f6:07:90:53:cc:5d:00:ad:4e:fd:81:b3:6f:52:c2:6a:
4f:17:46:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUp9/GfkXDIlmMVaLYjcIBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMWE1MWFmZDRjYjY2ODJjMjMwZGVkNjQwNjU4YzExM2M1
NjJmZDIwHhcNMjUwODIzMDIwMDI4WhcNMjUwODI0MDIwMDI4WjAzMTEwLwYDVQQD
EygwMzQxNGY0ZDU4NzgwOTU3OTNlOTU3MzZkZTBiMTc5YzViNzUyZDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTU86fidTkL8ohQDJAfnIJDiBmBC
/DwE59TDOCMbGg4VF4USD+lIgZE/yYz13CwmCou0/cKCzd+nyVA9RjIPSMGKKuu0
as7Oixk9yKeLzXJRJ4uY5SbuOEvuszwhOgORjqx/s4FowvkdX4jhigNqDclWnSD0
qHH7Bv4OFGtXDQwEkoSwXRKx3IckmlIXjH+bwhe2hAKYAjXAKkY/AU3USHvwtCXj
CNW1y17iozLYsF1q/ix2RAOZNUu8Abtw9GTlVqzpe3NRlDahtVrxdRRlr6OObGlU
J4/AiXR5AE3FyjqqoL1faYPFOYrV/sDG9WKw/JjOOx2mE5BrVVOBSmEZpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFANBT01YeAlXk+lXNt4LF5xbdS0JMB8GA1UdIwQY
MBaAFDMaUa/Uy2aCwjDe1kBljBE8Vi/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXhwUnI5VExab0xDTU43V1FHV01FVHhXTDlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8xY2RiYjEtZTI2NS00NGM1LWI5ODAt
NGE1NjZhZGQ1NGIyLzEvTXhwUnI5VExab0xDTU43V1FHV01FVHhXTDlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8xY2RiYjEtZTI2NS00NGM1LWI5ODAtNGE1NjZhZGQ1NGIy
LzEvTXhwUnI5VExab0xDTU43V1FHV01FVHhXTDlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKMfn/Asy
eh+K7JXlSiKIM2mbfzfVN2GPw5vp1S2die9DUbqk8mUDG1JPzJX78AxGyvFNnc/0
ccb40ihLGI+cRI0WnEtqGgGVSBtpluSAgs+HlNmYKQhIpdGr/jaraYgUqnCM9WuK
VJ3506M0UWmUJhKr6OAo8jF9jqYDLB7dQkXw2NEZIfBaflAUT6wkinzkN+/Nh3jb
x2mwzkdgasfEFizYoeHeWXfAPKvIfqRkK/yg62LL7IyIjw2YIN+aqlOFVkvApSdc
PG+H2hJIbzNTNq8ioFOoyKN0twXLw6O9BYqtqrkX5/zBXePZi1n2B5BTzF0ArU79
gbNvUsJqTxdGcQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:52:50 2025 by rpki-client