Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/47d7f7-b019-42e9-bb08-d69c0134f5a8/1/POwGHF7VbcoHdT_ktbjAkNl60OE.mft
File: POwGHF7VbcoHdT_ktbjAkNl60OE.mft (raw, json)
Hash identifier: NzaDCRv9LbbW7Tz1p5Rbvmcxc3Gqy/v/pj6XHEyF1Yk=
Subject key identifier: B7:A1:A7:62:EE:F7:BE:8D:30:BF:3F:F1:E4:B6:77:BA:43:FF:4B:AB
Authority key identifier: 3C:EC:06:1C:5E:D5:6D:CA:07:75:3F:E4:B5:B8:C0:90:D9:7A:D0:E1
Certificate issuer: /CN=3cec061c5ed56dca07753fe4b5b8c090d97ad0e1
Certificate serial: 0199FFFE90590A8144C735FC950693D88E28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/POwGHF7VbcoHdT_ktbjAkNl60OE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/47d7f7-b019-42e9-bb08-d69c0134f5a8/1/POwGHF7VbcoHdT_ktbjAkNl60OE.mft
Manifest number: 0686
Signing time: Mon 20 Oct 2025 05:01:37 +0000
Manifest this update: Mon 20 Oct 2025 05:01:37 +0000
Manifest next update: Tue 21 Oct 2025 05:01:37 +0000
Files and hashes: 1: J--9FTqyd7jwis3viXw5cnMN5-o.roa (hash: DC3T7Frr+GR57cEYLFoZVlKHfiR/SiiUWqjetZEXAWY=)
2: POwGHF7VbcoHdT_ktbjAkNl60OE.crl (hash: vYnP3MlVCJHD4ZvKL41jtLCna9v/hQ+/LKHpl6iv5fU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/47d7f7-b019-42e9-bb08-d69c0134f5a8/1/POwGHF7VbcoHdT_ktbjAkNl60OE.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/47d7f7-b019-42e9-bb08-d69c0134f5a8/1/POwGHF7VbcoHdT_ktbjAkNl60OE.mft
rsync://rpki.ripe.net/repository/DEFAULT/POwGHF7VbcoHdT_ktbjAkNl60OE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:fe:90:59:0a:81:44:c7:35:fc:95:06:93:d8:8e:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cec061c5ed56dca07753fe4b5b8c090d97ad0e1
Validity
Not Before: Oct 20 05:01:37 2025 GMT
Not After : Oct 21 05:01:37 2025 GMT
Subject: CN=b7a1a762eef7be8d30bf3ff1e4b677ba43ff4bab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:fc:98:96:08:5b:d0:25:8d:77:7a:91:9f:ef:
56:2a:5c:ab:1d:2b:61:21:85:e2:2a:cf:a6:b3:c5:
7d:fe:61:47:76:cc:f1:5c:29:e1:8f:e7:14:32:16:
92:bd:87:85:4d:f5:4d:a9:76:82:b5:3e:2b:7a:b6:
e3:0e:66:60:ef:e8:4f:92:29:13:e4:16:d4:67:04:
98:cc:de:ab:21:e5:b0:0e:b5:4c:0c:1a:3a:9b:b4:
eb:28:ce:5b:b6:bb:ef:09:92:1f:81:ed:d9:08:fe:
b7:69:96:48:3a:eb:7d:81:58:73:6e:79:c0:28:40:
65:1a:5a:11:c4:83:a1:c6:6b:57:0d:67:ba:2b:8e:
c3:3b:37:68:74:ca:43:a6:3b:f4:ac:25:89:0c:27:
77:74:98:e7:a8:6a:2d:a5:39:f4:ac:45:5d:70:c7:
6d:22:83:75:6b:f0:58:10:80:1f:d3:36:94:77:e1:
97:b1:64:40:fc:66:69:43:30:4c:04:6e:a7:ee:82:
d4:b9:c1:d8:51:5a:b0:70:74:9e:2f:0f:91:ff:95:
45:be:36:7d:25:6e:f7:82:81:2e:b2:9a:df:a3:c9:
51:cf:04:f9:61:76:f4:0d:23:20:3a:45:a5:37:34:
51:62:18:28:61:15:2c:06:bf:61:04:0d:12:dd:07:
a8:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:A1:A7:62:EE:F7:BE:8D:30:BF:3F:F1:E4:B6:77:BA:43:FF:4B:AB
X509v3 Authority Key Identifier:
keyid:3C:EC:06:1C:5E:D5:6D:CA:07:75:3F:E4:B5:B8:C0:90:D9:7A:D0:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/POwGHF7VbcoHdT_ktbjAkNl60OE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/47d7f7-b019-42e9-bb08-d69c0134f5a8/1/POwGHF7VbcoHdT_ktbjAkNl60OE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/47d7f7-b019-42e9-bb08-d69c0134f5a8/1/POwGHF7VbcoHdT_ktbjAkNl60OE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3e:3b:fa:57:4b:68:cc:ce:3d:a0:3a:14:82:06:62:9c:53:cc:
ba:6a:98:0f:3b:46:8a:28:bb:e8:54:ec:f6:19:d0:72:a1:e1:
f1:4f:a9:92:72:3a:40:b8:af:3f:91:78:90:ee:00:f3:4c:d9:
89:6d:f2:e7:2f:a5:7d:dd:97:02:ca:7c:75:13:22:2e:a6:40:
29:e3:61:c2:ef:0d:60:53:a5:80:81:cb:f1:77:d3:b5:65:77:
4c:49:e1:23:9e:2c:e4:b5:1f:b7:fe:b8:17:78:75:ba:e7:ae:
c1:f0:9e:37:b3:92:fc:03:8a:a6:eb:e5:d4:7b:da:1a:21:7b:
59:9d:7f:a2:06:70:82:14:25:5f:53:aa:5b:1a:6f:d5:c8:46:
8a:06:86:9f:e2:80:89:40:22:1a:fd:9f:75:b4:6f:af:46:df:
03:04:82:29:08:22:68:50:07:06:73:a3:32:ac:3d:00:d4:34:
8c:b6:83:95:5e:d3:2b:1e:07:e1:2e:5a:e4:0b:20:2f:72:4a:
76:c0:bc:45:97:2e:7f:c3:54:19:23:d4:aa:fc:a8:b9:4c:3f:
06:a1:79:8a:c0:b8:31:ea:f8:d7:f9:71:13:64:c8:44:e2:54:
9d:28:e0:2b:64:36:1f:50:4e:52:01:a9:84:9b:66:1a:13:a7:
85:25:a9:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn//pBZCoFExzX8lQaT2I4oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZWMwNjFjNWVkNTZkY2EwNzc1M2ZlNGI1YjhjMDkwZDk3
YWQwZTEwHhcNMjUxMDIwMDUwMTM3WhcNMjUxMDIxMDUwMTM3WjAzMTEwLwYDVQQD
EyhiN2ExYTc2MmVlZjdiZThkMzBiZjNmZjFlNGI2NzdiYTQzZmY0YmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfyYlghb0CWNd3qRn+9WKlyrHSth
IYXiKs+ms8V9/mFHdszxXCnhj+cUMhaSvYeFTfVNqXaCtT4rerbjDmZg7+hPkikT
5BbUZwSYzN6rIeWwDrVMDBo6m7TrKM5btrvvCZIfge3ZCP63aZZIOut9gVhzbnnA
KEBlGloRxIOhxmtXDWe6K47DOzdodMpDpjv0rCWJDCd3dJjnqGotpTn0rEVdcMdt
IoN1a/BYEIAf0zaUd+GXsWRA/GZpQzBMBG6n7oLUucHYUVqwcHSeLw+R/5VFvjZ9
JW73goEusprfo8lRzwT5YXb0DSMgOkWlNzRRYhgoYRUsBr9hBA0S3Qeo1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLehp2Lu976NML8/8eS2d7pD/0urMB8GA1UdIwQY
MBaAFDzsBhxe1W3KB3U/5LW4wJDZetDhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE93R0hGN1ZiY29IZFRfa3RiakFrTmw2ME9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80N2Q3ZjctYjAxOS00MmU5LWJiMDgt
ZDY5YzAxMzRmNWE4LzEvUE93R0hGN1ZiY29IZFRfa3RiakFrTmw2ME9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC80N2Q3ZjctYjAxOS00MmU5LWJiMDgtZDY5YzAxMzRmNWE4
LzEvUE93R0hGN1ZiY29IZFRfa3RiakFrTmw2ME9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPjv6V0to
zM49oDoUggZinFPMumqYDztGiii76FTs9hnQcqHh8U+pknI6QLivP5F4kO4A80zZ
iW3y5y+lfd2XAsp8dRMiLqZAKeNhwu8NYFOlgIHL8XfTtWV3TEnhI54s5LUft/64
F3h1uueuwfCeN7OS/AOKpuvl1HvaGiF7WZ1/ogZwghQlX1OqWxpv1chGigaGn+KA
iUAiGv2fdbRvr0bfAwSCKQgiaFAHBnOjMqw9ANQ0jLaDlV7TKx4H4S5a5AsgL3JK
dsC8RZcuf8NUGSPUqvyouUw/BqF5isC4Mer41/lxE2TIROJUnSjgK2Q2H1BOUgGp
hJtmGhOnhSWplg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:01:19 2025 by rpki-client