Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
File: a0P3ovQ2ixel4DXOS9km-KFC1os.mft (raw, json)
Hash identifier: GXjsNo3kNmueuIllWUBBG6AHpjQvnhRgNcbGxQxhFcc=
Subject key identifier: EF:D7:DF:B7:82:B0:CA:25:D3:5E:4E:C5:BC:65:42:23:08:C8:11:DF
Authority key identifier: 6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B
Certificate issuer: /CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b
Certificate serial: 0198D5F1C8252B0908E8B71EB3A8F6125583
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
Manifest number: 1648
Signing time: Sat 23 Aug 2025 08:00:48 +0000
Manifest this update: Sat 23 Aug 2025 08:00:48 +0000
Manifest next update: Sun 24 Aug 2025 08:00:48 +0000
Files and hashes: 1: MRvoKs_tNg3-xTMgCbueoBg-yMU.roa (hash: lEsMSNpmyZrLO0pVpESTwzarMUanf5zfZ6XbX+ha5s8=)
2: a0P3ovQ2ixel4DXOS9km-KFC1os.crl (hash: 3iBQZkfKBPJlQbG7/2DHmu4oKVtVFAL89dcBBMJ8UDE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:f1:c8:25:2b:09:08:e8:b7:1e:b3:a8:f6:12:55:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b
Validity
Not Before: Aug 23 08:00:48 2025 GMT
Not After : Aug 24 08:00:48 2025 GMT
Subject: CN=efd7dfb782b0ca25d35e4ec5bc65422308c811df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:90:7c:1b:00:5c:4b:f0:6a:4d:d3:19:f0:c3:
64:5d:1a:92:69:b0:4f:83:81:c9:e3:48:85:45:aa:
63:2c:f2:a0:18:55:47:e4:ba:c7:f4:ea:49:e3:0e:
3b:d7:37:75:ec:2d:f7:ff:6c:d8:04:49:a3:12:f6:
c3:cf:27:46:44:e4:9c:26:a6:c4:87:8b:6f:49:ce:
91:39:73:7d:48:b1:9d:df:35:2b:0c:cb:65:1d:65:
f3:bb:fe:4b:e9:30:c5:12:ca:0c:c2:b1:66:f1:d2:
1e:7d:3e:ac:d2:28:54:50:1e:ce:f0:95:08:8b:6f:
45:93:8f:e3:bc:81:28:75:eb:71:bb:9d:56:cb:35:
f3:82:72:7d:38:65:1b:94:f8:98:ca:f5:d1:e6:6a:
75:ae:14:f6:19:af:2b:5d:7d:34:72:f0:e5:c8:a1:
29:da:4f:b4:8a:ad:01:5e:c2:4d:dd:56:52:90:b4:
af:70:6e:b0:58:1f:aa:51:27:32:64:32:49:c3:d5:
ed:91:a8:3a:ce:8d:6b:ad:6d:f1:8e:7c:57:eb:8e:
b5:a0:81:de:94:49:20:07:2d:32:45:d0:88:42:38:
e4:3d:45:78:11:67:3b:0e:44:81:9f:2d:0e:b9:41:
06:5c:4d:e7:7e:d9:1a:a2:0d:d9:84:f3:c6:a6:23:
c5:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:D7:DF:B7:82:B0:CA:25:D3:5E:4E:C5:BC:65:42:23:08:C8:11:DF
X509v3 Authority Key Identifier:
keyid:6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:30:21:85:06:d0:55:9a:c8:9d:68:da:2d:a7:0e:9d:ac:21:
bd:65:e5:e5:6b:cb:1d:ba:bf:80:c7:30:19:d2:42:f5:29:05:
22:e5:23:7b:37:5e:c4:ac:dc:c1:77:b3:9f:9a:fa:b0:a6:c6:
0c:7a:d9:21:99:80:e3:b8:0f:cf:ce:b9:78:34:21:07:b0:50:
30:42:19:ae:ee:bd:2a:a2:75:90:b4:0e:cb:63:4b:9a:68:96:
1e:e7:b8:42:50:ed:31:3c:19:51:66:f4:be:5d:f9:56:49:d1:
99:c2:a3:ef:d5:c5:a5:37:28:b7:af:13:2f:84:29:76:74:70:
fd:d1:dd:84:a8:81:fd:e1:1a:2a:3b:45:5d:df:09:5f:87:cc:
f3:c8:1b:95:b9:0a:da:16:b2:5a:12:f1:05:7c:b4:7a:74:c2:
f4:3e:5c:d3:b2:4b:d6:49:c7:60:72:c0:25:da:df:13:0c:1f:
2b:47:b4:bf:c2:e8:50:c0:96:95:a4:0d:37:71:e0:7b:00:40:
8e:20:a4:c7:15:a0:38:b6:6e:0c:3b:d6:7c:3a:14:26:1c:68:
e0:89:e3:06:67:0a:b0:c3:15:94:a3:c3:67:06:b6:56:25:e3:
ee:98:41:d5:64:1c:9b:7e:3d:05:a7:0b:a0:f6:68:49:aa:89:
c0:a2:31:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjV8cglKwkI6Lces6j2ElWDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNDNmN2EyZjQzNjhiMTdhNWUwMzVjZTRiZDkyNmY4YTE0
MmQ2OGIwHhcNMjUwODIzMDgwMDQ4WhcNMjUwODI0MDgwMDQ4WjAzMTEwLwYDVQQD
EyhlZmQ3ZGZiNzgyYjBjYTI1ZDM1ZTRlYzViYzY1NDIyMzA4YzgxMWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJB8GwBcS/BqTdMZ8MNkXRqSabBP
g4HJ40iFRapjLPKgGFVH5LrH9OpJ4w471zd17C33/2zYBEmjEvbDzydGROScJqbE
h4tvSc6ROXN9SLGd3zUrDMtlHWXzu/5L6TDFEsoMwrFm8dIefT6s0ihUUB7O8JUI
i29Fk4/jvIEodetxu51WyzXzgnJ9OGUblPiYyvXR5mp1rhT2Ga8rXX00cvDlyKEp
2k+0iq0BXsJN3VZSkLSvcG6wWB+qUScyZDJJw9Xtkag6zo1rrW3xjnxX6461oIHe
lEkgBy0yRdCIQjjkPUV4EWc7DkSBny0OuUEGXE3nftkaog3ZhPPGpiPFqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO/X37eCsMol015OxbxlQiMIyBHfMB8GA1UdIwQY
MBaAFGtD96L0NosXpeA1zkvZJvihQtaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMt
MzViMDMxMzZkZDAzLzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMtMzViMDMxMzZkZDAz
LzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAITAhhQbQ
VZrInWjaLacOnawhvWXl5WvLHbq/gMcwGdJC9SkFIuUjezdexKzcwXezn5r6sKbG
DHrZIZmA47gPz865eDQhB7BQMEIZru69KqJ1kLQOy2NLmmiWHue4QlDtMTwZUWb0
vl35VknRmcKj79XFpTcot68TL4QpdnRw/dHdhKiB/eEaKjtFXd8JX4fM88gblbkK
2hayWhLxBXy0enTC9D5c07JL1knHYHLAJdrfEwwfK0e0v8LoUMCWlaQNN3HgewBA
jiCkxxWgOLZuDDvWfDoUJhxo4InjBmcKsMMVlKPDZwa2ViXj7phB1WQcm349BacL
oPZoSaqJwKIxsw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:51:40 2025 by rpki-client