Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/u41koNwhmWscmeaMyVFpTik-3v4.mft
File: u41koNwhmWscmeaMyVFpTik-3v4.mft (raw, json)
Hash identifier: DMR4yzBiKLHR/VIMhT3czr91+6A+GDgmOKDhAg105n8=
Subject key identifier: 98:90:A1:6D:E7:33:29:C0:6B:84:AF:80:D1:01:00:99:73:57:B5:89
Authority key identifier: BB:8D:64:A0:DC:21:99:6B:1C:99:E6:8C:C9:51:69:4E:29:3E:DE:FE
Certificate issuer: /CN=bb8d64a0dc21996b1c99e68cc951694e293edefe
Certificate serial: 0198D5BC523E3B27C0487600267F9CADAB6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u41koNwhmWscmeaMyVFpTik-3v4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/u41koNwhmWscmeaMyVFpTik-3v4.mft
Manifest number: 1653
Signing time: Sat 23 Aug 2025 07:02:25 +0000
Manifest this update: Sat 23 Aug 2025 07:02:25 +0000
Manifest next update: Sun 24 Aug 2025 07:02:25 +0000
Files and hashes: 1: C_0ORiP6GTff8xYOZ4mMicSAww8.roa (hash: HUAyzCwf6jl6lX3eg8riTN4+Y+lTTc8+dOFl1EBg7WI=)
2: YWaaNJeo7smBlwI_T0SxJ5KX4-g.roa (hash: QZs858olOtlmGTBOleulDcnrJGCjiCkhUKDy6SCkdvE=)
3: u41koNwhmWscmeaMyVFpTik-3v4.crl (hash: 9kr32mbf91Bb5cvbLnR9T7ctOOFFp8PEtrZIQRV1H3s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/u41koNwhmWscmeaMyVFpTik-3v4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/u41koNwhmWscmeaMyVFpTik-3v4.mft
rsync://rpki.ripe.net/repository/DEFAULT/u41koNwhmWscmeaMyVFpTik-3v4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:bc:52:3e:3b:27:c0:48:76:00:26:7f:9c:ad:ab:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb8d64a0dc21996b1c99e68cc951694e293edefe
Validity
Not Before: Aug 23 07:02:25 2025 GMT
Not After : Aug 24 07:02:25 2025 GMT
Subject: CN=9890a16de73329c06b84af80d10100997357b589
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:39:09:7b:0d:f6:32:41:4b:f5:ff:9b:d0:df:
61:43:68:a4:1a:5d:a0:10:e3:0c:37:8d:4c:b5:28:
a4:6a:41:32:97:f3:96:da:2d:de:ca:4f:ad:03:96:
a4:b6:a6:37:bc:e2:30:01:e1:d2:2d:8c:fa:72:36:
12:3f:51:ea:7a:c6:85:e1:38:26:83:be:7f:ba:88:
1a:d7:b9:bf:b0:40:40:e1:ef:b1:4e:cf:10:03:f7:
05:aa:e1:8f:03:72:a9:36:b0:f4:25:d2:d7:24:40:
1f:04:2a:6e:95:09:da:d9:42:fa:c2:6e:4f:e9:41:
fa:44:2c:0a:cb:8d:d5:d2:60:55:52:f6:6a:ee:e4:
2f:c2:01:51:54:dc:02:ac:a5:9f:f9:f7:e3:d1:59:
12:84:a8:5d:51:20:c4:07:32:8f:b4:c5:2b:69:76:
26:25:69:6b:d6:53:15:0f:6a:8c:68:33:e5:15:b8:
59:7d:23:d1:e0:21:20:7b:f8:28:ca:e6:cc:58:aa:
0b:4c:10:2e:59:53:1f:96:74:ad:6c:a3:72:08:35:
8f:e1:a8:35:e4:c8:e6:7f:a9:10:48:c9:d1:8a:90:
2e:fc:66:b7:74:33:a0:6d:b7:05:9f:0d:d4:51:e5:
01:07:3f:2f:de:ea:04:e1:24:ec:b0:d4:41:15:27:
0e:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:90:A1:6D:E7:33:29:C0:6B:84:AF:80:D1:01:00:99:73:57:B5:89
X509v3 Authority Key Identifier:
keyid:BB:8D:64:A0:DC:21:99:6B:1C:99:E6:8C:C9:51:69:4E:29:3E:DE:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u41koNwhmWscmeaMyVFpTik-3v4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/u41koNwhmWscmeaMyVFpTik-3v4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/u41koNwhmWscmeaMyVFpTik-3v4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
85:47:55:9e:45:78:2b:3f:b3:17:89:8a:5d:34:7c:27:e6:9b:
91:f0:26:59:89:75:f1:f4:57:04:06:98:02:f3:75:95:63:6e:
a0:8f:ed:ae:2a:ea:fb:b6:9f:0c:77:f8:1b:9f:52:be:29:0f:
fd:8d:08:29:3e:52:dd:d5:a5:5f:07:8e:e4:b4:26:cc:2e:08:
3f:59:9f:ef:95:fe:ce:d0:90:7e:30:bd:9c:e4:ba:5e:24:d4:
1c:17:5b:d9:96:d6:3c:a0:f5:4e:8a:e8:49:e7:d4:28:1a:3e:
c0:59:dd:44:84:8d:1d:de:11:d3:0b:ff:70:b0:0d:00:e9:c2:
d6:e5:45:bd:81:e5:69:28:ac:7b:2f:e3:5b:17:97:25:dc:3d:
ad:e7:dc:6b:4c:c4:e4:19:2b:8f:3e:24:35:a2:38:bc:c2:5c:
de:4a:2d:2c:fd:df:df:d1:d0:7d:77:20:b3:43:7b:b5:b6:5c:
ea:fc:cf:5f:51:12:c2:e6:39:c0:af:8b:e7:53:ef:82:69:fb:
ac:ae:00:9c:fb:8c:32:99:96:8a:46:f2:66:9d:e4:13:7b:0e:
d3:50:3e:8e:ce:12:28:4e:ba:55:e5:b3:54:d4:96:ff:40:87:
13:b6:3b:b8:72:f3:3e:30:5a:7c:63:e4:43:7b:7a:ff:0a:24:
8c:61:c5:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVvFI+OyfASHYAJn+cratvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiOGQ2NGEwZGMyMTk5NmIxYzk5ZTY4Y2M5NTE2OTRlMjkz
ZWRlZmUwHhcNMjUwODIzMDcwMjI1WhcNMjUwODI0MDcwMjI1WjAzMTEwLwYDVQQD
Eyg5ODkwYTE2ZGU3MzMyOWMwNmI4NGFmODBkMTAxMDA5OTczNTdiNTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTkJew32MkFL9f+b0N9hQ2ikGl2g
EOMMN41MtSikakEyl/OW2i3eyk+tA5aktqY3vOIwAeHSLYz6cjYSP1HqesaF4Tgm
g75/uoga17m/sEBA4e+xTs8QA/cFquGPA3KpNrD0JdLXJEAfBCpulQna2UL6wm5P
6UH6RCwKy43V0mBVUvZq7uQvwgFRVNwCrKWf+ffj0VkShKhdUSDEBzKPtMUraXYm
JWlr1lMVD2qMaDPlFbhZfSPR4CEge/goyubMWKoLTBAuWVMflnStbKNyCDWP4ag1
5Mjmf6kQSMnRipAu/Ga3dDOgbbcFnw3UUeUBBz8v3uoE4STssNRBFScOxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJiQoW3nMynAa4SvgNEBAJlzV7WJMB8GA1UdIwQY
MBaAFLuNZKDcIZlrHJnmjMlRaU4pPt7+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTQxa29Od2htV3NjbWVhTXlWRnBUaWstM3Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8yMjAzMTgtNDZmMS00ZWJmLWE3OTUt
ZGQ0YTIxN2Q2MDZiLzEvdTQxa29Od2htV3NjbWVhTXlWRnBUaWstM3Y0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8yMjAzMTgtNDZmMS00ZWJmLWE3OTUtZGQ0YTIxN2Q2MDZi
LzEvdTQxa29Od2htV3NjbWVhTXlWRnBUaWstM3Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhUdVnkV4
Kz+zF4mKXTR8J+abkfAmWYl18fRXBAaYAvN1lWNuoI/trirq+7afDHf4G59SvikP
/Y0IKT5S3dWlXweO5LQmzC4IP1mf75X+ztCQfjC9nOS6XiTUHBdb2ZbWPKD1Toro
SefUKBo+wFndRISNHd4R0wv/cLANAOnC1uVFvYHlaSisey/jWxeXJdw9refca0zE
5Bkrjz4kNaI4vMJc3kotLP3f39HQfXcgs0N7tbZc6vzPX1ESwuY5wK+L51Pvgmn7
rK4AnPuMMpmWikbyZp3kE3sO01A+js4SKE66VeWzVNSW/0CHE7Y7uHLzPjBafGPk
Q3t6/wokjGHF9Q==
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:22:49 2025 by rpki-client