Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/rnLkfVZpJJmnJr-ADqg4A2Letr4.mft
File: rnLkfVZpJJmnJr-ADqg4A2Letr4.mft (raw, json)
Hash identifier: ICOhX/sLtzjH60W8Ql1OErpipwKIg8tCkP0OUkPxaks=
Subject key identifier: 18:B9:5B:CE:4E:AB:FB:B0:CC:20:BE:26:9A:F5:51:F5:AA:DF:D8:8C
Authority key identifier: AE:72:E4:7D:56:69:24:99:A7:26:BF:80:0E:A8:38:03:62:DE:B6:BE
Certificate issuer: /CN=ae72e47d56692499a726bf800ea8380362deb6be
Certificate serial: 0198D472484BB48F7C512EAA99C6F0F1D989
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnLkfVZpJJmnJr-ADqg4A2Letr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/rnLkfVZpJJmnJr-ADqg4A2Letr4.mft
Manifest number: 1652
Signing time: Sat 23 Aug 2025 01:01:56 +0000
Manifest this update: Sat 23 Aug 2025 01:01:56 +0000
Manifest next update: Sun 24 Aug 2025 01:01:56 +0000
Files and hashes: 1: 8tE73tTyc50FXb5YFWLLM8iDRuI.roa (hash: u90hDSgERXDnRD/Za5EPngqSUsaFRKPCGbCgiZ9sIyo=)
2: jNjUfwqgx7FxjC22ZM2tNJxUovE.roa (hash: CYjABvddLBiX5OMQlguXfrahjaGdNxRrjgGTFThsYz4=)
3: rnLkfVZpJJmnJr-ADqg4A2Letr4.crl (hash: i6HMHp/uP2xd3s/H5lGmPHjLciuQAIBVnaCUx1emprE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/rnLkfVZpJJmnJr-ADqg4A2Letr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/rnLkfVZpJJmnJr-ADqg4A2Letr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/rnLkfVZpJJmnJr-ADqg4A2Letr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:72:48:4b:b4:8f:7c:51:2e:aa:99:c6:f0:f1:d9:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae72e47d56692499a726bf800ea8380362deb6be
Validity
Not Before: Aug 23 01:01:56 2025 GMT
Not After : Aug 24 01:01:56 2025 GMT
Subject: CN=18b95bce4eabfbb0cc20be269af551f5aadfd88c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:c2:8f:90:d1:3f:04:ce:67:bf:87:20:ac:ea:
a6:b0:66:31:36:5b:ee:95:72:88:6d:bf:b6:27:4f:
9c:f4:b0:84:30:17:fe:93:e6:af:69:0f:01:a3:b8:
15:e0:05:3f:c3:3c:e6:46:b3:79:1b:d9:0e:f0:ad:
c5:cc:5d:fd:cc:b0:61:b3:66:7c:58:73:d5:cc:b2:
67:3b:de:c5:6b:89:af:9a:4c:fd:66:0b:e1:20:73:
0d:e3:90:2f:90:f7:a2:d3:92:3f:f0:37:e4:53:ca:
08:b3:46:e7:78:1a:1b:ea:35:32:b7:f2:63:47:5b:
a7:f0:be:88:6a:9e:6f:16:e8:ce:44:6f:6a:46:b1:
8f:b7:93:78:7f:66:28:71:cd:ff:44:54:00:1e:d9:
f4:3d:30:53:01:d8:61:ce:93:c2:a6:0e:7d:3e:68:
36:04:e4:f4:06:57:6e:c8:b9:ea:32:da:e5:c6:91:
26:f6:69:be:d8:ca:14:b2:06:71:a2:59:a9:90:a0:
4b:f7:8c:af:c8:b2:e9:9e:06:25:0f:00:2c:f2:a3:
ee:4a:b0:30:18:5a:79:84:b8:7e:64:66:ba:4a:7b:
36:66:27:c0:98:57:dd:e9:2a:7e:66:7e:c8:4b:8b:
95:46:58:14:c2:c7:c0:bf:ca:2b:62:f3:c3:e7:4e:
53:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:B9:5B:CE:4E:AB:FB:B0:CC:20:BE:26:9A:F5:51:F5:AA:DF:D8:8C
X509v3 Authority Key Identifier:
keyid:AE:72:E4:7D:56:69:24:99:A7:26:BF:80:0E:A8:38:03:62:DE:B6:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnLkfVZpJJmnJr-ADqg4A2Letr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/rnLkfVZpJJmnJr-ADqg4A2Letr4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/rnLkfVZpJJmnJr-ADqg4A2Letr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
65:a3:8e:4c:40:d2:22:65:0d:14:02:9a:6d:d8:49:06:49:4e:
2d:38:5a:d6:50:64:c3:11:6a:89:ee:3e:40:41:e3:93:a5:6d:
99:84:0a:d0:55:58:04:e2:d7:3e:54:9b:67:5f:c1:b6:d9:d8:
a5:1a:22:0c:e3:82:59:58:4b:86:e5:e4:ba:89:b7:a8:bc:7a:
0b:28:7b:fc:51:29:b0:7a:00:d9:2c:d0:7d:fb:96:51:75:c1:
7e:da:86:34:de:98:e8:4d:81:7e:03:73:1a:2d:10:0c:b6:5a:
a7:6a:f7:33:ac:ea:b7:1d:ee:11:f4:00:ec:0d:9b:59:6f:74:
a0:0b:67:bc:39:db:ab:a4:b0:7a:1f:b2:e3:79:c5:c1:b9:06:
e9:75:ea:81:c6:df:c9:b3:91:08:d0:0a:67:01:5e:7b:0f:ab:
e7:0c:d7:60:62:2f:1f:41:c1:f4:26:ae:4b:73:c3:e1:79:a8:
59:53:89:db:d3:5a:a5:29:e7:8f:6b:ea:c3:d3:77:cd:21:fc:
da:b1:74:41:9c:d0:1f:3a:26:da:55:bc:a1:b2:0e:4a:3e:98:
32:bb:cf:68:45:c6:05:0b:42:e9:fe:28:ac:28:e8:ac:6f:a2:
a1:3a:ec:88:ab:02:b4:21:98:f2:46:a9:1f:bb:b2:d6:90:3a:
35:c0:3a:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUckhLtI98US6qmcbw8dmJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNzJlNDdkNTY2OTI0OTlhNzI2YmY4MDBlYTgzODAzNjJk
ZWI2YmUwHhcNMjUwODIzMDEwMTU2WhcNMjUwODI0MDEwMTU2WjAzMTEwLwYDVQQD
EygxOGI5NWJjZTRlYWJmYmIwY2MyMGJlMjY5YWY1NTFmNWFhZGZkODhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0sKPkNE/BM5nv4cgrOqmsGYxNlvu
lXKIbb+2J0+c9LCEMBf+k+avaQ8Bo7gV4AU/wzzmRrN5G9kO8K3FzF39zLBhs2Z8
WHPVzLJnO97Fa4mvmkz9ZgvhIHMN45AvkPei05I/8DfkU8oIs0bneBob6jUyt/Jj
R1un8L6Iap5vFujORG9qRrGPt5N4f2Yocc3/RFQAHtn0PTBTAdhhzpPCpg59Pmg2
BOT0BlduyLnqMtrlxpEm9mm+2MoUsgZxolmpkKBL94yvyLLpngYlDwAs8qPuSrAw
GFp5hLh+ZGa6Sns2ZifAmFfd6Sp+Zn7IS4uVRlgUwsfAv8orYvPD505TcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBi5W85Oq/uwzCC+Jpr1UfWq39iMMB8GA1UdIwQY
MBaAFK5y5H1WaSSZpya/gA6oOANi3ra+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5Ma2ZWWnBKSm1uSnItQURxZzRBMkxldHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS82YmI0NzEtNGEzZS00ODhkLWI4OGMt
ZmUxMmM3NWJmNGFiLzEvcm5Ma2ZWWnBKSm1uSnItQURxZzRBMkxldHI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS82YmI0NzEtNGEzZS00ODhkLWI4OGMtZmUxMmM3NWJmNGFi
LzEvcm5Ma2ZWWnBKSm1uSnItQURxZzRBMkxldHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZaOOTEDS
ImUNFAKabdhJBklOLTha1lBkwxFqie4+QEHjk6VtmYQK0FVYBOLXPlSbZ1/BttnY
pRoiDOOCWVhLhuXkuom3qLx6Cyh7/FEpsHoA2SzQffuWUXXBftqGNN6Y6E2BfgNz
Gi0QDLZap2r3M6zqtx3uEfQA7A2bWW90oAtnvDnbq6Sweh+y43nFwbkG6XXqgcbf
ybORCNAKZwFeew+r5wzXYGIvH0HB9CauS3PD4XmoWVOJ29NapSnnj2vqw9N3zSH8
2rF0QZzQHzom2lW8obIOSj6YMrvPaEXGBQtC6f4orCjorG+ioTrsiKsCtCGY8kap
H7uy1pA6NcA6hA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 09:37:42 2025 by rpki-client