Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/844bfe-ec18-417e-8f5a-5cc4ded9a7d2/1/d8Bx2YnlMJrDyzwLCNOsslIRErY.mft
File: d8Bx2YnlMJrDyzwLCNOsslIRErY.mft (raw, json)
Hash identifier: oU0J0fGyLtcBT/o3MiDElPJEY+kGY8tIR3Sz1l+81D0=
Subject key identifier: 34:E5:E6:95:FC:8F:3C:D6:43:2C:F1:1D:39:E5:C9:35:45:32:B6:2B
Authority key identifier: 77:C0:71:D9:89:E5:30:9A:C3:CB:3C:0B:08:D3:AC:B2:52:11:12:B6
Certificate issuer: /CN=77c071d989e5309ac3cb3c0b08d3acb2521112b6
Certificate serial: 019A00A30A5046BADEFFE0CBA28A8DEBF988
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d8Bx2YnlMJrDyzwLCNOsslIRErY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/844bfe-ec18-417e-8f5a-5cc4ded9a7d2/1/d8Bx2YnlMJrDyzwLCNOsslIRErY.mft
Manifest number: 130B
Signing time: Mon 20 Oct 2025 08:01:16 +0000
Manifest this update: Mon 20 Oct 2025 08:01:16 +0000
Manifest next update: Tue 21 Oct 2025 08:01:16 +0000
Files and hashes: 1: Le5vpyY48HdbIpkDIdpXFhjYz0Q.roa (hash: Myyoy3T8AQaNeHj3CEH6lMEU7kAImPu/7Rglv2KrnL4=)
2: d8Bx2YnlMJrDyzwLCNOsslIRErY.crl (hash: cBw0lPNxDTpwyZxgoxF4QpCzrNArs5C8Rwc3O7rNR/M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/844bfe-ec18-417e-8f5a-5cc4ded9a7d2/1/d8Bx2YnlMJrDyzwLCNOsslIRErY.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/844bfe-ec18-417e-8f5a-5cc4ded9a7d2/1/d8Bx2YnlMJrDyzwLCNOsslIRErY.mft
rsync://rpki.ripe.net/repository/DEFAULT/d8Bx2YnlMJrDyzwLCNOsslIRErY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 08:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:00:a3:0a:50:46:ba:de:ff:e0:cb:a2:8a:8d:eb:f9:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77c071d989e5309ac3cb3c0b08d3acb2521112b6
Validity
Not Before: Oct 20 08:01:16 2025 GMT
Not After : Oct 21 08:01:16 2025 GMT
Subject: CN=34e5e695fc8f3cd6432cf11d39e5c9354532b62b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c4:7f:ca:35:01:8e:bb:93:27:87:47:36:3a:
34:5d:24:82:95:e8:c7:1c:f1:07:64:f4:6f:c2:8f:
84:72:65:89:8b:57:e3:1f:0d:04:dd:fd:fd:d1:2a:
7c:42:ca:5d:3e:ec:e7:27:2e:9a:4b:c6:b6:0a:bc:
df:c7:1e:7f:c4:64:df:21:03:9b:a9:99:00:49:cc:
0d:08:74:e8:58:88:38:af:af:87:fb:49:99:73:2a:
df:31:35:27:1a:90:fe:cc:27:cb:42:11:fb:03:a5:
eb:49:87:1e:68:11:a9:c3:4a:f3:34:48:c0:1e:2a:
89:c1:f2:7d:19:70:a5:36:cf:74:29:ca:31:0f:3f:
49:38:fc:ef:e5:8f:26:20:0e:38:da:91:4a:8a:19:
a8:08:a4:27:e6:06:e8:0d:51:e7:29:fd:08:2d:3a:
0a:17:24:fc:6d:7b:d5:6a:cb:61:a7:c2:0a:4b:d5:
9f:4d:2a:b6:87:6c:fe:9f:e6:7a:98:33:e9:5d:a3:
e2:9a:03:59:72:ad:5f:80:8f:98:6e:7c:51:9f:89:
4a:c2:45:a8:4a:8e:b2:4e:da:a4:31:df:a5:6a:09:
11:b4:b2:74:0f:7d:ce:fa:36:f6:61:08:17:5e:37:
d3:23:8c:49:8f:1f:91:37:3d:75:bb:eb:ee:ee:36:
a3:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:E5:E6:95:FC:8F:3C:D6:43:2C:F1:1D:39:E5:C9:35:45:32:B6:2B
X509v3 Authority Key Identifier:
keyid:77:C0:71:D9:89:E5:30:9A:C3:CB:3C:0B:08:D3:AC:B2:52:11:12:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8Bx2YnlMJrDyzwLCNOsslIRErY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/844bfe-ec18-417e-8f5a-5cc4ded9a7d2/1/d8Bx2YnlMJrDyzwLCNOsslIRErY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/844bfe-ec18-417e-8f5a-5cc4ded9a7d2/1/d8Bx2YnlMJrDyzwLCNOsslIRErY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7c:2c:15:d6:eb:cc:a1:71:ca:50:79:63:6f:33:07:08:3f:52:
73:20:c9:27:7c:b5:ad:45:5a:b9:1f:26:09:9b:2c:6e:03:cd:
1d:e5:49:0c:c4:90:7c:47:5b:ac:b4:f7:b5:10:51:51:2b:72:
61:e4:a7:99:57:48:1b:70:0f:88:ba:6a:6b:6e:87:58:1e:e0:
bf:20:0c:39:f3:87:1d:9c:ba:cb:6d:6e:1d:a0:4f:20:88:a1:
12:e9:8a:8b:fe:da:94:a1:51:81:95:b1:b0:b8:53:d0:ad:f1:
d1:42:ec:4a:63:ca:7d:99:e0:c1:62:a9:ac:87:54:30:55:c3:
c7:b4:6e:b9:84:3e:37:bc:c0:fc:08:c0:71:c8:ef:5b:87:be:
26:bf:cf:37:5a:8c:29:88:71:83:92:68:97:ca:1c:bb:fb:6b:
fd:d3:57:6f:c1:8a:66:87:95:b6:4c:6f:7c:f0:6a:e0:7d:83:
64:cc:da:a4:9e:0d:3b:a6:92:45:ea:16:36:9d:6a:47:f0:17:
67:20:d7:19:5b:1c:c0:a7:a4:1a:1b:21:62:b1:b6:ca:83:cd:
95:fd:0c:f1:c1:8c:d0:7c:f7:e8:6d:1b:30:39:75:bf:23:65:
64:0e:e3:45:58:49:fc:b2:ec:0b:a9:8b:98:86:21:df:2f:f3:
ce:a6:11:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoAowpQRrre/+DLooqN6/mIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YzA3MWQ5ODllNTMwOWFjM2NiM2MwYjA4ZDNhY2IyNTIx
MTEyYjYwHhcNMjUxMDIwMDgwMTE2WhcNMjUxMDIxMDgwMTE2WjAzMTEwLwYDVQQD
EygzNGU1ZTY5NWZjOGYzY2Q2NDMyY2YxMWQzOWU1YzkzNTQ1MzJiNjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsR/yjUBjruTJ4dHNjo0XSSClejH
HPEHZPRvwo+EcmWJi1fjHw0E3f390Sp8QspdPuznJy6aS8a2Crzfxx5/xGTfIQOb
qZkAScwNCHToWIg4r6+H+0mZcyrfMTUnGpD+zCfLQhH7A6XrSYceaBGpw0rzNEjA
HiqJwfJ9GXClNs90KcoxDz9JOPzv5Y8mIA442pFKihmoCKQn5gboDVHnKf0ILToK
FyT8bXvVasthp8IKS9WfTSq2h2z+n+Z6mDPpXaPimgNZcq1fgI+YbnxRn4lKwkWo
So6yTtqkMd+lagkRtLJ0D33O+jb2YQgXXjfTI4xJjx+RNz11u+vu7jaj+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDTl5pX8jzzWQyzxHTnlyTVFMrYrMB8GA1UdIwQY
MBaAFHfAcdmJ5TCaw8s8CwjTrLJSERK2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDhCeDJZbmxNSnJEeXp3TENOT3NzbElSRXJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi84NDRiZmUtZWMxOC00MTdlLThmNWEt
NWNjNGRlZDlhN2QyLzEvZDhCeDJZbmxNSnJEeXp3TENOT3NzbElSRXJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi84NDRiZmUtZWMxOC00MTdlLThmNWEtNWNjNGRlZDlhN2Qy
LzEvZDhCeDJZbmxNSnJEeXp3TENOT3NzbElSRXJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfCwV1uvM
oXHKUHljbzMHCD9ScyDJJ3y1rUVauR8mCZssbgPNHeVJDMSQfEdbrLT3tRBRUSty
YeSnmVdIG3APiLpqa26HWB7gvyAMOfOHHZy6y21uHaBPIIihEumKi/7alKFRgZWx
sLhT0K3x0ULsSmPKfZngwWKprIdUMFXDx7RuuYQ+N7zA/AjAccjvW4e+Jr/PN1qM
KYhxg5Jol8ocu/tr/dNXb8GKZoeVtkxvfPBq4H2DZMzapJ4NO6aSReoWNp1qR/AX
ZyDXGVscwKekGhshYrG2yoPNlf0M8cGM0Hz36G0bMDl1vyNlZA7jRVhJ/LLsC6mL
mIYh3y/zzqYRYg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 11:08:02 2025 by rpki-client