Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/f0350a-5d66-4970-9a4c-d2abd3a91c90/1/9b9MGPes3uTH81jdS65egAmF5ww.mft
File: 9b9MGPes3uTH81jdS65egAmF5ww.mft (raw, json)
Hash identifier: Cxp4NnNWCKlgRxR45M5s9gCVeXQhHksD3wLFUiaodKk=
Subject key identifier: 48:B1:EE:85:F8:2A:AA:D3:21:02:E2:85:7C:8D:0C:D1:80:7F:50:2C
Authority key identifier: F5:BF:4C:18:F7:AC:DE:E4:C7:F3:58:DD:4B:AE:5E:80:09:85:E7:0C
Certificate issuer: /CN=f5bf4c18f7acdee4c7f358dd4bae5e800985e70c
Certificate serial: 0198530D479F1B048A85C75E3F9AB0FE74B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9b9MGPes3uTH81jdS65egAmF5ww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/f0350a-5d66-4970-9a4c-d2abd3a91c90/1/9b9MGPes3uTH81jdS65egAmF5ww.mft
Manifest number: 066D
Signing time: Mon 28 Jul 2025 22:00:35 +0000
Manifest this update: Mon 28 Jul 2025 22:00:35 +0000
Manifest next update: Tue 29 Jul 2025 22:00:35 +0000
Files and hashes: 1: 9b9MGPes3uTH81jdS65egAmF5ww.crl (hash: 75mKsjQ/vN16wiz1UWlX3xAh4f8+5Ef6b9Rw1cOw1ys=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/f0350a-5d66-4970-9a4c-d2abd3a91c90/1/9b9MGPes3uTH81jdS65egAmF5ww.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/f0350a-5d66-4970-9a4c-d2abd3a91c90/1/9b9MGPes3uTH81jdS65egAmF5ww.mft
rsync://rpki.ripe.net/repository/DEFAULT/9b9MGPes3uTH81jdS65egAmF5ww.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Jul 2025 22:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:53:0d:47:9f:1b:04:8a:85:c7:5e:3f:9a:b0:fe:74:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5bf4c18f7acdee4c7f358dd4bae5e800985e70c
Validity
Not Before: Jul 28 22:00:35 2025 GMT
Not After : Jul 29 22:00:35 2025 GMT
Subject: CN=48b1ee85f82aaad32102e2857c8d0cd1807f502c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f9:63:40:fc:e2:6e:5c:7c:28:d9:0a:d6:9c:
5f:a5:c4:2f:1b:fd:54:cf:9f:36:13:2f:6e:2c:d3:
ce:ab:95:1d:d1:b1:ef:42:a3:e2:67:ed:fb:9c:54:
6d:28:ea:25:08:c9:d0:54:64:d8:91:e9:b2:19:17:
00:63:48:a1:19:34:49:dc:35:46:a1:32:b6:33:74:
01:78:80:fa:cb:95:5e:e1:51:57:72:f6:09:c7:b1:
00:ca:c0:e4:06:41:05:ac:0b:41:aa:d5:da:8d:c9:
a6:06:d3:96:33:a3:ae:0c:d8:4e:97:b6:30:2c:1f:
18:bc:02:7e:50:ad:e3:ad:ec:38:6a:ac:c5:c9:d1:
eb:68:80:ad:02:3f:35:82:1f:2b:e1:e9:35:06:0b:
14:ce:40:7d:c5:81:e7:ba:40:9e:53:d9:5b:c4:22:
ec:8e:60:7f:bf:de:76:85:a7:1d:41:ae:3c:65:4a:
b6:7f:03:06:b8:43:40:be:cd:e1:6d:12:4a:60:c6:
ca:c3:48:e7:6a:9e:ae:cc:cb:ba:e0:0d:91:e4:10:
02:75:b4:9d:d4:4c:ed:15:69:13:1e:80:34:a0:56:
ba:90:52:0b:9b:90:25:23:8e:d3:44:88:4c:e8:3d:
73:74:13:b2:57:6e:76:76:84:0e:ed:03:37:7a:6d:
20:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:B1:EE:85:F8:2A:AA:D3:21:02:E2:85:7C:8D:0C:D1:80:7F:50:2C
X509v3 Authority Key Identifier:
keyid:F5:BF:4C:18:F7:AC:DE:E4:C7:F3:58:DD:4B:AE:5E:80:09:85:E7:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b9MGPes3uTH81jdS65egAmF5ww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/f0350a-5d66-4970-9a4c-d2abd3a91c90/1/9b9MGPes3uTH81jdS65egAmF5ww.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/f0350a-5d66-4970-9a4c-d2abd3a91c90/1/9b9MGPes3uTH81jdS65egAmF5ww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b0:01:a5:83:af:ea:38:2b:5b:ad:1b:ae:5c:8c:36:65:ef:67:
f7:ce:80:e9:fa:6c:28:2d:ad:42:88:3b:85:06:92:a2:50:9a:
22:74:f9:2d:31:28:4d:b4:97:c1:fa:f5:b1:46:33:b4:3c:23:
a1:52:23:59:39:b1:cc:0e:1b:71:35:5c:18:56:2d:13:bc:5d:
82:0e:98:79:47:8a:56:dc:a8:90:06:87:93:4f:c4:e4:20:79:
64:a6:aa:e5:04:03:7e:33:bd:0a:65:eb:d3:25:1a:51:2a:a4:
02:b5:f1:f4:ab:ee:45:14:98:fe:8a:d9:f8:26:1e:0a:ee:5b:
fc:74:07:85:9d:5b:9d:41:1b:1e:36:95:8f:75:ba:a4:e2:15:
d8:45:87:cf:d7:d1:4d:0d:c1:e2:8c:92:2d:3b:28:23:17:2c:
7f:b1:66:85:24:3c:7a:cc:88:68:b7:48:43:35:02:33:68:fb:
6b:b3:43:4c:6e:27:52:ef:95:4d:cb:01:a0:c1:49:c9:3c:74:
cc:ac:73:52:e9:f8:3c:72:70:e0:6f:37:d2:da:84:75:69:a4:
7b:c5:ac:60:38:a9:d4:3c:8a:2c:aa:85:2a:4a:dd:27:ec:94:
b2:9b:8c:1b:a4:10:49:2d:2f:b8:67:31:70:29:e6:34:16:de:
b3:79:45:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhTDUefGwSKhcdeP5qw/nSyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YmY0YzE4ZjdhY2RlZTRjN2YzNThkZDRiYWU1ZTgwMDk4
NWU3MGMwHhcNMjUwNzI4MjIwMDM1WhcNMjUwNzI5MjIwMDM1WjAzMTEwLwYDVQQD
Eyg0OGIxZWU4NWY4MmFhYWQzMjEwMmUyODU3YzhkMGNkMTgwN2Y1MDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfljQPziblx8KNkK1pxfpcQvG/1U
z582Ey9uLNPOq5Ud0bHvQqPiZ+37nFRtKOolCMnQVGTYkemyGRcAY0ihGTRJ3DVG
oTK2M3QBeID6y5Ve4VFXcvYJx7EAysDkBkEFrAtBqtXajcmmBtOWM6OuDNhOl7Yw
LB8YvAJ+UK3jrew4aqzFydHraICtAj81gh8r4ek1BgsUzkB9xYHnukCeU9lbxCLs
jmB/v952hacdQa48ZUq2fwMGuENAvs3hbRJKYMbKw0jnap6uzMu64A2R5BACdbSd
1EztFWkTHoA0oFa6kFILm5AlI47TRIhM6D1zdBOyV252doQO7QM3em0g0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEix7oX4KqrTIQLihXyNDNGAf1AsMB8GA1UdIwQY
MBaAFPW/TBj3rN7kx/NY3UuuXoAJhecMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWI5TUdQZXMzdVRIODFqZFM2NWVnQW1GNXd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9mMDM1MGEtNWQ2Ni00OTcwLTlhNGMt
ZDJhYmQzYTkxYzkwLzEvOWI5TUdQZXMzdVRIODFqZFM2NWVnQW1GNXd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9mMDM1MGEtNWQ2Ni00OTcwLTlhNGMtZDJhYmQzYTkxYzkw
LzEvOWI5TUdQZXMzdVRIODFqZFM2NWVnQW1GNXd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsAGlg6/q
OCtbrRuuXIw2Ze9n986A6fpsKC2tQog7hQaSolCaInT5LTEoTbSXwfr1sUYztDwj
oVIjWTmxzA4bcTVcGFYtE7xdgg6YeUeKVtyokAaHk0/E5CB5ZKaq5QQDfjO9CmXr
0yUaUSqkArXx9KvuRRSY/orZ+CYeCu5b/HQHhZ1bnUEbHjaVj3W6pOIV2EWHz9fR
TQ3B4oySLTsoIxcsf7FmhSQ8esyIaLdIQzUCM2j7a7NDTG4nUu+VTcsBoMFJyTx0
zKxzUun4PHJw4G830tqEdWmke8WsYDip1DyKLKqFKkrdJ+yUspuMG6QQSS0vuGcx
cCnmNBbes3lFDQ==
-----END CERTIFICATE-----
Generated at Tue Jul 29 07:35:27 2025 by rpki-client