Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/80c4c0-c729-418e-80af-2299a67e6001/1/iW81xeAyGs0CFn3viAfwu29xwo0.mft
File: iW81xeAyGs0CFn3viAfwu29xwo0.mft (raw, json)
Hash identifier: rTv4H8cEF8yfTRmZAe5eu3m3CZZVl9RgKJZ++71lH0s=
Subject key identifier: 65:EB:03:92:0F:A6:5B:1A:28:4D:9E:48:B0:D3:69:09:5A:AF:9E:04
Authority key identifier: 89:6F:35:C5:E0:32:1A:CD:02:16:7D:EF:88:07:F0:BB:6F:71:C2:8D
Certificate issuer: /CN=896f35c5e0321acd02167def8807f0bb6f71c28d
Certificate serial: 0199239F4BBF2ED8D29839DE1328DB943B98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iW81xeAyGs0CFn3viAfwu29xwo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/80c4c0-c729-418e-80af-2299a67e6001/1/iW81xeAyGs0CFn3viAfwu29xwo0.mft
Manifest number: 1234
Signing time: Sun 07 Sep 2025 10:01:06 +0000
Manifest this update: Sun 07 Sep 2025 10:01:06 +0000
Manifest next update: Mon 08 Sep 2025 10:01:06 +0000
Files and hashes: 1: KzxZqybvsz4qWRvLNMoGl_b-dg0.roa (hash: waO3ZFTQ9Kiow9t+yCx6WlAToF1IQKM9UgVqX7Ju9ms=)
2: iW81xeAyGs0CFn3viAfwu29xwo0.crl (hash: uLSN2KeDAWPdBX57kypFE5p5eyvdoXBNEHrrNN1vrXA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/80c4c0-c729-418e-80af-2299a67e6001/1/iW81xeAyGs0CFn3viAfwu29xwo0.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/80c4c0-c729-418e-80af-2299a67e6001/1/iW81xeAyGs0CFn3viAfwu29xwo0.mft
rsync://rpki.ripe.net/repository/DEFAULT/iW81xeAyGs0CFn3viAfwu29xwo0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:23:9f:4b:bf:2e:d8:d2:98:39:de:13:28:db:94:3b:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896f35c5e0321acd02167def8807f0bb6f71c28d
Validity
Not Before: Sep 7 10:01:06 2025 GMT
Not After : Sep 8 10:01:06 2025 GMT
Subject: CN=65eb03920fa65b1a284d9e48b0d369095aaf9e04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:18:21:c0:20:7d:47:7c:aa:cc:62:d0:35:cf:
b7:fd:e2:23:88:b4:16:8f:13:ff:6a:cd:10:07:bc:
65:10:22:db:c2:e0:9c:7c:60:60:fd:14:54:06:dc:
c1:1f:af:f6:de:11:f0:dd:91:6f:ed:f6:a0:61:6a:
ed:65:ba:2b:19:4d:8e:2c:28:76:7f:6d:6a:db:13:
0a:81:99:49:e9:55:e3:e1:51:05:04:50:f1:2e:f7:
26:9f:60:9e:3a:68:ab:f1:38:5b:c2:2a:67:2e:7f:
6a:85:28:06:25:62:88:ff:78:3b:a8:55:1d:e6:21:
70:e2:f1:de:6e:e7:31:1e:4c:08:03:46:c1:c0:85:
c8:c7:71:e4:33:a2:74:f6:e4:ad:2c:c8:76:71:0c:
fa:c5:72:91:aa:2e:f8:d4:55:50:3c:0b:d5:34:52:
2c:23:b0:d9:26:b8:18:3d:89:36:30:60:4b:bb:9a:
ca:4e:63:84:d3:2a:46:80:46:d1:44:4c:6e:8c:17:
e7:55:ec:9c:de:d2:7e:c6:86:37:38:4f:a2:2c:b4:
5c:84:db:1c:cf:14:e7:50:37:79:80:d5:47:03:b0:
a7:3d:a0:02:7f:98:98:d6:62:04:c6:d5:89:d4:33:
1e:a2:25:4e:87:9a:37:77:04:ff:62:38:ea:45:96:
b4:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:EB:03:92:0F:A6:5B:1A:28:4D:9E:48:B0:D3:69:09:5A:AF:9E:04
X509v3 Authority Key Identifier:
keyid:89:6F:35:C5:E0:32:1A:CD:02:16:7D:EF:88:07:F0:BB:6F:71:C2:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iW81xeAyGs0CFn3viAfwu29xwo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/80c4c0-c729-418e-80af-2299a67e6001/1/iW81xeAyGs0CFn3viAfwu29xwo0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/80c4c0-c729-418e-80af-2299a67e6001/1/iW81xeAyGs0CFn3viAfwu29xwo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
79:4a:73:92:45:ba:44:c5:ba:a4:b3:a3:b5:36:22:6d:de:03:
2c:9b:fa:03:4e:6a:08:15:c8:8d:25:fa:d4:07:4c:4b:70:a0:
6f:b9:96:cd:5a:df:d8:f6:7a:31:34:bd:3d:b1:ff:44:99:92:
a1:b1:62:49:48:56:c8:f5:c8:45:8b:17:4a:91:1d:68:86:e5:
d9:35:f2:f9:82:02:a0:7c:d1:00:f1:45:4c:b1:e8:bd:50:19:
18:a0:46:bd:91:c2:96:7a:ea:52:83:52:68:b8:2c:1b:6a:58:
a2:ed:55:ec:b6:a5:ce:f6:2e:58:69:5f:e0:41:39:b8:7b:60:
22:78:96:90:58:f8:ca:39:25:c1:71:25:48:fb:83:28:0c:8a:
23:49:ad:a7:3e:fe:f9:0b:43:b4:02:0a:ab:ba:86:63:8f:04:
57:c0:60:d9:46:b1:bd:e2:b3:14:03:f7:bf:c3:65:18:79:8d:
cb:bb:02:a4:80:48:87:b7:0f:0e:d2:e0:16:af:a8:42:e8:07:
35:67:a9:9e:48:f8:46:e2:ff:6c:08:c6:a1:3b:b3:1a:ee:6a:
c6:ff:5c:24:dc:b0:5d:d8:94:6c:06:94:dd:f1:69:89:e7:96:
a7:8a:e3:ac:22:fa:8f:f5:74:1e:84:5a:0a:ce:6f:1e:f7:69:
c3:86:6c:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn0u/LtjSmDneEyjblDuYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmYzNWM1ZTAzMjFhY2QwMjE2N2RlZjg4MDdmMGJiNmY3
MWMyOGQwHhcNMjUwOTA3MTAwMTA2WhcNMjUwOTA4MTAwMTA2WjAzMTEwLwYDVQQD
Eyg2NWViMDM5MjBmYTY1YjFhMjg0ZDllNDhiMGQzNjkwOTVhYWY5ZTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRghwCB9R3yqzGLQNc+3/eIjiLQW
jxP/as0QB7xlECLbwuCcfGBg/RRUBtzBH6/23hHw3ZFv7fagYWrtZborGU2OLCh2
f21q2xMKgZlJ6VXj4VEFBFDxLvcmn2CeOmir8ThbwipnLn9qhSgGJWKI/3g7qFUd
5iFw4vHebucxHkwIA0bBwIXIx3HkM6J09uStLMh2cQz6xXKRqi741FVQPAvVNFIs
I7DZJrgYPYk2MGBLu5rKTmOE0ypGgEbRRExujBfnVeyc3tJ+xoY3OE+iLLRchNsc
zxTnUDd5gNVHA7CnPaACf5iY1mIExtWJ1DMeoiVOh5o3dwT/YjjqRZa0vwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGXrA5IPplsaKE2eSLDTaQlar54EMB8GA1UdIwQY
MBaAFIlvNcXgMhrNAhZ974gH8LtvccKNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVc4MXhlQXlHczBDRm4zdmlBZnd1Mjl4d28wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC84MGM0YzAtYzcyOS00MThlLTgwYWYt
MjI5OWE2N2U2MDAxLzEvaVc4MXhlQXlHczBDRm4zdmlBZnd1Mjl4d28wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC84MGM0YzAtYzcyOS00MThlLTgwYWYtMjI5OWE2N2U2MDAx
LzEvaVc4MXhlQXlHczBDRm4zdmlBZnd1Mjl4d28wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeUpzkkW6
RMW6pLOjtTYibd4DLJv6A05qCBXIjSX61AdMS3Cgb7mWzVrf2PZ6MTS9PbH/RJmS
obFiSUhWyPXIRYsXSpEdaIbl2TXy+YICoHzRAPFFTLHovVAZGKBGvZHClnrqUoNS
aLgsG2pYou1V7LalzvYuWGlf4EE5uHtgIniWkFj4yjklwXElSPuDKAyKI0mtpz7+
+QtDtAIKq7qGY48EV8Bg2UaxveKzFAP3v8NlGHmNy7sCpIBIh7cPDtLgFq+oQugH
NWepnkj4RuL/bAjGoTuzGu5qxv9cJNywXdiUbAaU3fFpieeWp4rjrCL6j/V0HoRa
Cs5vHvdpw4Zs5w==
-----END CERTIFICATE-----
Generated at Sun Sep 7 13:50:15 2025 by rpki-client