Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/2e93fb-49b1-4b39-b252-250baf78e30e/1/vayPM9tKSgF12PjqfKdHUH5-geA.mft
File: vayPM9tKSgF12PjqfKdHUH5-geA.mft (raw, json)
Hash identifier: w+pWbw/gLTdoopZaIa3pL4ZQ1bI6G21t9CKQ18umSJU=
Subject key identifier: 0F:6D:1C:83:82:CB:BE:5A:45:35:26:74:39:69:19:EE:98:01:B8:F8
Authority key identifier: BD:AC:8F:33:DB:4A:4A:01:75:D8:F8:EA:7C:A7:47:50:7E:7E:81:E0
Certificate issuer: /CN=bdac8f33db4a4a0175d8f8ea7ca747507e7e81e0
Certificate serial: 0198C649E28ACAD087EB664441F0A9276A29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vayPM9tKSgF12PjqfKdHUH5-geA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/2e93fb-49b1-4b39-b252-250baf78e30e/1/vayPM9tKSgF12PjqfKdHUH5-geA.mft
Manifest number: 0523
Signing time: Wed 20 Aug 2025 07:03:07 +0000
Manifest this update: Wed 20 Aug 2025 07:03:07 +0000
Manifest next update: Thu 21 Aug 2025 07:03:07 +0000
Files and hashes: 1: 7oEw8EFmquKMrLL8-hfLmIwZUQY.roa (hash: UnWZTOCHUCj50Mpn5ZUqFaqkSFvoIDWjjwDqigNU5NY=)
2: Ck3Jvy5ijt5-_NFGYo-OlYqf3Jo.roa (hash: Ngn9iQ8GLL0NfQbzc69TCLUMH0IFa8vev/CQWXBGYeI=)
3: vayPM9tKSgF12PjqfKdHUH5-geA.crl (hash: 7NSHGn/WAi3aVZUKQOQYJin6cL1vKlSyhr2eTaVOCNk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/2e93fb-49b1-4b39-b252-250baf78e30e/1/vayPM9tKSgF12PjqfKdHUH5-geA.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/2e93fb-49b1-4b39-b252-250baf78e30e/1/vayPM9tKSgF12PjqfKdHUH5-geA.mft
rsync://rpki.ripe.net/repository/DEFAULT/vayPM9tKSgF12PjqfKdHUH5-geA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 07:03:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c6:49:e2:8a:ca:d0:87:eb:66:44:41:f0:a9:27:6a:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdac8f33db4a4a0175d8f8ea7ca747507e7e81e0
Validity
Not Before: Aug 20 07:03:07 2025 GMT
Not After : Aug 21 07:03:07 2025 GMT
Subject: CN=0f6d1c8382cbbe5a45352674396919ee9801b8f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d4:6a:b4:2c:18:de:06:40:38:b1:f1:2a:06:
6e:98:de:fd:a7:9c:a4:a0:8b:c0:44:50:10:03:14:
9f:46:a6:0a:20:0d:f2:6f:6b:32:dd:aa:29:7d:5d:
2e:65:1d:f2:e8:2b:59:1a:be:6a:52:8b:29:3c:c4:
c1:d2:d7:ec:85:e7:df:dd:2d:87:02:2c:1c:5d:9a:
ea:43:3f:4f:dd:04:1c:61:3b:62:6c:98:f7:14:b5:
71:d0:d1:97:c7:ce:14:d3:e1:1c:68:19:c2:88:f5:
40:30:af:06:70:23:55:f1:f8:22:58:51:4d:6c:6c:
5f:16:a9:f6:1f:30:72:f2:6b:aa:8d:3b:7d:7e:fc:
72:9a:dd:56:2f:57:34:c3:6c:32:77:5e:1a:fd:5d:
ce:d4:46:e5:85:cf:a1:ac:fe:fc:1c:35:06:df:c7:
24:6f:a0:2c:29:98:62:61:c1:f4:fa:cf:b1:fc:6c:
6a:fb:07:4a:76:1f:71:02:47:c0:da:aa:b8:0e:d1:
5d:00:f9:6f:ef:63:50:46:ac:2e:fa:bf:b1:3d:51:
68:94:bf:f7:66:5d:05:ff:c8:9f:7a:07:d0:97:2f:
7f:38:67:f9:2f:83:65:ad:9e:97:27:33:ce:39:66:
b6:02:e5:1f:90:7b:9c:a8:72:17:8c:b5:e9:b0:01:
1e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:6D:1C:83:82:CB:BE:5A:45:35:26:74:39:69:19:EE:98:01:B8:F8
X509v3 Authority Key Identifier:
keyid:BD:AC:8F:33:DB:4A:4A:01:75:D8:F8:EA:7C:A7:47:50:7E:7E:81:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vayPM9tKSgF12PjqfKdHUH5-geA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/2e93fb-49b1-4b39-b252-250baf78e30e/1/vayPM9tKSgF12PjqfKdHUH5-geA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/2e93fb-49b1-4b39-b252-250baf78e30e/1/vayPM9tKSgF12PjqfKdHUH5-geA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
99:f2:77:eb:58:e0:20:64:d1:9d:5a:4c:72:40:c0:8e:61:13:
f1:e6:63:7d:10:01:3a:27:b8:0b:8e:02:ab:76:63:b5:2c:84:
6f:7c:f0:21:4e:bc:10:4b:e3:4e:cf:28:b1:32:e3:4b:2f:d5:
b5:69:10:a1:4d:c2:59:c2:b8:c4:ea:80:63:eb:d9:94:8d:d8:
7d:50:a6:5b:c5:f6:a7:57:26:19:80:f6:89:cc:4a:9b:ce:93:
12:20:b6:75:b1:74:3c:6f:45:ed:39:71:3e:11:92:4e:75:9f:
7e:14:6b:35:79:e2:0f:1d:f1:ea:bd:4d:76:59:f4:48:ed:ea:
a0:93:23:59:5d:70:71:f6:9b:4f:ce:d4:e6:6b:a3:52:e8:e1:
2c:d3:71:1b:56:67:61:02:bf:2b:dc:f3:7f:c1:41:20:55:b7:
12:48:da:59:f6:99:ab:41:6e:0b:d9:b8:4b:1e:8a:04:3b:41:
db:fe:57:11:43:b1:9f:f5:ba:9b:2e:70:b4:76:a0:b4:e0:f2:
e3:df:ee:37:d8:ce:18:ab:25:98:6f:6e:2b:c4:24:0e:bb:ce:
bf:5e:9b:32:f9:94:55:00:f6:55:a9:a4:00:f9:a9:c9:46:4a:
49:c1:43:a3:f2:91:b0:cc:d8:7b:a1:cb:12:69:36:14:af:f0:
56:a1:0e:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjGSeKKytCH62ZEQfCpJ2opMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkYWM4ZjMzZGI0YTRhMDE3NWQ4ZjhlYTdjYTc0NzUwN2U3
ZTgxZTAwHhcNMjUwODIwMDcwMzA3WhcNMjUwODIxMDcwMzA3WjAzMTEwLwYDVQQD
EygwZjZkMWM4MzgyY2JiZTVhNDUzNTI2NzQzOTY5MTllZTk4MDFiOGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtRqtCwY3gZAOLHxKgZumN79p5yk
oIvARFAQAxSfRqYKIA3yb2sy3aopfV0uZR3y6CtZGr5qUospPMTB0tfsheff3S2H
AiwcXZrqQz9P3QQcYTtibJj3FLVx0NGXx84U0+EcaBnCiPVAMK8GcCNV8fgiWFFN
bGxfFqn2HzBy8muqjTt9fvxymt1WL1c0w2wyd14a/V3O1Eblhc+hrP78HDUG38ck
b6AsKZhiYcH0+s+x/Gxq+wdKdh9xAkfA2qq4DtFdAPlv72NQRqwu+r+xPVFolL/3
Zl0F/8ifegfQly9/OGf5L4NlrZ6XJzPOOWa2AuUfkHucqHIXjLXpsAEehQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA9tHIOCy75aRTUmdDlpGe6YAbj4MB8GA1UdIwQY
MBaAFL2sjzPbSkoBddj46nynR1B+foHgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmF5UE05dEtTZ0YxMlBqcWZLZEhVSDUtZ2VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8yZTkzZmItNDliMS00YjM5LWIyNTIt
MjUwYmFmNzhlMzBlLzEvdmF5UE05dEtTZ0YxMlBqcWZLZEhVSDUtZ2VBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8yZTkzZmItNDliMS00YjM5LWIyNTItMjUwYmFmNzhlMzBl
LzEvdmF5UE05dEtTZ0YxMlBqcWZLZEhVSDUtZ2VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmfJ361jg
IGTRnVpMckDAjmET8eZjfRABOie4C44Cq3ZjtSyEb3zwIU68EEvjTs8osTLjSy/V
tWkQoU3CWcK4xOqAY+vZlI3YfVCmW8X2p1cmGYD2icxKm86TEiC2dbF0PG9F7Tlx
PhGSTnWffhRrNXniDx3x6r1Ndln0SO3qoJMjWV1wcfabT87U5mujUujhLNNxG1Zn
YQK/K9zzf8FBIFW3EkjaWfaZq0FuC9m4Sx6KBDtB2/5XEUOxn/W6my5wtHagtODy
49/uN9jOGKslmG9uK8QkDrvOv16bMvmUVQD2VamkAPmpyUZKScFDo/KRsMzYe6HL
Emk2FK/wVqEOyQ==
-----END CERTIFICATE-----
Generated at Wed Aug 20 13:11:20 2025 by rpki-client