Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.mft
File: D6j7U5miekMK5yfFMs0iSZnohk8.mft (raw, json)
Hash identifier: Q3sTeFOLE7A+ysPZTouJzIupVLBbtKmnR6ka0ZpwUTA=
Subject key identifier: 6E:81:B7:14:0D:39:6F:69:42:7B:B4:AC:70:F7:AC:8C:41:7F:86:13
Authority key identifier: 0F:A8:FB:53:99:A2:7A:43:0A:E7:27:C5:32:CD:22:49:99:E8:86:4F
Certificate issuer: /CN=0fa8fb5399a27a430ae727c532cd224999e8864f
Certificate serial: 0199172D44C8C63BF3AA33FC014A5E1BAC21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D6j7U5miekMK5yfFMs0iSZnohk8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.mft
Manifest number: 02F5
Signing time: Fri 05 Sep 2025 00:01:06 +0000
Manifest this update: Fri 05 Sep 2025 00:01:06 +0000
Manifest next update: Sat 06 Sep 2025 00:01:06 +0000
Files and hashes: 1: 5jBhyCclhjBWCSh1O-0WT6aKzvs.roa (hash: MRjgNDdW46vQb+SgK5+muMmigtF72q9wmhV3HqxuIuc=)
2: D6j7U5miekMK5yfFMs0iSZnohk8.crl (hash: +JvhL8pLLkH8BVgwgte8rt4AUACnaO2CZwHw6TxATMI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.mft
rsync://rpki.ripe.net/repository/DEFAULT/D6j7U5miekMK5yfFMs0iSZnohk8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Sep 2025 19:46:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:17:2d:44:c8:c6:3b:f3:aa:33:fc:01:4a:5e:1b:ac:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0fa8fb5399a27a430ae727c532cd224999e8864f
Validity
Not Before: Sep 5 00:01:06 2025 GMT
Not After : Sep 6 00:01:06 2025 GMT
Subject: CN=6e81b7140d396f69427bb4ac70f7ac8c417f8613
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:1b:7f:90:06:7a:b1:fc:d5:69:ed:00:83:1e:
47:9c:c0:67:b6:85:15:af:e8:0d:6f:ec:32:71:01:
3d:74:93:05:d6:27:32:80:aa:70:54:49:08:f8:dd:
50:22:ef:d5:9c:d8:0d:b4:b2:66:c9:5f:c8:48:fe:
34:9c:c9:23:03:99:54:86:72:8d:31:5e:a9:89:05:
06:a8:df:b6:51:94:71:59:aa:18:1c:22:33:9d:46:
ab:6a:d9:eb:25:03:9b:52:24:39:9f:b7:2a:39:01:
3c:f9:42:a8:36:5e:e2:0c:de:00:19:4e:73:6c:38:
20:75:1e:36:5b:f3:71:e4:6d:0f:f2:38:73:ca:c7:
70:80:6f:66:81:a9:8e:fb:9a:0e:e0:bb:c7:a8:e2:
32:7f:7d:82:6b:b3:07:40:8b:99:54:bd:f2:08:0d:
91:8d:fa:b1:e1:9e:fb:7b:9a:74:7f:ae:00:47:1d:
d9:ca:ad:fe:c9:08:66:6d:ed:04:05:0b:b3:c3:62:
ad:7a:e1:34:92:fa:1f:54:fe:62:13:74:35:c4:5e:
f3:01:db:34:14:4f:79:5b:36:b9:3d:b8:f2:0e:a9:
5d:3d:40:d7:81:d3:3e:26:f2:25:e1:c6:e4:74:59:
7d:8a:81:ad:dc:3d:66:02:99:79:91:df:f6:64:23:
f8:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:81:B7:14:0D:39:6F:69:42:7B:B4:AC:70:F7:AC:8C:41:7F:86:13
X509v3 Authority Key Identifier:
keyid:0F:A8:FB:53:99:A2:7A:43:0A:E7:27:C5:32:CD:22:49:99:E8:86:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D6j7U5miekMK5yfFMs0iSZnohk8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0a:fa:66:38:7b:17:fe:b3:1b:ea:93:2a:ec:a4:57:dc:18:b5:
f9:10:b5:45:8f:53:32:2b:2c:95:f0:69:c1:42:d2:f6:f8:a6:
94:91:7e:cf:f6:de:a9:e1:2d:d0:8c:c8:65:b5:cb:a8:95:87:
a9:d2:e3:d7:aa:05:b8:e2:57:5c:60:fa:30:59:97:f1:ba:f8:
48:fc:69:1e:15:27:08:a5:7d:f5:02:e7:31:e1:58:d0:aa:3b:
c7:19:3b:fc:c5:39:b6:c6:dc:79:75:b7:2b:42:2d:d2:9f:5b:
64:e8:32:81:c4:8b:e3:80:be:b8:9a:e5:db:aa:0e:32:79:63:
b8:03:68:00:f0:81:94:f7:68:62:43:db:1a:a6:2d:99:48:4a:
04:ce:81:a1:16:e5:86:39:96:02:3c:7d:16:5f:34:25:7a:26:
f9:5f:5f:ae:3b:9b:f8:5e:5b:bb:8e:0d:2f:98:c2:b3:b4:30:
14:28:54:23:57:6a:a1:b6:fd:2d:97:7a:28:c5:5e:e9:75:85:
60:8b:75:e6:e2:ef:49:77:1e:1e:78:f5:84:30:c5:39:17:18:
71:df:ce:a2:c7:06:45:26:ad:e8:bf:b4:ff:1c:41:57:d8:98:
52:b6:72:e4:6b:e8:96:db:53:45:57:f6:49:62:7b:f5:f4:6c:
08:8c:32:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkXLUTIxjvzqjP8AUpeG6whMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmYThmYjUzOTlhMjdhNDMwYWU3MjdjNTMyY2QyMjQ5OTll
ODg2NGYwHhcNMjUwOTA1MDAwMTA2WhcNMjUwOTA2MDAwMTA2WjAzMTEwLwYDVQQD
Eyg2ZTgxYjcxNDBkMzk2ZjY5NDI3YmI0YWM3MGY3YWM4YzQxN2Y4NjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwht/kAZ6sfzVae0Agx5HnMBntoUV
r+gNb+wycQE9dJMF1icygKpwVEkI+N1QIu/VnNgNtLJmyV/ISP40nMkjA5lUhnKN
MV6piQUGqN+2UZRxWaoYHCIznUaratnrJQObUiQ5n7cqOQE8+UKoNl7iDN4AGU5z
bDggdR42W/Nx5G0P8jhzysdwgG9mgamO+5oO4LvHqOIyf32Ca7MHQIuZVL3yCA2R
jfqx4Z77e5p0f64ARx3Zyq3+yQhmbe0EBQuzw2KteuE0kvofVP5iE3Q1xF7zAds0
FE95Wza5PbjyDqldPUDXgdM+JvIl4cbkdFl9ioGt3D1mApl5kd/2ZCP42wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG6BtxQNOW9pQnu0rHD3rIxBf4YTMB8GA1UdIwQY
MBaAFA+o+1OZonpDCucnxTLNIkmZ6IZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDZqN1U1bWlla01LNXlmRk1zMGlTWm5vaGs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8zODZmODEtYjEzOS00OGFmLWJjZWEt
YTcxZmI0NjM1MDY1LzEvRDZqN1U1bWlla01LNXlmRk1zMGlTWm5vaGs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8zODZmODEtYjEzOS00OGFmLWJjZWEtYTcxZmI0NjM1MDY1
LzEvRDZqN1U1bWlla01LNXlmRk1zMGlTWm5vaGs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACvpmOHsX
/rMb6pMq7KRX3Bi1+RC1RY9TMisslfBpwULS9vimlJF+z/beqeEt0IzIZbXLqJWH
qdLj16oFuOJXXGD6MFmX8br4SPxpHhUnCKV99QLnMeFY0Ko7xxk7/MU5tsbceXW3
K0It0p9bZOgygcSL44C+uJrl26oOMnljuANoAPCBlPdoYkPbGqYtmUhKBM6BoRbl
hjmWAjx9Fl80JXom+V9frjub+F5bu44NL5jCs7QwFChUI1dqobb9LZd6KMVe6XWF
YIt15uLvSXceHnj1hDDFORcYcd/OoscGRSat6L+0/xxBV9iYUrZy5GvolttTRVf2
SWJ79fRsCIwyWQ==
-----END CERTIFICATE-----
Generated at Fri Sep 5 04:30:12 2025 by rpki-client