Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/db5101-015c-40c5-905b-657b3a7d9676/1/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.mft
File: MPkNJSCtYZrDBgs5-9LCBOKaKhQ.mft (raw, json)
Hash identifier: XWqClcylU1Qlsrux9FtAZOclvCpOd9EU4VOZBxkczq8=
Subject key identifier: 36:65:15:26:C9:62:E1:6E:2A:4F:03:FF:4D:6C:03:44:D6:F8:22:D4
Authority key identifier: 30:F9:0D:25:20:AD:61:9A:C3:06:0B:39:FB:D2:C2:04:E2:9A:2A:14
Certificate issuer: /CN=30f90d2520ad619ac3060b39fbd2c204e29a2a14
Certificate serial: 0199239F7AB0BEBFE83E7631ECEE1C443EEF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/db5101-015c-40c5-905b-657b3a7d9676/1/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.mft
Manifest number: 1672
Signing time: Sun 07 Sep 2025 10:01:18 +0000
Manifest this update: Sun 07 Sep 2025 10:01:18 +0000
Manifest next update: Mon 08 Sep 2025 10:01:18 +0000
Files and hashes: 1: 9iuKUiRNNk0yJqP9x1MG2I_7d9s.roa (hash: OJC+CIaFp/mpbSmO0wI1lGEv8Ek7U6QE2MP4Wm3PDaM=)
2: MPkNJSCtYZrDBgs5-9LCBOKaKhQ.crl (hash: sppQZch5pDSFB9dMWz2uqpbjb1OO+jFRcvVujBEb5rw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/db5101-015c-40c5-905b-657b3a7d9676/1/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/db5101-015c-40c5-905b-657b3a7d9676/1/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:23:9f:7a:b0:be:bf:e8:3e:76:31:ec:ee:1c:44:3e:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30f90d2520ad619ac3060b39fbd2c204e29a2a14
Validity
Not Before: Sep 7 10:01:18 2025 GMT
Not After : Sep 8 10:01:18 2025 GMT
Subject: CN=36651526c962e16e2a4f03ff4d6c0344d6f822d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:d6:fa:56:b1:2d:70:a2:d1:30:93:1b:e6:c2:
5e:f0:ae:f6:2b:4c:27:d3:40:f3:69:24:bb:ff:71:
11:43:80:c7:a5:07:20:0f:82:6c:97:54:f4:07:7b:
25:b4:d7:e6:ff:5f:86:10:38:3a:d9:e6:4f:63:fc:
76:0e:a6:db:dd:98:9a:71:c5:a4:70:7e:e7:07:9f:
8a:55:e0:5a:ab:9e:2f:b8:74:5d:0f:6a:18:99:08:
be:74:7d:85:05:bb:d7:f7:6b:7d:08:4e:db:7c:ff:
83:e3:58:23:56:77:fb:be:5c:41:51:e8:d7:ac:19:
80:a8:e8:08:21:db:f9:c7:0e:ae:72:98:89:89:20:
1a:97:10:09:8a:44:10:2c:d6:1b:0b:8b:65:36:8c:
85:0a:c5:1b:aa:60:75:52:f4:3c:98:df:2a:f5:3c:
70:21:7c:17:4c:ba:2b:18:e2:36:2b:f9:a1:cc:dd:
7a:a4:f9:d4:6e:6e:ee:8b:18:91:22:e8:ed:2c:1e:
fc:86:86:dc:38:00:11:e7:75:5c:00:36:52:6a:82:
ef:f4:12:47:0a:ea:1e:07:44:f2:4b:ff:b1:23:ce:
37:21:b8:7a:c3:bc:93:92:31:b1:45:e7:29:4f:ba:
d8:bf:a8:40:78:c6:6b:e8:48:cc:f1:29:51:7a:29:
fc:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:65:15:26:C9:62:E1:6E:2A:4F:03:FF:4D:6C:03:44:D6:F8:22:D4
X509v3 Authority Key Identifier:
keyid:30:F9:0D:25:20:AD:61:9A:C3:06:0B:39:FB:D2:C2:04:E2:9A:2A:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/db5101-015c-40c5-905b-657b3a7d9676/1/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/db5101-015c-40c5-905b-657b3a7d9676/1/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
db:f8:12:9c:f5:b7:0d:7d:82:ce:1d:1b:cc:67:e0:ae:48:9f:
54:06:7f:33:ca:c3:5e:aa:01:4e:42:12:2c:3c:c3:af:3c:33:
ec:d7:8b:38:7c:31:71:f0:ad:80:14:c0:c3:ee:2b:11:02:ed:
ae:48:ca:95:ba:ed:4b:8c:05:42:be:d0:6e:51:1e:e5:3a:2a:
bc:86:6d:45:4b:a2:3f:1f:cc:df:20:8e:58:97:9c:e3:b9:86:
69:08:e8:f7:73:7b:49:a2:b4:1c:eb:33:76:1a:48:40:e6:3c:
7d:79:cc:b6:ca:88:ad:b1:cb:23:62:81:62:5d:2f:c8:12:00:
9f:ea:fc:d6:86:68:e1:76:dd:57:a6:5e:5f:b1:86:bf:1b:b4:
08:ff:ad:63:93:1a:0f:8e:3a:c1:58:a4:9e:0b:6e:f9:15:63:
27:e3:ea:66:ff:3a:2a:aa:c5:81:d0:e5:8e:f7:bf:8e:32:e4:
5f:9a:97:9b:a9:e5:e9:f5:36:83:70:77:93:83:3f:2e:1e:b4:
47:93:87:37:ac:b6:61:f5:b2:58:9f:9d:70:e3:ee:78:cf:57:
0f:90:e9:38:39:28:42:38:a8:6e:44:26:95:49:23:b4:e6:0b:
4b:37:fd:2a:0c:f7:48:3c:8e:bf:42:b9:25:5d:df:22:ed:36:
09:16:45:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn3qwvr/oPnYx7O4cRD7vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZjkwZDI1MjBhZDYxOWFjMzA2MGIzOWZiZDJjMjA0ZTI5
YTJhMTQwHhcNMjUwOTA3MTAwMTE4WhcNMjUwOTA4MTAwMTE4WjAzMTEwLwYDVQQD
EygzNjY1MTUyNmM5NjJlMTZlMmE0ZjAzZmY0ZDZjMDM0NGQ2ZjgyMmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4db6VrEtcKLRMJMb5sJe8K72K0wn
00DzaSS7/3ERQ4DHpQcgD4Jsl1T0B3sltNfm/1+GEDg62eZPY/x2Dqbb3ZiaccWk
cH7nB5+KVeBaq54vuHRdD2oYmQi+dH2FBbvX92t9CE7bfP+D41gjVnf7vlxBUejX
rBmAqOgIIdv5xw6ucpiJiSAalxAJikQQLNYbC4tlNoyFCsUbqmB1UvQ8mN8q9Txw
IXwXTLorGOI2K/mhzN16pPnUbm7uixiRIujtLB78hobcOAAR53VcADZSaoLv9BJH
CuoeB0TyS/+xI843Ibh6w7yTkjGxRecpT7rYv6hAeMZr6EjM8SlRein8PQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDZlFSbJYuFuKk8D/01sA0TW+CLUMB8GA1UdIwQY
MBaAFDD5DSUgrWGawwYLOfvSwgTimioUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVBrTkpTQ3RZWnJEQmdzNS05TENCT0thS2hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9kYjUxMDEtMDE1Yy00MGM1LTkwNWIt
NjU3YjNhN2Q5Njc2LzEvTVBrTkpTQ3RZWnJEQmdzNS05TENCT0thS2hRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9kYjUxMDEtMDE1Yy00MGM1LTkwNWItNjU3YjNhN2Q5Njc2
LzEvTVBrTkpTQ3RZWnJEQmdzNS05TENCT0thS2hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2/gSnPW3
DX2Czh0bzGfgrkifVAZ/M8rDXqoBTkISLDzDrzwz7NeLOHwxcfCtgBTAw+4rEQLt
rkjKlbrtS4wFQr7QblEe5ToqvIZtRUuiPx/M3yCOWJec47mGaQjo93N7SaK0HOsz
dhpIQOY8fXnMtsqIrbHLI2KBYl0vyBIAn+r81oZo4XbdV6ZeX7GGvxu0CP+tY5Ma
D446wVikngtu+RVjJ+PqZv86KqrFgdDljve/jjLkX5qXm6nl6fU2g3B3k4M/Lh60
R5OHN6y2YfWyWJ+dcOPueM9XD5DpODkoQjiobkQmlUkjtOYLSzf9Kgz3SDyOv0K5
JV3fIu02CRZFyA==
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:22:54 2025 by rpki-client