Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft
File: clOCbDGl92CXvNwqL2UZiKE2flM.mft (raw, json)
Hash identifier: rMCPArC30Nj1yH1atGTZtDKTBiQmEQNIf+0cw7z23TY=
Subject key identifier: 9F:FB:9C:EA:F0:85:65:45:17:33:AC:A4:EF:2E:50:52:C7:5F:B4:0D
Authority key identifier: 72:53:82:6C:31:A5:F7:60:97:BC:DC:2A:2F:65:19:88:A1:36:7E:53
Certificate issuer: /CN=7253826c31a5f76097bcdc2a2f651988a1367e53
Certificate serial: 0199221EF673DC2E40CEF31E7B8B1DBBCA0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/clOCbDGl92CXvNwqL2UZiKE2flM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft
Manifest number: 0949
Signing time: Sun 07 Sep 2025 03:01:18 +0000
Manifest this update: Sun 07 Sep 2025 03:01:18 +0000
Manifest next update: Mon 08 Sep 2025 03:01:18 +0000
Files and hashes: 1: clOCbDGl92CXvNwqL2UZiKE2flM.crl (hash: G5rXLGv4KJ7AGPqXtg9rIdkK8sOoummrHZonTq6Ode8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft
rsync://rpki.ripe.net/repository/DEFAULT/clOCbDGl92CXvNwqL2UZiKE2flM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 03:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:1e:f6:73:dc:2e:40:ce:f3:1e:7b:8b:1d:bb:ca:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7253826c31a5f76097bcdc2a2f651988a1367e53
Validity
Not Before: Sep 7 03:01:18 2025 GMT
Not After : Sep 8 03:01:18 2025 GMT
Subject: CN=9ffb9ceaf08565451733aca4ef2e5052c75fb40d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ea:cb:01:1a:b8:66:76:aa:e9:26:cb:c4:9e:
44:e8:1d:66:85:cb:c9:07:9a:f9:49:75:15:bc:b7:
1c:37:d1:41:64:ff:72:4f:22:f8:e1:14:a4:23:f7:
56:ba:e5:4f:79:10:8c:61:26:ae:66:15:6d:04:a1:
1b:85:97:9c:94:f9:0b:c4:f2:b6:6c:0e:fb:1e:25:
58:f8:22:56:80:c7:27:cf:af:8b:5d:e5:a4:3d:93:
46:4f:22:c4:52:b3:b2:ea:f4:08:03:2b:8a:1c:0a:
6f:0d:f0:11:6f:5e:36:6a:75:05:ba:bf:ec:9f:a6:
aa:93:07:f4:23:09:81:ad:9b:33:64:df:46:f8:02:
24:57:24:b9:ec:f6:36:f7:c9:c4:c6:d5:79:62:4e:
89:95:7d:9c:8c:e0:11:2a:b0:83:b0:ac:e6:25:4b:
1e:ce:aa:7c:7e:ce:c9:18:53:98:24:bd:4a:29:30:
c1:7d:68:f7:67:d1:45:25:f1:4d:a3:ea:03:ab:09:
58:3b:ca:e1:ac:9d:74:3b:0b:c8:20:de:a1:4a:76:
76:f5:4c:0f:86:39:bb:e2:ef:e4:65:00:f3:23:09:
83:4a:f4:e5:a0:1a:15:c9:7a:13:cf:9a:4a:04:e5:
e3:bd:07:7b:d5:e5:fd:42:75:1f:fb:dc:b2:d9:ee:
ed:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:FB:9C:EA:F0:85:65:45:17:33:AC:A4:EF:2E:50:52:C7:5F:B4:0D
X509v3 Authority Key Identifier:
keyid:72:53:82:6C:31:A5:F7:60:97:BC:DC:2A:2F:65:19:88:A1:36:7E:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/clOCbDGl92CXvNwqL2UZiKE2flM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
22:b7:e6:93:63:d0:3c:64:7d:fd:92:84:5a:2d:51:19:4c:03:
8f:b8:e0:9e:a1:58:b8:51:0c:70:eb:36:25:b2:d0:66:a7:1b:
b4:69:df:98:55:9c:0a:16:7e:f7:40:93:0c:4e:ba:86:02:78:
d2:1d:03:55:aa:b5:ac:0a:81:14:e2:c2:4e:0b:89:75:52:bb:
9d:9c:3c:eb:a5:3b:7f:04:e5:da:ef:70:66:43:a2:f8:d6:40:
3e:74:18:13:ef:54:15:8b:8a:37:f4:b4:5b:0d:dc:55:d0:99:
28:84:1f:ec:54:ee:7f:ff:e0:7b:c0:5a:be:b6:3b:d6:78:85:
9c:81:7f:ee:4f:ce:25:b8:a9:30:35:75:21:2c:1a:07:dc:9f:
34:be:b5:3e:69:79:ad:73:8d:7b:4c:1f:a5:f8:68:68:75:79:
6e:9d:10:75:61:b0:8b:97:55:f6:86:13:72:90:23:a6:51:b2:
26:15:d8:f7:12:73:b9:d6:b2:0c:7b:17:f9:e9:e8:9b:bc:68:
fb:a4:7c:cc:62:78:bb:c7:a3:05:08:a1:83:a1:21:4c:82:e8:
01:d3:05:47:33:c4:c3:74:41:6c:0c:4f:d6:5d:d3:8c:4d:eb:
b0:f8:4c:4a:25:f8:09:f6:1a:79:6c:7a:68:94:7a:c4:ef:99:
7f:d9:39:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHvZz3C5AzvMee4sdu8oMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNTM4MjZjMzFhNWY3NjA5N2JjZGMyYTJmNjUxOTg4YTEz
NjdlNTMwHhcNMjUwOTA3MDMwMTE4WhcNMjUwOTA4MDMwMTE4WjAzMTEwLwYDVQQD
Eyg5ZmZiOWNlYWYwODU2NTQ1MTczM2FjYTRlZjJlNTA1MmM3NWZiNDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnerLARq4Znaq6SbLxJ5E6B1mhcvJ
B5r5SXUVvLccN9FBZP9yTyL44RSkI/dWuuVPeRCMYSauZhVtBKEbhZeclPkLxPK2
bA77HiVY+CJWgMcnz6+LXeWkPZNGTyLEUrOy6vQIAyuKHApvDfARb142anUFur/s
n6aqkwf0IwmBrZszZN9G+AIkVyS57PY298nExtV5Yk6JlX2cjOARKrCDsKzmJUse
zqp8fs7JGFOYJL1KKTDBfWj3Z9FFJfFNo+oDqwlYO8rhrJ10OwvIIN6hSnZ29UwP
hjm74u/kZQDzIwmDSvTloBoVyXoTz5pKBOXjvQd71eX9QnUf+9yy2e7tFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ/7nOrwhWVFFzOspO8uUFLHX7QNMB8GA1UdIwQY
MBaAFHJTgmwxpfdgl7zcKi9lGYihNn5TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2xPQ2JER2w5MkNYdk53cUwyVVppS0UyZmxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy83YTRhNDItN2RjNS00MGMwLTgwNGIt
ZjNmNTFjMTA3MGI5LzEvY2xPQ2JER2w5MkNYdk53cUwyVVppS0UyZmxNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy83YTRhNDItN2RjNS00MGMwLTgwNGItZjNmNTFjMTA3MGI5
LzEvY2xPQ2JER2w5MkNYdk53cUwyVVppS0UyZmxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIrfmk2PQ
PGR9/ZKEWi1RGUwDj7jgnqFYuFEMcOs2JbLQZqcbtGnfmFWcChZ+90CTDE66hgJ4
0h0DVaq1rAqBFOLCTguJdVK7nZw866U7fwTl2u9wZkOi+NZAPnQYE+9UFYuKN/S0
Ww3cVdCZKIQf7FTuf//ge8BavrY71niFnIF/7k/OJbipMDV1ISwaB9yfNL61Pml5
rXONe0wfpfhoaHV5bp0QdWGwi5dV9oYTcpAjplGyJhXY9xJzudayDHsX+enom7xo
+6R8zGJ4u8ejBQihg6EhTILoAdMFRzPEw3RBbAxP1l3TjE3rsPhMSiX4CfYaeWx6
aJR6xO+Zf9k58Q==
-----END CERTIFICATE-----
Generated at Sun Sep 7 11:25:46 2025 by rpki-client