Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/is3dXDDVgOsP7soqFs9cWoslaP0.mft
File: is3dXDDVgOsP7soqFs9cWoslaP0.mft (raw, json)
Hash identifier: emWiL70hp5feMvrxLDo3hR8moLjSIu2eeon3CxsOfCI=
Subject key identifier: 9E:48:36:80:1F:9F:7B:90:BB:1B:DC:2C:D7:D8:DF:28:AD:DD:2C:DA
Authority key identifier: 8A:CD:DD:5C:30:D5:80:EB:0F:EE:CA:2A:16:CF:5C:5A:8B:25:68:FD
Certificate issuer: /CN=8acddd5c30d580eb0feeca2a16cf5c5a8b2568fd
Certificate serial: 019922C311F53E7EAD3B7E5AB497659C97C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/is3dXDDVgOsP7soqFs9cWoslaP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/is3dXDDVgOsP7soqFs9cWoslaP0.mft
Manifest number: 1674
Signing time: Sun 07 Sep 2025 06:00:33 +0000
Manifest this update: Sun 07 Sep 2025 06:00:33 +0000
Manifest next update: Mon 08 Sep 2025 06:00:33 +0000
Files and hashes: 1: 1-BU0QGGPOY6StLl6EjdaPUoRp0U.roa (hash: YErgeEfB3mK/ybWEoY6pFZ+o+6uteNHWASk7smyhzI8=)
2: is3dXDDVgOsP7soqFs9cWoslaP0.crl (hash: x1GMJ7TSJ5JOw121b1OvCxtU37TnRHmeDBSaOz2oYuo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/is3dXDDVgOsP7soqFs9cWoslaP0.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/is3dXDDVgOsP7soqFs9cWoslaP0.mft
rsync://rpki.ripe.net/repository/DEFAULT/is3dXDDVgOsP7soqFs9cWoslaP0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 06:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:c3:11:f5:3e:7e:ad:3b:7e:5a:b4:97:65:9c:97:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8acddd5c30d580eb0feeca2a16cf5c5a8b2568fd
Validity
Not Before: Sep 7 06:00:33 2025 GMT
Not After : Sep 8 06:00:33 2025 GMT
Subject: CN=9e4836801f9f7b90bb1bdc2cd7d8df28addd2cda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:75:ae:05:5c:3b:fd:03:9d:b3:3e:9f:5e:39:
b2:06:7a:6f:cb:dd:1e:4a:d0:93:27:57:c9:32:4c:
2c:68:36:fc:a2:af:8d:9f:9c:99:81:db:fb:0d:a9:
36:51:9c:dc:be:d7:fe:11:8c:57:76:c4:40:76:3d:
07:39:67:d4:ab:2b:54:a0:16:8a:5f:8c:5e:9c:c2:
ae:b0:33:64:fd:54:66:4d:0b:e3:7d:e8:59:fc:f5:
df:a7:13:65:ad:e9:70:e6:03:78:81:d0:1f:e7:61:
2e:c5:6b:50:bf:ec:83:60:a0:66:a8:fb:20:0c:3c:
95:7f:5a:be:91:74:16:33:5e:3d:03:1f:82:53:b7:
b7:85:dd:67:3c:b8:be:75:44:b2:bd:54:0f:4e:e2:
38:3e:f7:61:2a:90:7b:03:b9:53:ae:09:01:35:22:
13:df:f1:dc:62:0b:1e:d4:a3:94:db:ff:bd:fe:7a:
b5:cf:29:8d:9c:5b:ae:9e:8d:8a:e2:fb:9a:ea:9a:
01:34:38:dc:df:aa:65:1c:9d:a9:62:b4:2c:5c:49:
da:34:51:93:39:24:f0:e4:fb:62:9d:8c:48:3e:e6:
5e:d9:18:15:be:3a:a3:ff:d8:5c:d2:9b:24:e6:35:
22:95:46:86:d1:ca:3e:6a:00:33:de:3c:23:50:f5:
7b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:48:36:80:1F:9F:7B:90:BB:1B:DC:2C:D7:D8:DF:28:AD:DD:2C:DA
X509v3 Authority Key Identifier:
keyid:8A:CD:DD:5C:30:D5:80:EB:0F:EE:CA:2A:16:CF:5C:5A:8B:25:68:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/is3dXDDVgOsP7soqFs9cWoslaP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/is3dXDDVgOsP7soqFs9cWoslaP0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/is3dXDDVgOsP7soqFs9cWoslaP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
28:1e:b7:c1:1a:6f:fd:c5:be:df:59:b2:c2:89:12:84:83:c3:
b2:cf:a7:64:94:5b:58:c6:52:40:da:c6:3c:5b:5c:0b:f7:6b:
a3:c5:75:98:fd:4c:c8:dd:75:d0:06:68:c1:b5:e6:d7:c0:6a:
11:22:b3:3c:94:fe:2c:61:a1:19:bb:bd:d5:d8:47:eb:f3:cb:
e5:1f:44:75:1f:cd:cf:7b:d8:63:5b:f4:97:70:52:56:36:a7:
33:01:ae:83:df:49:25:45:4f:01:01:e4:b4:f4:6f:d9:e5:7e:
c7:63:11:89:a6:68:e8:2b:66:39:17:21:3f:b2:a7:f5:29:a3:
f7:54:09:55:0d:6e:46:80:c7:76:d0:7d:6e:b7:86:39:af:c2:
0e:2d:69:dd:3e:76:3a:01:ba:d1:3e:c2:0e:64:d2:fe:7b:21:
5a:3e:89:98:5e:83:91:59:67:47:dc:6a:6a:6f:25:92:90:86:
12:bf:14:55:dd:e4:94:b2:90:5f:48:15:a7:03:04:a1:91:74:
27:79:6c:d9:50:51:aa:77:c6:ce:51:da:ce:0b:18:07:f5:58:
68:a4:72:89:79:4d:f7:f1:82:6f:aa:78:eb:76:31:03:28:36:
7b:4f:04:a2:f6:c8:6b:4a:86:ef:c0:90:b5:d0:b0:10:06:0e:
09:de:67:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiwxH1Pn6tO35atJdlnJfDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhY2RkZDVjMzBkNTgwZWIwZmVlY2EyYTE2Y2Y1YzVhOGIy
NTY4ZmQwHhcNMjUwOTA3MDYwMDMzWhcNMjUwOTA4MDYwMDMzWjAzMTEwLwYDVQQD
Eyg5ZTQ4MzY4MDFmOWY3YjkwYmIxYmRjMmNkN2Q4ZGYyOGFkZGQyY2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXWuBVw7/QOdsz6fXjmyBnpvy90e
StCTJ1fJMkwsaDb8oq+Nn5yZgdv7Dak2UZzcvtf+EYxXdsRAdj0HOWfUqytUoBaK
X4xenMKusDNk/VRmTQvjfehZ/PXfpxNlrelw5gN4gdAf52EuxWtQv+yDYKBmqPsg
DDyVf1q+kXQWM149Ax+CU7e3hd1nPLi+dUSyvVQPTuI4PvdhKpB7A7lTrgkBNSIT
3/HcYgse1KOU2/+9/nq1zymNnFuuno2K4vua6poBNDjc36plHJ2pYrQsXEnaNFGT
OSTw5PtinYxIPuZe2RgVvjqj/9hc0psk5jUilUaG0co+agAz3jwjUPV7CQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ5INoAfn3uQuxvcLNfY3yit3SzaMB8GA1UdIwQY
MBaAFIrN3Vww1YDrD+7KKhbPXFqLJWj9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXMzZFhERFZnT3NQN3NvcUZzOWNXb3NsYVAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yNWFjYTctN2UyOC00ODdjLTg2ZDIt
MTdiMWM3Mzc5MzAwLzEvaXMzZFhERFZnT3NQN3NvcUZzOWNXb3NsYVAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yNWFjYTctN2UyOC00ODdjLTg2ZDItMTdiMWM3Mzc5MzAw
LzEvaXMzZFhERFZnT3NQN3NvcUZzOWNXb3NsYVAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKB63wRpv
/cW+31mywokShIPDss+nZJRbWMZSQNrGPFtcC/dro8V1mP1MyN110AZowbXm18Bq
ESKzPJT+LGGhGbu91dhH6/PL5R9EdR/Nz3vYY1v0l3BSVjanMwGug99JJUVPAQHk
tPRv2eV+x2MRiaZo6CtmORchP7Kn9Smj91QJVQ1uRoDHdtB9breGOa/CDi1p3T52
OgG60T7CDmTS/nshWj6JmF6DkVlnR9xqam8lkpCGEr8UVd3klLKQX0gVpwMEoZF0
J3ls2VBRqnfGzlHazgsYB/VYaKRyiXlN9/GCb6p463YxAyg2e08EovbIa0qG78CQ
tdCwEAYOCd5nbw==
-----END CERTIFICATE-----
Generated at Sun Sep 7 14:49:34 2025 by rpki-client