Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.mft
File: DT66aHPFtQdbPEOff-61SvHxDak.mft (raw, json)
Hash identifier: 29s+A35AI6lhx0Ii53UC9ZyQb3jlzCUyaFzN0CSgKt8=
Subject key identifier: 52:FB:75:6A:61:CF:E4:FD:5B:B4:CE:22:DD:62:CE:41:99:58:C4:4A
Authority key identifier: 0D:3E:BA:68:73:C5:B5:07:5B:3C:43:9F:7F:EE:B5:4A:F1:F1:0D:A9
Certificate issuer: /CN=0d3eba6873c5b5075b3c439f7feeb54af1f10da9
Certificate serial: 0199221E7203FE0E9D7608CE186CAC5C2245
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DT66aHPFtQdbPEOff-61SvHxDak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.mft
Manifest number: 1678
Signing time: Sun 07 Sep 2025 03:00:44 +0000
Manifest this update: Sun 07 Sep 2025 03:00:44 +0000
Manifest next update: Mon 08 Sep 2025 03:00:44 +0000
Files and hashes: 1: DT66aHPFtQdbPEOff-61SvHxDak.crl (hash: 2BsT9gSlyog/oJg1lezRAjVnSdBxMdANnO6JpIhPUZM=)
2: bJFxuWRTLDK11fnMj6JzG9bfGJc.roa (hash: GJmoaYMZlK46RmoyjMRGd4Icb8shLixbmKsjvQhxyu0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.mft
rsync://rpki.ripe.net/repository/DEFAULT/DT66aHPFtQdbPEOff-61SvHxDak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 03:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:1e:72:03:fe:0e:9d:76:08:ce:18:6c:ac:5c:22:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d3eba6873c5b5075b3c439f7feeb54af1f10da9
Validity
Not Before: Sep 7 03:00:44 2025 GMT
Not After : Sep 8 03:00:44 2025 GMT
Subject: CN=52fb756a61cfe4fd5bb4ce22dd62ce419958c44a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:dc:c3:48:e0:c1:24:df:9a:74:60:6d:44:a8:
2a:03:e5:e6:79:f2:aa:6f:9e:4a:1b:e5:70:9c:7d:
ce:08:41:a4:22:32:21:69:eb:93:fc:28:a4:e6:be:
9c:92:f6:d8:84:e4:3f:be:4e:52:f6:95:db:7e:2f:
49:73:eb:24:1a:82:c0:d9:4a:7e:e7:3a:5d:ea:ab:
16:37:68:8b:4f:ba:47:1b:18:2c:d6:94:74:ab:fa:
9f:68:cb:26:e7:18:ed:57:59:55:ec:47:23:2d:86:
cc:a4:44:8a:1e:fd:ee:5f:ed:3e:e8:d9:df:36:98:
4d:d7:45:7a:8c:f2:f8:44:9d:4f:82:cc:39:ee:4c:
97:bb:6d:58:cb:67:5e:4a:14:4b:61:45:4a:e6:93:
48:ee:e2:79:a6:c9:56:dd:27:63:35:64:c0:19:de:
60:1e:e2:25:2c:dd:e8:48:b9:8f:d7:56:1d:24:0b:
6a:74:f2:4b:7c:5a:3f:6f:7e:22:75:46:ba:df:13:
09:9e:48:fe:49:36:21:fd:49:e3:b2:3c:79:ed:9c:
d2:54:3d:fa:11:a7:0e:b6:81:02:68:75:d3:70:d9:
e1:24:46:35:96:ac:65:30:e1:37:c9:e0:92:79:7e:
dd:13:b7:a2:cf:0e:2c:d6:7b:5f:37:c7:e2:d2:99:
48:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:FB:75:6A:61:CF:E4:FD:5B:B4:CE:22:DD:62:CE:41:99:58:C4:4A
X509v3 Authority Key Identifier:
keyid:0D:3E:BA:68:73:C5:B5:07:5B:3C:43:9F:7F:EE:B5:4A:F1:F1:0D:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DT66aHPFtQdbPEOff-61SvHxDak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5c:9f:4d:b6:8c:cb:31:ea:89:2b:f0:4f:5d:b2:c3:66:89:d0:
10:53:c2:df:14:ef:96:17:ad:7a:6a:c4:8e:22:6d:ef:a5:e0:
b4:d7:b5:97:78:7c:a7:20:31:42:a7:3d:14:d9:6d:e9:2a:55:
10:86:66:8d:a6:1d:a9:e3:6c:71:45:39:da:19:58:47:5a:8f:
c3:ae:7a:e5:9d:25:df:4a:16:2f:a3:55:5c:98:19:68:26:56:
5c:36:f2:bf:12:12:8a:a4:05:e1:b8:b3:25:5b:c1:36:b9:5d:
43:0a:e1:e8:78:e7:be:f0:3d:5d:b2:fe:5e:6c:eb:10:f1:ce:
a4:77:c4:dc:89:49:3a:53:ad:aa:10:62:e9:1d:ad:b7:37:c6:
db:ac:14:f8:4e:9d:f7:59:39:4f:95:c3:85:45:b6:8b:d5:be:
60:60:58:80:f5:90:61:76:0a:e2:d3:cc:22:ff:e3:f1:12:3d:
88:c1:75:32:64:ac:2f:cb:fc:12:92:20:a2:97:1d:ae:59:c3:
cd:1f:21:2c:4d:d5:cf:d0:56:a5:14:97:81:e0:c9:29:20:83:
6c:9b:1f:41:29:90:dc:30:d0:0b:4b:95:a4:70:2f:13:06:f6:
2a:90:c4:6b:74:fd:49:ee:d5:14:98:27:63:80:6a:05:a1:e2:
fd:bd:5d:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHnID/g6ddgjOGGysXCJFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkM2ViYTY4NzNjNWI1MDc1YjNjNDM5ZjdmZWViNTRhZjFm
MTBkYTkwHhcNMjUwOTA3MDMwMDQ0WhcNMjUwOTA4MDMwMDQ0WjAzMTEwLwYDVQQD
Eyg1MmZiNzU2YTYxY2ZlNGZkNWJiNGNlMjJkZDYyY2U0MTk5NThjNDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9zDSODBJN+adGBtRKgqA+XmefKq
b55KG+VwnH3OCEGkIjIhaeuT/Cik5r6ckvbYhOQ/vk5S9pXbfi9Jc+skGoLA2Up+
5zpd6qsWN2iLT7pHGxgs1pR0q/qfaMsm5xjtV1lV7EcjLYbMpESKHv3uX+0+6Nnf
NphN10V6jPL4RJ1Pgsw57kyXu21Yy2deShRLYUVK5pNI7uJ5pslW3SdjNWTAGd5g
HuIlLN3oSLmP11YdJAtqdPJLfFo/b34idUa63xMJnkj+STYh/Unjsjx57ZzSVD36
EacOtoECaHXTcNnhJEY1lqxlMOE3yeCSeX7dE7eizw4s1ntfN8fi0plIpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFL7dWphz+T9W7TOIt1izkGZWMRKMB8GA1UdIwQY
MBaAFA0+umhzxbUHWzxDn3/utUrx8Q2pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFQ2NmFIUEZ0UWRiUEVPZmYtNjFTdkh4RGFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8zMzgzZjEtMDQyOC00NjRiLWJkMWUt
Mjc5OThiZjE3NDY1LzEvRFQ2NmFIUEZ0UWRiUEVPZmYtNjFTdkh4RGFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8zMzgzZjEtMDQyOC00NjRiLWJkMWUtMjc5OThiZjE3NDY1
LzEvRFQ2NmFIUEZ0UWRiUEVPZmYtNjFTdkh4RGFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXJ9NtozL
MeqJK/BPXbLDZonQEFPC3xTvlhetemrEjiJt76XgtNe1l3h8pyAxQqc9FNlt6SpV
EIZmjaYdqeNscUU52hlYR1qPw6565Z0l30oWL6NVXJgZaCZWXDbyvxISiqQF4biz
JVvBNrldQwrh6HjnvvA9XbL+XmzrEPHOpHfE3IlJOlOtqhBi6R2ttzfG26wU+E6d
91k5T5XDhUW2i9W+YGBYgPWQYXYK4tPMIv/j8RI9iMF1MmSsL8v8EpIgopcdrlnD
zR8hLE3Vz9BWpRSXgeDJKSCDbJsfQSmQ3DDQC0uVpHAvEwb2KpDEa3T9Se7VFJgn
Y4BqBaHi/b1ddg==
-----END CERTIFICATE-----
Generated at Sun Sep 7 10:06:37 2025 by rpki-client