Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/798fc5-b54c-41c1-8afe-f09e46c69bf8/1/1AYg6l2vilSq6hfyy57N8114UwY.mft
File: 1AYg6l2vilSq6hfyy57N8114UwY.mft (raw, json)
Hash identifier: lLlXV1FPZ7+RdsdWUIi/fLpdzsXeoG8db/zNHheAj/8=
Subject key identifier: 5F:67:A1:DC:7B:1E:1F:87:FD:A7:DA:B6:8B:3F:80:6A:37:D1:6D:3C
Authority key identifier: D4:06:20:EA:5D:AF:8A:54:AA:EA:17:F2:CB:9E:CD:F3:5D:78:53:06
Certificate issuer: /CN=d40620ea5daf8a54aaea17f2cb9ecdf35d785306
Certificate serial: 019923A0029C67B96A28E07147CBC631F3B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1AYg6l2vilSq6hfyy57N8114UwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/798fc5-b54c-41c1-8afe-f09e46c69bf8/1/1AYg6l2vilSq6hfyy57N8114UwY.mft
Manifest number: 114A
Signing time: Sun 07 Sep 2025 10:01:52 +0000
Manifest this update: Sun 07 Sep 2025 10:01:52 +0000
Manifest next update: Mon 08 Sep 2025 10:01:52 +0000
Files and hashes: 1: 1AYg6l2vilSq6hfyy57N8114UwY.crl (hash: nfDvADGkmGbQ/3pOkPazg0ozw2e2k5ERp+/hXC1rA5o=)
2: gGx-x2iRamyRfnlhx5me1YxCw6s.roa (hash: JLnMtxeLdoGYGRa/pvkNkIdX/aY0zlXxd7zsjwME0tw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/798fc5-b54c-41c1-8afe-f09e46c69bf8/1/1AYg6l2vilSq6hfyy57N8114UwY.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/798fc5-b54c-41c1-8afe-f09e46c69bf8/1/1AYg6l2vilSq6hfyy57N8114UwY.mft
rsync://rpki.ripe.net/repository/DEFAULT/1AYg6l2vilSq6hfyy57N8114UwY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:23:a0:02:9c:67:b9:6a:28:e0:71:47:cb:c6:31:f3:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d40620ea5daf8a54aaea17f2cb9ecdf35d785306
Validity
Not Before: Sep 7 10:01:52 2025 GMT
Not After : Sep 8 10:01:52 2025 GMT
Subject: CN=5f67a1dc7b1e1f87fda7dab68b3f806a37d16d3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:08:c1:6e:a6:f5:34:02:f6:9f:94:89:7b:59:
7c:5d:3f:ac:98:2f:ed:da:66:f3:17:dc:45:b0:84:
8c:21:ea:fa:86:53:cb:47:74:af:66:c8:38:29:51:
b6:cc:d0:f0:c8:d7:5d:f9:64:0e:7d:3b:77:a9:76:
cb:47:37:28:71:91:5e:72:41:77:18:c2:09:e8:86:
d1:87:96:89:69:4e:28:76:d0:5c:89:b8:34:9a:04:
d8:65:5b:c1:21:b9:33:df:6e:27:66:92:9d:ff:cf:
bf:13:f5:c4:bc:e5:3f:08:c1:a1:e0:60:fc:78:dc:
4d:01:20:9a:06:2b:4a:0c:6c:ab:31:58:d7:1a:b5:
03:e4:17:08:40:00:53:39:21:a4:4c:9a:3a:b6:83:
1e:58:a8:78:7c:62:36:80:e8:15:bd:53:45:b7:cd:
33:df:72:24:95:fa:77:7e:a0:f4:a9:c4:62:d4:d0:
e6:13:86:68:a2:73:b2:fa:ac:68:03:ae:00:72:54:
91:6e:23:65:c8:54:45:04:b4:f6:d5:30:06:e3:be:
81:06:27:12:dc:d2:19:85:45:1d:8d:cd:d6:ea:56:
49:d5:87:a1:55:36:07:c2:39:53:54:98:85:13:16:
9c:98:56:c9:ce:e2:20:55:94:de:cf:13:f2:74:34:
1a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:67:A1:DC:7B:1E:1F:87:FD:A7:DA:B6:8B:3F:80:6A:37:D1:6D:3C
X509v3 Authority Key Identifier:
keyid:D4:06:20:EA:5D:AF:8A:54:AA:EA:17:F2:CB:9E:CD:F3:5D:78:53:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1AYg6l2vilSq6hfyy57N8114UwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/798fc5-b54c-41c1-8afe-f09e46c69bf8/1/1AYg6l2vilSq6hfyy57N8114UwY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/798fc5-b54c-41c1-8afe-f09e46c69bf8/1/1AYg6l2vilSq6hfyy57N8114UwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
72:1a:c1:61:29:b0:4c:b4:15:18:02:a9:bc:68:00:9b:dd:d3:
e6:4e:25:96:81:cb:18:c3:e8:08:03:9e:83:84:30:79:bd:b7:
19:67:95:d4:b1:5e:46:ea:dc:99:c5:a3:83:65:58:c6:dd:6d:
55:c7:a3:86:e0:40:fb:35:3f:99:8a:65:3d:a1:71:5d:31:0e:
2a:2d:ed:71:30:8f:c8:78:ab:7c:53:23:17:45:1b:1d:41:d7:
2c:2c:07:0e:2e:b6:32:5e:44:df:2d:69:92:bf:73:97:cd:12:
2d:53:0e:eb:47:b7:71:55:99:f0:41:bd:83:24:20:ee:d3:bd:
b9:14:d6:4f:6f:38:c7:cb:b9:39:d3:81:e3:fa:aa:72:ca:9a:
1e:fc:2c:78:fe:8e:2f:19:16:88:a2:02:aa:22:63:61:d0:cd:
fa:52:70:ee:08:72:b0:56:c8:3e:4a:70:ef:82:10:c2:e6:fb:
5e:00:bf:31:c4:9f:a7:a5:ad:cb:4b:17:ab:53:b9:38:79:0a:
4c:fe:ce:ad:a4:1f:fd:69:9d:91:48:6b:00:de:44:27:9b:59:
b9:c5:c3:e8:1a:27:1b:7f:55:02:fd:45:3b:b8:3e:11:3e:7d:
39:4e:3a:35:40:0a:2c:12:2e:f2:b9:45:48:19:ba:e2:7b:7d:
4c:cc:b6:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoAKcZ7lqKOBxR8vGMfO5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MDYyMGVhNWRhZjhhNTRhYWVhMTdmMmNiOWVjZGYzNWQ3
ODUzMDYwHhcNMjUwOTA3MTAwMTUyWhcNMjUwOTA4MTAwMTUyWjAzMTEwLwYDVQQD
Eyg1ZjY3YTFkYzdiMWUxZjg3ZmRhN2RhYjY4YjNmODA2YTM3ZDE2ZDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAjBbqb1NAL2n5SJe1l8XT+smC/t
2mbzF9xFsISMIer6hlPLR3SvZsg4KVG2zNDwyNdd+WQOfTt3qXbLRzcocZFeckF3
GMIJ6IbRh5aJaU4odtBcibg0mgTYZVvBIbkz324nZpKd/8+/E/XEvOU/CMGh4GD8
eNxNASCaBitKDGyrMVjXGrUD5BcIQABTOSGkTJo6toMeWKh4fGI2gOgVvVNFt80z
33Iklfp3fqD0qcRi1NDmE4ZoonOy+qxoA64AclSRbiNlyFRFBLT21TAG476BBicS
3NIZhUUdjc3W6lZJ1YehVTYHwjlTVJiFExacmFbJzuIgVZTezxPydDQaUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF9nodx7Hh+H/afatos/gGo30W08MB8GA1UdIwQY
MBaAFNQGIOpdr4pUquoX8suezfNdeFMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUFZZzZsMnZpbFNxNmhmeXk1N044MTE0VXdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi83OThmYzUtYjU0Yy00MWMxLThhZmUt
ZjA5ZTQ2YzY5YmY4LzEvMUFZZzZsMnZpbFNxNmhmeXk1N044MTE0VXdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi83OThmYzUtYjU0Yy00MWMxLThhZmUtZjA5ZTQ2YzY5YmY4
LzEvMUFZZzZsMnZpbFNxNmhmeXk1N044MTE0VXdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAchrBYSmw
TLQVGAKpvGgAm93T5k4lloHLGMPoCAOeg4Qweb23GWeV1LFeRurcmcWjg2VYxt1t
VcejhuBA+zU/mYplPaFxXTEOKi3tcTCPyHirfFMjF0UbHUHXLCwHDi62Ml5E3y1p
kr9zl80SLVMO60e3cVWZ8EG9gyQg7tO9uRTWT284x8u5OdOB4/qqcsqaHvwseP6O
LxkWiKICqiJjYdDN+lJw7ghysFbIPkpw74IQwub7XgC/McSfp6Wty0sXq1O5OHkK
TP7OraQf/WmdkUhrAN5EJ5tZucXD6BonG39VAv1FO7g+ET59OU46NUAKLBIu8rlF
SBm64nt9TMy2aw==
-----END CERTIFICATE-----
Generated at Sun Sep 7 15:07:54 2025 by rpki-client