Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
File: v99XKOyr1W70Y3NWlVhmylRoaRo.mft (raw, json)
Hash identifier: bH+8UYNomRGYririP96jissKJYhIXXyWhuS+7Q+9jUo=
Subject key identifier: 65:80:62:61:A6:71:B8:AB:37:19:EF:7A:24:64:76:CE:E2:55:4F:91
Authority key identifier: BF:DF:57:28:EC:AB:D5:6E:F4:63:73:56:95:58:66:CA:54:68:69:1A
Certificate issuer: /CN=bfdf5728ecabd56ef4637356955866ca5468691a
Certificate serial: 01992C6B920600AFFEDD42F155E2B07DCE43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
Manifest number: 0299
Signing time: Tue 09 Sep 2025 03:01:11 +0000
Manifest this update: Tue 09 Sep 2025 03:01:11 +0000
Manifest next update: Wed 10 Sep 2025 03:01:11 +0000
Files and hashes: 1: 5ZRHOA8DDg_XhJ8JjCvhTOGiC1w.roa (hash: eWpgjaoVJC0L+xFRvzTJa/HrtM2zzM7SykfE1sq9g2I=)
2: v99XKOyr1W70Y3NWlVhmylRoaRo.crl (hash: omQmxikAlz8IKOlaCWokff1ZiHLqk5MWwzUftyCELZM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 23:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2c:6b:92:06:00:af:fe:dd:42:f1:55:e2:b0:7d:ce:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfdf5728ecabd56ef4637356955866ca5468691a
Validity
Not Before: Sep 9 03:01:11 2025 GMT
Not After : Sep 10 03:01:11 2025 GMT
Subject: CN=65806261a671b8ab3719ef7a246476cee2554f91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ff:02:32:fa:42:d8:f1:b6:03:e2:2e:80:86:
18:8a:93:0c:9a:3d:fc:5c:ee:8e:ca:15:2c:45:69:
12:54:61:67:84:d7:57:33:e2:67:a2:d8:e1:8b:7f:
f6:03:c8:59:4c:19:6f:73:53:f9:7f:cf:c2:4d:a1:
a9:e9:dc:7c:23:9e:4a:ef:35:1e:15:62:20:e6:83:
f0:67:39:1e:b6:3b:72:c6:b8:70:a4:d5:14:91:e2:
81:c6:39:4e:18:bf:f6:6b:87:9b:d0:83:9a:5a:2b:
c4:e3:8b:ce:6a:6e:db:9c:c9:ae:e3:96:24:66:87:
88:73:1e:a9:42:df:e1:fc:fb:aa:f9:4a:d4:06:04:
15:d6:5d:c5:38:fe:43:9e:85:0f:05:34:ba:85:9f:
79:b8:21:4d:82:b5:ee:3b:a8:f0:25:58:c8:69:08:
99:b3:ae:0c:c6:9a:9b:25:76:e1:52:6d:7b:18:15:
ab:ba:a0:96:17:6e:b4:8d:ba:90:0f:17:94:9c:41:
5c:57:13:95:b6:14:39:62:bd:c5:c7:72:09:ce:81:
3a:57:98:b3:8f:9e:aa:af:7d:2a:9f:46:f3:7f:c3:
69:28:9c:d9:d9:9c:37:43:08:96:a0:d6:3b:35:7c:
89:1b:2b:5d:83:6e:60:da:3b:2c:6c:b3:9f:0c:4f:
2f:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:80:62:61:A6:71:B8:AB:37:19:EF:7A:24:64:76:CE:E2:55:4F:91
X509v3 Authority Key Identifier:
keyid:BF:DF:57:28:EC:AB:D5:6E:F4:63:73:56:95:58:66:CA:54:68:69:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1f:e5:e5:fa:78:bf:86:58:33:e3:67:39:61:d3:f4:51:f8:6b:
b0:8a:aa:d5:22:df:2c:8c:63:dd:2d:12:e8:3b:be:e1:61:94:
34:e5:13:22:db:11:ea:47:d1:2c:e2:82:f9:bd:d0:80:88:73:
62:3c:85:92:26:bd:d3:9e:62:e5:3b:0a:f1:33:67:83:2d:1f:
64:88:c6:e6:4c:16:6f:fc:ea:39:60:f9:ba:ea:a8:3d:af:bc:
a4:96:37:ec:2e:0f:35:f7:c8:b4:93:d4:7d:87:17:90:91:86:
4d:42:f7:5a:12:b6:30:b8:35:64:27:1b:89:88:f4:4d:32:dd:
fd:1c:3d:6b:85:d7:3a:87:69:57:13:f1:e8:a6:ca:3e:d3:a3:
17:14:a2:93:53:b4:04:c8:0b:ab:cc:7d:e0:2d:ed:cf:81:96:
3f:11:1d:85:58:65:d7:bc:aa:a1:49:ff:ba:c5:dc:da:82:83:
fe:f2:eb:94:21:91:cf:47:2f:4c:bb:f2:3f:a2:82:94:53:d2:
cc:b2:cd:bf:80:a0:3a:2b:c6:c1:21:8e:35:31:1b:cc:c8:5b:
b9:64:66:98:44:bf:e1:bc:85:a0:9e:7b:18:c4:bd:b7:be:30:
f4:1a:85:78:6b:2e:b1:8c:ba:08:d3:81:f9:bc:9e:c1:b6:85:
6c:e8:3c:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZksa5IGAK/+3ULxVeKwfc5DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZGY1NzI4ZWNhYmQ1NmVmNDYzNzM1Njk1NTg2NmNhNTQ2
ODY5MWEwHhcNMjUwOTA5MDMwMTExWhcNMjUwOTEwMDMwMTExWjAzMTEwLwYDVQQD
Eyg2NTgwNjI2MWE2NzFiOGFiMzcxOWVmN2EyNDY0NzZjZWUyNTU0ZjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsf8CMvpC2PG2A+IugIYYipMMmj38
XO6OyhUsRWkSVGFnhNdXM+Jnotjhi3/2A8hZTBlvc1P5f8/CTaGp6dx8I55K7zUe
FWIg5oPwZzketjtyxrhwpNUUkeKBxjlOGL/2a4eb0IOaWivE44vOam7bnMmu45Yk
ZoeIcx6pQt/h/Puq+UrUBgQV1l3FOP5DnoUPBTS6hZ95uCFNgrXuO6jwJVjIaQiZ
s64MxpqbJXbhUm17GBWruqCWF260jbqQDxeUnEFcVxOVthQ5Yr3Fx3IJzoE6V5iz
j56qr30qn0bzf8NpKJzZ2Zw3QwiWoNY7NXyJGytdg25g2jssbLOfDE8v3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGWAYmGmcbirNxnveiRkds7iVU+RMB8GA1UdIwQY
MBaAFL/fVyjsq9Vu9GNzVpVYZspUaGkaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9mY2YzMjItMTdjMS00ZjQwLWE2MTgt
YmQxNGQzNDRiYmYyLzEvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9mY2YzMjItMTdjMS00ZjQwLWE2MTgtYmQxNGQzNDRiYmYy
LzEvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH+Xl+ni/
hlgz42c5YdP0UfhrsIqq1SLfLIxj3S0S6Du+4WGUNOUTItsR6kfRLOKC+b3QgIhz
YjyFkia9055i5TsK8TNngy0fZIjG5kwWb/zqOWD5uuqoPa+8pJY37C4PNffItJPU
fYcXkJGGTUL3WhK2MLg1ZCcbiYj0TTLd/Rw9a4XXOodpVxPx6KbKPtOjFxSik1O0
BMgLq8x94C3tz4GWPxEdhVhl17yqoUn/usXc2oKD/vLrlCGRz0cvTLvyP6KClFPS
zLLNv4CgOivGwSGONTEbzMhbuWRmmES/4byFoJ57GMS9t74w9BqFeGsusYy6CNOB
+byewbaFbOg8Lg==
-----END CERTIFICATE-----
Generated at Tue Sep 9 08:00:46 2025 by rpki-client