Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/6a5394-0b05-4538-b0cd-9f6890f92e60/1/mKUzMIdAu70he_adzpCz9UEghFc.mft
File: mKUzMIdAu70he_adzpCz9UEghFc.mft (raw, json)
Hash identifier: XlnQt/vj2/m/gBk+RCw98QkE0DjG0b+58ls52NxI3xk=
Subject key identifier: 1B:AC:D4:BC:FF:9B:A4:16:78:84:EB:60:CD:37:A5:CA:3A:8D:4E:3E
Authority key identifier: 98:A5:33:30:87:40:BB:BD:21:7B:F6:9D:CE:90:B3:F5:41:20:84:57
Certificate issuer: /CN=98a533308740bbbd217bf69dce90b3f541208457
Certificate serial: 019849D3302615742D21CFE6095708847412
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKUzMIdAu70he_adzpCz9UEghFc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/6a5394-0b05-4538-b0cd-9f6890f92e60/1/mKUzMIdAu70he_adzpCz9UEghFc.mft
Manifest number: 1604
Signing time: Sun 27 Jul 2025 03:00:33 +0000
Manifest this update: Sun 27 Jul 2025 03:00:33 +0000
Manifest next update: Mon 28 Jul 2025 03:00:33 +0000
Files and hashes: 1: 4hnUUt9Ys_eQWvU2fA6JemX65dw.roa (hash: ntUnKbzWvKshnrPe1olGFJu/nCj9Xb/2m4Wf2hJLEss=)
2: mKUzMIdAu70he_adzpCz9UEghFc.crl (hash: NgkhzDIFbITbnx9vlgDEPYS2Vz8FIZAatirsmWJUymY=)
3: sfQ3GEtYzhBBWxqpfOQ0GcKpsbY.roa (hash: wrk4xF0OxGaC9MkY6FPvwbKzU+JxYtuzUOz5b0tcuxA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/6a5394-0b05-4538-b0cd-9f6890f92e60/1/mKUzMIdAu70he_adzpCz9UEghFc.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/6a5394-0b05-4538-b0cd-9f6890f92e60/1/mKUzMIdAu70he_adzpCz9UEghFc.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKUzMIdAu70he_adzpCz9UEghFc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 00:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:49:d3:30:26:15:74:2d:21:cf:e6:09:57:08:84:74:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a533308740bbbd217bf69dce90b3f541208457
Validity
Not Before: Jul 27 03:00:33 2025 GMT
Not After : Jul 28 03:00:33 2025 GMT
Subject: CN=1bacd4bcff9ba4167884eb60cd37a5ca3a8d4e3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:3a:30:ec:68:df:e5:de:52:c4:49:0d:ae:5c:
22:52:e8:ac:c1:b7:d6:24:06:ac:37:ef:1a:bd:cf:
83:0f:31:f0:b5:03:2c:b7:61:ad:21:1e:62:1c:b6:
0a:f5:9b:c0:f8:e1:0d:36:4f:c7:39:6a:aa:71:2b:
f6:3c:e7:23:17:9a:13:64:a6:d2:d2:cd:6d:8a:4b:
8e:45:1b:0a:af:ba:9b:24:0a:c0:23:73:d2:22:54:
04:67:ca:b8:f6:7c:df:01:3b:ab:2f:99:58:a8:15:
f9:67:53:d7:ac:a8:cd:fb:a5:a3:6a:54:5a:07:5f:
12:ea:e7:fb:35:d0:28:34:60:80:0f:90:7c:77:84:
3f:0a:5d:48:15:a6:f3:1a:13:3a:d4:73:6f:28:13:
9a:46:7f:b1:fe:cb:15:64:43:fa:be:fe:15:3b:48:
11:e8:8f:4e:05:a6:4a:36:8c:48:09:8f:ef:39:c0:
fd:6b:b2:a4:4e:03:e2:dc:46:82:c4:bd:1b:08:14:
ff:bd:95:fa:01:79:75:16:94:9a:46:ea:0c:6a:4c:
c6:68:b5:b7:80:0e:6c:23:75:a7:f1:bc:69:c1:f0:
ee:64:0d:a0:b8:27:1b:6c:a2:8e:7e:23:a0:b9:f4:
19:06:cb:d7:76:61:47:67:c9:e4:31:40:a2:82:f6:
68:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:AC:D4:BC:FF:9B:A4:16:78:84:EB:60:CD:37:A5:CA:3A:8D:4E:3E
X509v3 Authority Key Identifier:
keyid:98:A5:33:30:87:40:BB:BD:21:7B:F6:9D:CE:90:B3:F5:41:20:84:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKUzMIdAu70he_adzpCz9UEghFc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/6a5394-0b05-4538-b0cd-9f6890f92e60/1/mKUzMIdAu70he_adzpCz9UEghFc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/6a5394-0b05-4538-b0cd-9f6890f92e60/1/mKUzMIdAu70he_adzpCz9UEghFc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1d:be:aa:c7:01:88:f5:88:ad:9d:68:e0:65:e4:fc:47:cd:b5:
a8:5f:b3:4c:00:11:9a:4f:48:85:d0:7d:4e:c2:f4:ca:21:f0:
cc:81:d9:bd:69:1d:a2:e9:15:2b:74:d0:78:85:08:c4:d4:06:
0f:ce:b1:56:67:ad:86:44:45:c9:4b:fd:0f:ad:54:5f:fc:6f:
7b:20:53:6f:08:28:4b:0c:dc:4f:14:1f:9c:0c:a6:b7:64:41:
84:27:1a:c0:d4:e0:02:89:2f:16:e6:5a:73:83:f3:55:95:68:
a2:25:b4:38:97:a2:35:1b:9e:fe:cb:48:cf:c0:c7:f6:fc:92:
b2:f2:5d:73:35:0d:1c:d6:b6:43:f3:43:b3:95:2e:ed:c3:5a:
10:ca:f9:fb:ff:38:b3:04:a8:33:ca:47:88:81:79:43:69:2b:
74:5d:17:6b:30:b1:ef:65:aa:94:19:a8:89:5f:7a:c9:e9:75:
d0:f6:d5:03:bf:d4:c0:ad:7b:dc:88:36:3e:41:b0:ee:ef:64:
60:c0:f0:b8:91:53:ed:78:58:6a:04:41:40:74:1d:8d:df:82:
a4:d7:d1:7f:c0:49:cc:88:2b:a9:e7:47:88:f5:0b:9a:16:f0:
7d:15:63:3e:72:ee:19:9a:1d:a3:01:a2:45:0c:0e:56:4a:ac:
b5:e8:77:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhJ0zAmFXQtIc/mCVcIhHQSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4YTUzMzMwODc0MGJiYmQyMTdiZjY5ZGNlOTBiM2Y1NDEy
MDg0NTcwHhcNMjUwNzI3MDMwMDMzWhcNMjUwNzI4MDMwMDMzWjAzMTEwLwYDVQQD
EygxYmFjZDRiY2ZmOWJhNDE2Nzg4NGViNjBjZDM3YTVjYTNhOGQ0ZTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzow7Gjf5d5SxEkNrlwiUuiswbfW
JAasN+8avc+DDzHwtQMst2GtIR5iHLYK9ZvA+OENNk/HOWqqcSv2POcjF5oTZKbS
0s1tikuORRsKr7qbJArAI3PSIlQEZ8q49nzfATurL5lYqBX5Z1PXrKjN+6WjalRa
B18S6uf7NdAoNGCAD5B8d4Q/Cl1IFabzGhM61HNvKBOaRn+x/ssVZEP6vv4VO0gR
6I9OBaZKNoxICY/vOcD9a7KkTgPi3EaCxL0bCBT/vZX6AXl1FpSaRuoMakzGaLW3
gA5sI3Wn8bxpwfDuZA2guCcbbKKOfiOgufQZBsvXdmFHZ8nkMUCigvZo1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBus1Lz/m6QWeITrYM03pco6jU4+MB8GA1UdIwQY
MBaAFJilMzCHQLu9IXv2nc6Qs/VBIIRXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUtVek1JZEF1NzBoZV9hZHpwQ3o5VUVnaEZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi82YTUzOTQtMGIwNS00NTM4LWIwY2Qt
OWY2ODkwZjkyZTYwLzEvbUtVek1JZEF1NzBoZV9hZHpwQ3o5VUVnaEZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi82YTUzOTQtMGIwNS00NTM4LWIwY2QtOWY2ODkwZjkyZTYw
LzEvbUtVek1JZEF1NzBoZV9hZHpwQ3o5VUVnaEZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHb6qxwGI
9YitnWjgZeT8R821qF+zTAARmk9IhdB9TsL0yiHwzIHZvWkdoukVK3TQeIUIxNQG
D86xVmethkRFyUv9D61UX/xveyBTbwgoSwzcTxQfnAymt2RBhCcawNTgAokvFuZa
c4PzVZVooiW0OJeiNRue/stIz8DH9vySsvJdczUNHNa2Q/NDs5Uu7cNaEMr5+/84
swSoM8pHiIF5Q2krdF0XazCx72WqlBmoiV96yel10PbVA7/UwK173Ig2PkGw7u9k
YMDwuJFT7XhYagRBQHQdjd+CpNfRf8BJzIgrqedHiPULmhbwfRVjPnLuGZodowGi
RQwOVkqsteh36w==
-----END CERTIFICATE-----
Generated at Sun Jul 27 07:41:08 2025 by rpki-client