Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/CKXDq6Qht4p9XQm3W0zjvlJzyqw.mft
File: CKXDq6Qht4p9XQm3W0zjvlJzyqw.mft (raw, json)
Hash identifier: 16AzLMmE7YyUBilPM2jSKFHmvXjltaxfvH7kTAZUgfM=
Subject key identifier: A0:6C:F3:9C:BA:87:6C:77:B3:7B:64:45:0F:FC:31:98:4A:17:79:1A
Authority key identifier: 08:A5:C3:AB:A4:21:B7:8A:7D:5D:09:B7:5B:4C:E3:BE:52:73:CA:AC
Certificate issuer: /CN=08a5c3aba421b78a7d5d09b75b4ce3be5273caac
Certificate serial: 019922FA5AFF380A9E0A4D6453C9C3597872
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKXDq6Qht4p9XQm3W0zjvlJzyqw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/CKXDq6Qht4p9XQm3W0zjvlJzyqw.mft
Manifest number: 1676
Signing time: Sun 07 Sep 2025 07:00:56 +0000
Manifest this update: Sun 07 Sep 2025 07:00:56 +0000
Manifest next update: Mon 08 Sep 2025 07:00:56 +0000
Files and hashes: 1: CKXDq6Qht4p9XQm3W0zjvlJzyqw.crl (hash: n5veBEBx3W6uu7FkTQi71rjb264SqSWJe8Hcik9v7/w=)
2: yW1cS9Mx29vTOamtTRsFT6bLIXw.roa (hash: PZBuxnii3Pq+stD6k3qQUstIcPbrvHDexZJKpw32ONQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/CKXDq6Qht4p9XQm3W0zjvlJzyqw.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/CKXDq6Qht4p9XQm3W0zjvlJzyqw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CKXDq6Qht4p9XQm3W0zjvlJzyqw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:fa:5a:ff:38:0a:9e:0a:4d:64:53:c9:c3:59:78:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08a5c3aba421b78a7d5d09b75b4ce3be5273caac
Validity
Not Before: Sep 7 07:00:56 2025 GMT
Not After : Sep 8 07:00:56 2025 GMT
Subject: CN=a06cf39cba876c77b37b64450ffc31984a17791a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:48:db:80:eb:0a:6d:82:03:c3:ad:57:9c:e4:
b4:8c:13:76:f3:cc:9b:e1:14:09:33:ae:ec:5c:c9:
86:e0:2f:64:d3:09:bc:c7:6b:fb:df:ff:3b:29:45:
47:37:47:a9:50:e2:bc:7a:d4:cd:48:66:ac:c9:80:
e0:2c:35:de:05:9e:28:60:5b:91:09:81:36:50:59:
45:a5:37:e6:7e:0c:1a:c9:ef:dc:e9:26:05:93:5a:
55:fd:3f:e1:6a:5f:cf:6e:2b:2e:82:37:54:35:ca:
da:5d:38:70:e1:cb:11:24:89:f6:43:38:96:67:6f:
9d:d2:dc:56:22:47:cd:e7:10:e9:a5:4e:38:86:be:
eb:7e:27:b5:05:b9:59:d2:4f:5f:54:d3:d7:b0:ff:
9d:9f:f5:f0:60:5a:e3:77:ee:37:d0:0c:7b:4c:46:
ed:1d:0c:07:70:aa:ea:a7:6c:00:20:ef:b8:36:7c:
bb:59:12:c8:c7:b2:79:b7:e7:b6:9c:8e:53:d5:d7:
19:d7:13:63:c3:c5:0d:3f:3f:ca:60:ae:c0:74:77:
e6:2e:27:e8:dc:d9:40:47:61:bb:1c:2e:20:b2:f0:
22:65:49:60:a3:a5:cb:77:97:4f:20:af:67:22:92:
5f:a8:4e:33:e5:16:92:2e:52:67:4f:29:11:02:6f:
a2:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:6C:F3:9C:BA:87:6C:77:B3:7B:64:45:0F:FC:31:98:4A:17:79:1A
X509v3 Authority Key Identifier:
keyid:08:A5:C3:AB:A4:21:B7:8A:7D:5D:09:B7:5B:4C:E3:BE:52:73:CA:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKXDq6Qht4p9XQm3W0zjvlJzyqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/CKXDq6Qht4p9XQm3W0zjvlJzyqw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/CKXDq6Qht4p9XQm3W0zjvlJzyqw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5c:9b:cc:f3:8b:9c:0d:cf:2d:92:ee:7c:4d:45:f4:d3:c0:27:
ca:9e:5d:11:28:fa:e8:48:3a:a8:f8:16:f6:c2:57:28:05:12:
28:1b:3c:a8:54:9f:54:79:29:34:e4:af:ae:46:40:74:b7:bb:
61:f7:d8:99:c0:09:4f:92:04:bd:24:28:54:42:1c:ff:89:7b:
e0:21:c4:2f:71:6e:ac:52:5e:f7:a9:d1:e7:56:dc:3e:d3:86:
a0:27:83:02:18:3e:02:af:9e:27:71:af:ef:e9:2a:e3:92:10:
9f:ab:46:62:55:1f:83:bc:fa:92:0c:cc:c0:7d:e6:8b:5b:8f:
04:d7:4a:4e:8e:70:de:35:7d:49:d4:cd:a4:23:65:cf:d8:6c:
9d:c4:92:c9:c7:0c:3f:0e:55:da:4a:1d:9e:90:fd:55:96:a4:
bf:6a:74:68:53:ac:4e:99:b7:63:4b:a2:49:6f:ba:69:a6:4a:
c2:c8:47:6e:ec:78:3a:cb:e4:e6:6d:86:ff:69:a8:40:e9:ba:
7b:55:12:76:b4:33:a9:10:cc:f6:60:6a:0d:dd:bb:35:99:86:
51:21:d5:f9:7a:f6:66:5c:58:7c:4f:84:be:fe:e9:5b:55:b6:
fb:75:f1:ee:e6:91:ac:17:2f:fd:45:d1:44:90:af:32:c0:c2:
72:27:ec:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+lr/OAqeCk1kU8nDWXhyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YTVjM2FiYTQyMWI3OGE3ZDVkMDliNzViNGNlM2JlNTI3
M2NhYWMwHhcNMjUwOTA3MDcwMDU2WhcNMjUwOTA4MDcwMDU2WjAzMTEwLwYDVQQD
EyhhMDZjZjM5Y2JhODc2Yzc3YjM3YjY0NDUwZmZjMzE5ODRhMTc3OTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+UjbgOsKbYIDw61XnOS0jBN288yb
4RQJM67sXMmG4C9k0wm8x2v73/87KUVHN0epUOK8etTNSGasyYDgLDXeBZ4oYFuR
CYE2UFlFpTfmfgwaye/c6SYFk1pV/T/hal/PbisugjdUNcraXThw4csRJIn2QziW
Z2+d0txWIkfN5xDppU44hr7rfie1BblZ0k9fVNPXsP+dn/XwYFrjd+430Ax7TEbt
HQwHcKrqp2wAIO+4Nny7WRLIx7J5t+e2nI5T1dcZ1xNjw8UNPz/KYK7AdHfmLifo
3NlAR2G7HC4gsvAiZUlgo6XLd5dPIK9nIpJfqE4z5RaSLlJnTykRAm+iSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKBs85y6h2x3s3tkRQ/8MZhKF3kaMB8GA1UdIwQY
MBaAFAilw6ukIbeKfV0Jt1tM475Sc8qsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0tYRHE2UWh0NHA5WFFtM1cwemp2bEp6eXF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My83YmQ4Y2YtMmE2MS00Yjc0LTg2MGQt
MzY0ZmFlN2M3MmM0LzEvQ0tYRHE2UWh0NHA5WFFtM1cwemp2bEp6eXF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My83YmQ4Y2YtMmE2MS00Yjc0LTg2MGQtMzY0ZmFlN2M3MmM0
LzEvQ0tYRHE2UWh0NHA5WFFtM1cwemp2bEp6eXF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXJvM84uc
Dc8tku58TUX008Anyp5dESj66Eg6qPgW9sJXKAUSKBs8qFSfVHkpNOSvrkZAdLe7
YffYmcAJT5IEvSQoVEIc/4l74CHEL3FurFJe96nR51bcPtOGoCeDAhg+Aq+eJ3Gv
7+kq45IQn6tGYlUfg7z6kgzMwH3mi1uPBNdKTo5w3jV9SdTNpCNlz9hsncSSyccM
Pw5V2kodnpD9VZakv2p0aFOsTpm3Y0uiSW+6aaZKwshHbux4Osvk5m2G/2moQOm6
e1USdrQzqRDM9mBqDd27NZmGUSHV+Xr2ZlxYfE+Evv7pW1W2+3Xx7uaRrBcv/UXR
RJCvMsDCcifsyQ==
-----END CERTIFICATE-----
Generated at Sun Sep 7 13:52:39 2025 by rpki-client