Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/1Iml3dMALoAJmbXBhn94Z4G68T0.mft
File: 1Iml3dMALoAJmbXBhn94Z4G68T0.mft (raw, json)
Hash identifier: oiLuay+ezq26bxmLmwVf8GgfJmAFNGYbeeYH/p8N3EQ=
Subject key identifier: FF:4B:B6:59:E6:09:AC:C7:1C:61:46:F5:C6:CE:EB:E9:DE:CD:7F:80
Authority key identifier: D4:89:A5:DD:D3:00:2E:80:09:99:B5:C1:86:7F:78:67:81:BA:F1:3D
Certificate issuer: /CN=d489a5ddd3002e800999b5c1867f786781baf13d
Certificate serial: 01984A40FBE65BAE94CF3C94B1D8C68AB3F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Iml3dMALoAJmbXBhn94Z4G68T0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/1Iml3dMALoAJmbXBhn94Z4G68T0.mft
Manifest number: 1602
Signing time: Sun 27 Jul 2025 05:00:29 +0000
Manifest this update: Sun 27 Jul 2025 05:00:29 +0000
Manifest next update: Mon 28 Jul 2025 05:00:29 +0000
Files and hashes: 1: 1Iml3dMALoAJmbXBhn94Z4G68T0.crl (hash: XSqpiKTjAAYNqaJ1U50d1un3rrXosggXKcoD7J8eXLM=)
2: Oic624JnJmz9lkyUCkfkxynrzXU.roa (hash: reuQNdNLE9OYq59c7HheLuUPxQ+GdUmZR0j+FA5WU8M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/1Iml3dMALoAJmbXBhn94Z4G68T0.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/1Iml3dMALoAJmbXBhn94Z4G68T0.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Iml3dMALoAJmbXBhn94Z4G68T0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 00:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:4a:40:fb:e6:5b:ae:94:cf:3c:94:b1:d8:c6:8a:b3:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d489a5ddd3002e800999b5c1867f786781baf13d
Validity
Not Before: Jul 27 05:00:29 2025 GMT
Not After : Jul 28 05:00:29 2025 GMT
Subject: CN=ff4bb659e609acc71c6146f5c6ceebe9decd7f80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:90:02:c3:30:d3:32:f0:5d:d4:24:de:3e:7c:
ce:40:11:48:f6:ca:65:a3:bf:65:14:67:a4:e9:bc:
ce:1e:79:77:7b:c8:63:1a:ce:b4:0f:e6:1a:72:67:
9f:2d:23:72:a6:7a:d8:61:3c:ca:7a:7d:22:96:ea:
ff:d2:b3:13:8f:af:27:a4:70:bb:9c:c7:57:69:24:
88:d1:d4:f5:7c:15:32:c1:ac:5d:67:90:cf:30:19:
9c:10:73:38:a0:39:e5:88:fa:5b:1f:59:60:d6:5f:
e7:a1:50:d7:53:3f:33:3c:9d:62:38:d6:bc:b9:da:
bf:65:76:cf:ce:b3:59:21:5b:67:b9:08:14:31:a7:
5c:ff:cb:b5:d3:2c:8f:17:ab:86:d0:11:f6:82:2b:
de:d3:aa:16:27:8c:2d:f8:63:cf:aa:88:db:50:ea:
5c:bf:76:4a:25:9f:f5:7a:9c:12:bb:ee:49:fb:f4:
8a:e2:c7:a1:ac:b8:7f:34:b5:6f:d3:6c:d6:52:95:
84:13:59:72:8d:41:dc:da:4b:5f:11:f7:e7:52:6e:
b7:0d:ba:3a:60:76:d2:44:c9:f5:db:88:50:e0:94:
4c:a5:43:3a:9b:73:e0:de:0d:f6:da:36:65:59:a1:
3e:93:55:57:99:2a:0a:d3:5a:ac:aa:65:e7:17:fc:
69:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:4B:B6:59:E6:09:AC:C7:1C:61:46:F5:C6:CE:EB:E9:DE:CD:7F:80
X509v3 Authority Key Identifier:
keyid:D4:89:A5:DD:D3:00:2E:80:09:99:B5:C1:86:7F:78:67:81:BA:F1:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Iml3dMALoAJmbXBhn94Z4G68T0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/1Iml3dMALoAJmbXBhn94Z4G68T0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/1Iml3dMALoAJmbXBhn94Z4G68T0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8c:6f:86:06:a2:b1:f9:b8:8d:73:3b:0d:2b:bc:67:4e:ec:1b:
4d:5c:72:43:ba:f9:de:92:ee:71:ed:05:86:eb:ac:e5:6b:b9:
01:79:b6:15:94:fc:a8:51:43:d3:0d:43:12:30:1d:bf:84:0c:
ba:ab:85:81:51:b2:83:5c:70:a2:86:9b:52:dc:cc:bb:6b:ba:
1e:81:45:26:87:c3:e5:ac:c7:b1:4c:9e:5d:0c:87:55:5f:eb:
67:45:ac:36:96:43:f7:26:4a:28:8f:ec:d1:55:bf:c4:1c:b5:
38:c2:16:47:17:f1:eb:48:37:d1:73:c9:5a:ac:5a:4f:4c:58:
4e:2d:7a:6d:6e:6c:fc:a7:4f:85:06:2d:a2:2b:e0:5d:83:b3:
fd:50:4f:69:9c:66:d7:fe:e6:83:5e:62:3a:7b:9a:81:ee:4b:
47:e1:33:25:65:33:45:f2:31:89:85:d8:b4:d7:ca:39:1b:13:
d8:05:55:2e:32:a6:f8:70:84:0b:bd:3b:0a:08:72:d7:d1:43:
92:ba:78:dd:dc:c3:79:bc:91:eb:ea:1d:40:f0:1d:45:2f:64:
7f:91:e6:9d:44:74:c6:2d:87:73:47:34:af:0a:a0:11:11:d7:
2e:d3:d3:bf:cd:88:70:c3:36:66:7f:59:d5:44:4e:c6:03:42:
21:fd:ec:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhKQPvmW66UzzyUsdjGirP1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ODlhNWRkZDMwMDJlODAwOTk5YjVjMTg2N2Y3ODY3ODFi
YWYxM2QwHhcNMjUwNzI3MDUwMDI5WhcNMjUwNzI4MDUwMDI5WjAzMTEwLwYDVQQD
EyhmZjRiYjY1OWU2MDlhY2M3MWM2MTQ2ZjVjNmNlZWJlOWRlY2Q3ZjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5ACwzDTMvBd1CTePnzOQBFI9spl
o79lFGek6bzOHnl3e8hjGs60D+YacmefLSNypnrYYTzKen0ilur/0rMTj68npHC7
nMdXaSSI0dT1fBUywaxdZ5DPMBmcEHM4oDnliPpbH1lg1l/noVDXUz8zPJ1iONa8
udq/ZXbPzrNZIVtnuQgUMadc/8u10yyPF6uG0BH2give06oWJ4wt+GPPqojbUOpc
v3ZKJZ/1epwSu+5J+/SK4sehrLh/NLVv02zWUpWEE1lyjUHc2ktfEffnUm63Dbo6
YHbSRMn124hQ4JRMpUM6m3Pg3g322jZlWaE+k1VXmSoK01qsqmXnF/xpxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP9LtlnmCazHHGFG9cbO6+nezX+AMB8GA1UdIwQY
MBaAFNSJpd3TAC6ACZm1wYZ/eGeBuvE9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUltbDNkTUFMb0FKbWJYQmhuOTRaNEc2OFQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iZmQyZDQtNmQ0NS00NGJiLWFlNmIt
NTI1OWVlZGNhMDdjLzEvMUltbDNkTUFMb0FKbWJYQmhuOTRaNEc2OFQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iZmQyZDQtNmQ0NS00NGJiLWFlNmItNTI1OWVlZGNhMDdj
LzEvMUltbDNkTUFMb0FKbWJYQmhuOTRaNEc2OFQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjG+GBqKx
+biNczsNK7xnTuwbTVxyQ7r53pLuce0Fhuus5Wu5AXm2FZT8qFFD0w1DEjAdv4QM
uquFgVGyg1xwooabUtzMu2u6HoFFJofD5azHsUyeXQyHVV/rZ0WsNpZD9yZKKI/s
0VW/xBy1OMIWRxfx60g30XPJWqxaT0xYTi16bW5s/KdPhQYtoivgXYOz/VBPaZxm
1/7mg15iOnuage5LR+EzJWUzRfIxiYXYtNfKORsT2AVVLjKm+HCEC707Cghy19FD
krp43dzDebyR6+odQPAdRS9kf5HmnUR0xi2Hc0c0rwqgERHXLtPTv82IcMM2Zn9Z
1UROxgNCIf3syQ==
-----END CERTIFICATE-----
Generated at Sun Jul 27 07:51:54 2025 by rpki-client