Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/rS044g8k0OMLhszYJhrAAX8XpaQ.mft
File: rS044g8k0OMLhszYJhrAAX8XpaQ.mft (raw, json)
Hash identifier: iDd9OHBfCfiUmauZZ+KQ70i2V+VcBHlo+5nLvFQD0QI=
Subject key identifier: 3B:7D:B9:C9:84:5A:32:AA:C6:3A:79:5B:17:30:5D:AE:54:8B:49:56
Authority key identifier: AD:2D:38:E2:0F:24:D0:E3:0B:86:CC:D8:26:1A:C0:01:7F:17:A5:A4
Certificate issuer: /CN=ad2d38e20f24d0e30b86ccd8261ac0017f17a5a4
Certificate serial: 0198C6492D12CA6287BF16DD9664E8D72559
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rS044g8k0OMLhszYJhrAAX8XpaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/rS044g8k0OMLhszYJhrAAX8XpaQ.mft
Manifest number: 090F
Signing time: Wed 20 Aug 2025 07:02:21 +0000
Manifest this update: Wed 20 Aug 2025 07:02:21 +0000
Manifest next update: Thu 21 Aug 2025 07:02:21 +0000
Files and hashes: 1: IhFmVxbE3gn_IPAxvOuH1Dxlo9o.roa (hash: oKXrmB0pSBgjznKzRYUFbiw4D9My9SBHtgqoNaUCBKA=)
2: rS044g8k0OMLhszYJhrAAX8XpaQ.crl (hash: vd+6PQ2zeYyPNvBxC5RJH1Y4DF0L3mN2swZptR6ux6I=)
3: wbXeB63VhLi_7WMIhOdMpk0lCW4.roa (hash: d7dOr+7PutspTBpcReyCrf+E8CzcxyNVV7Zc8qzo3dU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/rS044g8k0OMLhszYJhrAAX8XpaQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/rS044g8k0OMLhszYJhrAAX8XpaQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/rS044g8k0OMLhszYJhrAAX8XpaQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 07:02:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c6:49:2d:12:ca:62:87:bf:16:dd:96:64:e8:d7:25:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad2d38e20f24d0e30b86ccd8261ac0017f17a5a4
Validity
Not Before: Aug 20 07:02:21 2025 GMT
Not After : Aug 21 07:02:21 2025 GMT
Subject: CN=3b7db9c9845a32aac63a795b17305dae548b4956
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:32:2a:86:a4:89:91:09:fe:39:79:e8:ab:c8:
22:35:1f:57:a6:84:cb:ce:9a:6c:19:a2:1b:32:ae:
5a:19:6a:92:be:81:9e:b5:42:15:d7:2c:a5:58:5e:
89:b0:b1:db:49:6d:4e:7d:45:4d:86:b6:ec:fc:fc:
5a:31:49:c6:1f:45:da:c0:fb:4a:e5:1e:fe:7d:b5:
ad:2b:2b:9b:69:56:7e:39:ad:c0:48:46:2f:69:c3:
d8:b7:b5:de:6d:57:14:37:68:2b:d7:11:4a:7a:60:
8d:22:49:15:ed:1a:28:8f:d9:b5:fa:5e:0f:63:18:
a6:f0:9b:a1:0d:c0:bc:5b:43:29:c8:8f:63:a3:ec:
9a:0c:a4:03:44:e8:dd:bb:64:4c:b9:bf:bf:1a:5a:
3a:92:3e:6f:65:d3:2c:c1:1f:af:5d:fb:d8:13:aa:
ae:8b:6c:e4:f8:22:e2:7f:b1:cc:b5:57:b2:f2:9a:
18:15:87:50:3b:93:99:32:37:41:13:1e:63:8a:47:
4f:7e:5f:13:27:93:2d:71:c1:6b:a4:c1:4d:39:38:
51:2a:dd:27:c4:06:cc:3d:10:fe:20:e8:db:c6:92:
a7:9b:17:5a:db:4c:2d:3b:32:10:a5:11:1d:bb:99:
4e:89:f1:bc:45:ad:3c:e6:58:c9:27:77:36:c6:7e:
47:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:7D:B9:C9:84:5A:32:AA:C6:3A:79:5B:17:30:5D:AE:54:8B:49:56
X509v3 Authority Key Identifier:
keyid:AD:2D:38:E2:0F:24:D0:E3:0B:86:CC:D8:26:1A:C0:01:7F:17:A5:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rS044g8k0OMLhszYJhrAAX8XpaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/rS044g8k0OMLhszYJhrAAX8XpaQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/rS044g8k0OMLhszYJhrAAX8XpaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b1:dc:38:19:d1:c9:60:45:66:3c:32:03:ba:27:cc:1d:b8:95:
25:71:92:5a:75:20:60:4f:2e:16:8e:7c:e0:84:d9:96:bd:67:
71:70:d5:c7:14:75:78:55:a7:47:cd:d6:96:29:f8:68:b7:ce:
89:21:71:ae:16:46:aa:11:39:85:39:30:00:c1:84:1e:c8:b2:
99:79:1c:55:62:25:76:60:80:5a:06:20:12:e1:94:76:b1:8e:
bb:8b:1b:ba:ee:60:01:bb:e3:e5:5e:7d:ce:bf:fd:6f:7e:97:
96:88:54:ab:1a:15:7b:cc:33:b0:93:05:6f:c2:9c:43:c2:eb:
ce:e7:bd:2c:82:f0:ac:02:6f:00:a6:62:a6:fe:33:56:f1:c3:
4b:8d:1c:dd:f7:02:25:5c:42:28:b1:0f:36:21:fd:f0:dc:fc:
64:64:da:0e:55:07:af:e3:30:98:c4:1a:f7:53:0f:67:70:1e:
27:48:f3:86:39:6d:60:c5:4b:47:69:20:b9:c5:9d:b8:4f:8d:
a1:28:b7:7b:e0:af:1e:97:3b:e0:06:37:e6:65:5d:4d:46:bd:
a2:12:8a:72:3a:c6:29:c1:bb:fb:1c:54:f8:7d:92:51:4a:af:
4a:ef:23:3f:48:a8:d8:eb:34:06:0d:e9:6d:39:1f:26:85:d4:
3e:41:35:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjGSS0SymKHvxbdlmTo1yVZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMmQzOGUyMGYyNGQwZTMwYjg2Y2NkODI2MWFjMDAxN2Yx
N2E1YTQwHhcNMjUwODIwMDcwMjIxWhcNMjUwODIxMDcwMjIxWjAzMTEwLwYDVQQD
EygzYjdkYjljOTg0NWEzMmFhYzYzYTc5NWIxNzMwNWRhZTU0OGI0OTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizIqhqSJkQn+OXnoq8giNR9XpoTL
zppsGaIbMq5aGWqSvoGetUIV1yylWF6JsLHbSW1OfUVNhrbs/PxaMUnGH0XawPtK
5R7+fbWtKyubaVZ+Oa3ASEYvacPYt7XebVcUN2gr1xFKemCNIkkV7Rooj9m1+l4P
Yxim8JuhDcC8W0MpyI9jo+yaDKQDROjdu2RMub+/Glo6kj5vZdMswR+vXfvYE6qu
i2zk+CLif7HMtVey8poYFYdQO5OZMjdBEx5jikdPfl8TJ5MtccFrpMFNOThRKt0n
xAbMPRD+IOjbxpKnmxda20wtOzIQpREdu5lOifG8Ra085ljJJ3c2xn5H0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDt9ucmEWjKqxjp5WxcwXa5Ui0lWMB8GA1UdIwQY
MBaAFK0tOOIPJNDjC4bM2CYawAF/F6WkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclMwNDRnOGswT01MaHN6WUpockFBWDhYcGFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yZDg3NjEtMjI5Zi00YTM3LTg3YjEt
NDI5OTUzMjNjMDNkLzEvclMwNDRnOGswT01MaHN6WUpockFBWDhYcGFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yZDg3NjEtMjI5Zi00YTM3LTg3YjEtNDI5OTUzMjNjMDNk
LzEvclMwNDRnOGswT01MaHN6WUpockFBWDhYcGFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsdw4GdHJ
YEVmPDIDuifMHbiVJXGSWnUgYE8uFo584ITZlr1ncXDVxxR1eFWnR83Wlin4aLfO
iSFxrhZGqhE5hTkwAMGEHsiymXkcVWIldmCAWgYgEuGUdrGOu4sbuu5gAbvj5V59
zr/9b36XlohUqxoVe8wzsJMFb8KcQ8Lrzue9LILwrAJvAKZipv4zVvHDS40c3fcC
JVxCKLEPNiH98Nz8ZGTaDlUHr+MwmMQa91MPZ3AeJ0jzhjltYMVLR2kgucWduE+N
oSi3e+CvHpc74AY35mVdTUa9ohKKcjrGKcG7+xxU+H2SUUqvSu8jP0io2Os0Bg3p
bTkfJoXUPkE1mA==
-----END CERTIFICATE-----
Generated at Wed Aug 20 13:53:23 2025 by rpki-client