Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/c8dc11-90ef-487e-a073-df2bbc9d0473/1/bAlGwIGzK-hIywDY2TLowfcXlmg.mft
File: bAlGwIGzK-hIywDY2TLowfcXlmg.mft (raw, json)
Hash identifier: vPDNIEUJn7L4Gnw5AE4wam+K/mkYZXzfepeviBKHBDw=
Subject key identifier: B9:5B:59:7D:BD:64:CE:A6:32:19:BD:C1:58:59:EA:A8:36:CA:D2:93
Authority key identifier: 6C:09:46:C0:81:B3:2B:E8:48:CB:00:D8:D9:32:E8:C1:F7:17:96:68
Certificate issuer: /CN=6c0946c081b32be848cb00d8d932e8c1f7179668
Certificate serial: 019923A0BB3CFE57883169A266A7322CCAAA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bAlGwIGzK-hIywDY2TLowfcXlmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/c8dc11-90ef-487e-a073-df2bbc9d0473/1/bAlGwIGzK-hIywDY2TLowfcXlmg.mft
Manifest number: 1671
Signing time: Sun 07 Sep 2025 10:02:40 +0000
Manifest this update: Sun 07 Sep 2025 10:02:40 +0000
Manifest next update: Mon 08 Sep 2025 10:02:40 +0000
Files and hashes: 1: bAlGwIGzK-hIywDY2TLowfcXlmg.crl (hash: McDnZw8ct6JJ4/IUnC3r0nvyIQc7oGaJoCFbhBZe2bI=)
2: zcbK2VYAm9mMFJWXJQ7evncTyKY.roa (hash: IlkFU9F+u30MyRO9adAYRJd3agbOfEkk4M3dko//XTI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/c8dc11-90ef-487e-a073-df2bbc9d0473/1/bAlGwIGzK-hIywDY2TLowfcXlmg.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/c8dc11-90ef-487e-a073-df2bbc9d0473/1/bAlGwIGzK-hIywDY2TLowfcXlmg.mft
rsync://rpki.ripe.net/repository/DEFAULT/bAlGwIGzK-hIywDY2TLowfcXlmg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:23:a0:bb:3c:fe:57:88:31:69:a2:66:a7:32:2c:ca:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c0946c081b32be848cb00d8d932e8c1f7179668
Validity
Not Before: Sep 7 10:02:40 2025 GMT
Not After : Sep 8 10:02:40 2025 GMT
Subject: CN=b95b597dbd64cea63219bdc15859eaa836cad293
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:bc:cf:64:c4:e8:3a:10:f9:22:81:6e:19:3c:
f4:c8:0d:5c:fe:a1:66:f6:6d:d2:b2:61:b3:18:3c:
b5:0a:6e:6d:ba:39:13:2e:04:15:5a:e8:f9:14:ca:
bb:64:4d:77:5c:ea:10:83:9b:09:71:e3:44:5a:40:
0c:f3:15:89:36:9d:ac:da:dd:3e:42:63:39:9a:60:
ed:46:73:24:e8:54:2c:67:32:52:6c:f8:2d:cf:15:
c6:69:9e:f6:6f:51:56:d6:8c:4a:03:d8:13:ab:1b:
9e:62:80:39:9e:c4:63:97:d5:4e:3d:25:4b:7d:43:
36:7c:f7:4d:3b:75:1b:ef:75:2d:94:48:bf:8b:3f:
ff:cb:8a:5c:0b:05:df:f6:88:ee:c6:4f:37:30:fd:
e9:eb:d9:33:59:04:79:58:27:4f:4f:e5:18:df:13:
42:a4:47:db:a5:56:dc:31:f2:11:a2:23:45:d6:ae:
87:1d:9f:3a:ba:58:35:04:3d:44:38:7e:c4:dc:1d:
f4:c5:14:b6:da:33:21:4b:e8:cb:94:2a:24:b5:62:
7c:3d:b6:0a:f7:cb:9c:02:aa:a7:7e:1c:01:ec:90:
01:23:85:ed:5f:48:0c:be:7e:6d:7c:d7:4c:99:b2:
a4:cf:77:ea:8a:cf:3b:31:0a:d3:43:9d:df:63:aa:
6f:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:5B:59:7D:BD:64:CE:A6:32:19:BD:C1:58:59:EA:A8:36:CA:D2:93
X509v3 Authority Key Identifier:
keyid:6C:09:46:C0:81:B3:2B:E8:48:CB:00:D8:D9:32:E8:C1:F7:17:96:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bAlGwIGzK-hIywDY2TLowfcXlmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/c8dc11-90ef-487e-a073-df2bbc9d0473/1/bAlGwIGzK-hIywDY2TLowfcXlmg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/c8dc11-90ef-487e-a073-df2bbc9d0473/1/bAlGwIGzK-hIywDY2TLowfcXlmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c3:20:4a:97:20:8b:be:36:ba:e2:cc:18:2c:c0:26:3c:55:71:
09:58:be:97:7f:1e:3a:d8:eb:8b:50:1e:84:94:c0:95:31:06:
70:56:42:48:d7:96:02:9f:f2:71:9d:44:51:f2:14:91:d3:2e:
61:14:39:e3:4f:a9:80:c8:d9:4c:56:98:62:3d:dd:88:86:f4:
85:e2:94:1c:9a:91:b4:c2:a4:f4:b1:2b:bb:3c:2c:18:55:b8:
36:5c:8e:d9:25:3f:35:7f:a0:82:e1:c2:10:fd:92:9a:ce:46:
11:65:e6:94:8f:af:7a:49:c6:67:33:51:c6:50:83:93:d8:36:
22:9b:ff:fc:8c:c5:57:44:3f:fc:46:88:a8:e6:78:77:fa:44:
33:bd:7d:82:90:fc:88:7e:ad:2c:84:17:0b:22:e0:ff:03:f1:
97:25:fe:5f:70:1d:6d:c2:10:b4:59:70:9d:a2:8f:d0:a2:ec:
39:b2:b0:7a:e4:e1:e4:f0:69:a4:4b:c0:30:7c:e7:8f:df:d1:
86:90:72:e4:23:0b:c3:1f:e8:97:69:e3:d4:8e:22:2c:22:10:
3b:12:f3:8b:94:bb:25:21:18:17:bd:4e:69:7d:97:6a:70:74:
aa:16:68:86:5e:5c:04:ba:c9:f6:8d:cf:dd:a2:21:da:aa:de:
ec:2e:0f:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoLs8/leIMWmiZqcyLMqqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMDk0NmMwODFiMzJiZTg0OGNiMDBkOGQ5MzJlOGMxZjcx
Nzk2NjgwHhcNMjUwOTA3MTAwMjQwWhcNMjUwOTA4MTAwMjQwWjAzMTEwLwYDVQQD
EyhiOTViNTk3ZGJkNjRjZWE2MzIxOWJkYzE1ODU5ZWFhODM2Y2FkMjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7zPZMToOhD5IoFuGTz0yA1c/qFm
9m3SsmGzGDy1Cm5tujkTLgQVWuj5FMq7ZE13XOoQg5sJceNEWkAM8xWJNp2s2t0+
QmM5mmDtRnMk6FQsZzJSbPgtzxXGaZ72b1FW1oxKA9gTqxueYoA5nsRjl9VOPSVL
fUM2fPdNO3Ub73UtlEi/iz//y4pcCwXf9ojuxk83MP3p69kzWQR5WCdPT+UY3xNC
pEfbpVbcMfIRoiNF1q6HHZ86ulg1BD1EOH7E3B30xRS22jMhS+jLlCoktWJ8PbYK
98ucAqqnfhwB7JABI4XtX0gMvn5tfNdMmbKkz3fqis87MQrTQ53fY6pvOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLlbWX29ZM6mMhm9wVhZ6qg2ytKTMB8GA1UdIwQY
MBaAFGwJRsCBsyvoSMsA2Nky6MH3F5ZoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkFsR3dJR3pLLWhJeXdEWTJUTG93ZmNYbG1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9jOGRjMTEtOTBlZi00ODdlLWEwNzMt
ZGYyYmJjOWQwNDczLzEvYkFsR3dJR3pLLWhJeXdEWTJUTG93ZmNYbG1nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9jOGRjMTEtOTBlZi00ODdlLWEwNzMtZGYyYmJjOWQwNDcz
LzEvYkFsR3dJR3pLLWhJeXdEWTJUTG93ZmNYbG1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwyBKlyCL
vja64swYLMAmPFVxCVi+l38eOtjri1AehJTAlTEGcFZCSNeWAp/ycZ1EUfIUkdMu
YRQ540+pgMjZTFaYYj3diIb0heKUHJqRtMKk9LEruzwsGFW4NlyO2SU/NX+gguHC
EP2Sms5GEWXmlI+veknGZzNRxlCDk9g2Ipv//IzFV0Q//EaIqOZ4d/pEM719gpD8
iH6tLIQXCyLg/wPxlyX+X3AdbcIQtFlwnaKP0KLsObKweuTh5PBppEvAMHznj9/R
hpBy5CMLwx/ol2nj1I4iLCIQOxLzi5S7JSEYF71OaX2XanB0qhZohl5cBLrJ9o3P
3aIh2qre7C4PYg==
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:35:27 2025 by rpki-client