Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
File: r433xPeRM3MP4-aJR3enlgSly3k.mft (raw, json)
Hash identifier: JqUY4urH4U30D7DN9JgfDrUye+U2zhcT7gnSoEMZvTA=
Subject key identifier: C9:B4:73:C9:51:F5:4F:C5:1D:67:7F:E8:24:4F:26:31:EE:3E:37:9D
Authority key identifier: AF:8D:F7:C4:F7:91:33:73:0F:E3:E6:89:47:77:A7:96:04:A5:CB:79
Certificate issuer: /CN=af8df7c4f79133730fe3e6894777a79604a5cb79
Certificate serial: 019932366BDB87D2757EC2204682F7F7D2AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
Manifest number: 1679
Signing time: Wed 10 Sep 2025 06:00:51 +0000
Manifest this update: Wed 10 Sep 2025 06:00:51 +0000
Manifest next update: Thu 11 Sep 2025 06:00:51 +0000
Files and hashes: 1: Sj0PB6C71UQWy93CM-Vpj4pjoBg.roa (hash: StQmSXi8WTjztpX70qdwwtDI4sB0dsxFMynA07YhLgY=)
2: r433xPeRM3MP4-aJR3enlgSly3k.crl (hash: lEsf46LDEsS81+AD6hjkSAyYojxQHVI6IpAOKGog0uc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Sep 2025 02:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:32:36:6b:db:87:d2:75:7e:c2:20:46:82:f7:f7:d2:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af8df7c4f79133730fe3e6894777a79604a5cb79
Validity
Not Before: Sep 10 06:00:51 2025 GMT
Not After : Sep 11 06:00:51 2025 GMT
Subject: CN=c9b473c951f54fc51d677fe8244f2631ee3e379d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d0:1b:bd:ad:a9:71:4a:2b:98:21:9a:78:c3:
af:e8:91:6b:41:f4:e3:80:8a:06:38:cb:fe:b2:bf:
b2:2c:07:8e:c4:a9:b8:c1:a5:fc:55:2f:db:8d:85:
c7:e6:dd:c8:07:30:12:c6:88:e9:1c:01:0d:be:3d:
b6:29:88:bf:90:bd:48:27:2d:b2:45:7f:86:12:b0:
e8:1e:74:04:d5:21:95:7b:bd:0d:c2:7a:72:12:bb:
22:96:bc:61:c5:cd:f3:d8:2f:2d:7f:f2:d3:21:55:
2f:bf:4b:1a:88:c9:99:04:57:47:95:7e:8e:fa:70:
5d:fa:c3:6b:31:a1:26:4e:7b:b2:1e:eb:e2:19:f7:
a4:2e:9e:ed:d4:b6:db:af:44:2e:6f:23:09:75:61:
10:aa:3a:3e:ae:ab:fe:66:8c:ef:12:fc:d0:16:b2:
81:5a:2d:e2:22:e0:43:87:20:f3:f7:c8:08:ab:25:
e7:4b:9c:11:86:ae:d6:58:2c:dd:ce:b7:ab:2c:c0:
78:d2:5b:b9:a4:8d:88:93:89:5c:3b:48:8e:4d:81:
3d:ca:db:75:54:a2:9a:23:fe:d6:eb:0a:cf:ff:66:
a0:1c:26:31:53:0e:57:a1:18:45:24:79:f6:fa:eb:
f9:39:7b:db:9e:6c:99:f6:4f:27:f6:9c:ee:fc:26:
a3:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:B4:73:C9:51:F5:4F:C5:1D:67:7F:E8:24:4F:26:31:EE:3E:37:9D
X509v3 Authority Key Identifier:
keyid:AF:8D:F7:C4:F7:91:33:73:0F:E3:E6:89:47:77:A7:96:04:A5:CB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
41:67:2e:07:73:58:09:ff:8a:9c:8f:fe:d9:1a:73:16:0b:f0:
fb:53:93:74:6e:f7:34:87:23:c5:67:cd:89:d7:4f:ce:51:43:
95:71:c1:b7:a3:15:ae:b1:81:7a:91:9b:d3:8a:e3:64:3a:01:
13:14:7b:37:47:ba:fc:b6:88:c2:c7:f3:ba:a9:88:2d:ba:37:
2a:40:d4:10:77:24:b8:01:62:5e:66:00:51:f8:15:84:ec:fc:
8a:cc:9f:7d:7e:0c:c1:b7:2f:74:e0:f9:2e:91:96:fe:47:18:
18:fb:6d:a1:8d:cc:9a:28:45:2c:c1:ec:0f:e7:5c:8c:23:77:
1b:f6:09:71:18:1b:e4:43:d0:c8:d0:df:1f:88:78:75:86:eb:
e6:ac:53:50:2d:7a:9b:21:fb:a8:51:db:33:c1:19:57:42:a0:
d5:31:11:69:fb:38:eb:35:9e:02:15:01:8b:34:2c:34:20:6f:
26:fe:fb:d5:e2:3f:6f:70:88:be:51:22:89:d1:c0:86:a7:ac:
0c:e6:14:31:80:4e:87:d7:9f:3d:c9:db:8e:16:90:a7:33:ee:
ae:0f:57:3d:43:d7:fd:7e:be:79:d5:f9:46:32:4a:66:23:62:
11:17:a3:0d:d9:f6:45:2e:1d:a1:7c:bc:86:38:dc:e7:92:0a:
ad:82:02:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkyNmvbh9J1fsIgRoL399KsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOGRmN2M0Zjc5MTMzNzMwZmUzZTY4OTQ3NzdhNzk2MDRh
NWNiNzkwHhcNMjUwOTEwMDYwMDUxWhcNMjUwOTExMDYwMDUxWjAzMTEwLwYDVQQD
EyhjOWI0NzNjOTUxZjU0ZmM1MWQ2NzdmZTgyNDRmMjYzMWVlM2UzNzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNAbva2pcUormCGaeMOv6JFrQfTj
gIoGOMv+sr+yLAeOxKm4waX8VS/bjYXH5t3IBzASxojpHAENvj22KYi/kL1IJy2y
RX+GErDoHnQE1SGVe70NwnpyErsilrxhxc3z2C8tf/LTIVUvv0saiMmZBFdHlX6O
+nBd+sNrMaEmTnuyHuviGfekLp7t1Lbbr0QubyMJdWEQqjo+rqv+ZozvEvzQFrKB
Wi3iIuBDhyDz98gIqyXnS5wRhq7WWCzdzrerLMB40lu5pI2Ik4lcO0iOTYE9ytt1
VKKaI/7W6wrP/2agHCYxUw5XoRhFJHn2+uv5OXvbnmyZ9k8n9pzu/CajYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMm0c8lR9U/FHWd/6CRPJjHuPjedMB8GA1UdIwQY
MBaAFK+N98T3kTNzD+PmiUd3p5YEpct5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC81MGZmMDAtNzc3YS00MTFkLTkzOGIt
ZjRkNjBlY2RmMmIyLzEvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC81MGZmMDAtNzc3YS00MTFkLTkzOGItZjRkNjBlY2RmMmIy
LzEvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQWcuB3NY
Cf+KnI/+2RpzFgvw+1OTdG73NIcjxWfNiddPzlFDlXHBt6MVrrGBepGb04rjZDoB
ExR7N0e6/LaIwsfzuqmILbo3KkDUEHckuAFiXmYAUfgVhOz8isyffX4MwbcvdOD5
LpGW/kcYGPttoY3MmihFLMHsD+dcjCN3G/YJcRgb5EPQyNDfH4h4dYbr5qxTUC16
myH7qFHbM8EZV0Kg1TERafs46zWeAhUBizQsNCBvJv771eI/b3CIvlEiidHAhqes
DOYUMYBOh9efPcnbjhaQpzPurg9XPUPX/X6+edX5RjJKZiNiERejDdn2RS4doXy8
hjjc55IKrYICjA==
-----END CERTIFICATE-----
Generated at Wed Sep 10 12:25:47 2025 by rpki-client