Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.mft
File: dnECLoKiznV3Drwajw1F9E8scxY.mft (raw, json)
Hash identifier: SyxsfgCxwlkI3O44gPI7sFjb/3GcULPK2z+wA6n0YHc=
Subject key identifier: 22:2D:EF:6B:62:31:E4:94:2F:CE:60:B1:7D:E1:40:86:D6:84:C6:53
Authority key identifier: 76:71:02:2E:82:A2:CE:75:77:0E:BC:1A:8F:0D:45:F4:4F:2C:73:16
Certificate issuer: /CN=7671022e82a2ce75770ebc1a8f0d45f44f2c7316
Certificate serial: 019921B0558887C7A35C2CA7E1534AB1A27F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dnECLoKiznV3Drwajw1F9E8scxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.mft
Manifest number: 166E
Signing time: Sun 07 Sep 2025 01:00:28 +0000
Manifest this update: Sun 07 Sep 2025 01:00:28 +0000
Manifest next update: Mon 08 Sep 2025 01:00:28 +0000
Files and hashes: 1: dnECLoKiznV3Drwajw1F9E8scxY.crl (hash: OFLBGGACdhi3SrMNbyR/8N0CLnu7iq+VhLGNKjcc080=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.mft
rsync://rpki.ripe.net/repository/DEFAULT/dnECLoKiznV3Drwajw1F9E8scxY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 01:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:21:b0:55:88:87:c7:a3:5c:2c:a7:e1:53:4a:b1:a2:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7671022e82a2ce75770ebc1a8f0d45f44f2c7316
Validity
Not Before: Sep 7 01:00:28 2025 GMT
Not After : Sep 8 01:00:28 2025 GMT
Subject: CN=222def6b6231e4942fce60b17de14086d684c653
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:3c:8d:22:2c:24:07:d8:03:43:7a:41:e9:f1:
ed:e0:21:54:99:fd:ac:80:05:b2:5c:6a:42:0b:a8:
41:f0:75:3c:42:21:23:db:bf:07:f8:38:5c:28:2a:
e2:64:54:e3:d8:28:76:15:8f:83:0c:65:11:5e:93:
3f:48:8d:c3:51:37:da:c8:51:93:11:50:c0:e7:65:
f2:f5:8a:5d:74:d0:3b:3c:9e:33:64:1c:5b:57:66:
b6:ef:3b:80:48:db:90:5c:f6:f0:35:0b:90:c9:30:
37:0b:51:fa:5c:f0:17:9e:14:a1:18:22:26:ea:87:
df:22:d2:6b:ea:25:72:27:e0:46:82:96:e7:c8:ba:
08:b4:7e:ad:fa:6b:1a:b5:c6:16:21:60:d0:34:22:
bb:81:5c:66:4e:e0:b6:f1:b2:74:b6:b4:da:82:e8:
2a:a6:37:a8:68:bf:22:56:96:71:3c:e2:50:2d:24:
47:b1:5f:57:c8:9d:82:a1:d0:9c:fc:8a:d5:e8:bf:
9f:99:de:17:30:6b:5b:0e:f3:b0:ba:de:bc:a7:7b:
ae:ed:48:1c:94:03:32:5a:80:18:d9:55:15:55:e1:
49:ed:2f:8f:a5:02:8f:eb:3c:d4:78:96:43:4b:5c:
bf:ba:d4:68:3c:e0:d7:54:cd:bb:f5:5b:88:fe:09:
c6:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:2D:EF:6B:62:31:E4:94:2F:CE:60:B1:7D:E1:40:86:D6:84:C6:53
X509v3 Authority Key Identifier:
keyid:76:71:02:2E:82:A2:CE:75:77:0E:BC:1A:8F:0D:45:F4:4F:2C:73:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dnECLoKiznV3Drwajw1F9E8scxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a8:67:0d:69:3f:05:8c:b7:b3:ee:72:84:62:56:6b:fe:e1:03:
18:c3:22:b8:25:72:48:f2:da:4c:64:f2:c5:61:58:83:28:22:
cc:84:48:93:32:13:6d:68:be:74:ca:21:03:44:bc:cf:74:dd:
62:b0:8b:3f:8f:7c:00:88:3a:bb:34:f9:fe:13:e5:24:9e:08:
25:47:48:52:33:e6:97:63:9f:ce:09:5a:9c:c2:cc:e1:6e:6c:
96:d3:01:fa:06:5c:ce:c1:e8:92:25:ce:4c:06:7b:64:9d:46:
ed:d7:b3:e4:93:3a:17:08:b7:4c:cd:28:bc:51:2c:5c:9d:75:
5e:e9:0a:35:23:11:44:f9:b2:fa:05:a2:85:88:94:ff:e4:3e:
1e:4f:d9:cc:2b:6b:bf:44:22:40:4c:29:88:1d:0b:fc:e4:61:
56:27:57:52:b6:18:6e:c4:c6:29:7f:24:86:2e:24:c8:47:17:
35:9c:eb:f8:88:9c:f8:fa:2c:9c:c9:2f:21:e8:26:30:06:d2:
82:bf:4b:1b:03:46:a7:f9:80:fd:82:db:d1:01:29:3f:8d:9b:
42:03:63:1f:62:ef:8b:84:5e:55:84:87:5d:49:74:45:e4:48:
cc:56:36:85:1e:86:e4:07:e3:ee:73:59:71:73:e0:c9:5f:37:
6e:fe:4e:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsFWIh8ejXCyn4VNKsaJ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NzEwMjJlODJhMmNlNzU3NzBlYmMxYThmMGQ0NWY0NGYy
YzczMTYwHhcNMjUwOTA3MDEwMDI4WhcNMjUwOTA4MDEwMDI4WjAzMTEwLwYDVQQD
EygyMjJkZWY2YjYyMzFlNDk0MmZjZTYwYjE3ZGUxNDA4NmQ2ODRjNjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzyNIiwkB9gDQ3pB6fHt4CFUmf2s
gAWyXGpCC6hB8HU8QiEj278H+DhcKCriZFTj2Ch2FY+DDGURXpM/SI3DUTfayFGT
EVDA52Xy9YpddNA7PJ4zZBxbV2a27zuASNuQXPbwNQuQyTA3C1H6XPAXnhShGCIm
6offItJr6iVyJ+BGgpbnyLoItH6t+msatcYWIWDQNCK7gVxmTuC28bJ0trTagugq
pjeoaL8iVpZxPOJQLSRHsV9XyJ2CodCc/IrV6L+fmd4XMGtbDvOwut68p3uu7Ugc
lAMyWoAY2VUVVeFJ7S+PpQKP6zzUeJZDS1y/utRoPODXVM279VuI/gnGQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCIt72tiMeSUL85gsX3hQIbWhMZTMB8GA1UdIwQY
MBaAFHZxAi6Cos51dw68Go8NRfRPLHMWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG5FQ0xvS2l6blYzRHJ3YWp3MUY5RThzY3hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jMjcxOWQtOGQ3Ny00Njg2LWEyZmIt
N2I0ZjA5Nzg1Zjc5LzEvZG5FQ0xvS2l6blYzRHJ3YWp3MUY5RThzY3hZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9jMjcxOWQtOGQ3Ny00Njg2LWEyZmItN2I0ZjA5Nzg1Zjc5
LzEvZG5FQ0xvS2l6blYzRHJ3YWp3MUY5RThzY3hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqGcNaT8F
jLez7nKEYlZr/uEDGMMiuCVySPLaTGTyxWFYgygizIRIkzITbWi+dMohA0S8z3Td
YrCLP498AIg6uzT5/hPlJJ4IJUdIUjPml2OfzglanMLM4W5sltMB+gZczsHokiXO
TAZ7ZJ1G7dez5JM6Fwi3TM0ovFEsXJ11XukKNSMRRPmy+gWihYiU/+Q+Hk/ZzCtr
v0QiQEwpiB0L/ORhVidXUrYYbsTGKX8khi4kyEcXNZzr+Iic+PosnMkvIegmMAbS
gr9LGwNGp/mA/YLb0QEpP42bQgNjH2Lvi4ReVYSHXUl0ReRIzFY2hR6G5Afj7nNZ
cXPgyV83bv5OIw==
-----END CERTIFICATE-----
Generated at Sun Sep 7 11:16:15 2025 by rpki-client