Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/ec8801-0a7c-487e-a103-525d7e22c788/1/smbm5NXff4olZUFEdV172ZLnNTk.mft
File: smbm5NXff4olZUFEdV172ZLnNTk.mft (raw, json)
Hash identifier: 2VGawuhEKI/Yq3hjBSGtXAMLhXnfIKhtYEhnnw/pKEk=
Subject key identifier: 63:06:CB:8C:78:C8:7D:D0:8F:AF:24:88:EF:80:AB:7A:BC:81:E0:4D
Authority key identifier: B2:66:E6:E4:D5:DF:7F:8A:25:65:41:44:75:5D:7B:D9:92:E7:35:39
Certificate issuer: /CN=b266e6e4d5df7f8a25654144755d7bd992e73539
Certificate serial: 0199239F58EAA2D8D95C7AA02CDA361D7496
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/smbm5NXff4olZUFEdV172ZLnNTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/ec8801-0a7c-487e-a103-525d7e22c788/1/smbm5NXff4olZUFEdV172ZLnNTk.mft
Manifest number: 097B
Signing time: Sun 07 Sep 2025 10:01:09 +0000
Manifest this update: Sun 07 Sep 2025 10:01:09 +0000
Manifest next update: Mon 08 Sep 2025 10:01:09 +0000
Files and hashes: 1: 4UxBywVcvcMsb-HDJGoMszIr0uA.roa (hash: CPNjg2b32CAKEDe5pmcVPP+MsVRB7Gy+EYi43k44UBQ=)
2: smbm5NXff4olZUFEdV172ZLnNTk.crl (hash: Z2DJgCBpkxtuL5H2+YpNihK3QfkQQPIw4Tl2JX5p2oA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/ec8801-0a7c-487e-a103-525d7e22c788/1/smbm5NXff4olZUFEdV172ZLnNTk.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/ec8801-0a7c-487e-a103-525d7e22c788/1/smbm5NXff4olZUFEdV172ZLnNTk.mft
rsync://rpki.ripe.net/repository/DEFAULT/smbm5NXff4olZUFEdV172ZLnNTk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:23:9f:58:ea:a2:d8:d9:5c:7a:a0:2c:da:36:1d:74:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b266e6e4d5df7f8a25654144755d7bd992e73539
Validity
Not Before: Sep 7 10:01:09 2025 GMT
Not After : Sep 8 10:01:09 2025 GMT
Subject: CN=6306cb8c78c87dd08faf2488ef80ab7abc81e04d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f3:97:21:09:e8:0c:42:f1:3b:5e:cd:92:6f:
db:91:d5:d2:6e:f5:3a:b1:97:b1:a7:f3:82:f5:0f:
aa:c4:41:76:1f:a2:38:f4:75:cd:10:bc:c7:8a:de:
5c:e0:c3:ab:92:6d:c9:27:7a:f3:e5:13:66:d5:97:
98:74:d2:62:de:c6:63:82:7c:05:f0:de:af:65:81:
00:d0:9c:42:5a:b7:27:20:5e:d1:fe:3b:f4:a8:56:
40:35:c9:27:96:6a:ec:66:f9:3c:2a:14:fc:d3:cc:
2b:cb:ce:e8:3c:d9:24:7f:9f:42:a2:da:f3:b5:af:
f8:62:9b:54:9b:33:9a:2f:6b:ed:a1:01:b3:4e:fe:
15:5b:a5:be:7f:2e:89:b7:29:fd:ff:ad:a9:91:ab:
97:61:03:97:af:8d:5b:15:47:d4:6f:c4:27:4a:16:
da:fa:be:73:08:1e:d1:53:95:b4:14:57:54:ac:1d:
08:d7:11:8a:58:22:2b:e6:84:cb:33:c9:cb:6e:b4:
16:ed:a9:44:92:54:cd:f2:8d:c5:89:f5:b9:ad:94:
2f:89:92:fd:2b:9e:c7:9d:18:15:19:c1:e9:32:e0:
5c:7f:98:cf:64:c5:04:b5:7c:12:a2:15:b9:03:11:
cf:77:05:9e:8f:2f:24:0f:94:a1:63:47:88:ea:05:
65:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:06:CB:8C:78:C8:7D:D0:8F:AF:24:88:EF:80:AB:7A:BC:81:E0:4D
X509v3 Authority Key Identifier:
keyid:B2:66:E6:E4:D5:DF:7F:8A:25:65:41:44:75:5D:7B:D9:92:E7:35:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/smbm5NXff4olZUFEdV172ZLnNTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/ec8801-0a7c-487e-a103-525d7e22c788/1/smbm5NXff4olZUFEdV172ZLnNTk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/ec8801-0a7c-487e-a103-525d7e22c788/1/smbm5NXff4olZUFEdV172ZLnNTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
74:85:a1:62:64:12:43:ef:a5:8a:ab:a3:23:a7:69:76:52:45:
d9:d6:c8:7b:3c:4a:d5:01:40:4e:15:99:93:c7:9e:74:0c:8d:
51:c8:c1:c7:ca:ba:00:ce:53:7c:a3:4b:87:04:8d:13:17:cf:
4a:2c:6c:65:9f:89:0a:eb:6b:a6:dc:30:99:3b:cd:9d:fc:08:
06:b8:e4:dd:08:78:19:36:43:15:e2:62:a3:3a:3d:c6:bf:3d:
f4:ab:9b:58:dc:69:9d:ab:20:15:82:ed:4e:1b:69:75:10:de:
d4:d4:16:25:4f:f3:30:8a:f9:ac:bb:da:a2:19:72:08:eb:28:
43:94:f8:9c:35:74:ab:42:be:31:fd:2c:e7:68:e8:1a:ec:8c:
d6:ac:f8:43:e2:a1:c7:9a:28:31:83:f5:f2:1e:bc:83:35:db:
39:50:67:9c:e9:d7:6c:9c:0d:fc:d2:88:ba:42:1a:4d:0f:9c:
4b:fc:c3:34:4a:2d:e9:cb:22:cb:b7:87:18:e0:06:c8:08:e8:
0d:6c:52:25:8e:01:b5:6b:68:be:d5:a1:d9:b4:7d:f6:20:a3:
dd:30:68:a0:30:c8:a7:21:3d:66:61:77:29:16:80:48:82:83:
40:3b:67:43:0d:5f:d2:f7:60:28:c8:7d:87:05:2a:57:ab:4e:
c4:69:51:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn1jqotjZXHqgLNo2HXSWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyNjZlNmU0ZDVkZjdmOGEyNTY1NDE0NDc1NWQ3YmQ5OTJl
NzM1MzkwHhcNMjUwOTA3MTAwMTA5WhcNMjUwOTA4MTAwMTA5WjAzMTEwLwYDVQQD
Eyg2MzA2Y2I4Yzc4Yzg3ZGQwOGZhZjI0ODhlZjgwYWI3YWJjODFlMDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvOXIQnoDELxO17Nkm/bkdXSbvU6
sZexp/OC9Q+qxEF2H6I49HXNELzHit5c4MOrkm3JJ3rz5RNm1ZeYdNJi3sZjgnwF
8N6vZYEA0JxCWrcnIF7R/jv0qFZANcknlmrsZvk8KhT808wry87oPNkkf59Cotrz
ta/4YptUmzOaL2vtoQGzTv4VW6W+fy6Jtyn9/62pkauXYQOXr41bFUfUb8QnShba
+r5zCB7RU5W0FFdUrB0I1xGKWCIr5oTLM8nLbrQW7alEklTN8o3FifW5rZQviZL9
K57HnRgVGcHpMuBcf5jPZMUEtXwSohW5AxHPdwWejy8kD5ShY0eI6gVlNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGMGy4x4yH3Qj68kiO+Aq3q8geBNMB8GA1UdIwQY
MBaAFLJm5uTV33+KJWVBRHVde9mS5zU5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc21ibTVOWGZmNG9sWlVGRWRWMTcyWkxuTlRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9lYzg4MDEtMGE3Yy00ODdlLWExMDMt
NTI1ZDdlMjJjNzg4LzEvc21ibTVOWGZmNG9sWlVGRWRWMTcyWkxuTlRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9lYzg4MDEtMGE3Yy00ODdlLWExMDMtNTI1ZDdlMjJjNzg4
LzEvc21ibTVOWGZmNG9sWlVGRWRWMTcyWkxuTlRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdIWhYmQS
Q++liqujI6dpdlJF2dbIezxK1QFAThWZk8eedAyNUcjBx8q6AM5TfKNLhwSNExfP
SixsZZ+JCutrptwwmTvNnfwIBrjk3Qh4GTZDFeJiozo9xr899KubWNxpnasgFYLt
ThtpdRDe1NQWJU/zMIr5rLvaohlyCOsoQ5T4nDV0q0K+Mf0s52joGuyM1qz4Q+Kh
x5ooMYP18h68gzXbOVBnnOnXbJwN/NKIukIaTQ+cS/zDNEot6csiy7eHGOAGyAjo
DWxSJY4BtWtovtWh2bR99iCj3TBooDDIpyE9ZmF3KRaASIKDQDtnQw1f0vdgKMh9
hwUqV6tOxGlRzw==
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:20:30 2025 by rpki-client