Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/5a3f0b-86f5-406e-91d5-8fd4c024488e/1/8khYdchHDmqs3JR0IQXzDFl6wrs.mft
File: 8khYdchHDmqs3JR0IQXzDFl6wrs.mft (raw, json)
Hash identifier: qsEFj5yi04Sc89fO4RunAao3oFqt8RxhdbFTsmRYluQ=
Subject key identifier: 5B:DD:26:5B:DD:EB:04:A8:74:3B:D3:7E:B3:99:31:B8:F3:1E:4F:00
Authority key identifier: F2:48:58:75:C8:47:0E:6A:AC:DC:94:74:21:05:F3:0C:59:7A:C2:BB
Certificate issuer: /CN=f2485875c8470e6aacdc94742105f30c597ac2bb
Certificate serial: 0199240D152C19CD14AC5D3A6A38F7D4CB67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8khYdchHDmqs3JR0IQXzDFl6wrs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/5a3f0b-86f5-406e-91d5-8fd4c024488e/1/8khYdchHDmqs3JR0IQXzDFl6wrs.mft
Manifest number: 0D6B
Signing time: Sun 07 Sep 2025 12:01:01 +0000
Manifest this update: Sun 07 Sep 2025 12:01:01 +0000
Manifest next update: Mon 08 Sep 2025 12:01:01 +0000
Files and hashes: 1: 11v4ujiE85pODnajO4MIvDa-EEI.roa (hash: 899jJDpYjGC19E0C+sSPG4BflRjWNeXH81Y2tQUCHZ0=)
2: 8khYdchHDmqs3JR0IQXzDFl6wrs.crl (hash: /iYf6vYF3DvPOr/cRz/hxdZ6D4siJkk63W2vWiCCRe4=)
3: H5a6_PbqYpspvXprSKayoanO0T4.roa (hash: rh38nYvA7FwPR7BzdHUH02hvI8rv4wT+OqQOUSlde48=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/5a3f0b-86f5-406e-91d5-8fd4c024488e/1/8khYdchHDmqs3JR0IQXzDFl6wrs.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/5a3f0b-86f5-406e-91d5-8fd4c024488e/1/8khYdchHDmqs3JR0IQXzDFl6wrs.mft
rsync://rpki.ripe.net/repository/DEFAULT/8khYdchHDmqs3JR0IQXzDFl6wrs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:24:0d:15:2c:19:cd:14:ac:5d:3a:6a:38:f7:d4:cb:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2485875c8470e6aacdc94742105f30c597ac2bb
Validity
Not Before: Sep 7 12:01:01 2025 GMT
Not After : Sep 8 12:01:01 2025 GMT
Subject: CN=5bdd265bddeb04a8743bd37eb39931b8f31e4f00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:54:95:ab:bb:ef:c0:e9:1c:62:53:a7:b4:91:
66:3f:5a:e8:42:fc:57:0e:79:b0:31:54:84:5f:98:
0c:f2:fe:db:4e:b3:14:4f:81:af:17:b1:db:1b:fb:
9b:a8:0b:49:87:75:dd:3c:4b:d4:69:02:20:15:c6:
fc:aa:e1:71:3d:e9:7b:59:cd:35:c7:2a:ad:b5:60:
4c:92:74:33:06:6a:a4:97:d2:41:3f:b2:c8:18:7d:
6f:30:da:8f:24:51:54:bd:c5:45:67:f4:59:15:7d:
b5:d4:28:fb:41:9a:12:39:83:50:fa:4f:46:94:b7:
e2:ea:a3:84:55:7a:7b:2b:e9:0b:1e:23:fb:c8:9f:
09:ec:1e:cb:aa:17:c3:09:1d:19:14:da:57:23:ff:
d4:6e:43:fb:28:9e:66:d6:3a:d0:22:0f:ce:e1:23:
0f:28:a9:c8:e6:07:28:fa:dc:4f:06:e9:8d:f6:79:
06:12:3a:ec:67:c5:67:58:eb:54:34:84:6d:b6:be:
e5:16:b6:30:9a:4a:03:82:ba:0e:4b:c7:b9:80:18:
4d:06:df:43:bb:66:68:17:32:ec:c8:06:35:97:cf:
ae:f5:91:7a:7e:c7:19:f0:c7:5c:f2:e4:b2:fe:1c:
24:21:43:b7:2e:de:cd:4d:91:8b:71:87:80:9d:bd:
80:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:DD:26:5B:DD:EB:04:A8:74:3B:D3:7E:B3:99:31:B8:F3:1E:4F:00
X509v3 Authority Key Identifier:
keyid:F2:48:58:75:C8:47:0E:6A:AC:DC:94:74:21:05:F3:0C:59:7A:C2:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8khYdchHDmqs3JR0IQXzDFl6wrs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/5a3f0b-86f5-406e-91d5-8fd4c024488e/1/8khYdchHDmqs3JR0IQXzDFl6wrs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/5a3f0b-86f5-406e-91d5-8fd4c024488e/1/8khYdchHDmqs3JR0IQXzDFl6wrs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0a:64:ff:eb:be:e8:41:02:a1:3d:3a:48:4e:af:2f:3d:2d:b6:
aa:24:e7:b1:28:ec:78:61:d3:99:72:66:ce:98:75:78:21:82:
e1:ba:1f:e5:cc:3f:43:3c:3d:fe:43:eb:aa:ac:e0:3b:4b:96:
23:a5:04:5f:08:b1:3a:11:0c:6c:a4:9a:d0:62:e6:10:00:13:
32:db:d4:f2:20:f1:1e:7f:38:83:f2:38:2b:cc:9b:82:40:fd:
48:df:42:9b:09:6c:eb:2d:12:b1:97:cf:df:37:34:92:db:94:
7c:4b:f0:cd:79:5a:b0:fb:2f:66:93:e6:63:e5:61:08:8f:2d:
e7:c5:80:36:e7:15:78:a3:ce:b7:6b:68:c2:6c:a0:8c:53:29:
83:ed:93:d7:81:4d:4b:4d:d1:7c:c1:0d:67:28:76:3f:37:ed:
f2:9c:46:68:f8:81:de:a8:6f:b6:65:a8:af:27:0f:98:0b:0f:
71:3e:04:f8:58:80:31:8b:e7:a8:04:33:8d:91:fb:8c:a2:fe:
ca:91:21:74:19:8b:0f:ed:2a:be:8b:4b:21:88:07:74:f7:3b:
b3:6b:56:7f:f9:f1:71:44:a7:7e:63:7f:56:8e:fa:5a:a6:31:
fd:36:dc:fb:90:21:cb:90:33:3e:4f:80:4c:92:13:78:e7:50:
cc:b3:60:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkkDRUsGc0UrF06ajj31MtnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyNDg1ODc1Yzg0NzBlNmFhY2RjOTQ3NDIxMDVmMzBjNTk3
YWMyYmIwHhcNMjUwOTA3MTIwMTAxWhcNMjUwOTA4MTIwMTAxWjAzMTEwLwYDVQQD
Eyg1YmRkMjY1YmRkZWIwNGE4NzQzYmQzN2ViMzk5MzFiOGYzMWU0ZjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1SVq7vvwOkcYlOntJFmP1roQvxX
DnmwMVSEX5gM8v7bTrMUT4GvF7HbG/ubqAtJh3XdPEvUaQIgFcb8quFxPel7Wc01
xyqttWBMknQzBmqkl9JBP7LIGH1vMNqPJFFUvcVFZ/RZFX211Cj7QZoSOYNQ+k9G
lLfi6qOEVXp7K+kLHiP7yJ8J7B7LqhfDCR0ZFNpXI//UbkP7KJ5m1jrQIg/O4SMP
KKnI5gco+txPBumN9nkGEjrsZ8VnWOtUNIRttr7lFrYwmkoDgroOS8e5gBhNBt9D
u2ZoFzLsyAY1l8+u9ZF6fscZ8Mdc8uSy/hwkIUO3Lt7NTZGLcYeAnb2AGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFvdJlvd6wSodDvTfrOZMbjzHk8AMB8GA1UdIwQY
MBaAFPJIWHXIRw5qrNyUdCEF8wxZesK7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGtoWWRjaEhEbXFzM0pSMElRWHpERmw2d3JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS81YTNmMGItODZmNS00MDZlLTkxZDUt
OGZkNGMwMjQ0ODhlLzEvOGtoWWRjaEhEbXFzM0pSMElRWHpERmw2d3JzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS81YTNmMGItODZmNS00MDZlLTkxZDUtOGZkNGMwMjQ0ODhl
LzEvOGtoWWRjaEhEbXFzM0pSMElRWHpERmw2d3JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACmT/677o
QQKhPTpITq8vPS22qiTnsSjseGHTmXJmzph1eCGC4bof5cw/Qzw9/kPrqqzgO0uW
I6UEXwixOhEMbKSa0GLmEAATMtvU8iDxHn84g/I4K8ybgkD9SN9Cmwls6y0SsZfP
3zc0ktuUfEvwzXlasPsvZpPmY+VhCI8t58WANucVeKPOt2towmygjFMpg+2T14FN
S03RfMENZyh2Pzft8pxGaPiB3qhvtmWorycPmAsPcT4E+FiAMYvnqAQzjZH7jKL+
ypEhdBmLD+0qvotLIYgHdPc7s2tWf/nxcUSnfmN/Vo76WqYx/Tbc+5Ahy5AzPk+A
TJITeOdQzLNgWQ==
-----END CERTIFICATE-----
Generated at Sun Sep 7 13:46:44 2025 by rpki-client