Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/095d5f-2693-4182-9397-cda94fb796d1/1/8lizqXQbQx177NZChrnmvODpddo.mft
File: 8lizqXQbQx177NZChrnmvODpddo.mft (raw, json)
Hash identifier: criYrUAKE2rqsNyHW2dMYLdZXu0w3F8waMOHkHKXw4M=
Subject key identifier: 85:7E:04:32:84:D7:2E:15:36:02:BB:FB:BF:9C:CB:BA:17:C1:2B:E7
Authority key identifier: F2:58:B3:A9:74:1B:43:1D:7B:EC:D6:42:86:B9:E6:BC:E0:E9:75:DA
Certificate issuer: /CN=f258b3a9741b431d7becd64286b9e6bce0e975da
Certificate serial: 019922C38288937834052778C4F87D5D1396
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8lizqXQbQx177NZChrnmvODpddo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/095d5f-2693-4182-9397-cda94fb796d1/1/8lizqXQbQx177NZChrnmvODpddo.mft
Manifest number: 1640
Signing time: Sun 07 Sep 2025 06:01:02 +0000
Manifest this update: Sun 07 Sep 2025 06:01:02 +0000
Manifest next update: Mon 08 Sep 2025 06:01:02 +0000
Files and hashes: 1: 8lizqXQbQx177NZChrnmvODpddo.crl (hash: SEJa+v1nanBRZaJ7EFIZvoFpqxx+LA/3H7GH5dw1MtI=)
2: LSDLxpYG9vUS-ynb5NuKXC0hxwk.roa (hash: iU/GAJxLreLcqJkb0jyy5NFNWuEEVZB548A5w51V+6U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/095d5f-2693-4182-9397-cda94fb796d1/1/8lizqXQbQx177NZChrnmvODpddo.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/095d5f-2693-4182-9397-cda94fb796d1/1/8lizqXQbQx177NZChrnmvODpddo.mft
rsync://rpki.ripe.net/repository/DEFAULT/8lizqXQbQx177NZChrnmvODpddo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:c3:82:88:93:78:34:05:27:78:c4:f8:7d:5d:13:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f258b3a9741b431d7becd64286b9e6bce0e975da
Validity
Not Before: Sep 7 06:01:02 2025 GMT
Not After : Sep 8 06:01:02 2025 GMT
Subject: CN=857e043284d72e153602bbfbbf9ccbba17c12be7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:c0:b1:f4:db:7a:ef:be:cf:90:72:eb:17:d4:
34:ad:bb:16:8b:40:52:cd:d5:1c:b5:91:2c:b2:5f:
f7:6d:9c:c9:f3:3c:dd:b0:53:a7:53:cf:1b:03:ca:
fe:98:af:e1:b9:a7:3d:03:8d:2d:56:ba:79:73:32:
7d:13:c3:e8:ce:84:2f:62:0d:ce:d2:d4:8d:bf:11:
ba:76:86:83:3e:e2:a8:9b:a3:dc:45:e9:cc:11:a9:
a8:38:df:02:5f:94:a1:91:09:4a:9e:e1:65:e0:45:
e6:5a:06:b5:65:93:a1:60:67:6f:89:a7:36:ea:6a:
0f:54:ed:63:54:47:85:61:1c:0f:60:d8:f0:08:0a:
3f:d3:7e:68:30:e6:b6:e3:0a:dd:27:eb:82:74:28:
d5:5a:17:12:64:38:cd:35:e0:d4:5f:e6:06:6e:df:
bc:2f:e9:6e:3e:93:50:08:17:f2:a2:6a:08:81:4e:
53:34:58:b7:e0:4a:74:2b:e0:7a:6f:fc:04:66:ed:
ca:fa:2a:de:a6:c5:be:b2:b4:cb:94:08:08:ca:86:
5f:f7:e8:cc:7a:84:6f:61:bb:a2:28:79:0c:db:d1:
e1:73:92:76:0f:87:85:c8:83:98:ac:0a:a8:fb:d0:
e2:bf:f4:88:02:a8:f4:47:dd:90:de:00:20:25:ea:
5f:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:7E:04:32:84:D7:2E:15:36:02:BB:FB:BF:9C:CB:BA:17:C1:2B:E7
X509v3 Authority Key Identifier:
keyid:F2:58:B3:A9:74:1B:43:1D:7B:EC:D6:42:86:B9:E6:BC:E0:E9:75:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8lizqXQbQx177NZChrnmvODpddo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/095d5f-2693-4182-9397-cda94fb796d1/1/8lizqXQbQx177NZChrnmvODpddo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/095d5f-2693-4182-9397-cda94fb796d1/1/8lizqXQbQx177NZChrnmvODpddo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4e:dc:f8:56:82:e8:f8:11:78:81:52:1a:37:8c:f7:91:32:5f:
47:de:b7:30:47:dc:1b:84:8c:72:76:bb:44:fc:81:13:a8:c0:
cc:45:bd:51:da:a0:2d:e6:77:d9:62:98:9e:9a:d4:bf:13:16:
d6:f6:7a:c7:22:d1:ef:cc:6d:76:f7:e8:39:a8:34:f0:d6:e3:
f4:27:11:3f:27:50:a6:03:68:ae:6a:25:23:86:f2:2d:84:13:
8b:84:79:c9:69:dd:fa:4c:64:fd:bf:91:51:bc:f8:b6:90:67:
43:7a:ea:ac:c8:0d:0a:b5:5d:4a:78:a1:8b:f3:e0:ab:0c:07:
f2:b3:61:cf:07:c5:6b:94:2f:be:7f:73:d0:06:0d:39:78:92:
00:08:fa:53:b1:c7:e4:d8:ec:4d:c8:1c:41:09:93:6f:ec:3b:
13:b4:fe:19:2d:30:7f:8a:f9:8a:84:6c:01:fa:8e:f0:34:e6:
1a:65:a7:e4:98:9d:06:a5:7a:2f:57:23:1d:07:53:4a:19:2c:
56:cf:c8:9b:81:35:e3:cc:0d:59:44:d7:36:89:58:10:d9:49:
43:3a:4f:b7:51:2b:db:b1:e9:dc:17:1c:da:d6:d8:98:0e:5a:
be:52:f6:32:c3:32:f3:4b:35:f2:2d:f2:fd:82:33:48:45:03:
03:39:fc:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiw4KIk3g0BSd4xPh9XROWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyNThiM2E5NzQxYjQzMWQ3YmVjZDY0Mjg2YjllNmJjZTBl
OTc1ZGEwHhcNMjUwOTA3MDYwMTAyWhcNMjUwOTA4MDYwMTAyWjAzMTEwLwYDVQQD
Eyg4NTdlMDQzMjg0ZDcyZTE1MzYwMmJiZmJiZjljY2JiYTE3YzEyYmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5cCx9Nt6777PkHLrF9Q0rbsWi0BS
zdUctZEssl/3bZzJ8zzdsFOnU88bA8r+mK/huac9A40tVrp5czJ9E8PozoQvYg3O
0tSNvxG6doaDPuKom6PcRenMEamoON8CX5ShkQlKnuFl4EXmWga1ZZOhYGdviac2
6moPVO1jVEeFYRwPYNjwCAo/035oMOa24wrdJ+uCdCjVWhcSZDjNNeDUX+YGbt+8
L+luPpNQCBfyomoIgU5TNFi34Ep0K+B6b/wEZu3K+irepsW+srTLlAgIyoZf9+jM
eoRvYbuiKHkM29Hhc5J2D4eFyIOYrAqo+9Div/SIAqj0R92Q3gAgJepf9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIV+BDKE1y4VNgK7+7+cy7oXwSvnMB8GA1UdIwQY
MBaAFPJYs6l0G0Mde+zWQoa55rzg6XXaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGxpenFYUWJReDE3N05aQ2hybm12T0RwZGRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8wOTVkNWYtMjY5My00MTgyLTkzOTct
Y2RhOTRmYjc5NmQxLzEvOGxpenFYUWJReDE3N05aQ2hybm12T0RwZGRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8wOTVkNWYtMjY5My00MTgyLTkzOTctY2RhOTRmYjc5NmQx
LzEvOGxpenFYUWJReDE3N05aQ2hybm12T0RwZGRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATtz4VoLo
+BF4gVIaN4z3kTJfR963MEfcG4SMcna7RPyBE6jAzEW9UdqgLeZ32WKYnprUvxMW
1vZ6xyLR78xtdvfoOag08Nbj9CcRPydQpgNormolI4byLYQTi4R5yWnd+kxk/b+R
Ubz4tpBnQ3rqrMgNCrVdSnihi/PgqwwH8rNhzwfFa5Qvvn9z0AYNOXiSAAj6U7HH
5NjsTcgcQQmTb+w7E7T+GS0wf4r5ioRsAfqO8DTmGmWn5JidBqV6L1cjHQdTShks
Vs/Im4E148wNWUTXNolYENlJQzpPt1Er27Hp3Bcc2tbYmA5avlL2MsMy80s18i3y
/YIzSEUDAzn8Bg==
-----END CERTIFICATE-----
Generated at Sun Sep 7 11:20:55 2025 by rpki-client