Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.mft
File: otP5vJZWutwm594auw-nLD1yjdg.mft (raw, json)
Hash identifier: l7pIsxBAyC8mm+DBOTBTAd9OAHY7CoPArlrlQ1PvuWI=
Subject key identifier: 53:E5:6A:03:3F:4C:44:27:AE:FA:E8:23:96:F6:0C:09:13:66:48:9C
Authority key identifier: A2:D3:F9:BC:96:56:BA:DC:26:E7:DE:1A:BB:0F:A7:2C:3D:72:8D:D8
Certificate issuer: /CN=a2d3f9bc9656badc26e7de1abb0fa72c3d728dd8
Certificate serial: 0199221E455F3F841EC0D3FDCDEFA26B22AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/otP5vJZWutwm594auw-nLD1yjdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.mft
Manifest number: 02D6
Signing time: Sun 07 Sep 2025 03:00:33 +0000
Manifest this update: Sun 07 Sep 2025 03:00:33 +0000
Manifest next update: Mon 08 Sep 2025 03:00:33 +0000
Files and hashes: 1: otP5vJZWutwm594auw-nLD1yjdg.crl (hash: ibWEACsimDVswVpZjAs8lcom/eCSM53Cr45AbnQiBfA=)
2: yntKueGdh_gRYfTjbFRGz4s6BD8.roa (hash: 8wVmYZSgIm0dCsPvd2oqoO7MS+FukiT5t5Ke1EaX2FA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.mft
rsync://rpki.ripe.net/repository/DEFAULT/otP5vJZWutwm594auw-nLD1yjdg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 03:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:1e:45:5f:3f:84:1e:c0:d3:fd:cd:ef:a2:6b:22:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2d3f9bc9656badc26e7de1abb0fa72c3d728dd8
Validity
Not Before: Sep 7 03:00:33 2025 GMT
Not After : Sep 8 03:00:33 2025 GMT
Subject: CN=53e56a033f4c4427aefae82396f60c091366489c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:8e:a8:48:e4:92:ca:48:d2:a3:d1:90:4c:4a:
c1:b5:44:56:bd:bc:d5:f3:8d:a2:e0:f5:8f:21:ec:
f4:f2:dc:4c:f1:dd:54:cc:22:9a:ac:05:c0:cb:ef:
4b:49:f8:56:aa:26:83:be:b9:80:0f:22:41:8c:94:
2b:7f:71:b2:9f:29:e0:fe:17:39:b8:bf:44:66:62:
9a:64:b1:51:ff:9b:70:0b:46:63:79:1f:a1:62:44:
50:fb:93:0e:04:68:96:ea:4c:f8:08:16:d0:19:2c:
75:8e:29:c2:4f:35:4a:09:2d:38:4e:cc:1a:28:01:
4b:96:79:07:02:f1:0d:9a:45:4d:57:ee:59:95:f4:
66:81:95:a8:c1:8d:32:96:b9:40:29:21:c8:ca:2a:
32:c3:4a:c6:f9:91:c9:3d:56:90:dc:b5:7e:b4:1e:
f8:de:d1:24:74:3f:b0:65:7f:a1:de:62:78:74:1e:
cc:9e:a7:db:2e:82:da:20:bb:e4:e7:44:df:1c:be:
a3:a1:eb:94:ae:15:cf:05:d6:4f:2d:b4:b2:33:e2:
18:93:df:0f:97:69:47:c4:4c:01:02:ea:91:1b:40:
fb:3f:cd:46:e6:08:25:88:76:88:13:ba:1e:8e:6f:
b7:44:f7:11:1f:dc:8f:32:3b:e6:9f:ae:c6:76:cc:
22:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:E5:6A:03:3F:4C:44:27:AE:FA:E8:23:96:F6:0C:09:13:66:48:9C
X509v3 Authority Key Identifier:
keyid:A2:D3:F9:BC:96:56:BA:DC:26:E7:DE:1A:BB:0F:A7:2C:3D:72:8D:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/otP5vJZWutwm594auw-nLD1yjdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
54:0b:07:15:e7:fb:61:42:a5:bb:0e:0f:13:5d:b3:ba:2f:a1:
d3:20:14:12:a5:cf:dc:aa:2a:0d:6b:05:3b:30:3d:04:5e:66:
e1:2f:05:2e:78:f8:9b:d3:7e:4d:d2:34:82:c5:5d:b7:69:5b:
a1:7c:2a:e2:1e:dc:e0:92:1f:6d:0f:18:2d:79:34:c0:9a:c5:
75:ad:f6:23:e8:4b:e7:56:d1:76:6b:bc:d2:b3:31:d0:a4:23:
39:40:d1:a4:39:ee:6f:c2:4c:f4:6d:74:b8:67:bf:e7:57:4d:
98:71:0d:3a:11:82:76:f0:48:80:d2:28:ef:15:09:31:f4:97:
cc:37:e0:bf:8f:50:fb:62:a1:32:8f:26:bc:c1:df:46:e8:2a:
2e:3c:4c:0c:6c:ee:ab:9f:cc:7c:e2:02:9e:5c:d5:d3:5b:99:
14:38:21:65:6d:bf:32:87:ad:d7:b0:1a:e1:ea:dd:1a:d8:df:
92:9c:e0:98:af:a1:26:7b:ce:13:a0:32:57:d0:b1:ef:a7:52:
ad:b9:e9:f3:24:b4:da:2e:9a:7a:53:b4:ea:f1:cf:e8:01:08:
ec:2a:d3:ee:d8:97:b3:8d:cf:dd:04:1f:b4:52:88:d0:4a:35:
5a:e6:56:08:bf:7e:93:0d:9e:d8:01:e1:d3:b9:c9:bd:82:48:
4f:f3:23:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHkVfP4QewNP9ze+iayKvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZDNmOWJjOTY1NmJhZGMyNmU3ZGUxYWJiMGZhNzJjM2Q3
MjhkZDgwHhcNMjUwOTA3MDMwMDMzWhcNMjUwOTA4MDMwMDMzWjAzMTEwLwYDVQQD
Eyg1M2U1NmEwMzNmNGM0NDI3YWVmYWU4MjM5NmY2MGMwOTEzNjY0ODljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsI6oSOSSykjSo9GQTErBtURWvbzV
842i4PWPIez08txM8d1UzCKarAXAy+9LSfhWqiaDvrmADyJBjJQrf3Gynyng/hc5
uL9EZmKaZLFR/5twC0ZjeR+hYkRQ+5MOBGiW6kz4CBbQGSx1jinCTzVKCS04Tswa
KAFLlnkHAvENmkVNV+5ZlfRmgZWowY0ylrlAKSHIyioyw0rG+ZHJPVaQ3LV+tB74
3tEkdD+wZX+h3mJ4dB7MnqfbLoLaILvk50TfHL6joeuUrhXPBdZPLbSyM+IYk98P
l2lHxEwBAuqRG0D7P81G5ggliHaIE7oejm+3RPcRH9yPMjvmn67GdswiuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFPlagM/TEQnrvroI5b2DAkTZkicMB8GA1UdIwQY
MBaAFKLT+byWVrrcJufeGrsPpyw9co3YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3RQNXZKWld1dHdtNTk0YXV3LW5MRDF5amRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82OGZkMGYtMmI4Ny00NzA0LWEzMmYt
ZDcxMWU4NGMyOWExLzEvb3RQNXZKWld1dHdtNTk0YXV3LW5MRDF5amRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82OGZkMGYtMmI4Ny00NzA0LWEzMmYtZDcxMWU4NGMyOWEx
LzEvb3RQNXZKWld1dHdtNTk0YXV3LW5MRDF5amRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVAsHFef7
YUKluw4PE12zui+h0yAUEqXP3KoqDWsFOzA9BF5m4S8FLnj4m9N+TdI0gsVdt2lb
oXwq4h7c4JIfbQ8YLXk0wJrFda32I+hL51bRdmu80rMx0KQjOUDRpDnub8JM9G10
uGe/51dNmHENOhGCdvBIgNIo7xUJMfSXzDfgv49Q+2KhMo8mvMHfRugqLjxMDGzu
q5/MfOICnlzV01uZFDghZW2/Moet17Aa4erdGtjfkpzgmK+hJnvOE6AyV9Cx76dS
rbnp8yS02i6aelO06vHP6AEI7CrT7tiXs43P3QQftFKI0Eo1WuZWCL9+kw2e2AHh
07nJvYJIT/Mjcw==
-----END CERTIFICATE-----
Generated at Sun Sep 7 11:42:48 2025 by rpki-client