Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/dfGnY3RcJdrSj0qBFmiOgs4SAos.mft
File: dfGnY3RcJdrSj0qBFmiOgs4SAos.mft (raw, json)
Hash identifier: tCSX+RPpfyQaCq3Yxp4Ijv5bHLKvPs/llt7Wn8Lx0yI=
Subject key identifier: FF:93:EA:46:33:63:DA:29:4B:F7:9C:E7:4D:0D:B3:29:54:69:A5:C3
Authority key identifier: 75:F1:A7:63:74:5C:25:DA:D2:8F:4A:81:16:68:8E:82:CE:12:02:8B
Certificate issuer: /CN=75f1a763745c25dad28f4a8116688e82ce12028b
Certificate serial: 0199331317A5368B322A2659A7AC3D3B230C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dfGnY3RcJdrSj0qBFmiOgs4SAos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/dfGnY3RcJdrSj0qBFmiOgs4SAos.mft
Manifest number: 149F
Signing time: Wed 10 Sep 2025 10:01:53 +0000
Manifest this update: Wed 10 Sep 2025 10:01:53 +0000
Manifest next update: Thu 11 Sep 2025 10:01:53 +0000
Files and hashes: 1: dfGnY3RcJdrSj0qBFmiOgs4SAos.crl (hash: tjCZuWE6IZh52IMgcMQRZchhkAL3JJkJ335EoLtkdhQ=)
2: ecFLrFSYazGNpMwtdUC2GTyB7Ls.roa (hash: 9V1D5AZ/eHVRt4YDKcmTOE8v9iNuXaOV/i0Ye/mdU9E=)
3: zeZfDF6FQVXfyXUfk9yRfeoJZIA.roa (hash: DtxqGawsrFVZx4HNzS+S5CsdD6flwYPGqAxKv36rkJ0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/dfGnY3RcJdrSj0qBFmiOgs4SAos.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/dfGnY3RcJdrSj0qBFmiOgs4SAos.mft
rsync://rpki.ripe.net/repository/DEFAULT/dfGnY3RcJdrSj0qBFmiOgs4SAos.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Sep 2025 10:01:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:33:13:17:a5:36:8b:32:2a:26:59:a7:ac:3d:3b:23:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75f1a763745c25dad28f4a8116688e82ce12028b
Validity
Not Before: Sep 10 10:01:53 2025 GMT
Not After : Sep 11 10:01:53 2025 GMT
Subject: CN=ff93ea463363da294bf79ce74d0db3295469a5c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:cd:8d:d9:12:9e:3d:6f:3f:58:9d:39:07:55:
10:49:ec:36:22:bf:51:c5:33:5c:44:92:67:ae:75:
43:1b:18:26:50:43:26:56:31:71:9d:49:13:dc:df:
9c:91:cc:c6:76:5f:93:8f:4a:fc:29:c4:f7:6e:f1:
bd:fc:6c:36:64:36:4f:5b:f6:ed:74:88:68:66:9f:
50:9f:16:0d:c1:5e:14:56:c4:d7:2e:bf:05:50:26:
0c:94:1d:32:0f:f7:a9:ce:0d:6a:01:d5:59:ed:c0:
27:47:7e:c8:ca:be:7c:5f:cd:25:68:77:15:73:39:
23:05:f3:c8:06:a1:36:d8:be:22:48:a6:51:a4:c4:
d6:ea:59:c1:ee:d7:45:0b:0c:20:25:d4:60:b3:62:
dd:65:ac:4e:99:33:3c:78:11:ff:58:92:2a:64:4d:
b6:cb:09:e9:49:99:6f:71:dd:d4:4d:c9:15:51:a6:
02:74:d0:e7:06:cc:93:c1:38:f4:b0:c2:34:d2:db:
02:4d:82:ca:35:31:9b:84:f0:12:46:28:a6:86:7c:
7b:2f:84:73:69:00:c7:c5:81:38:b3:e8:14:57:b7:
a5:36:33:32:ab:20:be:4f:77:f5:74:7d:2b:37:bd:
33:31:f0:f1:18:e7:7a:b0:c3:44:dd:22:e4:89:12:
e3:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:93:EA:46:33:63:DA:29:4B:F7:9C:E7:4D:0D:B3:29:54:69:A5:C3
X509v3 Authority Key Identifier:
keyid:75:F1:A7:63:74:5C:25:DA:D2:8F:4A:81:16:68:8E:82:CE:12:02:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dfGnY3RcJdrSj0qBFmiOgs4SAos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/dfGnY3RcJdrSj0qBFmiOgs4SAos.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/dfGnY3RcJdrSj0qBFmiOgs4SAos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4b:d7:41:a2:eb:9b:67:2a:2b:c7:28:b0:cd:14:d1:4c:43:d0:
0e:a9:b9:7a:a9:c5:68:18:7f:68:c4:a5:49:1b:a9:3d:a6:f0:
71:a4:b5:ae:06:1b:74:19:9d:50:84:b7:bc:34:a2:ec:b4:91:
27:a4:f5:0a:c4:c3:9b:6e:75:da:f5:f9:48:38:ef:61:ee:07:
b3:aa:fa:ef:94:d2:60:55:f0:19:1c:98:76:cf:29:5c:28:8d:
a1:39:c2:19:b9:c8:b7:c4:63:8c:8a:b9:ef:73:43:cb:7b:e5:
de:53:1e:f4:0a:9a:ff:2a:d7:fb:0a:14:61:ff:fd:44:49:78:
a4:42:a3:6f:01:14:38:bd:57:94:57:53:33:0b:d4:3d:01:19:
e4:88:21:44:b2:f1:9f:86:3c:2f:cb:fe:81:64:fb:4a:41:68:
f7:12:26:0f:2b:0b:ce:9f:a7:f7:07:d2:b6:d1:9c:e6:d2:92:
f6:f8:4c:a8:cb:f8:42:5d:12:63:09:06:92:cf:98:6d:a0:dd:
67:46:03:16:09:ae:ff:56:75:15:51:ca:98:ef:d4:f5:64:ba:
e0:e8:bf:7e:ee:bd:d4:c5:6e:95:73:0d:ff:11:9e:74:1a:67:
1b:84:f8:d2:23:12:60:0e:12:3f:f6:63:2c:a6:73:de:f8:8b:
ef:ba:d3:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkzExelNosyKiZZp6w9OyMMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZjFhNzYzNzQ1YzI1ZGFkMjhmNGE4MTE2Njg4ZTgyY2Ux
MjAyOGIwHhcNMjUwOTEwMTAwMTUzWhcNMjUwOTExMTAwMTUzWjAzMTEwLwYDVQQD
EyhmZjkzZWE0NjMzNjNkYTI5NGJmNzljZTc0ZDBkYjMyOTU0NjlhNWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnM2N2RKePW8/WJ05B1UQSew2Ir9R
xTNcRJJnrnVDGxgmUEMmVjFxnUkT3N+ckczGdl+Tj0r8KcT3bvG9/Gw2ZDZPW/bt
dIhoZp9QnxYNwV4UVsTXLr8FUCYMlB0yD/epzg1qAdVZ7cAnR37Iyr58X80laHcV
czkjBfPIBqE22L4iSKZRpMTW6lnB7tdFCwwgJdRgs2LdZaxOmTM8eBH/WJIqZE22
ywnpSZlvcd3UTckVUaYCdNDnBsyTwTj0sMI00tsCTYLKNTGbhPASRiimhnx7L4Rz
aQDHxYE4s+gUV7elNjMyqyC+T3f1dH0rN70zMfDxGOd6sMNE3SLkiRLjhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP+T6kYzY9opS/ec500NsylUaaXDMB8GA1UdIwQY
MBaAFHXxp2N0XCXa0o9KgRZojoLOEgKLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGZHblkzUmNKZHJTajBxQkZtaU9nczRTQW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi85ODBlNjYtMzYzMS00ZmRlLThlMmQt
Yzg0OWJjMGYzNTliLzEvZGZHblkzUmNKZHJTajBxQkZtaU9nczRTQW9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi85ODBlNjYtMzYzMS00ZmRlLThlMmQtYzg0OWJjMGYzNTli
LzEvZGZHblkzUmNKZHJTajBxQkZtaU9nczRTQW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS9dBouub
ZyorxyiwzRTRTEPQDqm5eqnFaBh/aMSlSRupPabwcaS1rgYbdBmdUIS3vDSi7LSR
J6T1CsTDm2512vX5SDjvYe4Hs6r675TSYFXwGRyYds8pXCiNoTnCGbnIt8RjjIq5
73NDy3vl3lMe9Aqa/yrX+woUYf/9REl4pEKjbwEUOL1XlFdTMwvUPQEZ5IghRLLx
n4Y8L8v+gWT7SkFo9xImDysLzp+n9wfSttGc5tKS9vhMqMv4Ql0SYwkGks+YbaDd
Z0YDFgmu/1Z1FVHKmO/U9WS64Oi/fu691MVulXMN/xGedBpnG4T40iMSYA4SP/Zj
LKZz3viL77rT5w==
-----END CERTIFICATE-----
Generated at Wed Sep 10 15:30:06 2025 by rpki-client