Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/0ffNDsTDvFTFlDEwfuw27wOCdzM.mft
File: 0ffNDsTDvFTFlDEwfuw27wOCdzM.mft (raw, json)
Hash identifier: ZY7QJmOdBZzSkx/f/7tlCFlJdObqwEQQihdinnSlygo=
Subject key identifier: 6A:D2:EF:F8:DD:4F:67:76:6A:4E:96:31:F8:D0:C4:96:90:C1:74:C5
Authority key identifier: D1:F7:CD:0E:C4:C3:BC:54:C5:94:31:30:7E:EC:36:EF:03:82:77:33
Certificate issuer: /CN=d1f7cd0ec4c3bc54c59431307eec36ef03827733
Certificate serial: 0199221F35B257653AA91D0CB26ACEB90231
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0ffNDsTDvFTFlDEwfuw27wOCdzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/0ffNDsTDvFTFlDEwfuw27wOCdzM.mft
Manifest number: 1670
Signing time: Sun 07 Sep 2025 03:01:34 +0000
Manifest this update: Sun 07 Sep 2025 03:01:34 +0000
Manifest next update: Mon 08 Sep 2025 03:01:34 +0000
Files and hashes: 1: 0ffNDsTDvFTFlDEwfuw27wOCdzM.crl (hash: VPsSj5kmODUgtSbef8H0UZytXKbwoUKH0Ggl6lijdGU=)
2: On0cxXdpQvZ_jJI1Rkh3ZfuLUxc.roa (hash: 9kDdHzwM7pfMm0bFoQEb02mFtUGZEAgcsF0RvK2rnzM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/0ffNDsTDvFTFlDEwfuw27wOCdzM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/0ffNDsTDvFTFlDEwfuw27wOCdzM.mft
rsync://rpki.ripe.net/repository/DEFAULT/0ffNDsTDvFTFlDEwfuw27wOCdzM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 03:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:1f:35:b2:57:65:3a:a9:1d:0c:b2:6a:ce:b9:02:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1f7cd0ec4c3bc54c59431307eec36ef03827733
Validity
Not Before: Sep 7 03:01:34 2025 GMT
Not After : Sep 8 03:01:34 2025 GMT
Subject: CN=6ad2eff8dd4f67766a4e9631f8d0c49690c174c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ff:ff:c8:a5:70:7d:40:03:3d:4c:96:60:9b:
88:45:98:23:15:80:24:b4:f9:02:1a:1c:63:d8:10:
52:9d:66:b5:d1:ed:c2:23:58:b0:47:65:b8:f4:a6:
0d:8b:09:23:b3:6d:10:fd:d1:8c:45:c5:b8:aa:91:
f0:48:e4:73:6e:87:6c:dc:9d:74:fc:d4:c1:99:11:
f3:e4:0f:b1:03:9a:f5:d9:d6:d1:ea:0d:f0:e5:ce:
9b:81:52:7c:71:92:0d:2f:30:c8:24:7c:cc:61:13:
01:88:eb:b1:46:1b:93:3f:2c:4e:56:ea:20:3d:c3:
2a:91:d8:4f:ba:f7:83:b5:fd:3d:98:cb:b7:6e:0f:
18:5b:c8:a8:f0:41:e6:6b:33:7c:bc:58:c6:c8:35:
a3:32:2d:86:97:d1:95:e9:6a:ba:cd:78:95:f3:a0:
36:20:c3:fd:23:36:fa:5c:59:cd:c3:50:61:b2:b0:
99:57:35:cf:7b:df:fa:80:2d:a2:75:e8:33:f8:81:
4b:a4:03:23:6e:51:96:fa:44:0d:e4:82:f6:69:a7:
d5:84:61:85:0d:41:7b:12:3c:d3:16:cc:aa:8e:48:
6d:42:82:3a:56:54:1b:42:55:65:76:59:be:6f:66:
4b:51:49:d5:8f:15:30:57:bd:bf:4b:58:60:9e:32:
fc:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:D2:EF:F8:DD:4F:67:76:6A:4E:96:31:F8:D0:C4:96:90:C1:74:C5
X509v3 Authority Key Identifier:
keyid:D1:F7:CD:0E:C4:C3:BC:54:C5:94:31:30:7E:EC:36:EF:03:82:77:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0ffNDsTDvFTFlDEwfuw27wOCdzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/0ffNDsTDvFTFlDEwfuw27wOCdzM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/0ffNDsTDvFTFlDEwfuw27wOCdzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8b:a2:5f:59:67:6d:a9:d2:2b:d5:2e:31:1c:ad:75:9f:34:f0:
30:e8:b2:4d:50:1f:49:03:57:f6:d0:a7:96:2c:30:58:6f:03:
20:d1:cb:63:fb:09:8b:90:bb:02:4f:88:0c:de:a7:3c:f3:87:
d0:dd:4e:fb:d5:72:9d:5b:fd:04:24:52:74:71:3a:fc:25:40:
4e:6b:f6:6d:32:84:01:c0:ca:42:54:33:6f:f1:15:47:ba:78:
4e:88:7a:5b:81:48:48:32:ba:d9:87:05:eb:d2:be:90:65:47:
48:9c:2f:3f:39:a8:88:60:31:12:9f:56:36:59:27:a1:64:76:
f1:d1:7f:6e:69:37:ed:ee:07:52:b0:d1:8f:ae:88:e1:ca:99:
6e:69:17:3f:42:8d:b9:dd:fc:2a:cb:84:14:0a:17:97:88:31:
78:fa:70:72:6f:f0:d2:07:44:b1:d8:92:a2:4e:03:c5:5c:52:
01:cc:68:ef:11:eb:2d:dd:ef:8a:5a:8f:57:b0:b5:6e:61:0d:
ae:6a:45:04:f8:46:ef:9b:42:12:9d:0d:e8:4c:3b:b0:fe:23:
33:36:dc:45:90:a2:88:30:b9:25:80:5e:00:85:92:9a:99:fa:
c2:44:76:b1:d9:f9:56:6f:53:5a:3d:cf:a7:10:83:7f:3d:9d:
12:e8:39:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHzWyV2U6qR0MsmrOuQIxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZjdjZDBlYzRjM2JjNTRjNTk0MzEzMDdlZWMzNmVmMDM4
Mjc3MzMwHhcNMjUwOTA3MDMwMTM0WhcNMjUwOTA4MDMwMTM0WjAzMTEwLwYDVQQD
Eyg2YWQyZWZmOGRkNGY2Nzc2NmE0ZTk2MzFmOGQwYzQ5NjkwYzE3NGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtv//yKVwfUADPUyWYJuIRZgjFYAk
tPkCGhxj2BBSnWa10e3CI1iwR2W49KYNiwkjs20Q/dGMRcW4qpHwSORzbods3J10
/NTBmRHz5A+xA5r12dbR6g3w5c6bgVJ8cZINLzDIJHzMYRMBiOuxRhuTPyxOVuog
PcMqkdhPuveDtf09mMu3bg8YW8io8EHmazN8vFjGyDWjMi2Gl9GV6Wq6zXiV86A2
IMP9Izb6XFnNw1BhsrCZVzXPe9/6gC2idegz+IFLpAMjblGW+kQN5IL2aafVhGGF
DUF7EjzTFsyqjkhtQoI6VlQbQlVldlm+b2ZLUUnVjxUwV72/S1hgnjL8lwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGrS7/jdT2d2ak6WMfjQxJaQwXTFMB8GA1UdIwQY
MBaAFNH3zQ7Ew7xUxZQxMH7sNu8DgnczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGZmTkRzVER2RlRGbERFd2Z1dzI3d09DZHpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8wMjRkNDctNDdiMi00MGI1LWEyYjgt
OWNiNWQ4OGZkZDM5LzEvMGZmTkRzVER2RlRGbERFd2Z1dzI3d09DZHpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8wMjRkNDctNDdiMi00MGI1LWEyYjgtOWNiNWQ4OGZkZDM5
LzEvMGZmTkRzVER2RlRGbERFd2Z1dzI3d09DZHpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi6JfWWdt
qdIr1S4xHK11nzTwMOiyTVAfSQNX9tCnliwwWG8DINHLY/sJi5C7Ak+IDN6nPPOH
0N1O+9VynVv9BCRSdHE6/CVATmv2bTKEAcDKQlQzb/EVR7p4Toh6W4FISDK62YcF
69K+kGVHSJwvPzmoiGAxEp9WNlknoWR28dF/bmk37e4HUrDRj66I4cqZbmkXP0KN
ud38KsuEFAoXl4gxePpwcm/w0gdEsdiSok4DxVxSAcxo7xHrLd3vilqPV7C1bmEN
rmpFBPhG75tCEp0N6Ew7sP4jMzbcRZCiiDC5JYBeAIWSmpn6wkR2sdn5Vm9TWj3P
pxCDfz2dEug5cw==
-----END CERTIFICATE-----
Generated at Sun Sep 7 11:42:45 2025 by rpki-client