Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.mft
File: ihZhi3H_yA4cP0HtDfyJq16WP9I.mft (raw, json)
Hash identifier: 5Y+p0+a4EdYMcKRD+mbkLa8zGDLMMH0Cy6TM1qvV5/s=
Subject key identifier: AD:52:1D:61:08:11:C6:9D:0C:AE:32:D7:C3:34:09:F3:E9:B7:19:51
Authority key identifier: 8A:16:61:8B:71:FF:C8:0E:1C:3F:41:ED:0D:FC:89:AB:5E:96:3F:D2
Certificate issuer: /CN=8a16618b71ffc80e1c3f41ed0dfc89ab5e963fd2
Certificate serial: 019922C37C0D4D3790E8F7A1F1FB6C3B1AA5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ihZhi3H_yA4cP0HtDfyJq16WP9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.mft
Manifest number: 1678
Signing time: Sun 07 Sep 2025 06:01:00 +0000
Manifest this update: Sun 07 Sep 2025 06:01:00 +0000
Manifest next update: Mon 08 Sep 2025 06:01:00 +0000
Files and hashes: 1: ExfUqNEW3Lyq9Nl7Jq22WcfJ1rw.roa (hash: 6SjZfPEMGV4QZNr6XzSlmm+VNkfjjPfYSSMSKKIpL5E=)
2: ihZhi3H_yA4cP0HtDfyJq16WP9I.crl (hash: eC5QweNszB91l9X3DGaufL1bJbSkAWfuUFF41dW0jbo=)
3: vuckuXbmedLIJWITtJ1gJzQY8X0.roa (hash: BujWwxtiu31OcVkERDwp6qXjCF/qZpedTzNgbY+R4ug=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.mft
rsync://rpki.ripe.net/repository/DEFAULT/ihZhi3H_yA4cP0HtDfyJq16WP9I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:c3:7c:0d:4d:37:90:e8:f7:a1:f1:fb:6c:3b:1a:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a16618b71ffc80e1c3f41ed0dfc89ab5e963fd2
Validity
Not Before: Sep 7 06:01:00 2025 GMT
Not After : Sep 8 06:01:00 2025 GMT
Subject: CN=ad521d610811c69d0cae32d7c33409f3e9b71951
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:29:56:3a:f0:83:71:15:4e:38:c6:61:c8:89:
85:86:fb:bb:6b:6f:64:c3:8c:0e:94:2e:12:58:30:
be:98:44:47:12:c0:71:cb:11:34:91:1e:95:6f:0b:
8f:0e:14:2c:61:0b:15:1e:c1:95:9c:6e:97:95:4a:
33:e9:f8:01:fc:ce:b7:2f:4c:c2:ca:42:1e:79:95:
6e:88:59:3a:d5:59:52:7a:7b:95:2d:4d:3f:a5:5a:
bd:46:08:c1:4d:5f:da:5f:19:66:b2:5f:7a:ca:75:
38:b0:b7:40:c6:55:d3:6a:44:ab:a8:07:45:62:0a:
da:85:c8:3c:79:b7:0a:ea:e0:50:08:a6:69:a3:94:
23:89:18:ee:2e:a5:05:9f:35:65:9c:0c:31:71:1b:
e2:2a:2b:58:2f:30:40:e9:2f:7f:8a:19:aa:00:6b:
a0:74:65:9c:57:0c:49:fd:02:62:e6:ed:11:4d:69:
ee:71:cf:25:c9:c9:38:2c:40:c2:26:f8:00:36:3d:
16:8a:bb:ec:75:3b:4c:38:73:4b:a1:25:d7:61:3d:
e8:87:a3:17:5f:8d:e5:af:e2:b7:e6:bb:0a:ea:0f:
a7:b5:20:1f:8f:3f:15:c2:c6:4d:da:65:63:ba:bb:
16:1a:7f:3a:12:0f:fd:e6:3c:35:9b:54:02:60:35:
06:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:52:1D:61:08:11:C6:9D:0C:AE:32:D7:C3:34:09:F3:E9:B7:19:51
X509v3 Authority Key Identifier:
keyid:8A:16:61:8B:71:FF:C8:0E:1C:3F:41:ED:0D:FC:89:AB:5E:96:3F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ihZhi3H_yA4cP0HtDfyJq16WP9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4e:8a:f6:98:da:ac:04:de:e9:75:8f:2e:d8:e2:8f:31:f3:94:
1e:5e:6e:71:e5:d8:05:7f:f7:8f:85:dc:b8:cf:02:cb:5b:02:
36:84:f0:79:5a:93:60:e9:34:1b:af:f7:21:89:8e:0b:30:95:
f0:c4:db:d4:78:bb:4f:1f:8f:86:65:cd:ed:c1:38:d1:bb:ea:
e8:df:18:39:21:98:2f:e4:3a:54:9a:37:ce:36:5c:05:64:0d:
2d:20:8c:a4:de:02:1c:fe:93:22:16:17:45:66:02:35:ae:51:
22:e7:90:b8:6d:34:45:cf:22:69:c7:af:8b:71:09:e8:ac:88:
dd:50:75:a1:aa:e8:af:0e:e6:42:c2:2e:fb:ec:73:c9:75:b0:
85:88:9a:2d:20:44:18:9d:8c:1f:39:09:47:98:16:96:94:09:
f7:ac:92:b6:eb:5c:53:e3:d0:2d:e2:41:d1:2f:93:34:18:1d:
77:21:f0:61:ed:9d:05:99:8c:0f:26:55:4e:97:95:56:06:13:
6c:73:7e:c9:f0:fd:cc:c5:d9:1a:b8:a9:33:78:e4:28:ee:c9:
ef:27:fd:9b:83:33:93:cf:6c:80:da:b7:d4:da:8a:e0:3c:97:
07:de:7a:89:09:4d:83:2c:cd:c4:44:0b:e6:b2:45:0f:62:31:
3e:ec:97:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiw3wNTTeQ6Peh8ftsOxqlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMTY2MThiNzFmZmM4MGUxYzNmNDFlZDBkZmM4OWFiNWU5
NjNmZDIwHhcNMjUwOTA3MDYwMTAwWhcNMjUwOTA4MDYwMTAwWjAzMTEwLwYDVQQD
EyhhZDUyMWQ2MTA4MTFjNjlkMGNhZTMyZDdjMzM0MDlmM2U5YjcxOTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlilWOvCDcRVOOMZhyImFhvu7a29k
w4wOlC4SWDC+mERHEsBxyxE0kR6VbwuPDhQsYQsVHsGVnG6XlUoz6fgB/M63L0zC
ykIeeZVuiFk61VlSenuVLU0/pVq9RgjBTV/aXxlmsl96ynU4sLdAxlXTakSrqAdF
Ygrahcg8ebcK6uBQCKZpo5QjiRjuLqUFnzVlnAwxcRviKitYLzBA6S9/ihmqAGug
dGWcVwxJ/QJi5u0RTWnucc8lyck4LEDCJvgANj0WirvsdTtMOHNLoSXXYT3oh6MX
X43lr+K35rsK6g+ntSAfjz8VwsZN2mVjursWGn86Eg/95jw1m1QCYDUGTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK1SHWEIEcadDK4y18M0CfPptxlRMB8GA1UdIwQY
MBaAFIoWYYtx/8gOHD9B7Q38iatelj/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWhaaGkzSF95QTRjUDBIdERmeUpxMTZXUDlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC81NWNmNzctNjM5NC00ODEyLTlmYjUt
MjkxYWFlZGQ1OGNjLzEvaWhaaGkzSF95QTRjUDBIdERmeUpxMTZXUDlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC81NWNmNzctNjM5NC00ODEyLTlmYjUtMjkxYWFlZGQ1OGNj
LzEvaWhaaGkzSF95QTRjUDBIdERmeUpxMTZXUDlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATor2mNqs
BN7pdY8u2OKPMfOUHl5uceXYBX/3j4XcuM8Cy1sCNoTweVqTYOk0G6/3IYmOCzCV
8MTb1Hi7Tx+PhmXN7cE40bvq6N8YOSGYL+Q6VJo3zjZcBWQNLSCMpN4CHP6TIhYX
RWYCNa5RIueQuG00Rc8iacevi3EJ6KyI3VB1oarorw7mQsIu++xzyXWwhYiaLSBE
GJ2MHzkJR5gWlpQJ96yStutcU+PQLeJB0S+TNBgddyHwYe2dBZmMDyZVTpeVVgYT
bHN+yfD9zMXZGripM3jkKO7J7yf9m4Mzk89sgNq31NqK4DyXB956iQlNgyzNxEQL
5rJFD2IxPuyXPQ==
-----END CERTIFICATE-----
Generated at Sun Sep 7 10:09:24 2025 by rpki-client