Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
File: a0P3ovQ2ixel4DXOS9km-KFC1os.mft (raw, json)
Hash identifier: vQKrmSSPILnHKsoI0UZTxgITiDutfplyXgjU4pA0mcE=
Subject key identifier: 32:0A:23:AC:DF:C7:D8:2D:80:CF:89:F7:D7:AA:7B:E5:2C:67:E1:E2
Authority key identifier: 6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B
Certificate issuer: /CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b
Certificate serial: 01993680D00C293C6BE8510ABD9E907ED5F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
Manifest number: 167A
Signing time: Thu 11 Sep 2025 02:00:35 +0000
Manifest this update: Thu 11 Sep 2025 02:00:35 +0000
Manifest next update: Fri 12 Sep 2025 02:00:35 +0000
Files and hashes: 1: MRvoKs_tNg3-xTMgCbueoBg-yMU.roa (hash: lEsMSNpmyZrLO0pVpESTwzarMUanf5zfZ6XbX+ha5s8=)
2: a0P3ovQ2ixel4DXOS9km-KFC1os.crl (hash: jZiPB4EylIwBj2mp2MDSlejlN6iCUHJy+juIzBGfUrk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Sep 2025 02:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:36:80:d0:0c:29:3c:6b:e8:51:0a:bd:9e:90:7e:d5:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b
Validity
Not Before: Sep 11 02:00:35 2025 GMT
Not After : Sep 12 02:00:35 2025 GMT
Subject: CN=320a23acdfc7d82d80cf89f7d7aa7be52c67e1e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:69:ea:27:36:4f:6c:86:98:92:d6:69:82:29:
bd:23:1b:47:c4:00:21:fa:0f:1a:13:49:e2:ee:08:
75:1d:37:f8:1b:89:27:1e:a8:2d:56:d5:d1:15:90:
15:fb:52:84:b4:1f:9a:a5:ad:1b:0d:41:3b:d7:d5:
ec:2b:dc:11:b7:0f:12:17:e7:71:7d:ec:93:a7:02:
06:32:b6:e5:8a:f6:bb:f8:ed:f2:59:98:09:ac:57:
fd:42:5d:0c:43:1c:b8:b3:82:d4:74:85:c7:ea:05:
ab:87:fc:0b:f7:c4:b6:7f:30:f8:dc:ed:c2:81:95:
74:36:b3:40:b5:ef:34:0d:92:d8:f3:a7:7f:b3:2b:
d2:18:c5:eb:1f:3a:70:02:63:19:31:5e:d2:a8:89:
04:e1:6b:45:9d:4d:55:f6:ae:dd:e9:32:ee:98:f8:
13:e0:0e:ff:b2:a3:c6:f5:dc:90:13:89:57:3b:b5:
73:f0:08:a1:cd:6d:86:05:b6:b0:55:ff:8a:0a:92:
1f:11:0e:ae:0d:78:2c:12:8a:c4:c6:4c:4a:1b:4f:
7e:37:76:f4:88:a5:2e:f6:24:65:e3:fa:ed:17:70:
a7:b0:1f:66:ce:48:30:29:07:ec:a2:02:46:d6:35:
33:3b:ba:30:dc:40:35:1f:b6:7c:46:e5:0b:aa:9d:
ad:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:0A:23:AC:DF:C7:D8:2D:80:CF:89:F7:D7:AA:7B:E5:2C:67:E1:E2
X509v3 Authority Key Identifier:
keyid:6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0a:7c:71:34:8c:5a:af:78:ea:87:4f:0b:12:29:e4:29:91:c8:
d3:78:5e:08:af:19:d8:4f:cf:1e:2d:a9:a6:9f:cf:49:7c:72:
b1:2a:75:3d:9e:83:a2:1b:1d:8f:3c:02:cc:08:a5:c1:b6:fa:
69:3b:8c:7f:94:82:d4:1c:64:63:72:11:6f:bf:5c:37:fe:b8:
b5:be:a7:aa:92:34:c9:52:ec:98:81:aa:89:18:12:bb:83:89:
ce:8f:1c:ef:32:2d:75:18:8c:01:e6:1a:1f:f3:1b:66:ea:ed:
43:38:c3:23:09:c9:46:65:8e:54:f7:60:41:cc:5a:b7:48:3a:
ef:51:c9:2b:ee:4f:90:36:00:b9:16:c4:77:19:21:ff:49:d5:
27:eb:67:a9:b9:6a:08:76:4f:4b:16:cb:01:ef:ac:20:e6:72:
19:f6:04:48:da:3a:91:2f:08:86:fc:3e:de:fc:9e:0f:1c:16:
01:37:68:1f:57:90:3f:bd:c5:93:47:74:d7:68:d0:53:63:4c:
56:3e:b6:55:61:55:52:c9:fe:c8:0f:e4:61:2c:0a:ba:4e:c0:
ac:88:eb:db:1e:ca:67:bb:ac:67:e1:5f:d2:93:73:4e:97:44:
00:57:98:8f:ed:55:fb:cb:74:43:7e:5d:08:ed:4d:c7:d2:50:
b6:b8:4c:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZk2gNAMKTxr6FEKvZ6QftXyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNDNmN2EyZjQzNjhiMTdhNWUwMzVjZTRiZDkyNmY4YTE0
MmQ2OGIwHhcNMjUwOTExMDIwMDM1WhcNMjUwOTEyMDIwMDM1WjAzMTEwLwYDVQQD
EygzMjBhMjNhY2RmYzdkODJkODBjZjg5ZjdkN2FhN2JlNTJjNjdlMWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmnqJzZPbIaYktZpgim9IxtHxAAh
+g8aE0ni7gh1HTf4G4knHqgtVtXRFZAV+1KEtB+apa0bDUE719XsK9wRtw8SF+dx
feyTpwIGMrbliva7+O3yWZgJrFf9Ql0MQxy4s4LUdIXH6gWrh/wL98S2fzD43O3C
gZV0NrNAte80DZLY86d/syvSGMXrHzpwAmMZMV7SqIkE4WtFnU1V9q7d6TLumPgT
4A7/sqPG9dyQE4lXO7Vz8AihzW2GBbawVf+KCpIfEQ6uDXgsEorExkxKG09+N3b0
iKUu9iRl4/rtF3CnsB9mzkgwKQfsogJG1jUzO7ow3EA1H7Z8RuULqp2t6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDIKI6zfx9gtgM+J99eqe+UsZ+HiMB8GA1UdIwQY
MBaAFGtD96L0NosXpeA1zkvZJvihQtaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMt
MzViMDMxMzZkZDAzLzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMtMzViMDMxMzZkZDAz
LzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACnxxNIxa
r3jqh08LEinkKZHI03heCK8Z2E/PHi2ppp/PSXxysSp1PZ6DohsdjzwCzAilwbb6
aTuMf5SC1BxkY3IRb79cN/64tb6nqpI0yVLsmIGqiRgSu4OJzo8c7zItdRiMAeYa
H/MbZurtQzjDIwnJRmWOVPdgQcxat0g671HJK+5PkDYAuRbEdxkh/0nVJ+tnqblq
CHZPSxbLAe+sIOZyGfYESNo6kS8Ihvw+3vyeDxwWATdoH1eQP73Fk0d012jQU2NM
Vj62VWFVUsn+yA/kYSwKuk7ArIjr2x7KZ7usZ+Ff0pNzTpdEAFeYj+1V+8t0Q35d
CO1Nx9JQtrhMXg==
-----END CERTIFICATE-----
Generated at Thu Sep 11 07:51:04 2025 by rpki-client