Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.mft
File: 0krezYS7F0i9NbmezqRncuAeyTU.mft (raw, json)
Hash identifier: TAyknN+pzxFvI5T0GIqQTftwJt1nIhM9d5el6dIRl/0=
Subject key identifier: A6:3E:07:43:06:82:9D:63:CD:6F:E1:8B:41:FF:A0:98:CE:4E:E4:5C
Authority key identifier: D2:4A:DE:CD:84:BB:17:48:BD:35:B9:9E:CE:A4:67:72:E0:1E:C9:35
Certificate issuer: /CN=d24adecd84bb1748bd35b99ecea46772e01ec935
Certificate serial: 019922554E07EC96AB79A0772B2AB09C9119
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0krezYS7F0i9NbmezqRncuAeyTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.mft
Manifest number: 1674
Signing time: Sun 07 Sep 2025 04:00:39 +0000
Manifest this update: Sun 07 Sep 2025 04:00:39 +0000
Manifest next update: Mon 08 Sep 2025 04:00:39 +0000
Files and hashes: 1: 0krezYS7F0i9NbmezqRncuAeyTU.crl (hash: 7a48l8q4ZD5xNeWqBQuHBJeQZKZFpUpcxiDc5ZhabXc=)
2: UON5AT9SXUWq39L68I_y2_ZUikk.roa (hash: JwjZjFuzIaj/y6AQtmJH9bJqGEr4cg/qlCiSjx+pXxc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.mft
rsync://rpki.ripe.net/repository/DEFAULT/0krezYS7F0i9NbmezqRncuAeyTU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 04:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:55:4e:07:ec:96:ab:79:a0:77:2b:2a:b0:9c:91:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d24adecd84bb1748bd35b99ecea46772e01ec935
Validity
Not Before: Sep 7 04:00:39 2025 GMT
Not After : Sep 8 04:00:39 2025 GMT
Subject: CN=a63e074306829d63cd6fe18b41ffa098ce4ee45c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:a2:da:eb:01:6d:31:27:cb:56:b5:66:e9:67:
39:83:a6:06:65:bc:a8:96:26:fe:8e:0d:8a:42:a2:
04:a8:a1:2d:70:5f:45:a3:bc:30:27:6b:15:a6:2b:
79:75:4d:85:87:30:25:b4:25:d7:b3:8f:91:e5:a3:
94:76:1e:b0:86:10:67:ac:92:0c:cb:1d:b7:ce:da:
71:af:59:aa:be:8e:87:5a:ef:98:d0:bd:d3:38:3a:
1b:a9:08:2b:0b:87:4f:3f:36:5d:92:10:f5:7b:14:
2b:a2:3a:a8:c3:39:18:a3:9f:0b:8c:5c:2d:00:c8:
4f:f7:fb:d2:8d:bb:8d:86:20:7b:f6:25:37:95:f1:
95:34:10:8e:94:86:3a:d4:20:cf:f3:e1:26:ec:c0:
c5:07:26:68:09:d2:89:09:88:e3:a9:ec:7c:02:1f:
6a:6e:7c:d5:e3:11:46:f1:f5:d7:73:83:29:db:25:
7e:d0:98:d0:43:b3:ec:a1:15:ae:09:98:fc:25:5a:
20:a9:00:8c:17:c7:4d:27:60:cf:70:ab:6b:a6:1b:
66:47:dd:78:79:64:c9:76:e5:36:50:ff:2b:6e:53:
42:6d:1d:2b:24:98:15:57:27:9f:82:e5:a9:df:7b:
85:11:b7:67:d5:24:c7:be:a8:62:a6:f5:3e:bf:ee:
9c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:3E:07:43:06:82:9D:63:CD:6F:E1:8B:41:FF:A0:98:CE:4E:E4:5C
X509v3 Authority Key Identifier:
keyid:D2:4A:DE:CD:84:BB:17:48:BD:35:B9:9E:CE:A4:67:72:E0:1E:C9:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0krezYS7F0i9NbmezqRncuAeyTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
86:90:6e:8c:9c:9f:1d:13:35:46:6d:88:20:18:36:17:8d:ba:
fd:c1:07:69:42:78:72:50:ad:b2:98:99:cd:32:d3:fc:d9:51:
90:a0:eb:a6:3a:77:49:07:de:ca:1e:53:4e:20:e7:5a:78:9a:
00:4e:a5:43:98:b3:f9:e6:cc:6f:26:71:f2:a8:f9:4f:70:29:
5b:d4:2e:1a:6d:af:21:c1:53:8f:d2:f5:04:b0:6c:e9:bc:bb:
d6:88:b6:04:22:ca:2d:17:c6:db:dc:66:26:d2:ea:da:82:a2:
ae:76:be:00:9d:ab:36:aa:13:57:1e:b1:1f:af:e6:6b:4b:97:
79:69:6a:84:f7:d0:d1:23:69:0c:3e:8c:e6:10:bc:5d:38:f9:
3c:48:fc:0d:a0:f9:bf:a2:5a:7d:5d:3b:0f:a4:ba:d2:f0:3d:
10:ab:82:18:58:4a:08:fd:42:c9:b7:b3:b2:41:98:81:76:a0:
64:c6:b3:65:f3:32:1d:e4:a9:e1:6f:16:92:11:84:75:97:96:
dd:c2:8b:d0:71:5c:37:72:b0:f3:fa:52:38:74:02:8c:4a:b8:
08:2e:da:eb:88:e1:75:66:3a:f8:0e:53:d0:4c:ef:df:cd:d3:
fa:df:6d:28:c0:6c:ff:57:7b:5c:bb:76:6f:ec:1e:b4:34:e2:
7d:a0:84:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVU4H7JareaB3KyqwnJEZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNGFkZWNkODRiYjE3NDhiZDM1Yjk5ZWNlYTQ2NzcyZTAx
ZWM5MzUwHhcNMjUwOTA3MDQwMDM5WhcNMjUwOTA4MDQwMDM5WjAzMTEwLwYDVQQD
EyhhNjNlMDc0MzA2ODI5ZDYzY2Q2ZmUxOGI0MWZmYTA5OGNlNGVlNDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKLa6wFtMSfLVrVm6Wc5g6YGZbyo
lib+jg2KQqIEqKEtcF9Fo7wwJ2sVpit5dU2FhzAltCXXs4+R5aOUdh6whhBnrJIM
yx23ztpxr1mqvo6HWu+Y0L3TODobqQgrC4dPPzZdkhD1exQrojqowzkYo58LjFwt
AMhP9/vSjbuNhiB79iU3lfGVNBCOlIY61CDP8+Em7MDFByZoCdKJCYjjqex8Ah9q
bnzV4xFG8fXXc4Mp2yV+0JjQQ7PsoRWuCZj8JVogqQCMF8dNJ2DPcKtrphtmR914
eWTJduU2UP8rblNCbR0rJJgVVyefguWp33uFEbdn1STHvqhipvU+v+6c5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKY+B0MGgp1jzW/hi0H/oJjOTuRcMB8GA1UdIwQY
MBaAFNJK3s2EuxdIvTW5ns6kZ3LgHsk1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGtyZXpZUzdGMGk5TmJtZXpxUm5jdUFleVRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS82M2E4NDUtOGMwOS00ZDY5LWE3NzEt
NDhhNjA3YmJlMjVlLzEvMGtyZXpZUzdGMGk5TmJtZXpxUm5jdUFleVRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS82M2E4NDUtOGMwOS00ZDY5LWE3NzEtNDhhNjA3YmJlMjVl
LzEvMGtyZXpZUzdGMGk5TmJtZXpxUm5jdUFleVRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhpBujJyf
HRM1Rm2IIBg2F426/cEHaUJ4clCtspiZzTLT/NlRkKDrpjp3SQfeyh5TTiDnWnia
AE6lQ5iz+ebMbyZx8qj5T3ApW9QuGm2vIcFTj9L1BLBs6by71oi2BCLKLRfG29xm
JtLq2oKirna+AJ2rNqoTVx6xH6/ma0uXeWlqhPfQ0SNpDD6M5hC8XTj5PEj8DaD5
v6JafV07D6S60vA9EKuCGFhKCP1CybezskGYgXagZMazZfMyHeSp4W8WkhGEdZeW
3cKL0HFcN3Kw8/pSOHQCjEq4CC7a64jhdWY6+A5T0Ezv383T+t9tKMBs/1d7XLt2
b+wetDTifaCEzg==
-----END CERTIFICATE-----
Generated at Sun Sep 7 14:00:40 2025 by rpki-client