Manifest
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/0/B8288EA9E3D67DC3D38FA775181C4B2C87729BDF.mft
File: B8288EA9E3D67DC3D38FA775181C4B2C87729BDF.mft (raw, json)
Hash identifier: +Gv5w6Lg729ezF+C0giiGVFDf8+1GpfEGbYYk6zYmfQ=
Subject key identifier: F1:4B:3D:9A:24:47:5C:87:63:D1:3C:37:2F:D1:4C:70:9F:E4:BC:FB
Authority key identifier: B8:28:8E:A9:E3:D6:7D:C3:D3:8F:A7:75:18:1C:4B:2C:87:72:9B:DF
Certificate issuer: /CN=b8288ea9e3d67dc3d38fa775181c4b2c87729bdf
Certificate serial: 7DB0886D07A0D217B7B4F2C762507813011B7D76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uCiOqePWfcPTj6d1GBxLLIdym98.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/0/B8288EA9E3D67DC3D38FA775181C4B2C87729BDF.mft
Manifest number: CE
Signing time: Thu 04 Sep 2025 16:34:54 +0000
Manifest this update: Thu 04 Sep 2025 16:29:54 +0000
Manifest next update: Fri 05 Sep 2025 18:55:54 +0000
Files and hashes: 1: B8288EA9E3D67DC3D38FA775181C4B2C87729BDF.crl (hash: y1Dtoj21gMEI2eTJz4djV3V0YEv4+AT3RYpSj5CIlNk=)
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/0/B8288EA9E3D67DC3D38FA775181C4B2C87729BDF.crl
rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/0/B8288EA9E3D67DC3D38FA775181C4B2C87729BDF.mft
rsync://rpki.ripe.net/repository/DEFAULT/uCiOqePWfcPTj6d1GBxLLIdym98.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Sep 2025 14:48:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:b0:88:6d:07:a0:d2:17:b7:b4:f2:c7:62:50:78:13:01:1b:7d:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8288ea9e3d67dc3d38fa775181c4b2c87729bdf
Validity
Not Before: Sep 4 16:29:54 2025 GMT
Not After : Sep 5 18:55:54 2025 GMT
Subject: CN=F14B3D9A24475C8763D13C372FD14C709FE4BCFB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:34:58:3b:a1:14:b3:ff:47:59:e5:9a:03:30:
cd:c1:60:2d:72:a1:1a:c2:19:74:95:7c:5f:d4:30:
59:b4:86:66:47:29:64:d8:e9:08:bb:ee:db:6d:20:
d4:40:ce:d5:6d:97:95:67:e3:d6:be:2a:95:62:1b:
6f:15:b5:24:3b:6d:39:53:11:5e:c0:4b:54:8c:17:
b9:7e:ed:5e:67:dd:2d:d1:fd:fe:fc:5d:02:25:68:
03:c3:9e:47:d7:1a:5d:30:df:2b:fe:b8:fc:a9:78:
85:92:c6:19:bc:be:0f:23:38:13:ea:27:12:92:8f:
79:32:d4:fd:c7:8b:50:9c:e1:d1:bc:ae:ed:3b:a1:
1c:fb:a6:75:4f:26:09:5f:10:58:fb:95:4a:93:1c:
c3:ee:bb:15:e7:d0:3e:fc:0e:71:54:41:b6:c7:53:
b3:ff:27:0e:2a:bd:e1:10:27:70:cb:45:fa:fc:b8:
05:f1:c1:77:81:37:47:41:10:01:b6:ca:7f:9d:3e:
4f:1d:c0:0b:4a:14:50:1a:89:87:4f:d3:2f:54:be:
82:fa:0b:c4:15:58:06:48:40:b4:f0:12:87:a1:36:
a9:f2:21:ee:d8:d9:b9:49:cd:2f:70:bb:4f:47:69:
61:64:ab:09:20:5c:64:4d:43:71:60:8d:6f:ab:c4:
89:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:4B:3D:9A:24:47:5C:87:63:D1:3C:37:2F:D1:4C:70:9F:E4:BC:FB
X509v3 Authority Key Identifier:
keyid:B8:28:8E:A9:E3:D6:7D:C3:D3:8F:A7:75:18:1C:4B:2C:87:72:9B:DF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/0/B8288EA9E3D67DC3D38FA775181C4B2C87729BDF.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uCiOqePWfcPTj6d1GBxLLIdym98.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/0/B8288EA9E3D67DC3D38FA775181C4B2C87729BDF.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
58:a2:e5:81:22:55:01:4a:3f:1f:cf:aa:d5:c7:f6:b9:30:3d:
e5:7f:d6:b2:46:3b:87:2a:2e:e9:53:4d:96:8a:ec:3d:1c:f4:
b0:0c:74:72:c5:e2:2d:02:d1:57:9e:89:60:bb:bf:0e:b6:30:
8c:91:d4:e9:17:4b:1d:4e:4c:05:65:31:90:19:c3:4c:15:7d:
0f:7b:a9:e7:48:84:d9:ba:89:16:b5:d7:c4:8c:be:e5:b2:0a:
d2:59:40:0c:20:18:08:9a:0d:43:b7:b6:80:f8:aa:52:93:50:
87:7a:38:6b:cd:20:66:7d:7c:7d:f8:3f:c1:6d:f5:a4:e9:74:
b0:24:97:f9:5f:28:91:58:b5:fd:08:7b:24:7c:c5:69:a9:08:
21:34:80:09:72:b0:bd:e8:30:21:19:6d:50:7e:80:75:91:38:
f8:39:34:98:33:ef:6c:11:81:06:24:40:b3:89:24:b9:5d:94:
c2:e0:b0:37:df:3b:d5:63:6f:cd:7e:ca:3e:18:a6:fd:52:29:
bc:11:e8:58:c1:11:33:ca:2d:23:d6:65:a7:ae:01:4e:6c:93:
3a:1a:3b:1e:d3:5c:72:86:8d:5f:27:dd:e0:0f:7d:42:ae:58:
7f:df:95:8e:0c:ff:ce:3f:a7:e8:e6:1e:5b:d3:de:42:71:29:
d3:ff:e6:fc
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUfbCIbQeg0he3tPLHYlB4EwEbfXYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjgyODhlYTllM2Q2N2RjM2QzOGZhNzc1MTgxYzRiMmM4
NzcyOWJkZjAeFw0yNTA5MDQxNjI5NTRaFw0yNTA5MDUxODU1NTRaMDMxMTAvBgNV
BAMTKEYxNEIzRDlBMjQ0NzVDODc2M0QxM0MzNzJGRDE0QzcwOUZFNEJDRkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4NFg7oRSz/0dZ5ZoDMM3BYC1y
oRrCGXSVfF/UMFm0hmZHKWTY6Qi77tttINRAztVtl5Vn49a+KpViG28VtSQ7bTlT
EV7AS1SMF7l+7V5n3S3R/f78XQIlaAPDnkfXGl0w3yv+uPypeIWSxhm8vg8jOBPq
JxKSj3ky1P3Hi1Cc4dG8ru07oRz7pnVPJglfEFj7lUqTHMPuuxXn0D78DnFUQbbH
U7P/Jw4qveEQJ3DLRfr8uAXxwXeBN0dBEAG2yn+dPk8dwAtKFFAaiYdP0y9UvoL6
C8QVWAZIQLTwEoehNqnyIe7Y2blJzS9wu09HaWFkqwkgXGRNQ3FgjW+rxIkFAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQU8Us9miRHXIdj0Tw3L9FMcJ/kvPswHwYDVR0j
BBgwFoAUuCiOqePWfcPTj6d1GBxLLIdym98wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvM2M4ZTRlMTEtM2FjYS00MzA1LWFjZDQtZjA1ZTZjOTA5
MTE1LzAvQjgyODhFQTlFM0Q2N0RDM0QzOEZBNzc1MTgxQzRCMkM4NzcyOUJERi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VDaU9xZVBXZmNQVGo2ZDFHQnhMTElk
eW05OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zYzhlNGUxMS0z
YWNhLTQzMDUtYWNkNC1mMDVlNmM5MDkxMTUvMC9CODI4OEVBOUUzRDY3REMzRDM4
RkE3NzUxODFDNEIyQzg3NzI5QkRGLm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWKLlgSJVAUo/H8+q1cf2
uTA95X/WskY7hyou6VNNlorsPRz0sAx0csXiLQLRV56JYLu/DrYwjJHU6RdLHU5M
BWUxkBnDTBV9D3up50iE2bqJFrXXxIy+5bIK0llADCAYCJoNQ7e2gPiqUpNQh3o4
a80gZn18ffg/wW31pOl0sCSX+V8okVi1/Qh7JHzFaakIITSACXKwvegwIRltUH6A
dZE4+Dk0mDPvbBGBBiRAs4kkuV2UwuCwN9871WNvzX7KPhim/VIpvBHoWMERM8ot
I9Zlp64BTmyTOho7HtNccoaNXyfd4A99Qq5Yf9+Vjgz/zj+n6OYeW9PeQnEp0//m
/A==
-----END CERTIFICATE-----
Generated at Thu Sep 4 17:49:49 2025 by rpki-client