Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/58a4e1-dfc1-4d81-b2c6-216597e03f11/1/MXBn6Bphoh_cFIWY72ull1f6A4A.mft
File: MXBn6Bphoh_cFIWY72ull1f6A4A.mft (raw, json)
Hash identifier: dzg65vchfDbWAfPbFnTHl2SPINXx5Whb3qEHbeLvmes=
Subject key identifier: CE:24:BA:81:D3:41:49:8F:BC:36:19:63:D1:10:8C:2A:68:D0:C3:3B
Authority key identifier: 31:70:67:E8:1A:61:A2:1F:DC:14:85:98:EF:6B:A5:97:57:FA:03:80
Certificate issuer: /CN=317067e81a61a21fdc148598ef6ba59757fa0380
Certificate serial: 0198933627090E26B9F78371C4E312925A5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MXBn6Bphoh_cFIWY72ull1f6A4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/58a4e1-dfc1-4d81-b2c6-216597e03f11/1/MXBn6Bphoh_cFIWY72ull1f6A4A.mft
Manifest number: 08AE
Signing time: Sun 10 Aug 2025 09:00:56 +0000
Manifest this update: Sun 10 Aug 2025 09:00:56 +0000
Manifest next update: Mon 11 Aug 2025 09:00:56 +0000
Files and hashes: 1: 1kHURLGCgDrhi9IHuZm9V5RPr7o.roa (hash: QOJumlfbHeKteqZFgdexa+53Le46L9xrcfm0BrIrj/w=)
2: MXBn6Bphoh_cFIWY72ull1f6A4A.crl (hash: ksss3Pg6GewLKYVdNNIOdOYRal0nrJAEuAeunBBjuMU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/58a4e1-dfc1-4d81-b2c6-216597e03f11/1/MXBn6Bphoh_cFIWY72ull1f6A4A.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/58a4e1-dfc1-4d81-b2c6-216597e03f11/1/MXBn6Bphoh_cFIWY72ull1f6A4A.mft
rsync://rpki.ripe.net/repository/DEFAULT/MXBn6Bphoh_cFIWY72ull1f6A4A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 08:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:93:36:27:09:0e:26:b9:f7:83:71:c4:e3:12:92:5a:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=317067e81a61a21fdc148598ef6ba59757fa0380
Validity
Not Before: Aug 10 09:00:56 2025 GMT
Not After : Aug 11 09:00:56 2025 GMT
Subject: CN=ce24ba81d341498fbc361963d1108c2a68d0c33b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:0b:fc:3f:18:f7:99:dc:d5:e4:cb:25:81:d0:
c1:c2:ca:cd:ab:97:b0:76:1e:c4:c9:37:99:91:3b:
3b:08:ae:b7:8f:df:16:db:a8:7e:74:ec:92:e1:47:
ec:c1:64:a6:72:12:96:4c:77:17:63:2c:f1:1b:e5:
71:0e:5b:3a:59:d5:d0:bc:68:30:1a:6e:d6:5e:8c:
26:de:a5:29:d8:3a:01:4d:27:f9:22:82:3d:d6:8b:
63:c3:1b:ac:1d:f9:84:8a:f1:e5:19:b8:97:06:a9:
4a:ef:05:72:37:f9:c5:99:a4:8c:92:ec:85:9a:ba:
84:c1:1c:5a:b5:39:0a:f1:86:5e:64:2d:99:8d:d0:
1e:cc:46:8a:20:cb:2e:c6:fc:6d:5d:9f:5b:dd:15:
4e:85:12:b0:1d:19:5a:ce:34:2f:d3:d2:df:af:5d:
3f:43:8d:5c:6a:c0:87:e2:d1:85:55:bd:dc:0d:a3:
e8:a3:9a:1f:17:02:e5:18:a0:2d:2a:55:36:2e:da:
66:1f:39:4c:62:78:cf:38:9d:82:fe:c8:ce:ee:74:
fd:ca:df:0e:98:e9:4f:fa:05:6d:37:c2:77:e0:12:
6a:bb:07:e8:1b:0e:dd:5a:6a:d9:c0:41:85:42:fe:
e3:f4:92:f0:be:73:8b:b8:fa:cb:f0:79:77:33:c6:
e8:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:24:BA:81:D3:41:49:8F:BC:36:19:63:D1:10:8C:2A:68:D0:C3:3B
X509v3 Authority Key Identifier:
keyid:31:70:67:E8:1A:61:A2:1F:DC:14:85:98:EF:6B:A5:97:57:FA:03:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MXBn6Bphoh_cFIWY72ull1f6A4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/58a4e1-dfc1-4d81-b2c6-216597e03f11/1/MXBn6Bphoh_cFIWY72ull1f6A4A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/58a4e1-dfc1-4d81-b2c6-216597e03f11/1/MXBn6Bphoh_cFIWY72ull1f6A4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2e:f2:ee:3b:aa:d4:da:c3:6c:16:7f:ba:f8:c4:ee:41:60:a9:
65:b9:50:7e:6f:1d:43:c6:e4:a0:80:cd:35:50:4d:55:e9:85:
97:27:a4:e4:9a:de:ba:a7:70:c9:02:86:cd:22:cd:ef:ba:0c:
21:ab:21:4b:6f:ae:3f:ed:27:c9:29:2e:23:1b:c3:ed:91:81:
58:f9:70:22:1c:3c:b8:e8:fe:9b:bd:5d:11:15:43:7e:aa:06:
1d:97:12:48:16:c3:5f:22:fb:8c:8a:a1:64:a4:88:e6:f9:57:
bf:a9:b1:3f:b7:14:dd:81:3a:96:3b:8b:fb:77:d8:5d:da:63:
46:ec:f4:16:1c:94:3c:cf:e1:91:e2:8e:0d:ff:b3:1b:f4:10:
e7:83:a1:68:d7:30:07:e8:e5:7b:39:42:0a:a5:be:61:8a:e6:
f9:01:c0:83:73:a3:ca:4c:06:84:29:1a:2f:d7:aa:98:5d:c8:
21:b2:a9:2d:1e:56:45:ae:31:6f:86:5a:d2:db:16:43:cc:c4:
17:7c:75:28:72:c6:a9:0d:be:6a:d5:d0:91:03:9d:85:7c:54:
67:2b:90:61:be:5f:7b:3c:14:a0:71:e6:f1:76:22:a3:ca:7d:
8d:9d:09:4f:6f:1d:08:88:df:f4:3b:0d:a1:39:80:8b:5c:39:
7f:c4:3c:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiTNicJDia594NxxOMSklpdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNzA2N2U4MWE2MWEyMWZkYzE0ODU5OGVmNmJhNTk3NTdm
YTAzODAwHhcNMjUwODEwMDkwMDU2WhcNMjUwODExMDkwMDU2WjAzMTEwLwYDVQQD
EyhjZTI0YmE4MWQzNDE0OThmYmMzNjE5NjNkMTEwOGMyYTY4ZDBjMzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgv8Pxj3mdzV5MslgdDBwsrNq5ew
dh7EyTeZkTs7CK63j98W26h+dOyS4UfswWSmchKWTHcXYyzxG+VxDls6WdXQvGgw
Gm7WXowm3qUp2DoBTSf5IoI91otjwxusHfmEivHlGbiXBqlK7wVyN/nFmaSMkuyF
mrqEwRxatTkK8YZeZC2ZjdAezEaKIMsuxvxtXZ9b3RVOhRKwHRlazjQv09Lfr10/
Q41casCH4tGFVb3cDaPoo5ofFwLlGKAtKlU2LtpmHzlMYnjPOJ2C/sjO7nT9yt8O
mOlP+gVtN8J34BJquwfoGw7dWmrZwEGFQv7j9JLwvnOLuPrL8Hl3M8bosQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM4kuoHTQUmPvDYZY9EQjCpo0MM7MB8GA1UdIwQY
MBaAFDFwZ+gaYaIf3BSFmO9rpZdX+gOAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVhCbjZCcGhvaF9jRklXWTcydWxsMWY2QTRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi81OGE0ZTEtZGZjMS00ZDgxLWIyYzYt
MjE2NTk3ZTAzZjExLzEvTVhCbjZCcGhvaF9jRklXWTcydWxsMWY2QTRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi81OGE0ZTEtZGZjMS00ZDgxLWIyYzYtMjE2NTk3ZTAzZjEx
LzEvTVhCbjZCcGhvaF9jRklXWTcydWxsMWY2QTRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALvLuO6rU
2sNsFn+6+MTuQWCpZblQfm8dQ8bkoIDNNVBNVemFlyek5JreuqdwyQKGzSLN77oM
IashS2+uP+0nySkuIxvD7ZGBWPlwIhw8uOj+m71dERVDfqoGHZcSSBbDXyL7jIqh
ZKSI5vlXv6mxP7cU3YE6ljuL+3fYXdpjRuz0FhyUPM/hkeKODf+zG/QQ54OhaNcw
B+jlezlCCqW+YYrm+QHAg3OjykwGhCkaL9eqmF3IIbKpLR5WRa4xb4Za0tsWQ8zE
F3x1KHLGqQ2+atXQkQOdhXxUZyuQYb5fezwUoHHm8XYio8p9jZ0JT28dCIjf9DsN
oTmAi1w5f8Q8Ww==
-----END CERTIFICATE-----
Generated at Sun Aug 10 13:43:37 2025 by rpki-client