Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.mft
File: rKbwaDzHS63SOoFAw4XxyBziTfc.mft (raw, json)
Hash identifier: 1u7kQZa9tCvu3yMeLMR5XvScd5gvzb8aT+Gnle2o2pg=
Subject key identifier: 37:ED:1C:43:2A:DC:BA:56:4B:9A:41:AC:5B:A2:58:64:26:BD:E6:57
Authority key identifier: AC:A6:F0:68:3C:C7:4B:AD:D2:3A:81:40:C3:85:F1:C8:1C:E2:4D:F7
Certificate issuer: /CN=aca6f0683cc74badd23a8140c385f1c81ce24df7
Certificate serial: 0198971390B137A5537F8FD1B0CB94DF662B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKbwaDzHS63SOoFAw4XxyBziTfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.mft
Manifest number: 0CD2
Signing time: Mon 11 Aug 2025 03:01:38 +0000
Manifest this update: Mon 11 Aug 2025 03:01:38 +0000
Manifest next update: Tue 12 Aug 2025 03:01:38 +0000
Files and hashes: 1: 0vFnPnyD0rk0NBq-vHcuUjmsih4.roa (hash: 8C+9WOepMdgxD+Xcj7Wjy9LCISmYrp2hucRDb6Vj6WM=)
2: rKbwaDzHS63SOoFAw4XxyBziTfc.crl (hash: QgzyYDeNgGPwSCgm6Tnh/2+GI2XE8WFI3fdYjgBdR24=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKbwaDzHS63SOoFAw4XxyBziTfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Aug 2025 02:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:97:13:90:b1:37:a5:53:7f:8f:d1:b0:cb:94:df:66:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca6f0683cc74badd23a8140c385f1c81ce24df7
Validity
Not Before: Aug 11 03:01:38 2025 GMT
Not After : Aug 12 03:01:38 2025 GMT
Subject: CN=37ed1c432adcba564b9a41ac5ba2586426bde657
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:25:4e:68:fb:2d:1a:0d:2d:48:b9:a8:84:1d:
9f:c2:48:9b:18:ab:af:76:e0:87:44:8e:c2:d9:22:
8b:22:fc:5d:7f:54:48:fb:27:70:45:74:a0:34:bf:
d2:27:df:9b:35:71:91:a1:4b:d0:e4:61:d3:45:16:
93:d8:eb:bc:d9:9b:53:85:c7:1a:85:72:a7:ba:97:
bb:6e:f9:50:0a:02:59:63:e0:31:f4:19:75:d3:5e:
b9:dd:a6:11:fe:9e:cc:29:1e:fc:98:d4:4f:ce:56:
b8:da:dc:78:d1:3e:1d:a0:de:4d:f5:aa:da:59:74:
0b:73:2e:fd:09:8e:45:b7:0f:86:f1:a1:1e:52:b8:
75:74:1d:67:64:d8:b5:78:42:c5:b8:ad:d8:37:de:
f1:0c:94:9f:80:9a:27:f8:ae:c4:24:e7:53:c9:dd:
0d:88:c6:c8:37:24:ff:13:5a:62:c6:71:e9:38:f1:
1f:76:15:12:73:f7:48:15:9c:49:8a:dc:f9:f0:a6:
1c:18:72:a6:92:a0:8c:ca:5c:00:8a:22:82:7c:90:
a9:ec:12:f1:ae:48:c3:6f:a1:7a:7c:0a:39:81:aa:
e5:9b:6e:ac:17:da:10:79:f2:2a:c5:4e:e8:15:57:
78:37:94:8d:4c:c2:3a:fd:83:56:b6:79:cb:92:0b:
95:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:ED:1C:43:2A:DC:BA:56:4B:9A:41:AC:5B:A2:58:64:26:BD:E6:57
X509v3 Authority Key Identifier:
keyid:AC:A6:F0:68:3C:C7:4B:AD:D2:3A:81:40:C3:85:F1:C8:1C:E2:4D:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKbwaDzHS63SOoFAw4XxyBziTfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4a:80:98:01:66:de:4d:64:b9:5d:cf:e2:08:fc:cd:9c:fd:a6:
f6:c1:72:aa:ab:3a:01:28:0f:5a:c6:3c:98:a0:41:eb:a6:14:
22:ec:00:5f:a7:ee:73:eb:e4:ab:79:19:48:72:1b:95:7a:9a:
da:93:f0:b6:96:b6:9d:af:3a:f3:62:33:93:04:c7:7b:1a:05:
4a:32:f9:cf:92:08:3b:f5:ef:02:34:a8:36:54:9e:3f:59:3f:
a3:1d:fa:cd:23:f7:08:b9:7e:bd:25:03:29:89:07:e7:af:2e:
c7:c6:59:43:0b:6a:db:80:d9:e0:bc:c1:45:4a:37:a2:f2:10:
d9:89:5e:fd:d7:ec:bb:06:fe:82:a4:3e:50:bd:7e:a3:e2:4e:
62:e2:b0:e9:24:ee:e3:dd:39:6f:ee:fc:b6:4b:67:3c:1f:e7:
45:a4:37:00:64:7c:80:15:d2:6a:ba:b6:35:10:bd:20:11:a1:
1d:28:0b:fb:7c:c2:c5:fd:d8:a7:98:91:bb:3d:a6:16:43:42:
cd:9a:c4:eb:5e:98:79:bc:5f:c8:d3:ee:3b:a5:09:ce:c6:49:
45:b1:61:82:46:cd:1c:a5:33:23:19:ca:c4:a2:04:b8:55:5d:
66:81:94:2d:7f:0a:b7:c4:5c:43:ea:a9:42:da:a9:3d:1b:68:
7f:c7:a1:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiXE5CxN6VTf4/RsMuU32YrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTZmMDY4M2NjNzRiYWRkMjNhODE0MGMzODVmMWM4MWNl
MjRkZjcwHhcNMjUwODExMDMwMTM4WhcNMjUwODEyMDMwMTM4WjAzMTEwLwYDVQQD
EygzN2VkMWM0MzJhZGNiYTU2NGI5YTQxYWM1YmEyNTg2NDI2YmRlNjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSVOaPstGg0tSLmohB2fwkibGKuv
duCHRI7C2SKLIvxdf1RI+ydwRXSgNL/SJ9+bNXGRoUvQ5GHTRRaT2Ou82ZtThcca
hXKnupe7bvlQCgJZY+Ax9Bl101653aYR/p7MKR78mNRPzla42tx40T4doN5N9ara
WXQLcy79CY5Ftw+G8aEeUrh1dB1nZNi1eELFuK3YN97xDJSfgJon+K7EJOdTyd0N
iMbINyT/E1pixnHpOPEfdhUSc/dIFZxJitz58KYcGHKmkqCMylwAiiKCfJCp7BLx
rkjDb6F6fAo5garlm26sF9oQefIqxU7oFVd4N5SNTMI6/YNWtnnLkguVCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDftHEMq3LpWS5pBrFuiWGQmveZXMB8GA1UdIwQY
MBaAFKym8Gg8x0ut0jqBQMOF8cgc4k33MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktid2FEekhTNjNTT29GQXc0WHh5QnppVGZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8yZDQ4MTgtZjE4Mi00YjQ2LTllOGMt
MDgyNzk2MWMwNWUwLzEvcktid2FEekhTNjNTT29GQXc0WHh5QnppVGZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8yZDQ4MTgtZjE4Mi00YjQ2LTllOGMtMDgyNzk2MWMwNWUw
LzEvcktid2FEekhTNjNTT29GQXc0WHh5QnppVGZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASoCYAWbe
TWS5Xc/iCPzNnP2m9sFyqqs6ASgPWsY8mKBB66YUIuwAX6fuc+vkq3kZSHIblXqa
2pPwtpa2na8682IzkwTHexoFSjL5z5IIO/XvAjSoNlSeP1k/ox36zSP3CLl+vSUD
KYkH568ux8ZZQwtq24DZ4LzBRUo3ovIQ2Yle/dfsuwb+gqQ+UL1+o+JOYuKw6STu
4905b+78tktnPB/nRaQ3AGR8gBXSarq2NRC9IBGhHSgL+3zCxf3Yp5iRuz2mFkNC
zZrE616YebxfyNPuO6UJzsZJRbFhgkbNHKUzIxnKxKIEuFVdZoGULX8Kt8RcQ+qp
QtqpPRtof8ehaA==
-----END CERTIFICATE-----
Generated at Mon Aug 11 05:52:28 2025 by rpki-client