Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/a01acd-a3de-4839-9d02-643c1fe38385/1/8PY2_se1stGN43l-aYTAaVXnFtc.mft
File: 8PY2_se1stGN43l-aYTAaVXnFtc.mft (raw, json)
Hash identifier: b2TqlK5WpwUVEm4NVUsbohbWNcHyojmmXZ9/fc20id8=
Subject key identifier: 10:FE:FA:F9:42:1A:C8:A7:E9:56:7F:C9:19:1C:45:4C:F0:91:22:3C
Authority key identifier: F0:F6:36:FE:C7:B5:B2:D1:8D:E3:79:7E:69:84:C0:69:55:E7:16:D7
Certificate issuer: /CN=f0f636fec7b5b2d18de3797e6984c06955e716d7
Certificate serial: 019873E1E6CFF11D1DCFE823603AA932C0B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8PY2_se1stGN43l-aYTAaVXnFtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/a01acd-a3de-4839-9d02-643c1fe38385/1/8PY2_se1stGN43l-aYTAaVXnFtc.mft
Manifest number: 161B
Signing time: Mon 04 Aug 2025 07:00:41 +0000
Manifest this update: Mon 04 Aug 2025 07:00:41 +0000
Manifest next update: Tue 05 Aug 2025 07:00:41 +0000
Files and hashes: 1: 8PY2_se1stGN43l-aYTAaVXnFtc.crl (hash: 9Y0W8kpV4pn6tvASeixNkPlLigKTiUnOcb6vSxXrZL8=)
2: N4NsUcZuS_9XiBDgAfw6eryV7HU.roa (hash: tpgeA/zfOVEAg9H115FFWM358l26uFQNlABFRgvWlU4=)
3: yV4dNy3NsBZVUNWCmHTLsnrsaLM.roa (hash: HeRl5vH7gTSirrF3z1irtqiGbkDXqM3OvljtYndKLgE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/a01acd-a3de-4839-9d02-643c1fe38385/1/8PY2_se1stGN43l-aYTAaVXnFtc.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/a01acd-a3de-4839-9d02-643c1fe38385/1/8PY2_se1stGN43l-aYTAaVXnFtc.mft
rsync://rpki.ripe.net/repository/DEFAULT/8PY2_se1stGN43l-aYTAaVXnFtc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 07:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:73:e1:e6:cf:f1:1d:1d:cf:e8:23:60:3a:a9:32:c0:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0f636fec7b5b2d18de3797e6984c06955e716d7
Validity
Not Before: Aug 4 07:00:41 2025 GMT
Not After : Aug 5 07:00:41 2025 GMT
Subject: CN=10fefaf9421ac8a7e9567fc9191c454cf091223c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:f6:05:c9:f1:4d:13:b1:f2:b1:13:0a:45:e5:
c7:ba:a9:37:0f:db:f1:2e:90:91:54:c1:3e:74:70:
1f:07:88:1b:61:79:72:b7:9e:f8:2e:ee:0d:40:cb:
13:c4:68:0e:fc:0e:79:e1:e4:a2:b6:19:f1:42:c4:
2b:51:45:ab:8d:22:08:f3:2d:bf:27:99:7c:51:57:
ce:21:1e:6e:78:5a:05:46:b0:21:05:91:10:b9:7c:
92:a3:62:30:36:c0:d3:63:96:19:cc:8d:2c:39:33:
b0:64:69:99:c0:f3:2d:97:83:68:94:f0:a9:25:53:
61:fc:f4:d1:a1:06:75:d5:2b:6a:23:4b:cb:46:bb:
9b:bd:3d:cd:54:98:a7:5c:09:b6:1d:cd:3d:05:04:
93:5f:05:c5:f5:e6:f2:1c:80:df:11:55:e1:5e:cc:
22:3b:ff:44:a0:c5:d5:d9:5d:52:5d:33:97:b6:3a:
14:bd:dc:c3:0f:ea:3c:30:8e:e3:2c:16:5f:9d:e1:
74:b4:e1:70:2c:e3:2f:aa:34:8d:98:c0:34:f1:e2:
1e:db:ed:37:a6:e8:f0:fd:1f:d5:49:16:89:d4:12:
29:f6:6a:6d:dd:52:95:f7:51:d9:bf:11:0c:e4:a2:
66:45:ab:38:10:a8:89:d3:64:a3:9f:1a:c1:06:c6:
fe:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:FE:FA:F9:42:1A:C8:A7:E9:56:7F:C9:19:1C:45:4C:F0:91:22:3C
X509v3 Authority Key Identifier:
keyid:F0:F6:36:FE:C7:B5:B2:D1:8D:E3:79:7E:69:84:C0:69:55:E7:16:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8PY2_se1stGN43l-aYTAaVXnFtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/a01acd-a3de-4839-9d02-643c1fe38385/1/8PY2_se1stGN43l-aYTAaVXnFtc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/a01acd-a3de-4839-9d02-643c1fe38385/1/8PY2_se1stGN43l-aYTAaVXnFtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
03:11:60:98:70:75:c2:e5:2d:18:4c:ee:43:9b:e6:25:9c:19:
23:55:d3:a0:0a:b9:63:72:b9:22:a9:12:dd:57:8c:7f:ef:0d:
79:c1:20:b4:0a:54:75:b7:ef:1c:fb:b6:53:ef:ef:05:a2:1b:
a0:f6:5d:9b:0b:fe:86:c1:7a:97:3b:0f:57:9f:63:05:f4:8b:
8c:e3:f0:bd:c1:b2:e7:95:09:94:a5:86:10:42:43:60:da:74:
a7:81:af:5a:c9:a3:a5:d4:ca:14:80:1e:1b:8d:a1:7f:43:c0:
32:38:8b:26:4a:5f:41:bc:08:5a:8a:d4:90:ae:67:73:cb:1d:
f9:72:be:05:56:5a:83:a9:f0:c5:91:01:36:75:cd:e5:a6:5d:
f7:b8:e6:38:21:18:26:c2:c0:79:d3:f9:cb:16:38:87:58:8b:
72:c6:98:83:fb:d1:c8:ff:0a:06:6a:34:fb:12:a3:da:f1:53:
f6:d6:36:57:ca:f1:2a:98:2d:8c:98:64:b9:9c:b2:4b:1a:a4:
b3:f3:05:5b:88:04:da:96:60:be:81:0b:1d:1c:57:ad:7a:3c:
5c:f6:3e:87:79:6e:24:5a:89:72:85:79:78:30:17:f1:d9:24:
d3:4b:5e:5a:27:c4:a4:17:74:b3:67:09:95:8f:d8:b0:95:92:
aa:ee:24:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4ebP8R0dz+gjYDqpMsC1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZjYzNmZlYzdiNWIyZDE4ZGUzNzk3ZTY5ODRjMDY5NTVl
NzE2ZDcwHhcNMjUwODA0MDcwMDQxWhcNMjUwODA1MDcwMDQxWjAzMTEwLwYDVQQD
EygxMGZlZmFmOTQyMWFjOGE3ZTk1NjdmYzkxOTFjNDU0Y2YwOTEyMjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2fYFyfFNE7HysRMKReXHuqk3D9vx
LpCRVME+dHAfB4gbYXlyt574Lu4NQMsTxGgO/A554eSithnxQsQrUUWrjSII8y2/
J5l8UVfOIR5ueFoFRrAhBZEQuXySo2IwNsDTY5YZzI0sOTOwZGmZwPMtl4NolPCp
JVNh/PTRoQZ11StqI0vLRrubvT3NVJinXAm2Hc09BQSTXwXF9ebyHIDfEVXhXswi
O/9EoMXV2V1SXTOXtjoUvdzDD+o8MI7jLBZfneF0tOFwLOMvqjSNmMA08eIe2+03
pujw/R/VSRaJ1BIp9mpt3VKV91HZvxEM5KJmRas4EKiJ02SjnxrBBsb+gwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBD++vlCGsin6VZ/yRkcRUzwkSI8MB8GA1UdIwQY
MBaAFPD2Nv7HtbLRjeN5fmmEwGlV5xbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFBZMl9zZTFzdEdONDNsLWFZVEFhVlhuRnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9hMDFhY2QtYTNkZS00ODM5LTlkMDIt
NjQzYzFmZTM4Mzg1LzEvOFBZMl9zZTFzdEdONDNsLWFZVEFhVlhuRnRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9hMDFhY2QtYTNkZS00ODM5LTlkMDItNjQzYzFmZTM4Mzg1
LzEvOFBZMl9zZTFzdEdONDNsLWFZVEFhVlhuRnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAxFgmHB1
wuUtGEzuQ5vmJZwZI1XToAq5Y3K5IqkS3VeMf+8NecEgtApUdbfvHPu2U+/vBaIb
oPZdmwv+hsF6lzsPV59jBfSLjOPwvcGy55UJlKWGEEJDYNp0p4GvWsmjpdTKFIAe
G42hf0PAMjiLJkpfQbwIWorUkK5nc8sd+XK+BVZag6nwxZEBNnXN5aZd97jmOCEY
JsLAedP5yxY4h1iLcsaYg/vRyP8KBmo0+xKj2vFT9tY2V8rxKpgtjJhkuZyySxqk
s/MFW4gE2pZgvoELHRxXrXo8XPY+h3luJFqJcoV5eDAX8dkk00teWifEpBd0s2cJ
lY/YsJWSqu4kcg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 14:07:17 2025 by rpki-client