Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/8769f1-b80b-4886-bb0b-f625700e8a90/1/8gLwqonAZ9ZjOLTVnSBSujmplEs.mft
File: 8gLwqonAZ9ZjOLTVnSBSujmplEs.mft (raw, json)
Hash identifier: y6CfEBGJiszZUEcmvzM86aTPTwgnntfv5YsAEIep7Cg=
Subject key identifier: 54:C6:6C:03:DB:84:3D:41:8E:DE:08:76:7F:32:DC:B7:C4:93:0B:9C
Authority key identifier: F2:02:F0:AA:89:C0:67:D6:63:38:B4:D5:9D:20:52:BA:39:A9:94:4B
Certificate issuer: /CN=f202f0aa89c067d66338b4d59d2052ba39a9944b
Certificate serial: 019A522C2C84BA66ED1CDB7407CA7D0AB1F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8gLwqonAZ9ZjOLTVnSBSujmplEs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/8769f1-b80b-4886-bb0b-f625700e8a90/1/8gLwqonAZ9ZjOLTVnSBSujmplEs.mft
Manifest number: 0671
Signing time: Wed 05 Nov 2025 04:00:17 +0000
Manifest this update: Wed 05 Nov 2025 04:00:17 +0000
Manifest next update: Thu 06 Nov 2025 04:00:17 +0000
Files and hashes: 1: 8gLwqonAZ9ZjOLTVnSBSujmplEs.crl (hash: JC4M3xXzG1NOeuBG0l4Y6yGD1MITBXOqUME+w7wasvk=)
2: gxY3cqQ9AtbDjrB_-otpHb6Irb0.roa (hash: LD3l5OVkY9IZSD+ZJZMYqJis4oBCr+KMHwZEJzzuk0w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/8769f1-b80b-4886-bb0b-f625700e8a90/1/8gLwqonAZ9ZjOLTVnSBSujmplEs.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/8769f1-b80b-4886-bb0b-f625700e8a90/1/8gLwqonAZ9ZjOLTVnSBSujmplEs.mft
rsync://rpki.ripe.net/repository/DEFAULT/8gLwqonAZ9ZjOLTVnSBSujmplEs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:2c:2c:84:ba:66:ed:1c:db:74:07:ca:7d:0a:b1:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f202f0aa89c067d66338b4d59d2052ba39a9944b
Validity
Not Before: Nov 5 04:00:17 2025 GMT
Not After : Nov 6 04:00:17 2025 GMT
Subject: CN=54c66c03db843d418ede08767f32dcb7c4930b9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6e:98:a1:be:51:01:62:d6:43:7e:4b:8b:97:
67:b9:e1:90:e0:ba:07:10:91:fd:63:e6:7e:8b:23:
c9:d0:bf:f2:6d:52:97:d0:a1:f2:75:1e:9f:30:f1:
7d:9e:53:59:2c:9a:b8:ae:8c:1e:7d:d6:57:62:d2:
3d:66:7f:2b:20:85:47:8e:47:a1:3b:27:6e:6b:15:
2e:b6:af:e9:ca:67:c2:a9:27:68:97:3a:02:27:cd:
39:ba:7b:06:4e:7d:f5:94:94:b3:13:2f:cf:01:58:
66:6a:2a:fd:f8:fa:37:a8:8d:fa:f2:93:eb:4e:e8:
e4:d2:d8:2e:71:10:81:7e:af:6d:70:04:ed:19:0b:
f4:5d:31:8b:0c:c9:d6:50:c8:bb:5d:bd:1f:1c:39:
61:5d:7a:65:e3:26:62:7a:8a:8f:e1:fa:4c:32:f0:
71:e6:ad:cb:00:0b:fa:38:64:70:21:74:22:e0:d3:
1b:06:ab:7d:51:16:87:63:1c:e9:78:aa:47:ae:c0:
d4:f4:99:4f:42:ac:21:cc:46:31:46:f9:ee:93:d1:
9b:7f:52:be:ce:38:ef:1b:9d:8f:ab:17:58:d9:53:
59:3a:e3:72:85:55:df:0e:35:07:df:56:98:a1:59:
e9:d7:d2:90:e7:4c:2f:b8:5a:2b:50:66:29:5f:56:
de:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:C6:6C:03:DB:84:3D:41:8E:DE:08:76:7F:32:DC:B7:C4:93:0B:9C
X509v3 Authority Key Identifier:
keyid:F2:02:F0:AA:89:C0:67:D6:63:38:B4:D5:9D:20:52:BA:39:A9:94:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8gLwqonAZ9ZjOLTVnSBSujmplEs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/8769f1-b80b-4886-bb0b-f625700e8a90/1/8gLwqonAZ9ZjOLTVnSBSujmplEs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/8769f1-b80b-4886-bb0b-f625700e8a90/1/8gLwqonAZ9ZjOLTVnSBSujmplEs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
40:1e:39:0e:3f:05:1e:cd:9b:28:38:57:ea:03:f4:0e:3d:6a:
2d:e2:1a:d2:89:02:ff:b1:e8:f0:54:27:c5:19:4b:67:76:b4:
d6:62:66:eb:24:8e:57:f9:b8:3b:d8:86:da:0a:37:ed:45:ec:
c6:75:da:00:07:cb:3e:28:a8:79:e1:cd:0a:20:b0:46:6a:9a:
21:90:24:f6:17:3e:68:02:7e:4c:4f:c1:aa:5c:13:02:16:4e:
84:69:90:10:65:35:97:cf:d2:5a:d9:29:6a:88:9a:df:76:e1:
e9:6d:74:bf:bd:5f:33:c8:1c:bb:43:12:27:6d:a6:dd:83:fc:
81:d2:07:86:92:32:36:05:bf:54:d6:7e:be:f2:60:bf:93:a3:
88:bc:88:9b:03:cd:b8:94:e9:eb:a4:c1:36:39:2c:d4:f1:4b:
e8:18:84:8f:2c:3b:f2:75:b7:17:eb:1c:6c:f6:84:01:b9:d9:
60:7b:1b:14:ca:ae:dc:a7:c2:0c:f9:cc:b7:42:52:43:7b:e6:
ca:7f:8f:dc:81:c9:68:69:52:4c:70:ae:40:46:29:7f:9b:2f:
6b:90:1d:f0:11:b6:9b:cc:f0:0a:d8:c9:41:f0:bd:40:b6:89:
82:a1:b7:f9:d6:00:c9:8f:0f:38:03:c7:2f:eb:16:9e:6a:e4:
6d:eb:52:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpSLCyEumbtHNt0B8p9CrH2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyMDJmMGFhODljMDY3ZDY2MzM4YjRkNTlkMjA1MmJhMzlh
OTk0NGIwHhcNMjUxMTA1MDQwMDE3WhcNMjUxMTA2MDQwMDE3WjAzMTEwLwYDVQQD
Eyg1NGM2NmMwM2RiODQzZDQxOGVkZTA4NzY3ZjMyZGNiN2M0OTMwYjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvW6Yob5RAWLWQ35Li5dnueGQ4LoH
EJH9Y+Z+iyPJ0L/ybVKX0KHydR6fMPF9nlNZLJq4rowefdZXYtI9Zn8rIIVHjkeh
OyduaxUutq/pymfCqSdolzoCJ805unsGTn31lJSzEy/PAVhmair9+Po3qI368pPr
Tujk0tgucRCBfq9tcATtGQv0XTGLDMnWUMi7Xb0fHDlhXXpl4yZieoqP4fpMMvBx
5q3LAAv6OGRwIXQi4NMbBqt9URaHYxzpeKpHrsDU9JlPQqwhzEYxRvnuk9Gbf1K+
zjjvG52PqxdY2VNZOuNyhVXfDjUH31aYoVnp19KQ50wvuForUGYpX1beawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFTGbAPbhD1Bjt4Idn8y3LfEkwucMB8GA1UdIwQY
MBaAFPIC8KqJwGfWYzi01Z0gUro5qZRLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGdMd3FvbkFaOVpqT0xUVm5TQlN1am1wbEVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi84NzY5ZjEtYjgwYi00ODg2LWJiMGIt
ZjYyNTcwMGU4YTkwLzEvOGdMd3FvbkFaOVpqT0xUVm5TQlN1am1wbEVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi84NzY5ZjEtYjgwYi00ODg2LWJiMGItZjYyNTcwMGU4YTkw
LzEvOGdMd3FvbkFaOVpqT0xUVm5TQlN1am1wbEVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQB45Dj8F
Hs2bKDhX6gP0Dj1qLeIa0okC/7Ho8FQnxRlLZ3a01mJm6ySOV/m4O9iG2go37UXs
xnXaAAfLPiioeeHNCiCwRmqaIZAk9hc+aAJ+TE/BqlwTAhZOhGmQEGU1l8/SWtkp
aoia33bh6W10v71fM8gcu0MSJ22m3YP8gdIHhpIyNgW/VNZ+vvJgv5OjiLyImwPN
uJTp66TBNjks1PFL6BiEjyw78nW3F+scbPaEAbnZYHsbFMqu3KfCDPnMt0JSQ3vm
yn+P3IHJaGlSTHCuQEYpf5sva5Ad8BG2m8zwCtjJQfC9QLaJgqG3+dYAyY8POAPH
L+sWnmrkbetSMw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 10:09:55 2025 by rpki-client