
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft
File: imgZHKtu8GsyKwsSSHhdSEpFJPM.mft (raw, json)
Hash identifier: YXEVLe7JtxHwy/vvmLnP7w4he939seTOa46AlaQnzUA=
Subject key identifier: 4D:69:81:FB:C1:72:D2:E4:8B:D8:74:24:40:89:F1:71:B7:61:33:A4
Authority key identifier: 8A:68:19:1C:AB:6E:F0:6B:32:2B:0B:12:48:78:5D:48:4A:45:24:F3
Certificate issuer: /CN=8a68191cab6ef06b322b0b1248785d484a4524f3
Certificate serial: 01988B7D2D8A6B4F4035E7F73C6CCBEB6D02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft
Manifest number: 1072
Signing time: Fri 08 Aug 2025 21:01:33 +0000
Manifest this update: Fri 08 Aug 2025 21:01:33 +0000
Manifest next update: Sat 09 Aug 2025 21:01:33 +0000
Files and hashes: 1: U8GRHKScYdSNdnB2mr1xryjNCyA.roa (hash: gCSVLFeQA2Qb3RyGGtdWNAIaM4Y9u0sDXVDglP6HH5k=)
2: imgZHKtu8GsyKwsSSHhdSEpFJPM.crl (hash: SUfvY3W671f9yUcBFsY2mkWRnZ1LEU613FwHNrMswYE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft
rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 20:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:8b:7d:2d:8a:6b:4f:40:35:e7:f7:3c:6c:cb:eb:6d:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a68191cab6ef06b322b0b1248785d484a4524f3
Validity
Not Before: Aug 8 21:01:33 2025 GMT
Not After : Aug 9 21:01:33 2025 GMT
Subject: CN=4d6981fbc172d2e48bd874244089f171b76133a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ef:e3:2f:70:ef:c0:8b:58:e9:93:2e:0d:3e:
84:63:81:3c:1d:8f:e6:36:a4:cc:dd:c2:b8:3d:8a:
1e:e7:7f:a9:ca:98:33:93:e4:a2:7d:75:5d:b3:fb:
6e:6e:a7:45:51:33:99:a7:af:41:db:d3:0a:c5:35:
52:e4:58:b7:f0:2d:d5:57:4f:0a:4e:0e:03:4f:63:
57:62:1d:97:d6:50:ce:be:b0:37:fc:c7:67:72:ae:
fd:28:29:b1:ee:88:ce:28:33:3f:80:ae:59:ac:d1:
1a:d4:80:78:58:c8:cc:17:e3:ac:48:85:7c:ce:b2:
e8:a8:f9:73:2f:21:52:d4:15:b3:61:3c:1f:dd:8b:
f3:3c:86:ba:b2:c8:9c:9a:f3:a9:ff:da:73:36:77:
a0:07:be:db:cb:38:b7:02:4a:ed:06:84:22:3a:ef:
15:2b:da:88:44:12:c0:93:e4:ca:db:00:cf:3d:2e:
03:9c:40:22:cc:22:ef:3d:f9:03:f3:68:70:18:62:
21:d0:9c:ce:5a:9c:bf:3e:45:e1:7b:9f:9e:76:3c:
44:5c:ff:22:2c:04:69:47:ee:53:87:f8:52:83:3e:
09:0a:aa:95:b2:09:7a:31:4c:8a:59:b0:bd:1b:5c:
95:1e:bf:ac:dd:73:2a:0b:1c:f9:1b:36:e4:2b:a5:
b4:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:69:81:FB:C1:72:D2:E4:8B:D8:74:24:40:89:F1:71:B7:61:33:A4
X509v3 Authority Key Identifier:
keyid:8A:68:19:1C:AB:6E:F0:6B:32:2B:0B:12:48:78:5D:48:4A:45:24:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
40:82:42:86:0a:19:f6:ed:03:9b:9b:63:09:83:44:ac:1e:c8:
30:df:ea:ec:a3:c8:0e:34:0c:f5:0f:1f:54:f0:ac:51:c6:d8:
1b:d7:a6:07:3a:07:11:a4:59:0c:8f:6e:a9:93:df:6c:4e:43:
4d:a2:58:cc:7c:fe:1b:20:c1:6f:de:7e:19:77:10:24:5a:0e:
92:53:34:03:75:61:35:86:22:03:39:11:75:34:b3:e5:10:4d:
a5:bf:6f:c3:29:f4:ab:f3:b8:82:8b:09:92:fb:d0:9d:c5:cd:
f5:85:86:d8:95:00:fe:43:4a:20:6f:3c:5c:91:81:3f:82:83:
20:57:23:b6:08:1a:93:11:ea:55:58:05:1b:bb:c8:18:0d:a9:
ca:bf:db:b2:fc:4b:71:de:1a:4e:cb:f4:a9:a4:9e:92:2a:e1:
26:e0:c0:aa:32:2a:df:10:27:f1:f3:89:79:77:8c:de:8f:b1:
55:51:e9:1b:3a:31:04:22:dc:d2:9e:5f:39:40:a1:e1:4c:0b:
b0:ff:80:4a:61:ef:29:37:e2:1c:a1:2b:ec:d6:04:55:ee:24:
33:4f:0d:48:ab:58:a7:3e:71:4b:b7:a1:f5:e8:44:f4:79:2e:
d0:5b:0e:f0:4b:36:d3:04:22:16:55:a8:20:20:b0:6e:70:6f:
b1:06:46:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLfS2Ka09ANef3PGzL620CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNjgxOTFjYWI2ZWYwNmIzMjJiMGIxMjQ4Nzg1ZDQ4NGE0
NTI0ZjMwHhcNMjUwODA4MjEwMTMzWhcNMjUwODA5MjEwMTMzWjAzMTEwLwYDVQQD
Eyg0ZDY5ODFmYmMxNzJkMmU0OGJkODc0MjQ0MDg5ZjE3MWI3NjEzM2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmO/jL3DvwItY6ZMuDT6EY4E8HY/m
NqTM3cK4PYoe53+pypgzk+SifXVds/tubqdFUTOZp69B29MKxTVS5Fi38C3VV08K
Tg4DT2NXYh2X1lDOvrA3/Mdncq79KCmx7ojOKDM/gK5ZrNEa1IB4WMjMF+OsSIV8
zrLoqPlzLyFS1BWzYTwf3YvzPIa6ssicmvOp/9pzNnegB77byzi3AkrtBoQiOu8V
K9qIRBLAk+TK2wDPPS4DnEAizCLvPfkD82hwGGIh0JzOWpy/PkXhe5+edjxEXP8i
LARpR+5Th/hSgz4JCqqVsgl6MUyKWbC9G1yVHr+s3XMqCxz5GzbkK6W0dQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE1pgfvBctLki9h0JECJ8XG3YTOkMB8GA1UdIwQY
MBaAFIpoGRyrbvBrMisLEkh4XUhKRSTzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW1nWkhLdHU4R3N5S3dzU1NIaGRTRXBGSlBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lM2VlOGQtZTQ1OS00ZjQ3LWI3NWQt
OTcxMTdlZWI0ODkxLzEvaW1nWkhLdHU4R3N5S3dzU1NIaGRTRXBGSlBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lM2VlOGQtZTQ1OS00ZjQ3LWI3NWQtOTcxMTdlZWI0ODkx
LzEvaW1nWkhLdHU4R3N5S3dzU1NIaGRTRXBGSlBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQIJChgoZ
9u0Dm5tjCYNErB7IMN/q7KPIDjQM9Q8fVPCsUcbYG9emBzoHEaRZDI9uqZPfbE5D
TaJYzHz+GyDBb95+GXcQJFoOklM0A3VhNYYiAzkRdTSz5RBNpb9vwyn0q/O4gosJ
kvvQncXN9YWG2JUA/kNKIG88XJGBP4KDIFcjtggakxHqVVgFG7vIGA2pyr/bsvxL
cd4aTsv0qaSekirhJuDAqjIq3xAn8fOJeXeM3o+xVVHpGzoxBCLc0p5fOUCh4UwL
sP+ASmHvKTfiHKEr7NYEVe4kM08NSKtYpz5xS7eh9ehE9Hku0FsO8Es20wQiFlWo
ICCwbnBvsQZGUg==
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:23:53 2025 by rpki-client