Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/d8f845-6250-4df8-90c0-e24b579c9914/1/SS0kreN6IjOTKECddX1H-XlDt6A.mft
File: SS0kreN6IjOTKECddX1H-XlDt6A.mft (raw, json)
Hash identifier: XGADQd9VECYeCw06fN8Cwi91L5CoaCEA6BmDNkPLav0=
Subject key identifier: 78:BD:25:03:84:FC:E3:B8:2E:1C:93:3F:74:BF:1D:F9:15:34:E9:26
Authority key identifier: 49:2D:24:AD:E3:7A:22:33:93:28:40:9D:75:7D:47:F9:79:43:B7:A0
Certificate issuer: /CN=492d24ade37a22339328409d757d47f97943b7a0
Certificate serial: 01988E0FD20C24AA1E41C2F4513A6B399E85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SS0kreN6IjOTKECddX1H-XlDt6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/d8f845-6250-4df8-90c0-e24b579c9914/1/SS0kreN6IjOTKECddX1H-XlDt6A.mft
Manifest number: 0D20
Signing time: Sat 09 Aug 2025 09:00:58 +0000
Manifest this update: Sat 09 Aug 2025 09:00:58 +0000
Manifest next update: Sun 10 Aug 2025 09:00:58 +0000
Files and hashes: 1: BB5_8BhJDTnxTKWGMNqj5oXCwds.roa (hash: LuNPA32mjFH0EXTfiP4dDNt0mH4g6yoGsaPQD7tGC9s=)
2: SS0kreN6IjOTKECddX1H-XlDt6A.crl (hash: pagxzfwSMd45UGQ1HGdMRS8YmF7WyWfYmApk7qaA8Lo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/d8f845-6250-4df8-90c0-e24b579c9914/1/SS0kreN6IjOTKECddX1H-XlDt6A.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/d8f845-6250-4df8-90c0-e24b579c9914/1/SS0kreN6IjOTKECddX1H-XlDt6A.mft
rsync://rpki.ripe.net/repository/DEFAULT/SS0kreN6IjOTKECddX1H-XlDt6A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 05:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:8e:0f:d2:0c:24:aa:1e:41:c2:f4:51:3a:6b:39:9e:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=492d24ade37a22339328409d757d47f97943b7a0
Validity
Not Before: Aug 9 09:00:58 2025 GMT
Not After : Aug 10 09:00:58 2025 GMT
Subject: CN=78bd250384fce3b82e1c933f74bf1df91534e926
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:26:ee:41:68:0d:9a:a6:7b:a0:2e:b2:61:15:
42:bd:28:64:ea:7e:07:55:53:dc:96:53:69:8a:4c:
07:2d:8b:7e:8a:9a:b0:26:3b:f0:83:1d:a0:5f:d1:
87:72:9a:8a:ca:52:f6:08:98:36:30:f7:f6:17:50:
14:44:30:23:3e:d7:ef:59:42:8b:25:32:7d:51:51:
7a:88:b0:f3:bf:29:b1:a2:24:bc:7e:6e:f3:fe:8c:
99:0a:f1:d8:fa:cc:b8:aa:ab:53:43:14:2a:e3:07:
c5:cd:7b:48:c2:c6:d9:d3:c7:36:7d:6a:55:bb:7a:
d1:03:ee:a2:23:a4:46:f3:bf:6b:b4:d5:34:5c:cb:
f3:6f:cf:d3:7f:22:be:4f:7a:ab:fd:aa:1a:1d:dc:
e7:78:07:45:43:dc:ea:b7:c3:19:27:5e:f9:db:4e:
28:00:e1:69:c4:da:5f:42:6b:20:53:a0:48:57:07:
ea:aa:5f:cf:9d:61:99:67:88:dc:81:b5:47:54:2f:
5a:2f:e2:c1:b6:7e:93:c8:25:81:bf:e9:1d:d2:ed:
5f:c7:3f:d3:a9:55:fa:ae:92:ee:42:d6:f3:d1:e7:
a0:88:4c:94:4b:0c:f4:2e:76:b4:d9:7e:84:97:32:
1b:3d:5e:53:0e:26:ca:cc:a0:48:4b:b6:0c:f0:74:
62:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:BD:25:03:84:FC:E3:B8:2E:1C:93:3F:74:BF:1D:F9:15:34:E9:26
X509v3 Authority Key Identifier:
keyid:49:2D:24:AD:E3:7A:22:33:93:28:40:9D:75:7D:47:F9:79:43:B7:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SS0kreN6IjOTKECddX1H-XlDt6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/d8f845-6250-4df8-90c0-e24b579c9914/1/SS0kreN6IjOTKECddX1H-XlDt6A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/d8f845-6250-4df8-90c0-e24b579c9914/1/SS0kreN6IjOTKECddX1H-XlDt6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
73:5e:c2:52:c4:d4:bb:85:44:cc:ae:54:d3:b8:09:f5:72:ce:
6c:e6:e7:0d:9c:ab:e1:46:9d:69:86:24:64:e3:ad:23:60:58:
ce:0d:81:91:91:a6:eb:60:5f:a3:f7:a2:50:b7:d1:52:a3:08:
49:c9:61:d4:b8:a0:33:df:94:c0:53:1f:27:0f:26:1a:a1:72:
2b:91:24:c7:a3:62:72:bc:89:42:49:f2:68:b0:7e:5b:b8:fd:
b9:be:f3:8e:65:ed:8a:b4:16:37:43:54:84:b4:89:ba:53:8b:
6b:69:f3:40:65:64:76:25:36:8a:b2:97:97:1e:92:16:37:32:
44:5a:5b:1c:9b:70:59:6c:e4:eb:b6:81:cf:22:d2:95:2b:17:
0f:2c:e1:52:b7:80:d1:e8:a3:6f:de:00:e4:22:bc:b5:c6:56:
f0:1e:8c:df:47:e9:bc:c9:3b:ec:d3:d0:07:5a:26:37:5e:fe:
99:ef:db:c2:d8:8c:d1:3c:42:c7:59:48:e3:3f:92:7f:76:1a:
27:26:36:3d:c4:fd:01:d3:a3:ec:b4:12:b5:9f:cf:dc:27:56:
b0:d1:38:4a:d8:4d:4b:2f:55:0c:b9:32:49:5e:c1:91:62:b0:
21:ff:75:6d:04:e0:f7:ac:a2:92:d6:3f:b2:d7:e6:4f:89:90:
ea:43:4e:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiOD9IMJKoeQcL0UTprOZ6FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MmQyNGFkZTM3YTIyMzM5MzI4NDA5ZDc1N2Q0N2Y5Nzk0
M2I3YTAwHhcNMjUwODA5MDkwMDU4WhcNMjUwODEwMDkwMDU4WjAzMTEwLwYDVQQD
Eyg3OGJkMjUwMzg0ZmNlM2I4MmUxYzkzM2Y3NGJmMWRmOTE1MzRlOTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCbuQWgNmqZ7oC6yYRVCvShk6n4H
VVPcllNpikwHLYt+ipqwJjvwgx2gX9GHcpqKylL2CJg2MPf2F1AURDAjPtfvWUKL
JTJ9UVF6iLDzvymxoiS8fm7z/oyZCvHY+sy4qqtTQxQq4wfFzXtIwsbZ08c2fWpV
u3rRA+6iI6RG879rtNU0XMvzb8/TfyK+T3qr/aoaHdzneAdFQ9zqt8MZJ175204o
AOFpxNpfQmsgU6BIVwfqql/PnWGZZ4jcgbVHVC9aL+LBtn6TyCWBv+kd0u1fxz/T
qVX6rpLuQtbz0eegiEyUSwz0Lna02X6ElzIbPV5TDibKzKBIS7YM8HRi7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHi9JQOE/OO4LhyTP3S/HfkVNOkmMB8GA1UdIwQY
MBaAFEktJK3jeiIzkyhAnXV9R/l5Q7egMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1Mwa3JlTjZJak9US0VDZGRYMUgtWGxEdDZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9kOGY4NDUtNjI1MC00ZGY4LTkwYzAt
ZTI0YjU3OWM5OTE0LzEvU1Mwa3JlTjZJak9US0VDZGRYMUgtWGxEdDZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS9kOGY4NDUtNjI1MC00ZGY4LTkwYzAtZTI0YjU3OWM5OTE0
LzEvU1Mwa3JlTjZJak9US0VDZGRYMUgtWGxEdDZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc17CUsTU
u4VEzK5U07gJ9XLObObnDZyr4UadaYYkZOOtI2BYzg2BkZGm62Bfo/eiULfRUqMI
Sclh1LigM9+UwFMfJw8mGqFyK5Ekx6NicryJQknyaLB+W7j9ub7zjmXtirQWN0NU
hLSJulOLa2nzQGVkdiU2irKXlx6SFjcyRFpbHJtwWWzk67aBzyLSlSsXDyzhUreA
0eijb94A5CK8tcZW8B6M30fpvMk77NPQB1omN17+me/bwtiM0TxCx1lI4z+Sf3Ya
JyY2PcT9AdOj7LQStZ/P3CdWsNE4SthNSy9VDLkySV7BkWKwIf91bQTg96yiktY/
stfmT4mQ6kNOIA==
-----END CERTIFICATE-----
Generated at Sat Aug 9 14:19:27 2025 by rpki-client