Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
File: i5HgoQS1s93x9dCOessreeDVZvk.mft (raw, json)
Hash identifier: aj2aAuZW37yKz30STHdUFsxpzRnZN5rOOi7axLJdevk=
Subject key identifier: BA:75:E7:38:50:1D:26:7A:E7:22:90:3A:29:38:EE:EF:13:66:98:7B
Authority key identifier: 8B:91:E0:A1:04:B5:B3:DD:F1:F5:D0:8E:7A:CB:2B:79:E0:D5:66:F9
Certificate issuer: /CN=8b91e0a104b5b3ddf1f5d08e7acb2b79e0d566f9
Certificate serial: 019875D13A54E029D2ADA3201E430FE23FAA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i5HgoQS1s93x9dCOessreeDVZvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
Manifest number: 1023
Signing time: Mon 04 Aug 2025 16:01:42 +0000
Manifest this update: Mon 04 Aug 2025 16:01:42 +0000
Manifest next update: Tue 05 Aug 2025 16:01:42 +0000
Files and hashes: 1: KwomHtAHnCM0D-yGdW_0Sf3mopc.roa (hash: nJuUP0j6H239g1R7GMJyKq0zviXnK+AhK7Q4U43dyg4=)
2: ZYlcf7X6lFUqPdlZgjx7h6pY7f0.roa (hash: Z91lhusvfId6xXTKVa6gm5qmkQJNcO8M7YoIqY37LFU=)
3: i5HgoQS1s93x9dCOessreeDVZvk.crl (hash: 4OGOGDyFBBBO6bs74lpVNrIn5XWHSC+a2Rpl76Wcoug=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/i5HgoQS1s93x9dCOessreeDVZvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:75:d1:3a:54:e0:29:d2:ad:a3:20:1e:43:0f:e2:3f:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b91e0a104b5b3ddf1f5d08e7acb2b79e0d566f9
Validity
Not Before: Aug 4 16:01:42 2025 GMT
Not After : Aug 5 16:01:42 2025 GMT
Subject: CN=ba75e738501d267ae722903a2938eeef1366987b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a3:8a:02:20:7e:2b:ff:55:4f:0e:c1:a3:ea:
d8:7d:b8:67:f9:6e:05:12:19:82:a9:3b:4d:44:bd:
2b:bf:5f:ce:cb:5e:47:89:ba:d9:2b:60:df:94:43:
a9:45:f1:50:1d:eb:76:0b:2d:35:22:16:39:53:71:
2a:78:e5:b3:1b:45:aa:05:07:b1:62:fd:cb:ae:9e:
6d:a6:f7:45:5d:d7:79:3a:08:9e:c4:22:02:79:09:
66:c5:e3:fa:7f:34:c9:b6:36:a3:36:fc:33:24:db:
95:92:97:aa:ca:94:db:98:ae:31:78:e3:bb:11:4a:
59:13:2b:40:27:3b:4f:05:03:68:18:be:46:d9:77:
b5:a9:cb:a0:9d:0b:ce:04:1c:d1:59:96:5e:71:90:
e1:a3:58:0a:c9:40:e0:0f:c7:4d:22:79:99:22:85:
e1:2b:88:7a:ba:c9:44:70:5f:a4:6d:6b:cb:8d:72:
67:0b:41:7d:24:60:98:cc:1e:d2:84:98:74:3a:3a:
30:cb:00:bc:ba:4f:62:66:57:5a:ca:99:ef:e2:e4:
04:e0:b1:03:60:38:24:93:2a:be:97:b8:b0:fd:3e:
e8:dc:f0:32:6b:0d:d0:a0:9f:5f:a6:16:ee:74:16:
67:ec:5b:41:d7:be:2d:6c:af:2b:88:65:62:82:a3:
30:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:75:E7:38:50:1D:26:7A:E7:22:90:3A:29:38:EE:EF:13:66:98:7B
X509v3 Authority Key Identifier:
keyid:8B:91:E0:A1:04:B5:B3:DD:F1:F5:D0:8E:7A:CB:2B:79:E0:D5:66:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i5HgoQS1s93x9dCOessreeDVZvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
61:f7:dd:f4:89:fe:86:c7:29:7c:bb:3a:68:7e:c4:bf:d9:1b:
45:21:47:c7:32:b8:02:da:6a:82:04:12:63:44:b4:53:dc:52:
9b:f1:1e:2c:7f:eb:80:ef:c6:f2:31:98:63:f4:68:4b:39:a5:
a9:4f:00:5b:fc:78:60:92:82:65:2a:02:62:d3:4f:c5:1c:08:
eb:b0:d5:32:64:69:67:ee:28:46:45:75:fd:96:23:2d:82:e5:
58:03:67:f7:9c:be:47:76:e8:75:21:20:23:29:b2:37:8d:5b:
66:56:5a:9c:52:74:db:a3:d3:e5:96:ca:ce:bc:fd:0d:77:f5:
68:4c:f0:b5:ca:ba:8f:23:bc:67:78:81:13:9d:7d:62:d2:d1:
db:28:ff:41:3e:e4:d0:65:d1:e8:02:0d:2a:b6:a0:87:1f:76:
83:91:b7:29:2f:8c:ac:02:b1:a1:2d:2a:5e:f9:61:6b:bc:a3:
57:bf:7b:33:a9:41:9b:ad:10:4c:ec:42:61:a5:de:ff:c4:ae:
cd:44:d0:15:fc:25:fe:d6:fa:ac:89:78:8e:63:04:46:52:bb:
c7:fb:4a:e4:e7:c1:01:c5:fd:0c:81:d5:c2:e4:8c:13:a1:0e:
30:ad:f1:4e:f7:90:c7:87:2e:73:27:9f:d5:40:e1:af:07:e6:
f0:16:56:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh10TpU4CnSraMgHkMP4j+qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiOTFlMGExMDRiNWIzZGRmMWY1ZDA4ZTdhY2IyYjc5ZTBk
NTY2ZjkwHhcNMjUwODA0MTYwMTQyWhcNMjUwODA1MTYwMTQyWjAzMTEwLwYDVQQD
EyhiYTc1ZTczODUwMWQyNjdhZTcyMjkwM2EyOTM4ZWVlZjEzNjY5ODdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKOKAiB+K/9VTw7Bo+rYfbhn+W4F
EhmCqTtNRL0rv1/Oy15HibrZK2DflEOpRfFQHet2Cy01IhY5U3EqeOWzG0WqBQex
Yv3Lrp5tpvdFXdd5OgiexCICeQlmxeP6fzTJtjajNvwzJNuVkpeqypTbmK4xeOO7
EUpZEytAJztPBQNoGL5G2Xe1qcugnQvOBBzRWZZecZDho1gKyUDgD8dNInmZIoXh
K4h6uslEcF+kbWvLjXJnC0F9JGCYzB7ShJh0OjowywC8uk9iZldaypnv4uQE4LED
YDgkkyq+l7iw/T7o3PAyaw3QoJ9fphbudBZn7FtB174tbK8riGVigqMw3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLp15zhQHSZ65yKQOik47u8TZph7MB8GA1UdIwQY
MBaAFIuR4KEEtbPd8fXQjnrLK3ng1Wb5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTVIZ29RUzFzOTN4OWRDT2Vzc3JlZURWWnZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9kZmJmYzQtY2MzZi00NzdjLThkNzYt
YThjNTc2MjI0YmEyLzEvaTVIZ29RUzFzOTN4OWRDT2Vzc3JlZURWWnZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9kZmJmYzQtY2MzZi00NzdjLThkNzYtYThjNTc2MjI0YmEy
LzEvaTVIZ29RUzFzOTN4OWRDT2Vzc3JlZURWWnZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYffd9In+
hscpfLs6aH7Ev9kbRSFHxzK4AtpqggQSY0S0U9xSm/EeLH/rgO/G8jGYY/RoSzml
qU8AW/x4YJKCZSoCYtNPxRwI67DVMmRpZ+4oRkV1/ZYjLYLlWANn95y+R3bodSEg
IymyN41bZlZanFJ026PT5ZbKzrz9DXf1aEzwtcq6jyO8Z3iBE519YtLR2yj/QT7k
0GXR6AINKraghx92g5G3KS+MrAKxoS0qXvlha7yjV797M6lBm60QTOxCYaXe/8Su
zUTQFfwl/tb6rIl4jmMERlK7x/tK5OfBAcX9DIHVwuSME6EOMK3xTveQx4cucyef
1UDhrwfm8BZWdw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 18:54:48 2025 by rpki-client