Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/f89b2e-53a3-4157-a960-42dafb4b51d2/1/lI1Fz-NIK49h2uAAsAekZ-zdTuY.mft
File: lI1Fz-NIK49h2uAAsAekZ-zdTuY.mft (raw, json)
Hash identifier: KOsU+SKuZ0h7GzPZ1UtlFlcpqUUpWnT03xwoYQ1mwgI=
Subject key identifier: FC:BC:FB:51:C4:BE:D9:21:5F:4D:40:7D:01:43:84:AE:81:E4:BA:66
Authority key identifier: 94:8D:45:CF:E3:48:2B:8F:61:DA:E0:00:B0:07:A4:67:EC:DD:4E:E6
Certificate issuer: /CN=948d45cfe3482b8f61dae000b007a467ecdd4ee6
Certificate serial: 019873E1FDBDBB061FA346A2A2C1723689C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lI1Fz-NIK49h2uAAsAekZ-zdTuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/f89b2e-53a3-4157-a960-42dafb4b51d2/1/lI1Fz-NIK49h2uAAsAekZ-zdTuY.mft
Manifest number: 161C
Signing time: Mon 04 Aug 2025 07:00:47 +0000
Manifest this update: Mon 04 Aug 2025 07:00:47 +0000
Manifest next update: Tue 05 Aug 2025 07:00:47 +0000
Files and hashes: 1: 5UBdfwa59JnO3TC0RbPoMbXcwMI.roa (hash: BXAoKRzIsnGpyUD97PKhyGWEISH1mZLvzMgOl4ru7To=)
2: DyQE1mAMz0-Y555bTSVvXkqEC1U.roa (hash: hwRt5mho9M1lkKLFQYJUnV8/sYmEs4QQ4EstdFb/mZk=)
3: lI1Fz-NIK49h2uAAsAekZ-zdTuY.crl (hash: 2/3gPvTZv4II4O0FQg58WYZI5VLUPhZC+eO2ApcZyVE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/f89b2e-53a3-4157-a960-42dafb4b51d2/1/lI1Fz-NIK49h2uAAsAekZ-zdTuY.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/f89b2e-53a3-4157-a960-42dafb4b51d2/1/lI1Fz-NIK49h2uAAsAekZ-zdTuY.mft
rsync://rpki.ripe.net/repository/DEFAULT/lI1Fz-NIK49h2uAAsAekZ-zdTuY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:73:e1:fd:bd:bb:06:1f:a3:46:a2:a2:c1:72:36:89:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=948d45cfe3482b8f61dae000b007a467ecdd4ee6
Validity
Not Before: Aug 4 07:00:47 2025 GMT
Not After : Aug 5 07:00:47 2025 GMT
Subject: CN=fcbcfb51c4bed9215f4d407d014384ae81e4ba66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:d1:88:23:6d:67:c5:f3:7b:5a:e8:12:ff:3a:
7c:66:5d:b5:0c:34:2a:9b:24:f6:6b:18:ae:ce:44:
fd:c6:87:b8:f0:74:09:4a:50:b3:e5:87:c2:5a:87:
36:f2:ea:8c:fb:d5:1b:1d:b3:a7:63:57:09:e4:7d:
8e:80:66:74:6e:c1:ad:dd:b5:7a:94:77:7e:52:3a:
6a:01:10:3a:82:a5:8a:4e:f8:a8:a6:73:fd:f8:43:
d1:62:ac:9b:cb:d1:08:b4:e1:95:cd:77:93:8a:e0:
e3:e6:93:d2:c6:db:24:ce:7d:85:ef:3e:0a:58:7e:
6c:d7:7c:94:8d:66:cd:c3:87:05:73:87:af:51:13:
10:c7:6e:cb:6c:a7:a0:51:a4:32:ec:40:cd:5d:64:
83:93:d2:83:21:e6:c0:61:f2:ba:fb:20:0e:d0:ed:
e5:5b:25:4d:a2:d7:2b:04:fb:10:49:be:cf:c3:6e:
67:ba:be:25:f0:6a:bc:98:fe:f5:8e:4d:61:27:a4:
54:40:38:e4:62:bd:71:e5:e4:41:aa:19:a1:10:8f:
31:b6:a9:36:13:8a:37:79:7c:85:26:6e:33:f7:bb:
a9:91:01:52:11:ce:cb:04:de:8c:67:02:76:14:de:
99:75:9e:94:fd:a3:b8:64:f5:44:96:00:e6:b9:98:
c3:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:BC:FB:51:C4:BE:D9:21:5F:4D:40:7D:01:43:84:AE:81:E4:BA:66
X509v3 Authority Key Identifier:
keyid:94:8D:45:CF:E3:48:2B:8F:61:DA:E0:00:B0:07:A4:67:EC:DD:4E:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lI1Fz-NIK49h2uAAsAekZ-zdTuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f89b2e-53a3-4157-a960-42dafb4b51d2/1/lI1Fz-NIK49h2uAAsAekZ-zdTuY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f89b2e-53a3-4157-a960-42dafb4b51d2/1/lI1Fz-NIK49h2uAAsAekZ-zdTuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
43:b3:42:c2:e5:66:6f:af:91:a2:33:e7:f7:f9:f2:ba:ff:91:
ca:c0:0a:e8:a7:d7:f4:5f:a2:7e:d6:f6:66:1a:be:16:8f:d9:
7b:b8:7a:e4:c2:0c:6d:ea:c2:0c:1b:48:93:2e:66:de:72:31:
46:4f:b5:c3:f0:f0:fc:50:80:9d:07:3b:84:6a:b0:af:82:5c:
d8:c7:5f:90:8e:03:87:9e:b2:22:23:d0:04:64:75:d0:ae:34:
84:aa:8d:fa:ab:e1:bc:a8:39:69:7e:64:64:bc:7f:d8:71:c7:
97:91:83:cf:29:f9:fb:8d:55:25:8c:80:e6:26:4d:f4:4c:bf:
28:c1:ca:69:4c:c4:0d:10:0f:df:c8:e7:0a:34:21:4e:22:09:
2c:74:24:e0:e3:a0:52:e8:9b:81:32:3b:d5:de:93:c4:cc:31:
fd:01:db:ec:be:af:7f:fa:6f:b3:87:9a:b4:24:5b:61:6c:47:
d7:83:e6:cf:0e:08:f1:7f:ea:a8:48:b6:8d:a0:56:fe:58:b6:
81:c5:d3:d1:88:37:59:be:3a:45:f3:7b:b3:d6:bd:0d:98:0f:
14:00:2d:b7:9a:02:ce:b3:5c:8b:44:75:46:c4:5b:1a:e5:e0:
81:63:a2:e3:b2:b0:7d:57:86:28:65:3d:de:77:ed:d6:85:6d:
1f:fd:83:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4f29uwYfo0aiosFyNonJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0OGQ0NWNmZTM0ODJiOGY2MWRhZTAwMGIwMDdhNDY3ZWNk
ZDRlZTYwHhcNMjUwODA0MDcwMDQ3WhcNMjUwODA1MDcwMDQ3WjAzMTEwLwYDVQQD
EyhmY2JjZmI1MWM0YmVkOTIxNWY0ZDQwN2QwMTQzODRhZTgxZTRiYTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydGII21nxfN7WugS/zp8Zl21DDQq
myT2axiuzkT9xoe48HQJSlCz5YfCWoc28uqM+9UbHbOnY1cJ5H2OgGZ0bsGt3bV6
lHd+UjpqARA6gqWKTviopnP9+EPRYqyby9EItOGVzXeTiuDj5pPSxtskzn2F7z4K
WH5s13yUjWbNw4cFc4evURMQx27LbKegUaQy7EDNXWSDk9KDIebAYfK6+yAO0O3l
WyVNotcrBPsQSb7Pw25nur4l8Gq8mP71jk1hJ6RUQDjkYr1x5eRBqhmhEI8xtqk2
E4o3eXyFJm4z97upkQFSEc7LBN6MZwJ2FN6ZdZ6U/aO4ZPVElgDmuZjDuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPy8+1HEvtkhX01AfQFDhK6B5LpmMB8GA1UdIwQY
MBaAFJSNRc/jSCuPYdrgALAHpGfs3U7mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEkxRnotTklLNDloMnVBQXNBZWtaLXpkVHVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9mODliMmUtNTNhMy00MTU3LWE5NjAt
NDJkYWZiNGI1MWQyLzEvbEkxRnotTklLNDloMnVBQXNBZWtaLXpkVHVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9mODliMmUtNTNhMy00MTU3LWE5NjAtNDJkYWZiNGI1MWQy
LzEvbEkxRnotTklLNDloMnVBQXNBZWtaLXpkVHVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ7NCwuVm
b6+RojPn9/nyuv+RysAK6KfX9F+iftb2Zhq+Fo/Ze7h65MIMberCDBtIky5m3nIx
Rk+1w/Dw/FCAnQc7hGqwr4Jc2MdfkI4Dh56yIiPQBGR10K40hKqN+qvhvKg5aX5k
ZLx/2HHHl5GDzyn5+41VJYyA5iZN9Ey/KMHKaUzEDRAP38jnCjQhTiIJLHQk4OOg
UuibgTI71d6TxMwx/QHb7L6vf/pvs4eatCRbYWxH14Pmzw4I8X/qqEi2jaBW/li2
gcXT0Yg3Wb46RfN7s9a9DZgPFAAtt5oCzrNci0R1RsRbGuXggWOi47KwfVeGKGU9
3nft1oVtH/2DrA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:00:32 2025 by rpki-client