Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.mft
File: mSAfYJ56iT2obPDrvKS79HJ51hc.mft (raw, json)
Hash identifier: EFGemM5PYYqsu0CnSHHKyk10XLgqM61sXFh/8wn+WoA=
Subject key identifier: C9:95:C5:91:6F:0B:ED:CF:05:BF:61:AF:03:A4:96:79:C8:25:8B:35
Authority key identifier: 99:20:1F:60:9E:7A:89:3D:A8:6C:F0:EB:BC:A4:BB:F4:72:79:D6:17
Certificate issuer: /CN=99201f609e7a893da86cf0ebbca4bbf47279d617
Certificate serial: 0198733D8EB4422501E65788983D1F1EB961
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSAfYJ56iT2obPDrvKS79HJ51hc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.mft
Manifest number: 04AE
Signing time: Mon 04 Aug 2025 04:01:10 +0000
Manifest this update: Mon 04 Aug 2025 04:01:10 +0000
Manifest next update: Tue 05 Aug 2025 04:01:10 +0000
Files and hashes: 1: 1tSheZow3C5eA6jOu_MWtrfHmEY.roa (hash: KFhShtQvmMD0Mr4HPxFeWZgSKSgyixhc5C8a67+FVZE=)
2: mSAfYJ56iT2obPDrvKS79HJ51hc.crl (hash: pOORIfPhp3lY+x4ixf2y9k+eS8qwQqGCiUYPnNrpIfg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.mft
rsync://rpki.ripe.net/repository/DEFAULT/mSAfYJ56iT2obPDrvKS79HJ51hc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:73:3d:8e:b4:42:25:01:e6:57:88:98:3d:1f:1e:b9:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99201f609e7a893da86cf0ebbca4bbf47279d617
Validity
Not Before: Aug 4 04:01:10 2025 GMT
Not After : Aug 5 04:01:10 2025 GMT
Subject: CN=c995c5916f0bedcf05bf61af03a49679c8258b35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d8:a8:a7:b5:98:67:54:86:36:de:80:8e:c7:
dd:a7:d8:51:e8:de:ca:b4:92:bc:bc:b9:56:02:eb:
4a:c1:fd:8e:09:94:15:02:60:3a:54:78:ce:7e:c3:
cd:5a:0e:0c:2f:21:25:af:08:01:dd:8e:ca:ba:63:
95:70:e9:1c:d0:28:69:47:84:ca:d5:33:be:40:17:
bb:64:c7:79:f4:ed:64:bf:73:44:46:52:78:45:ae:
4d:e2:17:ee:bc:e7:4b:ae:bc:6b:33:92:28:1a:79:
e0:a5:ab:a1:96:1e:28:6d:fb:3a:d8:21:09:b6:60:
bd:5b:a2:63:39:9b:28:75:78:70:23:a5:10:a0:52:
99:dd:4b:8d:ee:50:6b:4a:e1:84:cd:e8:65:01:06:
4d:67:75:ab:7f:02:ec:60:fc:30:bc:31:72:d8:36:
f0:78:e9:6c:3f:b6:0e:f5:c4:3e:31:71:60:d5:4b:
08:73:ee:a3:a9:4c:87:8a:84:53:55:45:80:91:52:
b8:88:9f:ef:b6:bd:07:41:cf:c6:5a:0a:32:c9:0a:
9a:88:d2:25:4c:32:e2:48:be:6e:9c:e3:5f:93:5d:
b9:ab:7a:17:d1:b2:74:9b:e5:4c:72:31:10:42:52:
85:46:35:0d:91:63:78:c0:b7:a2:e6:a9:22:8f:ca:
56:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:95:C5:91:6F:0B:ED:CF:05:BF:61:AF:03:A4:96:79:C8:25:8B:35
X509v3 Authority Key Identifier:
keyid:99:20:1F:60:9E:7A:89:3D:A8:6C:F0:EB:BC:A4:BB:F4:72:79:D6:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSAfYJ56iT2obPDrvKS79HJ51hc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
85:a9:ef:5b:77:ea:bd:83:42:a9:87:d1:fd:8f:30:ba:3e:33:
09:d7:14:34:bb:88:da:62:ae:eb:80:cc:4d:3d:cd:cd:26:63:
9a:21:ae:ab:f1:88:a4:05:7c:60:e2:40:d5:f1:50:cb:91:2e:
44:e7:96:78:25:cd:21:af:1a:05:2a:21:8e:7b:89:0f:c4:79:
9a:03:9c:5e:1e:4a:55:22:f2:9f:f9:40:45:ab:f9:48:04:4d:
2a:4b:fe:e5:7a:07:d8:63:d8:81:db:7e:30:34:e3:64:90:e6:
99:a7:43:04:51:fa:04:fe:f7:30:00:22:3b:d5:31:00:98:53:
69:f8:72:ba:64:2c:c4:9c:e8:76:97:29:b9:a4:0b:01:8c:52:
5a:cc:d6:0b:a8:ac:67:5d:ec:3d:04:13:c1:c9:23:e8:d3:fe:
8d:2f:3d:94:d0:8b:53:ac:a5:3c:d4:9e:22:c5:3f:91:81:bc:
4a:b9:d8:ba:ad:90:bc:df:5d:56:23:b6:23:90:61:24:ea:4d:
bb:44:e3:0c:d1:d9:01:1b:d7:c5:d8:2a:25:49:5f:22:7a:1c:
91:c0:cb:68:5d:56:42:68:b1:fd:60:ca:bb:e6:f7:eb:06:a6:
d0:f2:ae:05:e3:42:eb:be:6d:bb:66:06:18:01:fc:68:27:02:
d0:0d:da:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhzPY60QiUB5leImD0fHrlhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MjAxZjYwOWU3YTg5M2RhODZjZjBlYmJjYTRiYmY0NzI3
OWQ2MTcwHhcNMjUwODA0MDQwMTEwWhcNMjUwODA1MDQwMTEwWjAzMTEwLwYDVQQD
EyhjOTk1YzU5MTZmMGJlZGNmMDViZjYxYWYwM2E0OTY3OWM4MjU4YjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtiop7WYZ1SGNt6Ajsfdp9hR6N7K
tJK8vLlWAutKwf2OCZQVAmA6VHjOfsPNWg4MLyElrwgB3Y7KumOVcOkc0ChpR4TK
1TO+QBe7ZMd59O1kv3NERlJ4Ra5N4hfuvOdLrrxrM5IoGnngpauhlh4obfs62CEJ
tmC9W6JjOZsodXhwI6UQoFKZ3UuN7lBrSuGEzehlAQZNZ3WrfwLsYPwwvDFy2Dbw
eOlsP7YO9cQ+MXFg1UsIc+6jqUyHioRTVUWAkVK4iJ/vtr0HQc/GWgoyyQqaiNIl
TDLiSL5unONfk125q3oX0bJ0m+VMcjEQQlKFRjUNkWN4wLei5qkij8pWiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMmVxZFvC+3PBb9hrwOklnnIJYs1MB8GA1UdIwQY
MBaAFJkgH2Ceeok9qGzw67yku/RyedYXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVNBZllKNTZpVDJvYlBEcnZLUzc5SEo1MWhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni82NTM2ZjktODdkZC00ZWRkLWIwMWMt
YjIzMTcyZWI4MWZiLzEvbVNBZllKNTZpVDJvYlBEcnZLUzc5SEo1MWhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni82NTM2ZjktODdkZC00ZWRkLWIwMWMtYjIzMTcyZWI4MWZi
LzEvbVNBZllKNTZpVDJvYlBEcnZLUzc5SEo1MWhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhanvW3fq
vYNCqYfR/Y8wuj4zCdcUNLuI2mKu64DMTT3NzSZjmiGuq/GIpAV8YOJA1fFQy5Eu
ROeWeCXNIa8aBSohjnuJD8R5mgOcXh5KVSLyn/lARav5SARNKkv+5XoH2GPYgdt+
MDTjZJDmmadDBFH6BP73MAAiO9UxAJhTafhyumQsxJzodpcpuaQLAYxSWszWC6is
Z13sPQQTwckj6NP+jS89lNCLU6ylPNSeIsU/kYG8SrnYuq2QvN9dViO2I5BhJOpN
u0TjDNHZARvXxdgqJUlfInockcDLaF1WQmix/WDKu+b36wam0PKuBeNC675tu2YG
GAH8aCcC0A3a5g==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:22:09 2025 by rpki-client