Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
File: Mh6FAflfcDdNRXa5sM1VW68fNas.mft (raw, json)
Hash identifier: jlqvPMZdDl7N/BfTS7Wp92a+/vVfhc05+8fnh0FHSr0=
Subject key identifier: 3B:FA:3D:09:0B:AD:D9:60:8E:68:64:E5:A5:10:BD:F5:9E:E9:02:5A
Authority key identifier: 32:1E:85:01:F9:5F:70:37:4D:45:76:B9:B0:CD:55:5B:AF:1F:35:AB
Certificate issuer: /CN=321e8501f95f70374d4576b9b0cd555baf1f35ab
Certificate serial: 019893A44354D4527CB24D630FDC26FEBC1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
Manifest number: 1625
Signing time: Sun 10 Aug 2025 11:01:12 +0000
Manifest this update: Sun 10 Aug 2025 11:01:12 +0000
Manifest next update: Mon 11 Aug 2025 11:01:12 +0000
Files and hashes: 1: Mh6FAflfcDdNRXa5sM1VW68fNas.crl (hash: MvRPSkUIMbkTSnQkZP5TGn1m9bRk9Z04EdMQIwpbNXA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 08:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:93:a4:43:54:d4:52:7c:b2:4d:63:0f:dc:26:fe:bc:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=321e8501f95f70374d4576b9b0cd555baf1f35ab
Validity
Not Before: Aug 10 11:01:12 2025 GMT
Not After : Aug 11 11:01:12 2025 GMT
Subject: CN=3bfa3d090badd9608e6864e5a510bdf59ee9025a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:5b:db:aa:b3:33:fb:e6:d6:59:f2:b4:87:53:
38:02:cf:40:89:67:06:4a:1b:df:b9:ca:f0:99:74:
22:27:35:f9:3e:7d:cf:5a:9a:56:0a:0b:15:d1:60:
4d:2f:a9:d0:ab:29:fc:bb:b2:7b:e0:b8:02:9d:14:
95:55:8c:87:ec:8b:5a:bd:22:41:7f:4f:9b:7d:3a:
ec:d3:12:f6:34:80:77:a4:38:9a:9a:c2:06:f6:c4:
d4:f6:81:06:50:31:1c:fc:8f:a1:b1:62:ae:76:fd:
79:fc:48:c1:5a:92:78:47:4a:23:9a:af:77:00:53:
67:bf:65:44:0f:ab:e5:4c:57:b4:29:4f:60:35:ae:
14:6d:ec:f7:5b:16:56:3e:3c:63:a9:f4:73:d7:be:
73:82:ac:0e:2c:df:ca:d2:48:0b:bf:0a:80:da:ad:
98:b4:b7:9f:f7:3b:d3:7b:32:7f:f9:f7:3f:fc:22:
81:88:8f:1b:85:dc:c2:2f:14:3b:8f:70:2a:a3:c0:
6a:8f:6d:90:85:8a:26:25:7c:55:1b:9a:d1:54:c0:
aa:3f:94:31:b3:34:af:53:7b:c9:a4:71:5b:66:ca:
0c:dd:a0:58:45:76:84:4a:94:90:d9:32:62:a8:9b:
a8:30:2c:ff:7f:a1:67:2d:54:a9:5c:10:a9:77:f5:
f9:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:FA:3D:09:0B:AD:D9:60:8E:68:64:E5:A5:10:BD:F5:9E:E9:02:5A
X509v3 Authority Key Identifier:
keyid:32:1E:85:01:F9:5F:70:37:4D:45:76:B9:B0:CD:55:5B:AF:1F:35:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
91:24:be:23:c3:75:64:90:a1:20:79:4f:63:bf:c8:68:78:ec:
b0:d8:77:d3:e0:45:5f:b1:92:3d:f5:a7:a8:d4:c9:bd:53:19:
24:f4:e2:ee:34:b3:b1:b0:39:b8:c3:62:71:8f:6b:4c:04:71:
7d:d0:87:ef:eb:e0:c9:5f:31:91:49:8c:f4:3b:e1:6c:ac:04:
23:ee:5f:8e:fa:ae:b4:ff:92:4b:52:05:3a:52:a4:76:24:cd:
ae:c8:a1:f6:44:4c:29:c3:54:5e:a8:7d:93:c3:43:7e:05:9b:
8e:3e:53:25:0e:cf:b5:5f:11:d0:a9:4c:2e:e6:20:8c:2f:f5:
29:4e:03:92:76:0b:81:1f:2a:fd:26:a7:3b:36:0c:6a:43:43:
ca:76:13:d3:61:06:55:f4:25:f8:4a:e7:68:48:a6:52:96:fd:
48:25:e9:5b:c4:62:44:8e:86:52:1a:c9:a5:ee:e5:9b:ce:23:
1d:30:4c:02:09:9e:9a:14:2c:8e:f2:67:b9:ec:33:72:b2:98:
2d:d9:14:4a:7b:eb:0b:a1:57:76:79:e2:e0:52:52:01:d2:85:
fc:9a:0a:85:c1:46:59:6f:9c:34:e8:ff:34:68:2a:7c:3c:5c:
99:f0:7a:35:34:90:50:74:70:ac:3a:05:13:dc:4e:33:8e:74:
aa:08:a9:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiTpENU1FJ8sk1jD9wm/rwaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMWU4NTAxZjk1ZjcwMzc0ZDQ1NzZiOWIwY2Q1NTViYWYx
ZjM1YWIwHhcNMjUwODEwMTEwMTEyWhcNMjUwODExMTEwMTEyWjAzMTEwLwYDVQQD
EygzYmZhM2QwOTBiYWRkOTYwOGU2ODY0ZTVhNTEwYmRmNTllZTkwMjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFvbqrMz++bWWfK0h1M4As9AiWcG
ShvfucrwmXQiJzX5Pn3PWppWCgsV0WBNL6nQqyn8u7J74LgCnRSVVYyH7ItavSJB
f0+bfTrs0xL2NIB3pDiamsIG9sTU9oEGUDEc/I+hsWKudv15/EjBWpJ4R0ojmq93
AFNnv2VED6vlTFe0KU9gNa4Ubez3WxZWPjxjqfRz175zgqwOLN/K0kgLvwqA2q2Y
tLef9zvTezJ/+fc//CKBiI8bhdzCLxQ7j3Aqo8Bqj22QhYomJXxVG5rRVMCqP5Qx
szSvU3vJpHFbZsoM3aBYRXaESpSQ2TJiqJuoMCz/f6FnLVSpXBCpd/X5aQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDv6PQkLrdlgjmhk5aUQvfWe6QJaMB8GA1UdIwQY
MBaAFDIehQH5X3A3TUV2ubDNVVuvHzWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xNmJmMjgtODQyYi00OGZhLTg5NGQt
ZmJmNzU3NWFhY2UyLzEvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8xNmJmMjgtODQyYi00OGZhLTg5NGQtZmJmNzU3NWFhY2Uy
LzEvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkSS+I8N1
ZJChIHlPY7/IaHjssNh30+BFX7GSPfWnqNTJvVMZJPTi7jSzsbA5uMNicY9rTARx
fdCH7+vgyV8xkUmM9DvhbKwEI+5fjvqutP+SS1IFOlKkdiTNrsih9kRMKcNUXqh9
k8NDfgWbjj5TJQ7PtV8R0KlMLuYgjC/1KU4DknYLgR8q/SanOzYMakNDynYT02EG
VfQl+ErnaEimUpb9SCXpW8RiRI6GUhrJpe7lm84jHTBMAgmemhQsjvJnuewzcrKY
LdkUSnvrC6FXdnni4FJSAdKF/JoKhcFGWW+cNOj/NGgqfDxcmfB6NTSQUHRwrDoF
E9xOM450qgip1Q==
-----END CERTIFICATE-----
Generated at Sun Aug 10 13:47:32 2025 by rpki-client