Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/779260-7be9-4b66-9df0-409176f846d3/1/2q8P82XUvZCN6QLu2gOyecL4CdM.mft
File: 2q8P82XUvZCN6QLu2gOyecL4CdM.mft (raw, json)
Hash identifier: kBEpn6j8qyiQeP/FXUw1mDSPRV3rSlsgwYeP2o1irqc=
Subject key identifier: 3F:12:21:65:B2:04:89:6F:07:EC:C7:F1:E2:C3:39:0D:F4:72:DB:5B
Authority key identifier: DA:AF:0F:F3:65:D4:BD:90:8D:E9:02:EE:DA:03:B2:79:C2:F8:09:D3
Certificate issuer: /CN=daaf0ff365d4bd908de902eeda03b279c2f809d3
Certificate serial: 01988B0FD48B4DD350EBD5F92C194B2DA1A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8P82XUvZCN6QLu2gOyecL4CdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/779260-7be9-4b66-9df0-409176f846d3/1/2q8P82XUvZCN6QLu2gOyecL4CdM.mft
Manifest number: 0DC2
Signing time: Fri 08 Aug 2025 19:02:07 +0000
Manifest this update: Fri 08 Aug 2025 19:02:07 +0000
Manifest next update: Sat 09 Aug 2025 19:02:07 +0000
Files and hashes: 1: 2q8P82XUvZCN6QLu2gOyecL4CdM.crl (hash: X6g9oEM6ntuuVyV2l9V8W7yOaQGJgDTxq97MP9ZIwqM=)
2: ydjVuxhclCo9WITtZ8reVakuUyk.roa (hash: xSeH/WCDjMoX4ZrZ3Xlx1/Z9w0yzrfN0W1h+i1dlTy8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/779260-7be9-4b66-9df0-409176f846d3/1/2q8P82XUvZCN6QLu2gOyecL4CdM.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/779260-7be9-4b66-9df0-409176f846d3/1/2q8P82XUvZCN6QLu2gOyecL4CdM.mft
rsync://rpki.ripe.net/repository/DEFAULT/2q8P82XUvZCN6QLu2gOyecL4CdM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 11:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:8b:0f:d4:8b:4d:d3:50:eb:d5:f9:2c:19:4b:2d:a1:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf0ff365d4bd908de902eeda03b279c2f809d3
Validity
Not Before: Aug 8 19:02:07 2025 GMT
Not After : Aug 9 19:02:07 2025 GMT
Subject: CN=3f122165b204896f07ecc7f1e2c3390df472db5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d1:1d:f8:0e:3f:12:7f:05:d6:cf:8d:74:0c:
27:ab:2f:e6:bc:fd:ff:b7:c0:5c:0c:e3:1f:48:3c:
84:27:be:a6:ca:03:19:24:48:b9:dc:e0:94:6d:07:
cb:12:83:10:c4:2c:e6:f0:f4:9d:14:3b:72:dd:e6:
b4:e8:01:63:78:65:c0:9c:32:fb:74:5a:31:71:3e:
d5:3c:60:21:ae:1c:9c:36:f8:1d:4b:49:7b:75:2b:
b4:fd:0c:53:79:78:d4:a3:3c:c5:fa:2c:1b:c7:3f:
d5:d8:30:f1:2d:1b:31:8c:bf:6a:4e:e2:b2:e8:bd:
32:a0:bc:d6:56:34:82:b1:6c:04:53:d8:87:fb:22:
ba:86:b7:d2:53:ae:f8:88:5d:3c:04:ee:df:b1:69:
f0:ee:a1:89:80:a8:88:3a:6b:d8:27:51:37:37:42:
3a:0c:ee:b5:c5:74:ff:34:16:3a:24:62:58:5e:21:
e1:0e:3b:7c:8b:a2:47:7e:49:87:7a:f6:e1:d0:03:
37:57:a9:c5:3a:e1:6c:67:c2:48:c3:30:ed:7d:f1:
73:83:49:8c:83:01:ec:07:45:ff:f5:b5:cc:ea:64:
03:66:eb:04:fa:32:a6:53:fd:05:10:69:44:a5:da:
67:41:7a:eb:b2:29:4a:d2:56:45:35:1b:a6:ee:62:
b1:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:12:21:65:B2:04:89:6F:07:EC:C7:F1:E2:C3:39:0D:F4:72:DB:5B
X509v3 Authority Key Identifier:
keyid:DA:AF:0F:F3:65:D4:BD:90:8D:E9:02:EE:DA:03:B2:79:C2:F8:09:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8P82XUvZCN6QLu2gOyecL4CdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/779260-7be9-4b66-9df0-409176f846d3/1/2q8P82XUvZCN6QLu2gOyecL4CdM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/779260-7be9-4b66-9df0-409176f846d3/1/2q8P82XUvZCN6QLu2gOyecL4CdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5a:2e:28:c0:45:50:01:c1:57:6c:cc:c7:46:d8:64:3e:31:c9:
cf:17:02:ea:74:5e:35:b0:bc:27:4e:31:f9:9d:4a:a3:4c:78:
8a:63:cb:a0:c2:3a:c3:5e:32:8e:68:5d:60:93:3a:32:d6:1c:
bf:f6:dc:20:7f:85:90:fa:42:5b:3f:2f:7a:c5:09:f2:84:d0:
41:12:69:25:5c:74:7e:fa:07:e2:02:88:a4:74:4e:3d:b5:15:
0d:a5:18:75:46:dc:06:cf:bf:9f:61:39:14:6d:7a:ba:8f:bf:
2f:3b:97:e6:bf:cc:5f:51:af:31:69:29:35:87:a2:ac:95:78:
39:0b:f4:ce:64:47:ea:0a:d3:3e:34:50:75:5b:83:46:b9:43:
95:62:8a:88:8c:16:0f:c1:81:ce:35:ac:2c:88:2c:91:fd:62:
dd:29:2d:b0:60:9e:1e:7a:fb:46:74:c3:76:af:fb:ab:84:5f:
40:ec:15:ac:e2:0b:bf:03:df:26:67:2a:d7:5d:f6:5b:76:56:
d8:df:09:76:69:9d:bc:6e:15:9b:66:f6:08:85:f6:3f:c0:01:
fc:ef:0d:d4:64:cd:54:34:74:68:2a:80:22:41:80:0a:22:0a:
cd:3c:bb:4d:fb:4a:e8:7f:76:fa:18:57:6a:7e:e3:b7:0b:d5:
40:8d:16:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLD9SLTdNQ69X5LBlLLaGjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYwZmYzNjVkNGJkOTA4ZGU5MDJlZWRhMDNiMjc5YzJm
ODA5ZDMwHhcNMjUwODA4MTkwMjA3WhcNMjUwODA5MTkwMjA3WjAzMTEwLwYDVQQD
EygzZjEyMjE2NWIyMDQ4OTZmMDdlY2M3ZjFlMmMzMzkwZGY0NzJkYjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndEd+A4/En8F1s+NdAwnqy/mvP3/
t8BcDOMfSDyEJ76mygMZJEi53OCUbQfLEoMQxCzm8PSdFDty3ea06AFjeGXAnDL7
dFoxcT7VPGAhrhycNvgdS0l7dSu0/QxTeXjUozzF+iwbxz/V2DDxLRsxjL9qTuKy
6L0yoLzWVjSCsWwEU9iH+yK6hrfSU674iF08BO7fsWnw7qGJgKiIOmvYJ1E3N0I6
DO61xXT/NBY6JGJYXiHhDjt8i6JHfkmHevbh0AM3V6nFOuFsZ8JIwzDtffFzg0mM
gwHsB0X/9bXM6mQDZusE+jKmU/0FEGlEpdpnQXrrsilK0lZFNRum7mKxiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD8SIWWyBIlvB+zH8eLDOQ30cttbMB8GA1UdIwQY
MBaAFNqvD/Nl1L2QjekC7toDsnnC+AnTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4UDgyWFV2WkNONlFMdTJnT3llY0w0Q2RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS83NzkyNjAtN2JlOS00YjY2LTlkZjAt
NDA5MTc2Zjg0NmQzLzEvMnE4UDgyWFV2WkNONlFMdTJnT3llY0w0Q2RNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS83NzkyNjAtN2JlOS00YjY2LTlkZjAtNDA5MTc2Zjg0NmQz
LzEvMnE4UDgyWFV2WkNONlFMdTJnT3llY0w0Q2RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWi4owEVQ
AcFXbMzHRthkPjHJzxcC6nReNbC8J04x+Z1Ko0x4imPLoMI6w14yjmhdYJM6MtYc
v/bcIH+FkPpCWz8vesUJ8oTQQRJpJVx0fvoH4gKIpHROPbUVDaUYdUbcBs+/n2E5
FG16uo+/LzuX5r/MX1GvMWkpNYeirJV4OQv0zmRH6grTPjRQdVuDRrlDlWKKiIwW
D8GBzjWsLIgskf1i3SktsGCeHnr7RnTDdq/7q4RfQOwVrOILvwPfJmcq1132W3ZW
2N8JdmmdvG4Vm2b2CIX2P8AB/O8N1GTNVDR0aCqAIkGACiIKzTy7TftK6H92+hhX
an7jtwvVQI0Wog==
-----END CERTIFICATE-----
Generated at Fri Aug 8 20:41:31 2025 by rpki-client