
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
File: r433xPeRM3MP4-aJR3enlgSly3k.mft (raw, json)
Hash identifier: TRAKk4SuZZbk7bQKAKwTMTeaPKgTNH1WcBXjsMomgvQ=
Subject key identifier: A3:6D:03:7A:C1:93:8A:54:BE:BF:24:89:05:D6:5E:54:6C:72:BB:FC
Authority key identifier: AF:8D:F7:C4:F7:91:33:73:0F:E3:E6:89:47:77:A7:96:04:A5:CB:79
Certificate issuer: /CN=af8df7c4f79133730fe3e6894777a79604a5cb79
Certificate serial: 0198865638354B5A42A9B54A861340487514
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
Manifest number: 1620
Signing time: Thu 07 Aug 2025 21:00:54 +0000
Manifest this update: Thu 07 Aug 2025 21:00:54 +0000
Manifest next update: Fri 08 Aug 2025 21:00:54 +0000
Files and hashes: 1: Sj0PB6C71UQWy93CM-Vpj4pjoBg.roa (hash: StQmSXi8WTjztpX70qdwwtDI4sB0dsxFMynA07YhLgY=)
2: r433xPeRM3MP4-aJR3enlgSly3k.crl (hash: ux21iBKA9x5O+sbO9H6u3hW6ZE9pNFdXAOTSD4Kqbvc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Aug 2025 17:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:86:56:38:35:4b:5a:42:a9:b5:4a:86:13:40:48:75:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af8df7c4f79133730fe3e6894777a79604a5cb79
Validity
Not Before: Aug 7 21:00:54 2025 GMT
Not After : Aug 8 21:00:54 2025 GMT
Subject: CN=a36d037ac1938a54bebf248905d65e546c72bbfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:1a:aa:40:9b:fc:e3:77:74:43:ff:da:fb:2e:
23:92:2b:4a:00:8a:fb:54:4e:06:ba:c7:9a:ce:b0:
4f:eb:25:65:31:b2:da:fc:70:dd:97:6b:b2:0f:b4:
74:08:ee:42:80:b9:11:03:17:e2:ca:41:17:55:14:
f0:4d:12:b8:99:c5:44:38:2f:76:c5:a9:cd:a9:10:
ff:aa:56:21:98:b2:f6:a3:c8:37:84:bd:cc:59:29:
cf:3d:8b:ec:95:c2:8d:cb:b2:65:dd:f7:36:be:88:
27:f0:fb:61:d0:ad:52:d6:bb:36:f7:18:be:e4:d3:
ca:c6:55:50:c5:e4:a0:d0:df:23:d3:97:d3:64:54:
a1:44:0a:d2:6d:dc:2b:9d:ba:2a:05:7a:c6:e1:9f:
f8:0c:96:87:f9:57:4e:6e:42:55:fe:d7:b3:b4:47:
b2:48:71:6e:ed:eb:86:d4:68:e4:64:47:da:bb:c5:
1d:de:9e:05:df:33:da:f5:fb:ab:ae:8c:ef:45:45:
36:ae:7b:8b:e5:93:77:62:b2:b1:72:81:d4:26:fe:
f0:c7:fb:91:e8:70:3f:61:e4:84:c8:d3:d0:e9:bb:
57:91:15:ab:fc:84:20:0c:26:61:6f:ab:2f:fe:53:
f8:2f:77:2b:cf:b9:14:b7:7f:65:b6:e7:18:eb:e7:
67:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:6D:03:7A:C1:93:8A:54:BE:BF:24:89:05:D6:5E:54:6C:72:BB:FC
X509v3 Authority Key Identifier:
keyid:AF:8D:F7:C4:F7:91:33:73:0F:E3:E6:89:47:77:A7:96:04:A5:CB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
33:5f:4e:c9:35:ca:c3:48:b7:cb:6d:a2:81:e5:60:fe:e7:e4:
d1:6b:d7:c4:41:8c:e5:2d:a7:67:6c:7c:1d:d3:58:dc:a5:87:
b4:7f:d3:bf:bd:02:c0:f5:4f:55:38:2a:19:a7:2c:69:86:68:
7d:62:09:fc:6b:9c:cb:c6:49:ab:a2:0c:e1:91:a6:ec:1f:0b:
ec:3f:d1:3f:07:53:2a:2d:43:de:db:82:e9:5d:58:f1:d4:99:
ed:63:82:ec:5d:e3:69:c4:64:6e:c0:68:87:39:51:b2:b9:cc:
aa:48:4f:59:4f:3d:ea:18:78:20:7a:3b:67:85:bc:88:19:8a:
be:40:ee:12:0c:95:2a:d7:43:63:e6:48:79:92:19:5d:2b:b8:
e3:71:1b:f8:d2:fe:b4:be:a4:84:ee:ad:d2:cc:25:5b:62:99:
10:5b:29:ea:47:3b:9f:ee:35:0b:33:c4:5e:ba:75:c7:17:e5:
81:7d:2a:b9:d6:d0:a0:a0:27:c3:06:a7:e8:76:1f:4d:88:e1:
10:12:3d:a7:a6:3f:df:f1:80:ac:5e:3d:90:06:c1:f4:46:e5:
c5:07:55:8e:7d:27:19:f6:f5:ca:b3:42:7d:66:bd:64:2e:57:
89:85:8f:fb:2a:23:e7:df:42:cc:47:24:f0:b2:12:25:2e:a4:
ee:dc:cd:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiGVjg1S1pCqbVKhhNASHUUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOGRmN2M0Zjc5MTMzNzMwZmUzZTY4OTQ3NzdhNzk2MDRh
NWNiNzkwHhcNMjUwODA3MjEwMDU0WhcNMjUwODA4MjEwMDU0WjAzMTEwLwYDVQQD
EyhhMzZkMDM3YWMxOTM4YTU0YmViZjI0ODkwNWQ2NWU1NDZjNzJiYmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5xqqQJv843d0Q//a+y4jkitKAIr7
VE4GuseazrBP6yVlMbLa/HDdl2uyD7R0CO5CgLkRAxfiykEXVRTwTRK4mcVEOC92
xanNqRD/qlYhmLL2o8g3hL3MWSnPPYvslcKNy7Jl3fc2vogn8Pth0K1S1rs29xi+
5NPKxlVQxeSg0N8j05fTZFShRArSbdwrnboqBXrG4Z/4DJaH+VdObkJV/teztEey
SHFu7euG1GjkZEfau8Ud3p4F3zPa9furrozvRUU2rnuL5ZN3YrKxcoHUJv7wx/uR
6HA/YeSEyNPQ6btXkRWr/IQgDCZhb6sv/lP4L3crz7kUt39ltucY6+dnHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKNtA3rBk4pUvr8kiQXWXlRscrv8MB8GA1UdIwQY
MBaAFK+N98T3kTNzD+PmiUd3p5YEpct5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC81MGZmMDAtNzc3YS00MTFkLTkzOGIt
ZjRkNjBlY2RmMmIyLzEvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC81MGZmMDAtNzc3YS00MTFkLTkzOGItZjRkNjBlY2RmMmIy
LzEvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM19OyTXK
w0i3y22igeVg/ufk0WvXxEGM5S2nZ2x8HdNY3KWHtH/Tv70CwPVPVTgqGacsaYZo
fWIJ/Gucy8ZJq6IM4ZGm7B8L7D/RPwdTKi1D3tuC6V1Y8dSZ7WOC7F3jacRkbsBo
hzlRsrnMqkhPWU896hh4IHo7Z4W8iBmKvkDuEgyVKtdDY+ZIeZIZXSu443Eb+NL+
tL6khO6t0swlW2KZEFsp6kc7n+41CzPEXrp1xxflgX0qudbQoKAnwwan6HYfTYjh
EBI9p6Y/3/GArF49kAbB9EblxQdVjn0nGfb1yrNCfWa9ZC5XiYWP+yoj599CzEck
8LISJS6k7tzNEQ==
-----END CERTIFICATE-----
Generated at Fri Aug 8 00:33:34 2025 by rpki-client