Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft
File: CKkhe9gwYnyz5lfAuQY8giNN28s.mft (raw, json)
Hash identifier: 7lNqhCjawAb7ao/rhVLC+BopOUBh+Bf0sys+sjLCriY=
Subject key identifier: D3:FC:B8:90:95:BC:06:A3:49:F2:69:EB:BA:A9:84:CC:B7:5C:E1:13
Authority key identifier: 08:A9:21:7B:D8:30:62:7C:B3:E6:57:C0:B9:06:3C:82:23:4D:DB:CB
Certificate issuer: /CN=08a9217bd830627cb3e657c0b9063c82234ddbcb
Certificate serial: 01988F5A2F01DC6293F299BC5F60B37732F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft
Manifest number: 1628
Signing time: Sat 09 Aug 2025 15:01:48 +0000
Manifest this update: Sat 09 Aug 2025 15:01:48 +0000
Manifest next update: Sun 10 Aug 2025 15:01:48 +0000
Files and hashes: 1: 34veN2ucTJBbi388PrmLekhLRzM.roa (hash: zPkkR8nXQL9mfEVd+D/kn8bIVDt7EDLAoyKRPC1BVEk=)
2: CKkhe9gwYnyz5lfAuQY8giNN28s.crl (hash: bqhjOjURZmbI17Pffak75tfkVhwxzAaZLYZgmq9c59U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft
rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 14:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:8f:5a:2f:01:dc:62:93:f2:99:bc:5f:60:b3:77:32:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08a9217bd830627cb3e657c0b9063c82234ddbcb
Validity
Not Before: Aug 9 15:01:48 2025 GMT
Not After : Aug 10 15:01:48 2025 GMT
Subject: CN=d3fcb89095bc06a349f269ebbaa984ccb75ce113
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:09:16:cc:de:ea:0c:d6:0a:76:3e:82:f7:1c:
c9:90:36:e1:da:7a:b4:f3:bf:8b:26:d4:b0:b0:35:
41:b5:06:fa:60:6f:ef:8f:f6:28:7b:24:d9:2a:9b:
90:43:49:24:ae:14:f4:2c:28:4a:c0:77:fa:dc:32:
5d:7a:83:5c:85:22:19:99:75:25:35:be:9c:f9:6c:
80:42:c1:0f:a0:01:48:a2:60:fe:93:69:5c:8e:eb:
40:df:e1:d1:9c:c2:ad:58:29:8e:4b:70:13:36:bc:
a8:e7:3a:71:0c:7c:8e:ed:f9:93:4b:05:cc:af:b0:
b3:9e:ed:7c:ff:35:59:45:55:e3:b4:57:1b:98:3d:
8a:64:25:ff:cf:5d:60:72:9c:46:cf:54:97:23:ef:
de:52:8d:52:21:91:54:1f:49:82:1a:c5:f3:bc:03:
37:d5:63:76:62:60:34:02:2c:ba:43:e9:0b:bb:da:
43:a1:d8:90:fe:3c:de:23:ed:ae:36:74:6d:4c:c6:
ae:01:b5:b3:b2:b7:51:85:05:ad:d6:a0:95:0c:40:
1a:bb:d3:70:e5:73:e8:8e:ab:40:a8:d6:fa:a1:1a:
fe:e2:d3:66:0c:8d:63:08:5a:84:8a:b5:67:a1:9c:
4f:da:d4:5e:31:de:ba:2e:02:22:2a:29:ba:8b:64:
a0:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:FC:B8:90:95:BC:06:A3:49:F2:69:EB:BA:A9:84:CC:B7:5C:E1:13
X509v3 Authority Key Identifier:
keyid:08:A9:21:7B:D8:30:62:7C:B3:E6:57:C0:B9:06:3C:82:23:4D:DB:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
80:e3:0a:c5:bc:e2:2e:c5:fe:2c:56:f8:64:6e:3b:41:6e:34:
c2:57:7d:b5:91:e4:16:7c:b4:a1:2d:de:e3:61:1e:a0:8c:47:
83:eb:81:93:3e:d2:62:4c:94:31:db:cf:e9:89:54:62:d3:d8:
cd:0f:dc:ff:dd:e1:d6:cf:0c:82:31:88:9d:70:72:e3:06:70:
41:2f:c3:88:43:dd:78:c6:4c:dc:e2:57:89:fd:38:b7:d9:c0:
75:7e:ca:a9:ed:b0:4c:39:ee:9a:c5:df:ec:d6:f8:09:e1:b7:
2c:73:a8:e4:32:cc:e5:88:f9:df:ff:0c:1c:5c:fe:bd:fa:a9:
5b:36:6e:10:72:5b:c8:c2:9b:7d:ca:2e:d6:f5:7a:7f:c0:5d:
47:88:3e:e5:fa:16:1e:e4:2f:fd:bc:88:7c:95:fa:e4:e9:0d:
67:93:37:1d:fa:04:11:4e:29:73:91:3e:67:4d:56:25:8c:c9:
4e:8d:26:b5:33:49:a1:4b:a5:29:76:c4:d9:e3:7f:35:b5:fa:
4e:17:3f:4c:bd:f1:eb:dc:26:b5:a7:bc:e0:a5:86:65:70:4a:
1e:9c:9f:ec:34:54:99:2a:47:a2:55:91:5f:32:df:53:f8:f0:
1a:a6:eb:44:b9:94:65:7f:eb:df:42:14:73:bb:03:02:d3:e9:
ac:69:ad:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiPWi8B3GKT8pm8X2CzdzL1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YTkyMTdiZDgzMDYyN2NiM2U2NTdjMGI5MDYzYzgyMjM0
ZGRiY2IwHhcNMjUwODA5MTUwMTQ4WhcNMjUwODEwMTUwMTQ4WjAzMTEwLwYDVQQD
EyhkM2ZjYjg5MDk1YmMwNmEzNDlmMjY5ZWJiYWE5ODRjY2I3NWNlMTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzwkWzN7qDNYKdj6C9xzJkDbh2nq0
87+LJtSwsDVBtQb6YG/vj/YoeyTZKpuQQ0kkrhT0LChKwHf63DJdeoNchSIZmXUl
Nb6c+WyAQsEPoAFIomD+k2lcjutA3+HRnMKtWCmOS3ATNryo5zpxDHyO7fmTSwXM
r7Cznu18/zVZRVXjtFcbmD2KZCX/z11gcpxGz1SXI+/eUo1SIZFUH0mCGsXzvAM3
1WN2YmA0Aiy6Q+kLu9pDodiQ/jzeI+2uNnRtTMauAbWzsrdRhQWt1qCVDEAau9Nw
5XPojqtAqNb6oRr+4tNmDI1jCFqEirVnoZxP2tReMd66LgIiKim6i2SgywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNP8uJCVvAajSfJp67qphMy3XOETMB8GA1UdIwQY
MBaAFAipIXvYMGJ8s+ZXwLkGPIIjTdvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0traGU5Z3dZbnl6NWxmQXVRWThnaU5OMjhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC83ZGRlNDQtZDdiNS00OGRhLWJjNjgt
MmM1YmFjMzVjMzQ0LzEvQ0traGU5Z3dZbnl6NWxmQXVRWThnaU5OMjhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC83ZGRlNDQtZDdiNS00OGRhLWJjNjgtMmM1YmFjMzVjMzQ0
LzEvQ0traGU5Z3dZbnl6NWxmQXVRWThnaU5OMjhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgOMKxbzi
LsX+LFb4ZG47QW40wld9tZHkFny0oS3e42EeoIxHg+uBkz7SYkyUMdvP6YlUYtPY
zQ/c/93h1s8MgjGInXBy4wZwQS/DiEPdeMZM3OJXif04t9nAdX7Kqe2wTDnumsXf
7Nb4CeG3LHOo5DLM5Yj53/8MHFz+vfqpWzZuEHJbyMKbfcou1vV6f8BdR4g+5foW
HuQv/byIfJX65OkNZ5M3HfoEEU4pc5E+Z01WJYzJTo0mtTNJoUulKXbE2eN/NbX6
Thc/TL3x69wmtae84KWGZXBKHpyf7DRUmSpHolWRXzLfU/jwGqbrRLmUZX/r30IU
c7sDAtPprGmtUA==
-----END CERTIFICATE-----
Generated at Sat Aug 9 23:07:29 2025 by rpki-client