Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
File: bNmlABXpaTdlb8DKW21WXkWb02A.mft (raw, json)
Hash identifier: S/MTDF+CeM/gLIskQIKQWul85RqEhfINxArw/hSJuaY=
Subject key identifier: 67:9C:78:74:58:B3:0E:05:AF:44:5E:49:F3:95:0D:8F:42:1F:BA:6A
Authority key identifier: 6C:D9:A5:00:15:E9:69:37:65:6F:C0:CA:5B:6D:56:5E:45:9B:D3:60
Certificate issuer: /CN=6cd9a50015e96937656fc0ca5b6d565e459bd360
Certificate serial: 01988EED35E464477679F75D4BB11678F6F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
Manifest number: 1623
Signing time: Sat 09 Aug 2025 13:02:47 +0000
Manifest this update: Sat 09 Aug 2025 13:02:47 +0000
Manifest next update: Sun 10 Aug 2025 13:02:47 +0000
Files and hashes: 1: bNmlABXpaTdlb8DKW21WXkWb02A.crl (hash: ijaqlJME+pQ00yG4mGaldpJVFIVjJpLQEiym3INC5G4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 13:02:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:8e:ed:35:e4:64:47:76:79:f7:5d:4b:b1:16:78:f6:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cd9a50015e96937656fc0ca5b6d565e459bd360
Validity
Not Before: Aug 9 13:02:47 2025 GMT
Not After : Aug 10 13:02:47 2025 GMT
Subject: CN=679c787458b30e05af445e49f3950d8f421fba6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:17:77:f2:e1:71:13:70:95:40:20:f6:ef:fd:
50:1f:c7:2d:98:9d:62:a8:5a:73:4c:93:ee:76:19:
73:79:ae:d2:09:ce:4d:c0:80:a9:c8:cb:a4:20:4c:
6b:96:ef:b3:0a:4f:1e:9c:4b:e3:70:dc:2b:a9:2a:
e6:3b:ed:b0:d1:ba:6b:fe:a8:54:67:94:3a:39:ea:
b1:44:ac:6a:33:4b:a7:6d:7d:f5:91:6c:90:70:f5:
88:fb:ad:31:86:a8:6d:16:63:80:9d:34:e5:0f:0e:
1d:22:5a:a4:3e:a8:5b:f4:0d:83:e0:db:62:de:80:
a4:f1:e3:13:96:2a:43:cd:a0:20:02:a5:77:14:8c:
dd:15:24:9f:2e:87:90:8c:ce:02:c8:64:c5:f6:14:
cc:a5:35:96:4b:39:49:f7:6b:49:4e:54:dd:f8:e6:
54:a1:97:70:c1:5b:42:fa:9e:d2:09:d7:f9:c1:31:
9a:dc:2b:b7:f6:d8:99:65:51:34:0e:ae:19:13:21:
5c:ef:93:35:ab:57:68:c8:b7:7f:72:b4:d0:3a:b0:
c8:85:0e:80:dc:80:32:cc:44:d2:17:a4:27:7a:96:
00:d1:a6:c3:48:22:f9:45:7e:0e:5f:1a:8c:1e:93:
59:2e:d7:22:2d:24:cf:cb:7b:b3:1f:57:a0:93:7b:
8a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:9C:78:74:58:B3:0E:05:AF:44:5E:49:F3:95:0D:8F:42:1F:BA:6A
X509v3 Authority Key Identifier:
keyid:6C:D9:A5:00:15:E9:69:37:65:6F:C0:CA:5B:6D:56:5E:45:9B:D3:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7e:38:1a:ca:97:e5:38:10:24:10:95:aa:36:ec:e2:0b:30:af:
34:5f:22:9f:f4:07:0a:f1:99:c4:bc:c1:aa:69:ca:40:62:ca:
8b:d8:ef:29:0a:eb:ac:c4:70:f1:78:55:db:8f:65:f7:6e:bc:
fd:b7:a0:78:95:4a:cf:2c:93:b1:d3:3d:d1:9b:44:08:56:79:
fe:d5:7f:17:ea:97:aa:8b:61:a0:c4:16:81:3d:12:82:1e:d9:
65:09:d4:2e:39:b7:bc:87:e7:86:1b:ee:c4:eb:09:22:61:04:
e7:58:22:74:06:6a:48:91:cb:60:bc:27:ad:2f:74:94:8f:d1:
44:d1:56:a7:fa:d5:e6:7e:13:b1:ad:65:e9:55:f4:4b:d3:20:
6e:cb:5e:96:04:13:49:e8:ff:ac:af:5a:e0:9b:72:b5:a6:7c:
c7:9d:47:91:5a:ef:3e:48:db:32:cf:ca:87:ef:ca:82:18:a8:
19:d0:3c:f8:e4:ba:e4:0a:69:bb:7b:51:dd:90:f0:6a:b7:8b:
a0:3e:25:67:be:e8:de:ff:44:36:5b:f1:87:54:eb:12:f5:86:
bd:05:13:61:65:a7:d2:e7:d2:7c:c3:9a:e9:8b:1b:5e:dc:7e:
35:b9:16:b2:a4:08:8b:c8:0f:b9:b0:de:a2:b6:01:ae:9e:f3:
73:27:da:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiO7TXkZEd2efddS7EWePbwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZDlhNTAwMTVlOTY5Mzc2NTZmYzBjYTViNmQ1NjVlNDU5
YmQzNjAwHhcNMjUwODA5MTMwMjQ3WhcNMjUwODEwMTMwMjQ3WjAzMTEwLwYDVQQD
Eyg2NzljNzg3NDU4YjMwZTA1YWY0NDVlNDlmMzk1MGQ4ZjQyMWZiYTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBd38uFxE3CVQCD27/1QH8ctmJ1i
qFpzTJPudhlzea7SCc5NwICpyMukIExrlu+zCk8enEvjcNwrqSrmO+2w0bpr/qhU
Z5Q6OeqxRKxqM0unbX31kWyQcPWI+60xhqhtFmOAnTTlDw4dIlqkPqhb9A2D4Nti
3oCk8eMTlipDzaAgAqV3FIzdFSSfLoeQjM4CyGTF9hTMpTWWSzlJ92tJTlTd+OZU
oZdwwVtC+p7SCdf5wTGa3Cu39tiZZVE0Dq4ZEyFc75M1q1doyLd/crTQOrDIhQ6A
3IAyzETSF6QnepYA0abDSCL5RX4OXxqMHpNZLtciLSTPy3uzH1egk3uKOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGeceHRYsw4Fr0ReSfOVDY9CH7pqMB8GA1UdIwQY
MBaAFGzZpQAV6Wk3ZW/AylttVl5Fm9NgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi83ZGJkMTEtMWIyMi00MDRjLTk0ZDMt
MmI5ZDQzN2ZlOTAyLzEvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi83ZGJkMTEtMWIyMi00MDRjLTk0ZDMtMmI5ZDQzN2ZlOTAy
LzEvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfjgaypfl
OBAkEJWqNuziCzCvNF8in/QHCvGZxLzBqmnKQGLKi9jvKQrrrMRw8XhV249l9268
/begeJVKzyyTsdM90ZtECFZ5/tV/F+qXqothoMQWgT0Sgh7ZZQnULjm3vIfnhhvu
xOsJImEE51gidAZqSJHLYLwnrS90lI/RRNFWp/rV5n4Tsa1l6VX0S9MgbstelgQT
Sej/rK9a4JtytaZ8x51HkVrvPkjbMs/Kh+/KghioGdA8+OS65Appu3tR3ZDwareL
oD4lZ77o3v9ENlvxh1TrEvWGvQUTYWWn0ufSfMOa6YsbXtx+NbkWsqQIi8gPubDe
orYBrp7zcyfalA==
-----END CERTIFICATE-----
Generated at Sat Aug 9 20:49:07 2025 by rpki-client