Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft
File: tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft (raw, json)
Hash identifier: BBj7J6aBRwlm/39P4vCb3GuBi/TnR7uUgjiQ3gaQ3bQ=
Subject key identifier: D9:FB:23:96:E0:B7:AA:E9:91:81:82:2A:EC:3E:3F:45:67:B6:8C:11
Authority key identifier: B4:36:C0:F0:EC:8B:BE:DF:0F:60:84:4D:FE:4F:E9:39:36:9A:4B:40
Certificate issuer: /CN=b436c0f0ec8bbedf0f60844dfe4fe939369a4b40
Certificate serial: 019872CF950491A944B991660A094B6A4373
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft
Manifest number: 0347
Signing time: Mon 04 Aug 2025 02:01:03 +0000
Manifest this update: Mon 04 Aug 2025 02:01:03 +0000
Manifest next update: Tue 05 Aug 2025 02:01:03 +0000
Files and hashes: 1: kdQZ4QS0sUqXnywKZ8M79hUmfTA.roa (hash: xGG3G4XfdVhcDuFzw8EOPzLUi5vn/b3D8pkyEY9PSkc=)
2: tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl (hash: ssL1S/jIj79vcJFnR1Ob+pu48bl5+hWEo7BieA5XHVE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 02:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:72:cf:95:04:91:a9:44:b9:91:66:0a:09:4b:6a:43:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b436c0f0ec8bbedf0f60844dfe4fe939369a4b40
Validity
Not Before: Aug 4 02:01:03 2025 GMT
Not After : Aug 5 02:01:03 2025 GMT
Subject: CN=d9fb2396e0b7aae99181822aec3e3f4567b68c11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:8a:12:c9:8d:73:35:ec:9f:31:5f:27:1d:bb:
27:12:cd:8c:1f:a4:69:44:7f:61:b6:a5:62:8f:a2:
43:47:2f:f5:27:9e:1f:29:39:5f:ce:c9:52:05:54:
17:33:88:5c:42:a1:ec:a8:65:98:7a:a9:9d:c1:89:
93:ac:aa:5c:54:c3:96:2b:17:1a:ba:b4:92:06:ef:
f8:b1:7c:54:b9:6b:78:09:fd:bb:3b:97:11:4f:8f:
ea:90:35:b2:7a:23:39:87:de:b8:de:32:ba:ea:a3:
8d:d2:98:39:43:00:56:ae:e5:6c:fe:7d:a6:28:1a:
da:9f:de:dd:c3:5b:a9:22:01:cc:b7:99:5d:70:21:
38:58:64:06:2e:fb:f3:0d:94:40:65:c4:7f:fb:f0:
c1:d1:b5:a4:28:bc:03:c5:eb:d5:e0:98:b6:d5:a7:
99:c6:61:cf:8e:52:5f:88:c9:61:27:3c:50:5d:55:
6a:74:41:63:7a:74:7f:25:05:d0:8a:6a:d6:34:a3:
15:09:98:9c:f5:06:99:59:a4:69:3c:35:e3:ef:75:
b8:7c:fd:4b:04:4f:d4:0b:12:32:cc:da:b1:54:79:
9e:d6:5a:15:a5:2c:15:af:35:a4:66:9b:e1:f0:81:
41:90:58:2a:f6:f5:8d:1b:bd:f1:7a:d4:2a:ee:84:
20:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:FB:23:96:E0:B7:AA:E9:91:81:82:2A:EC:3E:3F:45:67:B6:8C:11
X509v3 Authority Key Identifier:
keyid:B4:36:C0:F0:EC:8B:BE:DF:0F:60:84:4D:FE:4F:E9:39:36:9A:4B:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
52:26:06:18:f4:9c:dc:cd:2e:4c:3a:4e:1a:a1:a7:00:39:2d:
4c:69:5d:ef:af:90:0f:74:ea:35:ca:df:32:33:c9:71:d5:f8:
a7:1d:6f:83:11:70:71:c7:89:4d:e6:56:6b:ce:73:a5:c9:c2:
f3:61:d8:7d:8c:a8:44:c2:16:19:a2:48:d8:d6:7d:86:5f:93:
50:24:6c:59:3d:fd:04:40:d6:5a:c2:54:30:5b:82:3f:f8:03:
6e:53:8c:1c:a6:18:dc:8a:01:3d:7e:29:d6:07:95:fa:97:56:
45:7c:7a:61:99:ec:0e:71:eb:bf:47:a2:8e:77:8f:58:fb:7c:
6d:be:4a:27:4f:44:45:b1:f9:c3:fe:b7:ad:82:5e:fe:04:12:
d9:89:d4:00:31:d4:61:25:9d:01:50:7b:e3:56:f9:a5:1c:b8:
0e:44:d6:a3:6f:f9:f6:80:72:fa:e4:5c:83:77:ba:61:8b:3d:
19:48:84:64:49:34:6e:74:88:46:c6:99:ce:ba:f3:c1:60:ac:
70:a5:be:b9:de:ac:ed:01:fc:49:8d:3e:aa:b1:c1:c0:a7:21:
7a:06:f3:1d:11:3e:48:14:b0:46:c4:c2:34:c1:17:31:aa:9b:
c4:56:9b:4e:59:54:a0:f1:28:56:c4:a9:d1:b4:df:54:37:80:
d8:1b:fe:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhyz5UEkalEuZFmCglLakNzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzZjMGYwZWM4YmJlZGYwZjYwODQ0ZGZlNGZlOTM5MzY5
YTRiNDAwHhcNMjUwODA0MDIwMTAzWhcNMjUwODA1MDIwMTAzWjAzMTEwLwYDVQQD
EyhkOWZiMjM5NmUwYjdhYWU5OTE4MTgyMmFlYzNlM2Y0NTY3YjY4YzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIoSyY1zNeyfMV8nHbsnEs2MH6Rp
RH9htqVij6JDRy/1J54fKTlfzslSBVQXM4hcQqHsqGWYeqmdwYmTrKpcVMOWKxca
urSSBu/4sXxUuWt4Cf27O5cRT4/qkDWyeiM5h9643jK66qON0pg5QwBWruVs/n2m
KBran97dw1upIgHMt5ldcCE4WGQGLvvzDZRAZcR/+/DB0bWkKLwDxevV4Ji21aeZ
xmHPjlJfiMlhJzxQXVVqdEFjenR/JQXQimrWNKMVCZic9QaZWaRpPDXj73W4fP1L
BE/UCxIyzNqxVHme1loVpSwVrzWkZpvh8IFBkFgq9vWNG73xetQq7oQg3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNn7I5bgt6rpkYGCKuw+P0VntowRMB8GA1UdIwQY
MBaAFLQ2wPDsi77fD2CETf5P6Tk2mktAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9kYjY2YWItNzBhYy00MWFkLTk5NTgt
ZGQ4YjVhZmNlZTNiLzEvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9kYjY2YWItNzBhYy00MWFkLTk5NTgtZGQ4YjVhZmNlZTNi
LzEvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUiYGGPSc
3M0uTDpOGqGnADktTGld76+QD3TqNcrfMjPJcdX4px1vgxFwcceJTeZWa85zpcnC
82HYfYyoRMIWGaJI2NZ9hl+TUCRsWT39BEDWWsJUMFuCP/gDblOMHKYY3IoBPX4p
1geV+pdWRXx6YZnsDnHrv0eijnePWPt8bb5KJ09ERbH5w/63rYJe/gQS2YnUADHU
YSWdAVB741b5pRy4DkTWo2/59oBy+uRcg3e6YYs9GUiEZEk0bnSIRsaZzrrzwWCs
cKW+ud6s7QH8SY0+qrHBwKchegbzHRE+SBSwRsTCNMEXMaqbxFabTllUoPEoVsSp
0bTfVDeA2Bv+BQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:07:58 2025 by rpki-client